Security News

Researchers have discovered a new information-stealing trojan, which targets Microsoft Windows systems with an onslaught of data-exfiltration capabilities- from collecting browser credentials to targeting Outlook files. "AridViper is an active threat group that continues developing new tools as part of their arsenal," researchers with Palo Alto's Unit42 research team said in a Monday analysis.

Microsoft is working on a new built-in command-line 'Disk Usage' utility that reports how much disk space a folder uses. In the past, users would need to download free tools like TreeSize to list folders using the most space.

Microsoft has removed a safeguard hold blocking Windows 10 updates on systems affected by a known issue causing blue screen of death crashes when users plugged in a Thunderbolt NVMe Solid State Drive. After discovering the BSOD issue, Microsoft added a compatibility hold to prevent impacted devices from being offered Windows 10, version 2004 or Windows 10, version 20H2 upgrades.

Microsoft has partially addressed known issues impacting Windows 10 devices with certain Conexant or Synaptics audio devices after investigating ongoing errors since May 2020. The known issue impacting computers with Conexant audio drivers has been under investigation since May 2020 when Microsoft released Windows 10, version 2004.

With the Windows 10 October 2018 update release, Microsoft had quietly added a built-in command-line network packet sniffer called Pktmon to Windows 10. Compared to a network monitor with a graphical user interface, the command-line interface of Pktmon takes a bit more time to get used to it.

According to sources, Windows 10X compatibility levels with Win32 apps were not great and Microsoft decided to focus on Windows 10X without native support for Win32. Microsoft is believed to be working on a premium service called 'Cloud PC' that will allow business users to stream their desktop apps to Windows 10X. It's also worth noting that Windows 10X won't be released for beta testing and it is not something that you can install on your current hardware.

Details and a proof-of-concept exploit have been released for an unpatched privilege escalation vulnerability in Windows related to the PsExec administration tool. According to Wells, the vulnerability is a local privilege escalation issue that can be exploited by a non-admin process to elevate privileges to SYSTEM when PsExec is executed remotely or locally on the targeted computer.

Microsoft has warned of an ongoing campaign pushing a new browser hijacking and credential-stealing malware dubbed Adrozek which, at its peak, was able to take over more than 30,000 devices every day. While Microsoft hasn't yet found evidence of Adrozek being used to push malware onto its victims' computers through the injected ads, this can happen at any time.

Microsoft has announced the long-awaited ability to run emulated 64-bit applications in Windows on ARM. This new feature will allow applications to use more memory and thus gain better performance than their 32-bit counterparts. When Windows 10 for ARM was released in 2017, Microsoft created an emulation layer that allowed users to run 32-bit applications.

On Thursday Microsoft warned that there's an ongoing campaign to distribute malware that modifies web browsers to conduct credential theft and ad fraud. Since at least May, 2020, unidentified cybercriminals have been distributing a family of browser modifiers dubbed Adrozek, Microsoft said.