Security News

Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos authentication problems after installing security updates released to address CVE-2020-17049 during this month's Patch Tuesday, on November 10. Kerberos replaced the NTLM protocol to be the default authentication protocol for domain connected devices on all Windows versions above Windows 2000.

Microsoft has announced that they will not be releasing cumulative updates previews in December 2020 due to limited staff and operations during the upcoming holidays. When Microsoft releases new update Windows and Windows server updates, it uses a fixed schedule, or cadence, that allows businesses and consumers to prepare and test new releases as they come out.

As more users begin to use a website as a progressive web app, Chromium-based browsers have added the ability to automatically launch your favorite PWAs when you log in to Windows 10. In the latest Google Chrome and Microsoft Edge builds, you can enable a flag that causes the browser to ask during the installation of a PWA if you want to autostart it when you log in to Windows.

More recently, the software giant has added a new modern disk management tool to the Settings, and the feature is already live for Insiders. The modern solution is called "Manage Disks and Volumes" and Microsoft calls it a modern take on Windows 10's current disk management tool.

Over the past few weeks, Malwarebytes consumer and business users have complained that their Windows network printers keep getting kicked offline. This issue started around October 20th, when an update caused Windows network printers to be blocked by the security software.

Lumu announced the launch of the Lumu Agent for Windows, a lightweight software built for remote workers in mind, that measures user device's compromise levels in real time. Once installed on an end user's machine, the Lumu Agent silently and persistently runs in the background, collecting network metadata which is then correlated and analyzed by Lumu to provide the most complete compromise visibility available today.

Nvidia is red-flagging a high-severity flaw in its GeForce NOW application software for Windows. An attacker on a local network can exploit the flaw in order to execute code or gain escalated privileges on affected devices.

Microsoft has announced today that Windows 10 customers with devices running the latest Insider build can launch and interact with multiple Android apps directly on their computers' desktops. Support for streaming and using Android apps on Windows 10 from supported Samsung devices was announced by Microsoft in August.

Microsoft formally released fixes for 112 newly discovered security vulnerabilities as part of its November 2020 Patch Tuesday, including an actively exploited zero-day flaw disclosed by Google's security team last week. Outside of the zero-day, the update fixes a number of remote code execution vulnerabilities impacting Exchange Server, Network File System, and Microsoft Teams, as well as a security bypass flaw in Windows Hyper-V virtualization software.

Microsoft has plugged 112 security holes, including an actively exploited one. The most information is available about CVE-2020-17087, a Windows Kernel privilege escalation vulnerability, because it's being actively exploited in the wild and because Google disclosed it on October 29, along with PoC exploit code.