Security News

Microsoft's Patch Tuesday updates for November 2020 address more than 110 vulnerabilities, including a Windows flaw that was recently disclosed by Google after it was observed being exploited in attacks. The actively exploited Windows vulnerability is tracked as CVE-2020-17087 and it has been described as a local privilege escalation issue related to the Windows Kernel Cryptography Driver.

Microsoft has released a new batch of Intel microcode updates for Windows 10 20H2, 2004, 1909, and older versions to fix new hardware vulnerabilities discovered in Intel CPUs. When Intel finds bugs in their CPUs, they release microcode updates that allow operating systems to patch the behavior of the CPU to fix, or at least mitigate, the bug.

Microsoft has fixed today a Windows kernel zero-day vulnerability exploited in the wild as part of targeted attacks and publicly disclosed by Project Zero, Google's 0day bug-hunting team, last month. According to Project Zero researchers Mateusz Jurczyk and Sergei Glazunov who discovered it, the security flaw currently tracked as CVE-2020-17087 is a pool-based buffer overflow found in the Windows Kernel Cryptography Driver.

It's November 10 and Patch Tuesday, and the first batch of security updates or 'B' updates are now available for all supported versions of Windows 10 including version 20H2. If you want to grab these updates, check for updates in the Settings and the update will begin installing. Below is the list of all new updates for Windows 10.

For Windows 10 PCs, the data security process to follow before donating a computing device involves a couple of steps. Before donating any Windows 10 computer, you want to reinstall a clean copy of Windows 10 using the "Remove everything" option.

Microsoft says that multiple Windows 10 apps including Outlook are affected by an issue causing them to forget users' passwords after the device is upgraded to certain Windows 10, version 2004 builds. "After installing Windows 10 Version 2004 Build 19041.173 and related updates you find that Outlook and other applications do not remember your password anymore," Microsoft explains.

Microsoft will soon start force upgrading Windows 10 1903 to Windows 10 1909 to keep them protected from security threats after this Windows version reaches its end of service next month. "All editions of Windows 10, version 1903 and Windows 10 Server, version 1903 will reach end of service on December 8, 2020," Microsoft explains on the Windows 10 Message Center.

Microsoft will soon start force upgrading Windows 10 1903 to Windows 10 1909 to keep them protected from security threats after this Windows version reaches its end of service next month. "All editions of Windows 10, version 1903 and Windows 10 Server, version 1903 will reach end of service on December 8, 2020," Microsoft explains on the Windows 10 Message Center.

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. In it, he noted [PDF] that in three years, the optimal cost per component on a chip had dropped by a factor of 10, while the optimal number had increased by the same factor, from 10 to 100.

Multiple software products from Adobe, Apple, Google, Microsoft, Mozilla, and Samsung were successfully pwned with previously unseen exploits in Tianfu Cup 2020, the third edition of the international cybersecurity contest held in the city of Chengdu, China. "Many mature and hard targets have been pwned on this year's contest," the event organizers said.