Security News

More recently, the software giant has added a new modern disk management tool to the Settings, and the feature is already live for Insiders. The modern solution is called "Manage Disks and Volumes" and Microsoft calls it a modern take on Windows 10's current disk management tool.

Over the past few weeks, Malwarebytes consumer and business users have complained that their Windows network printers keep getting kicked offline. This issue started around October 20th, when an update caused Windows network printers to be blocked by the security software.

Lumu announced the launch of the Lumu Agent for Windows, a lightweight software built for remote workers in mind, that measures user device's compromise levels in real time. Once installed on an end user's machine, the Lumu Agent silently and persistently runs in the background, collecting network metadata which is then correlated and analyzed by Lumu to provide the most complete compromise visibility available today.

Nvidia is red-flagging a high-severity flaw in its GeForce NOW application software for Windows. An attacker on a local network can exploit the flaw in order to execute code or gain escalated privileges on affected devices.

Microsoft has announced today that Windows 10 customers with devices running the latest Insider build can launch and interact with multiple Android apps directly on their computers' desktops. Support for streaming and using Android apps on Windows 10 from supported Samsung devices was announced by Microsoft in August.

Microsoft formally released fixes for 112 newly discovered security vulnerabilities as part of its November 2020 Patch Tuesday, including an actively exploited zero-day flaw disclosed by Google's security team last week. Outside of the zero-day, the update fixes a number of remote code execution vulnerabilities impacting Exchange Server, Network File System, and Microsoft Teams, as well as a security bypass flaw in Windows Hyper-V virtualization software.

Microsoft has plugged 112 security holes, including an actively exploited one. The most information is available about CVE-2020-17087, a Windows Kernel privilege escalation vulnerability, because it's being actively exploited in the wild and because Google disclosed it on October 29, along with PoC exploit code.

Microsoft's Patch Tuesday updates for November 2020 address more than 110 vulnerabilities, including a Windows flaw that was recently disclosed by Google after it was observed being exploited in attacks. The actively exploited Windows vulnerability is tracked as CVE-2020-17087 and it has been described as a local privilege escalation issue related to the Windows Kernel Cryptography Driver.

Microsoft has released a new batch of Intel microcode updates for Windows 10 20H2, 2004, 1909, and older versions to fix new hardware vulnerabilities discovered in Intel CPUs. When Intel finds bugs in their CPUs, they release microcode updates that allow operating systems to patch the behavior of the CPU to fix, or at least mitigate, the bug.

Microsoft has fixed today a Windows kernel zero-day vulnerability exploited in the wild as part of targeted attacks and publicly disclosed by Project Zero, Google's 0day bug-hunting team, last month. According to Project Zero researchers Mateusz Jurczyk and Sergei Glazunov who discovered it, the security flaw currently tracked as CVE-2020-17087 is a pool-based buffer overflow found in the Windows Kernel Cryptography Driver.