Security News

Open Shell, originally known as Classic Shell, is open-source software that allows you to replace the standard Start Menu on Windows 10 and Windows 8. With Open Shell, you can change the appearance of the Start Menu and replace with the likes of Windows 7.

Google's Project Zero bug-hunting team has disclosed a Windows kernel flaw that's being actively exploited by miscreants to gain control of computers. The web giant's bug report was privately disclosed to Microsoft on October 22, and publicly revealed just seven days later, after it detected persons unknown exploiting the programming blunder.

Google Project Zero security researchers have identified another Windows vulnerability that has been actively exploited in attacks. "The Windows Kernel Cryptography Driver exposes a DeviceCNG device to user-mode programs and supports a variety of IOCTLs with non-trivial input structures. It constitutes a locally accessible attack surface that can be exploited for privilege escalation," Jurczyk explains.

Microsoft is rolling out a new tool called 'Resources monitor' that will allow you to free up resources in Windows 10 using Xbox's Game Bar. This new resources monitor works just like the traditional Task Manager, but it sits on top of running games and allows you to kill background processes without having to leave your game.

Project Zero, Google's 0day bug-hunting team, today disclosed a zero-day elevation of privileges vulnerability found in the Windows kernel and actively exploited in targeted attacks. The Windows kernel bug zero-day can be exploited by local attackers for privilege escalation according to Project Zero security researchers Mateusz Jurczyk and Sergei Glazunov.

Upcoming changes to how Windows 10 automatically installs driver updates may cause plug-and-play to break for some devices. Windows Update is also used to deliver automatic drivers to allow hardware developers to quickly deploy fixes to Windows 10 users encountering bugs in an existing driver.

Upcoming changes to how Windows 10 automatically installs driver updates may cause plug-and-play to break for some devices. Windows Update is also used to deliver automatic drivers to allow hardware developers to quickly deploy fixes to Windows 10 users encountering bugs in an existing driver.

Microsoft today warned that threat actors are continuing to actively exploit systems unpatched against the ZeroLogon privilege escalation vulnerability in the Netlogon Remote Protocol. Zerologon is a critical flaw that enables attackers to elevate privileges to a domain admin, thus allowing them to take full control over the entire domain, to change any user's password, and to execute any arbitrary command.

Microsoft has released the KB4580364 non-security update that fixes bugs causing responsiveness issues on affected Windows 10 2004 devices. Windows 10 users who install the KB4580364 release preview update might experience issues with input, might not be able to enter text, or receive unexpected results if using the Microsoft Input Method Editor for Japanese or Chinese languages.

More than 100,000 Windows systems have not yet been updated to protect against a previously-patched, critical and wormable flaw in Windows called SMBGhost. Microsoft patched the remote code-execution flaw bug tracked as CVE-2020-0796 back in March; it affects Windows 10 and Windows Server 2019, and ranks 10 out of 10 on the CVSS scale.