Security News

Microsoft is rolling out the next version of Windows 10 called "20H2" and the update is available for those who manually check for updates using the Settings app. 20H2 Update is not a huge release and it does not bring a major overall to key features of Windows 10, but Microsoft says this update comes with a lot of improvements that should improve overall user experience.

A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware - dubbed "GravityRAT" - now masquerades as legitimate Android and macOS apps to capture device data, contact lists, e-mail addresses, and call and text logs and transmit them to an attacker-controlled server.

Windows 10 users face numerous issues installing the latest KB4579311 cumulative update, and for those who can install, they are reporting various bugs, including performance issues. Microsoft released the Windows 10 KB4579311 cumulative update on October 13th, 2020, and since then, users have been reporting problems getting the update to install, crashes, performance issues, and boot problems.

Windows 10 users face numerous issues installing the latest KB4579311 cumulative update, and for those who can install, they are reporting various bugs, including performance issues. Microsoft released the Windows 10 KB4579311 cumulative update on October 13th, 2020, and since then, users have been reporting problems getting the update to install, crashes, performance issues, and boot problems.

Brazilians are being warned of a new overlay malware targeting Windows users in order to siphon victims' financial data and drain their bank accounts. Vizom is similar to other overlay malware strains in that its attack vector is via malspam and phishing campaigns delivered to potential victims' inboxes.

The Cybersecurity and Infrastructure Security Agency on Friday informed users about the availability of patches for two remote code execution vulnerabilities that affect Windows Codecs Library and Visual Studio Code. Residing in Visual Studio Code and tracked as CVE-2020-17023, the second vulnerability can be triggered when the user opens a malicious 'package.

Just days after issuing fixes for scores of bugs in its products for this month's Patch Tuesday, Microsoft has issued two more patches for security holes that can be exploited by maliciously crafted files to run malware on victims' computers. The first, CVE-2020-17023, is a Visual Studio issue that allows for remote code execution after getting the target to click on a specially crafted package.

GravityRAT, a malware strain known for checking the CPU temperature of Windows computers to detect virtual machines or sandboxes, is now multi-platform spyware as it can now also be used to infect Android and macOS devices. While the malware authors previously focused their efforts on targeting Windows machines, a sample discovered by Kaspersky researchers last year shows that they are now adding macOS and Android support.

Microsoft removed a Windows 10, version 2004 compatibility hold blocking devices with certain WWAN LTE modems from upgrading to the latest Windows version. A fix for the issue was made available with the release of the Windows 10 2004 KB4577063 non-security preview cumulative update.

The Emotet botnet has begun to use a new malicious attachment that pretends to be a message from Windows Update telling you to upgrade Microsoft Word. Emotet is a malware infection that spreads through spam emails containing malicious Word or Excel documents.