Security News

Microsoft has open-sourced the fuzzing tool it uses to scour its own code for potential security vulnerabilities. The tool Microsoft has released is called "OneFuzz" and the company says it is "The testing framework used by Microsoft Edge, Windows, and teams across Microsoft is now available to developers around the world."

Proof-of-concept exploit code has been released for a Windows flaw, which could allow attackers to infiltrate enterprises by gaining administrative privileges, giving them access to companies' Active Directory domain controllers. "This attack has a huge impact: It basically allows any attacker on the local network to completely compromise the Windows domain," said researchers with Secura, in a Friday whitepaper.

In the animation above, you can see how double-clicking a.theme file launches the Windows Settings app, automatically navigates to the Preferences > Themes section, and then opens, copies, selects and renders the new wallpaper file justatest. As Bohops and others have pointed out, you can use a Windows UNC path instead of a website name in a Theme file, which tells Windows to use its file-based networking instead of a regular HTTP connection to retrieve the file.

Cisco last week released patches to address a critical remote code execution vulnerability in Jabber for Windows. "Cisco Jabber uses XHTML-IM by default for all messages. A malicious message can therefore easily be created by intercepting an XMPP message sent by the application and modifying it. Attackers can do this manually on their own machine or it can be automated to create a worm that spreads automatically," the company continues.

Networking equipment maker Cisco has released a new version of its Jabber video conferencing and messaging app for Windows that includes patches for multiple vulnerabilities-which, if exploited, could allow an authenticated, remote attacker to execute arbitrary code. Two of the four flaws can be exploited to gain remote code execution on target systems by sending specially crafted chat messages in group conversations or specific individuals.

Microsoft is making it easier for IT admins to configure baseline security settings for Windows 10 business users. The company has introduced a new, 'streamlined' setup experience that allows admins to apply security settings on an organization-wide scale via the Microsoft 365 Admin Center.

Tech Data announced that it has expanded its Cloud Solution Factory offering with the addition of a new Windows Virtual Desktop on Azure Click-to-Run Solution, which increases remote workforce productivity while ensuring data and applications can be securely accessed from any location using any device. "As a leader in cloud and next-generation solution aggregation, Tech Data makes cloud adoption simple by significantly reducing cloud configuration and deployment processes so that our channel partners can serve their customers more effectively and with fewer risks."

Microsoft this week announced that the Transport Layer Security 1.3 protocol is now enabled by default in Windows 10 Insider Preview builds, and that it will be rolled out to all Windows 10 systems. With TLS 1.0 and TLS 1.1 considered insecure, exposing communications to a variety of attacks, including BEAST, CRIME and POODLE, tech companies such as Cloudflare, Google, Microsoft, Mozilla, and others have long been pushing for the retirement of older protocols and the broad adoption of TLS 1.3.

One new security technology we keep hearing about is Extended Detection and Response. This new technology merges multiple prevention and detection technologies on a single platform to better understand threat signals so that you don't need to purchase, integrate, and manage various control and integration technologies.

During those updates, fixes for the two flaws were issued for Windows 10, Windows 7, Windows Server 2008, 2012, 2016, and 2019; as well as Windows Server. "Microsoft is announcing the availability of security update 4578013 for all supported versions of Microsoft 8.1 and Windows Server 2012 R2," according to Microsoft's Wednesday advisory.