Security News

Tech Data announced that it has expanded its Cloud Solution Factory offering with the addition of a new Windows Virtual Desktop on Azure Click-to-Run Solution, which increases remote workforce productivity while ensuring data and applications can be securely accessed from any location using any device. "As a leader in cloud and next-generation solution aggregation, Tech Data makes cloud adoption simple by significantly reducing cloud configuration and deployment processes so that our channel partners can serve their customers more effectively and with fewer risks."

Microsoft this week announced that the Transport Layer Security 1.3 protocol is now enabled by default in Windows 10 Insider Preview builds, and that it will be rolled out to all Windows 10 systems. With TLS 1.0 and TLS 1.1 considered insecure, exposing communications to a variety of attacks, including BEAST, CRIME and POODLE, tech companies such as Cloudflare, Google, Microsoft, Mozilla, and others have long been pushing for the retirement of older protocols and the broad adoption of TLS 1.3.

One new security technology we keep hearing about is Extended Detection and Response. This new technology merges multiple prevention and detection technologies on a single platform to better understand threat signals so that you don't need to purchase, integrate, and manage various control and integration technologies.

During those updates, fixes for the two flaws were issued for Windows 10, Windows 7, Windows Server 2008, 2012, 2016, and 2019; as well as Windows Server. "Microsoft is announcing the availability of security update 4578013 for all supported versions of Microsoft 8.1 and Windows Server 2012 R2," according to Microsoft's Wednesday advisory.

Microsoft has issued an emergency out-of-band software update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 systems to patch two new recently disclosed security vulnerabilities. A patch for both vulnerabilities was first released on August 11 with the batch of August Patch Tuesday updates, but it was for Windows 10, Windows 7, and Windows Server 2008, 2012, 2016, 2019, and Windows Server versions 1903, 1909, and 2004 systems.

Microsoft this week announced the availability of an out-of-band security update for Windows 8.1 and Windows Server 2012 R2 systems to address two elevation of privilege vulnerabilities in Windows Remote Access. At the time, the company patched these issues in Windows 10, Windows 7, and Windows Server 2008, 2012, 2016, 2019, and Windows Server versions 1903, 1909, and 2004.

The actively exploited Windows spoofing vulnerability patched last week by Microsoft has been known for more than two years, researchers pointed out. Microsoft's August 2020 Patch Tuesday updates addressed 120 vulnerabilities, including an Internet Explorer zero-day that has been chained with a Windows flaw in attacks linked to the threat actor named DarkHotel, and a Windows spoofing issue tracked as CVE-2020-1464.

Windows Defender has caused problems for some Citrix customers after deleting two services incorrectly detected as malware. Windows Defender users who installed the update may have had their Citrix Broker and HighAvailability services on Delivery Controllers and Cloud Connectors deleted after they were erroneously detected as a trojan.

An attack launched in May 2020 against a South Korean company involved an exploit that chained zero-day vulnerabilities in Windows and Internet Explorer, Kaspersky reported on Wednesday. The vulnerabilities exploited in the attack have now been patched, but they had a zero-day status when exploitation was first observed.

The latest series of Patch Tuesday security updates for Windows 10 includes patches for 17 bugs marked 'Critical' and 97 listed as 'Important'. Microsoft has issued fixes for 120 vulnerabilities - including two zero-day exploits - in its latest Patch Tuesday security update for Windows 10.