Security News

The Redmond giant has posted fixes for CVE-listed bugs in its latest monthly security update, including 23 that allow for remote code execution. One of the bugs that was of particular interest to researchers was CVE-2020-1299, a remote code execution issue that arises when trying to load Windows shortcut files.

Cybersecurity researchers today uncovered a new critical vulnerability affecting the Server Message Block protocol that could allow attackers to leak kernel memory remotely, and when combined with a previously disclosed "Wormable" bug, the flaw can be exploited to achieve remote code execution attacks. The newly discovered vulnerability impacts Windows 10 versions 1903 and 1909, for which Microsoft today released security patches as part of its monthly Patch Tuesday updates for June.

A security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions. The PoC exploit is unreliable, but could be used by malicious attackers as a starting point for creating a more effective exploit.

The application is free and open source, but he still has to pay for a code-signing certificate to avoid potential users being put off by warnings when they try to download and install. Warning or preventing users from installing unverified applications is commonplace in today's operating systems, but does Windows go too far? We counted seven steps needed to download and install the open-source audio package Ardour 6, which is both unsigned and newly released, using the latest Edge and Windows 10.

Aimed at SMBs, educational facilities, and software companies, the ransomware leverages Java to encrypt server-based files, according to BlackBerry and KPMG. Cybercriminals are always looking for new tricks and techniques to target potential victims without being caught. That's especially true of ransomware attackers who need to stealthily invade an organization's network to encrypt the sensitive files they plan to hold hostage.

Application threats and security trends you need to know aboutApplications are a gateway to valuable data, so it's no wonder they are one of attackers' preferred targets. C-suite execs often pressure IT teams to make security exceptions for themThe C-suite is the most likely group within an organization to ask for relaxed mobile security protocols - despite also being highly targeted by malicious cyberattacks, according to MobileIron.

Windows 10 release 2004 is out, with a slew of new features. In Windows 10 1903, it launched the Windows Sandbox, which is a lightweight desktop environment that isolates anything you run in it and wipes all its files when you close it down.

With a new fuzzing tool created specifically for testing the security of USB drivers, researchers have discovered more than two dozen vulnerabilities in a variety of operating systems. "USBFuzz discovered a total of 26 new bugs, including 16 memory bugs of high security impact in various Linux subsystems, one bug in FreeBSD, three in macOS, and four in Windows 8 and Windows 10, and one bug in the Linux USB host controller driver and another one in a USB camera driver," Hui Peng and Mathias Payer explained.

Microsoft has blocked a Trend Micro driver from running on Windows 10 - and Trend has withdrawn downloads of its rootkit detector that uses the driver - after the code appeared to game Redmond's QA tests. We note that while the driver appears in other Trend Micro products, they may not necessarily be using the now-blocked driver, or may have received a suitable hot fix, and thus will continue working on Windows 10 20H1. Trend Micro has ignored our repeated requests for an explanation as to why its software altered its operation specifically while under test, though it insisted "At no time was the Trend Micro team avoiding certification requirements." A spokesperson for Trend was not available for immediate comment on the move to block the driver on Windows 10.

Microsoft has blocked a Trend Micro driver from running on Windows 10 - and Trend has withdrawn downloads of its rootkit detector that uses the driver - after the code appeared to game Redmond's QA tests. We note that while the driver appears in other Trend Micro products, they may not necessarily be using the now-blocked driver, or may have received a suitable hot fix, and thus will continue working on Windows 10 20H1. Trend Micro has ignored our repeated requests for an explanation as to why its software altered its operation specifically while under test, though it insisted "At no time was the Trend Micro team avoiding certification requirements." A spokesperson for Trend was not available for immediate comment on the move to block the driver on Windows 10.