Security News

Microsoft has decided to remove a couple of Windows security updates that address a UEFI issue after some users complained that the updates caused serious problems. Some users reported that their devices became unusable after trying to install the KB4524244 security update for Windows 10.

Mac threats growing faster than their Windows counterparts for the first time ever, with nearly twice as many Mac threats detected per endpoint as Windows threats, according to Malwarebytes. Mac threats are growing, other threats in the spotlight.

Microsoft had one of its largest patch bundles in recent memory, as the Windows giant released fixes for 99 CVE-listed vulnerabilities. These include two elevation of privilege bugs in Windows Installer, a security bypass in Secure Boot, and an information disclosure vulnerability in Edge and IE. Once again, Remote Desktop was cause for alarm as patches for two remote code execution flaws in the client-side of the administration tool will need to be tested and installed when possible.

Malicious software targeting users of Apple Macs has leapt over the last year, the security outfit said in its latest State of Malware report. Describing this as an "Exponential" increase, the firm said that detections of nasties targeted against innocent Apple fanbois were up 400 per cent year-on-year, while adding the caveat that its Mac userbase had also grown a bit.

A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities. All supported versions of Microsoft Windows also contain a critical RCE flaw that an attacker with a domain user account can exploit to execute arbitrary code on the targeted system with elevated permissions.

A few hours after Adobe today released security updates for five of its widely-distributed software, Microsoft also issued its February 2020 Patch Tuesday edition with patches for a total of 99 new vulnerabilities. All supported versions of Microsoft Windows also contain a critical RCE flaw that an attacker with a domain user account can exploit to execute arbitrary code on the targeted system with elevated permissions.

A kernel-level Windows driver for old PC motherboards has been abused by criminals to silently disable antivirus protections, and hold files to ransom. When the ransomware infects a computer - either by some other exploit or by tricking a victim into running it - and loads the driver, the operating system and antivirus packages will allow it because the driver appears legit.

A new variant of the notorious Emotet Windows malware is able to spread wirelessly by brute-forcing Wi-Fi network passwords and scanning for shared drives to infect. "Previously thought to only spread through malspam and infected networks, Emotet can use this loader-type to spread through nearby wireless networks if the networks use insecure passwords."

Specifically, they're updating the Windows kernel in-memory with the Gigabyte driver, according to the research - and the kernel accepts it as a "Patch" thanks to the signed certificate. Once that's loaded, they can then exploit that driver using the known vulnerability in order to load their own, unsigned, malicious driver.

The TrickBot trojan has evolved again to bolster its ability to elude detection, this time adding a feature that can bypass Windows 10 User Account Control to deliver malware across multiple workstations and endpoints on a network, researchers have discovered. Researchers at Morphisec Labs team said they discovered code last March that uses the Windows 10 WSReset UAC Bypass to circumvent user account control and deliver malware in recent samples of TrickBot, according to a report released last week.