Security News

Microsoft has fixed a known issue causing NTLM authentication failures and domain controller reboots after installing last month's Windows Server security updates. [...]

Microsoft has fixed a zero-day vulnerability exploited in attacks to deliver QakBot and other malware payloads on vulnerable Windows systems. Kaspersky security researchers discovered the vulnerability while investigating another Windows DWM Core Library privilege escalation bug tracked as CVE-2023-36033 and also exploited as a zero-day in attacks.

Microsoft has released the KB5037768 cumulative update for Windows 10 21H2 and Windows 10 22H2 with twenty changes, including account notifications in the Start Menu and Widgets on the lock screen. KB5037768 is a mandatory Windows 10 cumulative update containing Microsoft's May 2024 Patch Tuesday security updates.

Microsoft is rolling out the KB5037771 cumulative update for Windows 11 23H3 with thirty bug fixes and changes, including a fix for a bug breaking VPN connections. To install the KB5037771 update, go to Start > Settings > Windows Update and click 'Check for Updates.

Microsoft has confirmed that last month's Windows Server security updates may also cause domain controller reboots after the Local Security Authority Subsystem Service process crashes. "In rare instances, Windows Servers running the Domain Controller role might experience Local Security Authority Subsystem Service crashes resulting in a reboot," Microsoft explains in a new update added to the Windows release health dashboard.

Microsoft is testing showing memory speeds as MT/s rather than MHz in the Windows 11 Task Manager. MHz represents how many millions of cycles per second a memory module can perform, with each cycle being an action conducted on the memory module, such as storing and retrieving data.

Microsoft has confirmed that it won't provide an automated fix for a known issue causing 0x80070643 errors when installing recent Windows Recovery Environment updates. Microsoft first acknowledged this known issue in January, days after widespread reports from Windows users of 0x80070643 errors and the installation failing.

Microsoft has confirmed customer reports of NTLM authentication failures and high load after installing last month's Windows Server security updates. According to a new entry added to the Windows health dashboard on Tuesday, this known issue will only affect Windows domain controllers in organizations with a lot of NTLM traffic and few primary DCs. The list of impacted Windows versions and buggy security updates includes Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, and Windows Server 2008.

Microsoft has confirmed that the April 2024 Windows security updates break VPN connections across client and server platforms. The company explains on the Windows health dashboard that "Windows devices might face VPN connection failures after installing the April 2024 security update or the April 2024 non-security preview update."

Microsoft has enabled Start menu ads in the optional KB5036980 preview cumulative update for Windows 11 22H2 and 23H2. The company first announced that it was working on adding ads to the Windows 11 Start menu just 12 days ago when it began rolling out this feature to Insiders in the Beta Channel to help users discover "Great apps" available in the Microsoft Store. While it also said that it regularly tries "Out new experiences and concepts that may never get released with Windows Insiders to get feedback," Redmond has now turned on the Start menu ads for all customers who install the optional April 2024 non-security preview update.