Security News

Microsoft has finally lifted a compatibility hold blocking Windows 10 users from updating to Windows 11 on systems with Intel Smart Sound Technology audio drivers and Intel 11th Gen Core processors. The company first acknowledged in November 2021 that some Intel audio drivers were triggering blue screens back on Windows 11 21H2 devices when it also added safeguard holds blocking Windows 11 upgrades from being offered to customers on affected systems.

Microsoft has started testing ads in the Windows 11 Start menu, a new experiment the company says will help users find new "Great" apps in the Microsoft Store. Microsoft says the app ads will appear only on Windows Insiders systems in the U.S. and not on managed devices in enterprise environments.

Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. The next day, a proof of concept exploit was shared on the XSS hacking forum explaining that a typo in the source code for Telegram for Windows could be exploited to send Python.

This caused the file to automatically be executed by Python without a warning from Telegram like it does for other executables, and was supposed to do for this file if it wasn't for a typo. In a statement to BleepingComputer, Telegram rightfully disputes that the bug was a zero-click flaw but confirmed they fixed the "Issue" in Telegram for Windows to prevent Python scripts from automatically launching when clicked.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection attacks. The vulnerability, tracked as CVE-2024-24576, has a CVSS score...

Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such. "Just as we did in 2022, we immediately reported our findings to the Microsoft Security Response Center. After validating our discovery, the team at Microsoft has added the relevant files to its revocation list," Budd said.

Threat actors can exploit a security vulnerability in the Rust standard library to target Windows systems in command injection attacks. Tracked as CVE-2024-24576, this flaw is due to OS command and argument injection weaknesses that can let attackers execute unexpected and potentially malicious commands on the operating system.

Microsoft has released the KB5036892 cumulative update for Windows 10 21H2 and Windows 10 22H2 with twenty-three changes and two new features. KB5036892 is a mandatory Windows 10 cumulative update containing Microsoft's April 2024 Patch Tuesday security updates.

Microsoft has released the KB5036893 cumulative update for Windows 11 23H3, which includes 29 changes and fixes and enables the Moment 5 features for every user. You can install the update now by going to Start > Settings > Windows Update and clicking on 'Check for Updates.