Security News
North Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver as a zero-day to gain kernel-level access and turn off security tools, allowing them to bypass noisy BYOVD techniques. Avast reports that Lazarus exploited CVE-2024-21338 to create a read/write kernel primitive in an updated version of its FudModule rootkit, which ESET first documented in late 2022.
Microsoft says the February 2024 updates fail to install on Windows 11 22H2 and 23H2 systems, with 0x800F0922 errors and downloads stopping at 96%. Users experiencing this known issue will likely see a new Windows Event Viewer entry with a 0x800F0922 error code. The following message will be displayed on affected systems after the security updates fail to install: "Something didn't go as planned. No need to worry - undoing changes. Please keep your computer on."
Microsoft's Windows Photos app now has its own generative erase tool that enables users to replace unwanted objects with AI-generated content. This feature is rolling out to Windows Insiders in all channels today, including systems running Windows 10 in the Release Preview Channel.
Microsoft has started testing support for Wi-Fi 7 in Windows 11, which offers multi-gigabit speeds and improved throughput, latency, and reliability compared to previous Wi-Fi generations. Wi-Fi 7 support is now being tested in the Windows 11 Insider Preview Build 26063, released today in the Canary Channel.
Microsoft has started force installing Windows 11 23H2 on eligible devices that have reached or are close to their end-of-servicing date. The Windows 11 23H2 forced rollout phase announced by Redmond this week comes after systems running multiple editions of Windows 11 21H2 were automatically updated to Windows 11 22H2 before they reached the end of support on October 11.
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the...
Microsoft claims to have fixed Windows Metadata connection issues which continue to plague customers, causing problems for users trying to manage their printers and other hardware. When new hardware is added to a Windows computer, the operating system connects to a Microsoft-operated website called the Windows Metadata and Internet Services to download metadata packages associated with the particular hardware.
The Zoom desktop and VDI clients and the Meeting SDK for Windows are vulnerable to an improper input validation flaw that could allow an unauthenticated attacker to conduct privilege escalation on the target system over the network.Zoom is a popular cloud-based video conferencing service for corporate meetings, educational lessons, social interactions/gatherings, and more.
Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active...
Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan.The hacking group was spotted using the zero-day in attacks on New Year's Eve day by Trend Micro security researchers.