Security News

Starting next month, Microsoft nag screens pushing Windows 11 will also show up on non-managed enterprise devices running Windows 10 Pro and Pro Workstation. After receiving the prompts, the users can upgrade to Windows 11 23H2 or keep using Windows 10.

Microsoft patched a high-severity Windows Kernel privilege escalation vulnerability in February, six months after being informed that the flaw was being exploited as a zero-day. Sys Windows AppLocker driver and reported to Microsoft last August as an actively exploited zero-day.

Microsoft has released the optional KB5034843 Preview cumulative update for Windows 10 22H2 with an updated sharing experience and eight other fixes or changes. As with all new Windows 10 updates, this is primarily a maintenance release, with most fixes in this update relating to enterprise services, such as Azure, Remote Desktop, and Windows Hello for Business.

Microsoft has released the optional KB5034848 Preview cumulative update for Windows 11 23H2 and 22H2, which brings new features, including USB 80Gbps and nineteen other changes and fixes. The KB5034848 cumulative update preview is part of Microsoft's "Optional non-security preview updates" schedule, released on the fourth week of every month.

Microsoft has released the Windows 11 'Moment 5' update for versions 23H2 and 22H2, starting the rollout of new features, such as Windows Copilot skills and plugins, Voice Access, AI enhancements for ClipChamp and Photos, and Narrator improvements. Once this setting is enabled, Windows 11 23H2/22H2 users can click on the 'Check for updates' button to receive a new Windows Configuration update that enables the new features in the operating system.

Microsoft says that systems running Windows 11 22H2 will continue to receive non-security preview updates after initially stating they would no longer receive them after February 2024. Under the new schedule revealed this week, Windows 11 22H2 optional updates will keep rolling out until mid-June 2025, depending on your Windows edition.

The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on...

North Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver as a zero-day to gain kernel-level access and turn off security tools, allowing them to bypass noisy BYOVD techniques. Avast reports that Lazarus exploited CVE-2024-21338 to create a read/write kernel primitive in an updated version of its FudModule rootkit, which ESET first documented in late 2022.

Microsoft says the February 2024 updates fail to install on Windows 11 22H2 and 23H2 systems, with 0x800F0922 errors and downloads stopping at 96%. Users experiencing this known issue will likely see a new Windows Event Viewer entry with a 0x800F0922 error code. The following message will be displayed on affected systems after the security updates fail to install: "Something didn't go as planned. No need to worry - undoing changes. Please keep your computer on."

Microsoft's Windows Photos app now has its own generative erase tool that enables users to replace unwanted objects with AI-generated content. This feature is rolling out to Windows Insiders in all channels today, including systems running Windows 10 in the Release Preview Channel.