Security News

A Microsoft app that helps people use their Windows PC and iPhone or Android phone in tandem could also be abused by cyberstalkers to snoop on personal information. In a report released Thursday, software maker Certo explains how Microsoft's Phone Link app could be used against iPhone owners and how they can protect themselves against this type of threat.

A recently spotted malvertising campaign tricked users with an in-browser Windows update simulation to deliver the Aurora information stealing malware. Written in Golang, Aurora has been available on various hacker forums for more than a year, advertised as an info stealer with extensive capabilities and low antivirus detection.

The vulnerability, tracked as CVE-2023-29324, has been described as a security feature bypass. Akamai security researcher Ben Barnea, who discovered and reported the bug, noted that all Windows versions are affected, but pointed out Microsoft, Exchange.

Your humble vulture is a glass-half-empty-and-who-the-hell-drank-my-whiskey kind of bird, so instead of looking on the bright side, we're looking at the two Microsoft bugs that have already been found and exploited by miscreants. The two that are under active exploit, at least according to Microsoft, are CVE-2023-29336, a Win32k elevation of privilege vulnerability; and CVE-2023-24932, a Secure Boot security feature bypass vulnerability, which was exploited by the BlackLotus bootkit to infect Windows machines.

Microsoft has released the Windows 11 22H2 KB5026372 cumulative update to fix security vulnerabilities and introduce 20 changes, improvements, and bug fixes. KB5026372 is a mandatory Windows 11 cumulative update containing the May 2023 Patch Tuesday security updates that fix 38 vulnerabilities and three zero-days in various Microsoft products.

Microsoft has released the Windows 10 KB5026361 and KB5026362 cumulative updates for versions 22H2, version 21H2, version 21H1, and 1809 to fix problems and add new features to the operating system. Microsoft will automatically install these updates via Windows Update over the next few days.

Microsoft has released a new Windows 11 dev build that modernizes the File Explorer details pane, improves the Windows Spotlight lock screen feature, and expands the "Notification badging" rollout in the Start menu. "We are introducing a modernized details pane in File Explorer designed to help you easily access related content, stay up to date with file activity, and collaborate without even opening a file," said Microsoft's Amanda Langowski and Brandon LeBlanc.

Microsoft announced today that Windows admins can now choose to be emailed when new known issues are added to the Windows release health section of the Microsoft 365 admin center. IT admins will receive an email every time known issues are added or updated with new information, including changes in status, new workarounds, or issue resolutions.

The Kremlin-backed threat group APT28 is flooding Ukrainian government agencies with email messages about bogus Windows updates in the hope of dropping malware that will exfiltrate system data. Executing the command simulates a Windows update but actually downloads and executes a PowerShell script that collects basic system information about using such commands as "Tasklist" and "Systeminfo".

A new malware known as 'LOBSHOT' distributed using Google ads allows threat actors to stealthily take over infected Windows devices using hVNC. Earlier this year, BleepingComputer and numerous cybersecurity researchers reported a dramatic increase in threat actors utilizing Google ads to distribute malware in search results. In a new report by Elastic Security Labs, researchers revealed that a new remote access trojan named LOBSHOT was being distributed through Google Ads.