Security News

The Computer Emergency Response Team of Ukraine has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various government bodies in the country. The email messages come with the subject line "Windows Update" and purportedly contain instructions in the Ukrainian language to run a PowerShell command under the pretext of security updates.

The Computer Emergency Response Team of Ukraine says Russian hackers are targeting various government bodies in the country with malicious emails supposedly containing instructions on how to update Windows as a defense against cyber attacks. Instead of legitimate instructions on upgrading Windows systems, the malicious emails advise the recipients to run a PowerShell command.

Microsoft is rewriting core Windows libraries in the Rust programming language, and the more memory-safe code is already reaching developers. Microsoft showed interest in Rust several years ago as a way to catch and squash memory safety bugs before the code lands in the hands of users; these kinds of bugs were at the hear of about 70 percent of the CVE-listed security vulnerabilities patched by the Windows maker in its own products since 2006.

Microsoft says Windows 10, version 22H2 will be the last feature update to be released for the Windows 10 operating system.Windows 10 22H2 reached general availability in October 2022 and entered broad deployment on November 18, 2022.

Microsoft is rolling out Phone Link for iOS to all Windows 11 and iPhone users, with the rollout expected to complete by mid-May. The Phone Link app is designed to enable users to connect from their PC to Android and iOS devices via a Wi-Fi connection. "Today, we are excited to announce that Microsoft Phone Link for iOS on Windows 11 is beginning to rollout to our global audience in 39 languages across 85 markets," said Ali Akgun, Corporate Vice President of Software Engineering for Microsoft Devices.

Microsoft has fixed a known issue triggering Windows Security warnings that Local Security Authority Protection is off by removing the feature's UI from settings. Microsoft acknowledged a known issue causing persistent alerts asking for Windows restarts following a stream of reports mentioning "Local Security Authority protection is off. Your device may be vulnerable." warnings even though LSA Protection was already enabled.

Microsoft has released the optional KB5025297 Preview cumulative update for Windows 10 22H2, with eighteen fixes or changes. The KB5025297 cumulative update preview is part of Microsoft's optional non-security preview updates released on the Tuesday of the fourth week of a month.

Microsoft has released the optional April 2023 non-security cumulative updates for all editions of Windows 11 22H2 with a new option to prioritize non-security and feature Windows updates. After applying today's KB5025305 preview update, you can configure your PC to prioritize installing the latest available updates.

Ransomware spreaders have built a handy tool that abuses an out-of-date Microsoft Windows driver to disable security defenses before dropping malware into the targeted systems. To be clear, AuKill takes the BYOVD approach: it brings onto the PC a vulnerable Microsoft driver to exploit.

A new "All-in-one" stealer malware named EvilExtractor is being marketed for sale for other threat actors to steal data and files from Windows systems. The network security company said it has observed a surge in attacks spreading the malware in the wild in March 2023, with a majority of the victims located in Europe and the U.S. While marketed as an educational tool, EvilExtractor has been adopted by threat actors for use as an information stealer.