Security News

Patch Tuesday Microsoft today addressed 130 CVE-listed vulnerabilities in its products - and five of those bugs have already been exploited in the wild. A full list of security updates and advisories in this month's Patch Tuesday batch can be found here from the IT giant, or here from the ZDI. In summary, there are fixes for Windows, Office,.

Microsoft has begun the forced rollout of its Windows 11 22H2 'Moment 3' update, which introduces several new features and improvements to the operating system. In contrast to the two major feature updates that Windows 10 receives annually, Windows 11 will only receive one update yearly.

Learn how a malicious driver exploits a loophole in the Windows operating system to run at kernel level. Cisco Talos discovered a new Microsoft Windows policy loophole that allows a threat actor to sign malicious kernel-mode drivers executed by the operating system.

Microsoft has released the mandatory Windows 11 22H2 KB5028185 cumulative update to fix security vulnerabilities, enable the new Moment 3 features, and make over 30 improvements. KB5028185 is a mandatory Windows 11 cumulative update containing the July 2023 Patch Tuesday security updates that fix 78 vulnerabilities and thirty-eight remote code execution flaws in various Microsoft products.

Microsoft has released Windows 10 KB5028166 and KB5028168 cumulative updates for versions 22H2, version 21H2, and 1809 to fix problems and add new features to the operating system. As these updates contain security updates released as part of the July 2023 Patch Tuesday, Microsoft will automatically install the update over the next couple of days.

Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers on breached systems by exploiting a Windows policy loophole. With Windows Vista, Microsoft introduced policy changes restricting how Windows kernel-mode drivers could be loaded into the operating system, requiring developers to submit their drivers for review and sign them through Microsoft's developer portal.

A Microsoft Windows policy loophole has been observed being exploited primarily by native Chinese-speaking threat actors to forge signatures on kernel-mode drivers. "Actors are leveraging multiple open-source tools that alter the signing date of kernel mode drivers to load malicious and unverified drivers signed with expired certificates," Cisco Talos said in an exhaustive two-part report shared with The Hacker News.

A developing piece of ransomware called Big Head is being distributed as part of a malvertising campaign that takes the form of bogus Microsoft Windows updates and Word installers. Big Head was first documented by Fortinet FortiGuard Labs last month, when it discovered multiple variants of the ransomware that are designed to encrypt files on victims' machines in exchange for a cryptocurrency payment.

In collaboration with Microsoft, Amazon has announced the general availability of its AppStore on Windows 11 for all developers. This means more apps and games are coming to Windows 11 as Amazon developers can now easily access the AppStore for Windows and bring their Amazon Store apps to Microsoft's platform.

Microsoft warned customers today that multiple editions of Windows 11, version 21H2, will reach the end-of-service in three months, on October 10, 2023. Windows 11 22H2 has entered widespread availability for Windows devices meeting the eligibility criteria since October.