Security News

Microsoft has addressed a known issue causing intermittent failures when saving and copying files on Windows 11 22H2 devices. Microsoft says Windows devices are at a higher risk of being affected by this particular issue when using specific commercial or enterprise security software that utilizes extended file attributes.

For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly known before today! Microsoft has previously fixed CVE-2023-3079, a type confusion vulnerability in Chromium's V8 JavaScript engine, which was spotted being exploited by attackers to target Chrome users.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Microsoft has released the Windows 10 KB5027215 and KB5026435 cumulative updates for versions 22H2, version 21H2, version 21H1, and 1809 to fix problems and add new features to the operating system. As these updates contain security updates released as part of the June 2023 Patch Tuesday, Microsoft will automatically install the update over the next couple of days.

The last of the three men said to be responsible for infecting Windows computers with the banking trojan Gozi has been sentenced to three years. Mihai Ionut Paunescu, 37, was said to have supplied the bulletproof hosting that is so vital for the efficient running of malware ops, allowing his co-conspirators to distribute the Gozi malware that stole confidential financial information from millions of computers, among them some Windows boxes running at NASA. The Romanian national, whom Feds say was also known as "Virus," was sentenced [PDF] to three years in prison on Monday.

Researchers have released a proof-of-concept exploit for an actively exploited Windows local privilege escalation vulnerability fixed as part of the May 2023 Patch Tuesday. To raise awareness about the actively exploited flaw, and the need to apply Windows security updates, CISA also published an alert and added it to its "Known Exploited Vulnerabilities" catalog.

Details have emerged about a now-patched actively exploited security flaw in Microsoft Windows that could be abused by a threat actor to gain elevated privileges on affected systems. "An attacker who successfully exploited this vulnerability could gain SYSTEM privileges," Microsoft disclosed in an advisory issued last month as part of Patch Tuesday updates.

For Windows 11, Microsoft and Intel had worked for over five years on the features that would support Windows 11's secure by default objectives, for example. The Intel vPro architecture includes a set of features in Intel chips that offer hardware assistance in areas including remote management and security.

Cisco has fixed a high-severity vulnerability found in Cisco Secure Client software that can let attackers escalate privileges to the SYSTEM account used by the operating system."An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process."

Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new 'Fractureiser' information-stealing malware through uploaded modifications and by injecting malicious code into existing projects. According to multiple reports, the attack began when several CurseForge and Bukkit accounts were compromised and used to inject malicious code into plugins and mods, which were then adopted by popular modpacks such as 'Better Minecraft,' which has over 4.6 million downloads.