Security News

After the malicious driver is written to the disk, Terminator loads it to use its kernel-level privileges to kill off the user-mode processes of AV and EDR software running on the device. While it is not clear how the Terminator program is interfacing with the driver, a PoC exploit was released in 2021 that exploits flaws in the driver to execute commands with Windows Kernel privileges, which could be used to terminate normally-protected security software processes.

One of these fundamental security procedures is the period resetting of a strong login password - a security task that users are understandably reluctant to participate in. In Windows 11, administrators of local user accounts can force members to reset their respective passwords on their next login by making a simple change on a specific configuration screen.

The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services web servers to gain initial access to corporate networks. The latest tactic of targeting Windows IIS servers was discovered by South Korean researchers at the AhnLab Security Emergency Response Center.

The QBot malware operation has started to abuse a DLL hijacking flaw in the Windows 10 WordPad program to infect computers, using the legitimate program to evade detection by security software. Windows applications will prioritize DLLs in the same folder as the executable, loading them before all others.

Microsoft has released a new Windows 11 dev build that adds a long-awaited feature allowing users to ensure that all windows are shown as individual items in the taskbar. The new never combined mode is rolling out to Windows Insiders in the Dev Channel, so it might take some time to reach all enrolled devices.

A new ransomware operation named 'Buhti' uses the leaked code of the LockBit and Babuk ransomware families to target Windows and Linux systems, respectively. Blacktail uses the Windows LockBit 3.0 builder that a disgruntled developer leaked on Twitter in September 2022.

Microsoft says some 32-bit applications are impacted by recurring failures when saving and copying files across multiple Windows versions. The intermittent issue only affects apps that are large address aware and are also using the CopyFile API on Windows 11 21H2 and 22H2 or Windows 10 21H2 and 22H2. "Windows devices are more likely to be affected by this issue when using some commercial/enterprise security software which uses extended file attributes," Microsoft said.

Microsoft has released the Windows 11 22H2 KB5026446 update, aka 'Moment 3,' bringing quite a few new and long-awaited features to the operating system. The KB5026446 update is a monthly preview update allowing users to test upcoming fixes and features that will be installed as part of the following month's mandatory Patch Tuesday.

Microsoft has released the optional KB5026435 Preview cumulative update for Windows 10 22H2 with two new features and 18 additional fixes or changes. The KB5026435 cumulative update preview is part of Microsoft's new "Optional non-security preview release" released in the fourth week of every month, allowing admins to test upcoming fixes released on the following month's mandatory Patch Tuesday.

When activated, the Windows Copilot sidebar remains consistent across applications, programs, and windows, ready to serve as your personal assistant. Integrating Bing and ChatGPT plugins in Windows Copilot opens avenues for enhanced AI capabilities and experiences.