Security News

Microsoft announced the public preview launch of Win32 app isolation, a new Windows 11 security feature designed to sandbox 32-bit desktop applications.Recently announced during Microsoft's Build 2023 conference, Win32 app isolation uses AppContainer to boost security by mitigating the potential harm caused by compromised applications and protecting the user's privacy.

The Windows 11 22H2 KB5027231 cumulative update released during this month's Patch Tuesday also breaks Google Chrome on systems protected by Cisco and WatchGuard EDR and antivirus solutions. As BleepingComputer reported on Wednesday, Windows admins and users report having issues launching the web browser after installing the KB5027231 Windows 11 updates.

Microsoft has released an optional fix to address a Kernel information disclosure vulnerability affecting systems running multiple Windows versions, including the latest Windows 10, Windows Server, and Windows 11 releases. As Microsoft explains in a support document, you must make a registry change on vulnerable Windows systems to enable the fix.

Malwarebytes confirmed today that the Windows 11 22H2 KB5027231 cumulative update released this Patch Tuesday breaks Google Chrome on its customers' systems. The company published a support article today confirming the Malwarebytes conflict with Google Chrome after installing the June 2023 Patch Tuesday updates on Windows 11 systems.

The Chinese state-sponsored group known as UNC3886 has been found to exploit a zero-day flaw in VMware ESXi hosts to backdoor Windows and Linux systems. The VMware Tools authentication bypass vulnerability, tracked as CVE-2023-20867, "Enabled the execution of privileged commands across Windows, Linux, and PhotonOS guest VMs without authentication of guest credentials from a compromised ESXi host and no default logging on guest VMs," Mandiant said.

A new Golang-based information stealer called Skuld has compromised Windows systems across Europe, Southeast Asia, and the U.S. "This new malware strain tries to steal sensitive information from its victims," Trellix researcher Ernesto Fernández Provecho said in a Tuesday analysis. "To accomplish this task, it searches for data stored in applications such as Discord and web browsers; information from the system and files stored in the victim's folders."

Hackers are impersonating cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept exploits for zero-day vulnerabilities that infect Windows and Linux with malware. These malicious exploits are promoted by alleged researchers at a fake cybersecurity company named 'High Sierra Cyber Security,' who promote the GitHub repositories on Twitter, likely to target cybersecurity researchers and firms involved in vulnerability research.

Microsoft has rolled out fixes for its Windows operating system and other software components to remediate major security shortcomings as part of Patch Tuesday updates for June 2023. It's worth noting that Microsoft also closed out 26 other flaws in Edge - all of them rooted in Chromium itself - since the release of May Patch Tuesday updates.

Hackers are distributing Windows 10 using torrents that hide cryptocurrency hijackers in the EFI partition to evade detection. The EFI partition is a small system partition containing the bootloader and related files executed before the operating system's startup.

Multiple editions of Windows 10 21H2 have reached their end of service in this month's Patch Tuesday, as Microsoft reminded customers today. "Customers who contact Microsoft Support after this date will be directed to update their device to the latest version of Windows 10 or upgrade to Windows 11 to remain supported," Microsoft said in an initial announcement on March 14.