Security News

Microsoft's Windows 11 Moment 3 update brings a range of new features and improvements, designed to enhance user experience. The Moment 3 update extends the live captions feature to additional languages, including Simplified and Traditional Chinese, French, German, Italian, Japanese, Portuguese, Spanish, Danish, Korean, and other English dialects.

After introducing a string of AI-powered assistants for its products, Microsoft has now announced that it will soon end support for the Windows standalone Cortana app. Initially introduced as part of the Windows Phone operating system, Cortana has since expanded to other platforms, including Windows 10, Android, and iOS. It's now deeply integrated into Microsoft's ecosystem and was designed to work closely with other Microsoft products.

Researchers at firmware and supply-chain security company Ecylpsium claim to have found what they have rather dramtically dubbed a "Backdoor" in hundreds of motherboard models from well-known hardware maker Gigabyte. You can reinstall Windows at any time, and a standard Windows image doesn't know whether you're going to be using a Gigabyte motherboard or not, so it doesn't come with GigabyteUpdateService.

Microsoft says SMB signing will be required by default for all connections to defend against NTLM relay attacks, starting with today's Windows build rolling out to Insiders in the Canary Channel. "This changes legacy behavior, where Windows 10 and 11 required SMB signing by default only when connecting to shares named SYSVOL and NETLOGON and where Active Directory domain controllers required SMB signing when any client connected to them," Microsoft said.

Microsoft is now rolling out a new Windows 11 dev build allowing Insiders to view their phone's camera roll in the File Explorer Gallery. Once the Windows 11 Insider Preview Build 23471 gets installed, they can add photos from their phone by clicking a new button added to the File Explorer's command bar.

After the malicious driver is written to the disk, Terminator loads it to use its kernel-level privileges to kill off the user-mode processes of AV and EDR software running on the device. While it is not clear how the Terminator program is interfacing with the driver, a PoC exploit was released in 2021 that exploits flaws in the driver to execute commands with Windows Kernel privileges, which could be used to terminate normally-protected security software processes.

One of these fundamental security procedures is the period resetting of a strong login password - a security task that users are understandably reluctant to participate in. In Windows 11, administrators of local user accounts can force members to reset their respective passwords on their next login by making a simple change on a specific configuration screen.

The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services web servers to gain initial access to corporate networks. The latest tactic of targeting Windows IIS servers was discovered by South Korean researchers at the AhnLab Security Emergency Response Center.

The QBot malware operation has started to abuse a DLL hijacking flaw in the Windows 10 WordPad program to infect computers, using the legitimate program to evade detection by security software. Windows applications will prioritize DLLs in the same folder as the executable, loading them before all others.

Microsoft has released a new Windows 11 dev build that adds a long-awaited feature allowing users to ensure that all windows are shown as individual items in the taskbar. The new never combined mode is rolling out to Windows Insiders in the Dev Channel, so it might take some time to reach all enrolled devices.