Security News

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Microsoft has published the Windows 10 KB5022282 and KB5022286 cumulative updates for versions 22H2, version 21H2, version 21H1, and 1809 to fix security vulnerabilities and resolve known bugs. This update is not available for Windows 10 1909 or Windows 10 2004.

Microsoft has addressed a known issue breaking provisioning on Windows 11 22H2 systems and leaving enterprise endpoints partially configured and failing to finish installing. The issue was first acknowledged in October 2022 when Redmond said using provisioning packages after installing the Windows 11 2022 Update might not work as expected, failing with 0x800700b7 errors.

Windows 7 Professional and Enterprise editions will no longer receive extended security updates for critical and important vulnerabilities starting Tuesday, January 10, 2023.The Extended Security Update program was the last resort option for customers who still needed to run legacy Microsoft products past their end of support on Windows 7 systems.

Threat actors are using a well-crafted Pokemon NFT card game website to distribute the NetSupport remote access tool and take control over victims' devices. The website "Pokemon-go[.]io," which is still online at the time of writing, claims to be home to a new NFT card game built around the Pokemon franchise, offering users strategic fun together with NFT investment profits.

A signed Windows driver has been used in attacks on banks in French-speaking countries, likely from a threat actor that stole more than $11 million from various banks. Symantec's report adds some technical details, such as the use of the GuLoader tool for loading malware and a signed driver that helps the attacker kill processes for security products running on the victim network.

Microsoft has reminded customers that the extended support for all editions of Windows Server 2012 and Windows Server 2012 R2 will end on October 10. Although Windows Server 2012 reached its mainstream support end date over four years ago, in October 2018, Microsoft pushed back the end date for extended support five years to allow customers to migrate to newer, under-support Windows Server versions.

Hackers are abusing the Windows Problem Reporting error reporting tool for Windows to load malware into a compromised system's memory using a DLL sideloading technique. The use of this Windows executable is to stealthy infect devices without raising any alarms on the breached system by launching the malware through a legitimate Windows executable.

BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass Windows Mark of the Web protections. "BlueNoroff created numerous fake domains impersonating venture capital companies and banks," security researcher Seongsu Park said, adding the new attack procedure was flagged in its telemetry in September 2022.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.