Security News

Windows gamers and power users are being targeted by fake MSI Afterburner download portals to infect users with cryptocurrency miners and the RedLine information-stealing malware. The tool's popularity has also made it a good target for threat actors, who are looking to target Windows users with powerful GPUs that can be hijacked for cryptocurrency mining.

Microsoft announced today that the Store version of Windows Subsystem for Linux is generally available for Windows 10 and 11 customers. Following customer requests, all Windows 10 users can now use Linux GUI apps after updating to the Microsoft Store version.

Microsoft is investigating and working on fixing Remote Desktop issues on Windows 11 systems after installing the Windows 11 2022 Update. "After installing Windows 11, version 22H2, the Windows Remote Desktop application might stop responding when connecting via a Remote Desktop gateway or Remote Desktop Connection Broker," the company explained.

Microsoft has tagged Windows 10, version 22H2 for broad deployment, thus making it available to everyone via Windows Update. "If you have an eligible device, you can install this feature update by opening Windows Update Settings and selecting Check for updates. Once the update is ready for your device, you will see the option to Download and install," Microsoft says on the Windows health dashboard.

Microsoft is rolling out fixes for problems with the Kerberos network authentication protocol on Windows Server after it was broken by November Patch Tuesday updates. As we reported last week, updates released November 8 or later that were installed on Windows Server with the Domain Controller duties of managing network and identity security requests disrupted Kerberos authentication capabilities, ranging from failures in domain user sign-ins and Group Managed Service Accounts authentication to remote desktop connections not connecting.

This Mark of the Web is an alternate data stream that contains information about the file, such as the URL security zone the file originates from, its referrer, and its download URL. When a user attempts to open a file with a MoTW attribute, Windows will display a security warning asking if they are sure they wish to open the file. After analyzing the files, Will Dormann, a senior vulnerability analyst at ANALYGENCE, discovered that the threat actors were using a new Windows zero-day vulnerability that prevented Mark of the Web security warnings from being displayed.

Microsoft has released optional out-of-band updates to fix a known issue triggering Kerberos sign-in failures and other authentication problems on enterprise Windows domain controllers after installing cumulative updates released during November's Patch Tuesday. "After installing updates released on November 8, 2022 or later on Windows Servers with the Domain Controller role, you might have issues with Kerberos authentication," Microsoft explained.

Phishing emails distributing the QBot malware are using a DLL hijacking flaw in the Windows 10 Control Panel to infect computers, likely as an attempt to evade detection by security software. If a threat actor creates a malicious DLL using the same name as one of the program's required DLLs and stores it in the same folder as the executable, the program would load that malicious DLL instead and infect the computer.

Microsoft has resolved a known issue triggering errors and temporarily causing the taskbar and desktop to disappear on Windows 10 systems. "You might experience an error in which the desktop or taskbar might momentarily disappear, or your device might become unresponsive," Microsoft explains on the Windows health dashboard.

Microsoft has released this month's optional KB5020030 Preview cumulative update for all editions of Windows 10 20H2, 21H1, 21H2, and 22H2. Today's update comes with ten bug fixes and enhancements, including fixes for persistent Microsoft Store update failures and an issue causing Direct3D 9 to crash when using Microsoft Remote Desktop. The KB5020030 cumulative update preview is part of Microsoft's November 2022 monthly "C" update, and it enables admins to test fixes rolling out to all users with the December 2022 Patch Tuesday.