Security News

Windows 10 KB5025297 preview update released with 10 fixes
2023-04-25 18:26

Microsoft has released the optional KB5025297 Preview cumulative update for Windows 10 22H2, with eighteen fixes or changes. The KB5025297 cumulative update preview is part of Microsoft's optional non-security preview updates released on the Tuesday of the fourth week of a month.

Windows 11 KB5025305 adds prioritized Windows updates setting
2023-04-25 17:44

Microsoft has released the optional April 2023 non-security cumulative updates for all editions of Windows 11 22H2 with a new option to prioritize non-security and feature Windows updates. After applying today's KB5025305 preview update, you can configure your PC to prioritize installing the latest available updates.

How fiends abuse an out-of-date Microsoft Windows driver to infect victims
2023-04-24 11:30

Ransomware spreaders have built a handy tool that abuses an out-of-date Microsoft Windows driver to disable security defenses before dropping malware into the targeted systems. To be clear, AuKill takes the BYOVD approach: it brings onto the PC a vulnerable Microsoft driver to exploit.

New All-in-One "EvilExtractor" Stealer for Windows Systems Surfaces on the Dark Web
2023-04-24 06:36

A new "All-in-one" stealer malware named EvilExtractor is being marketed for sale for other threat actors to steal data and files from Windows systems. The network security company said it has observed a surge in attacks spreading the malware in the wild in March 2023, with a majority of the victims located in Europe and the U.S. While marketed as an educational tool, EvilExtractor has been adopted by threat actors for use as an information stealer.

Microsoft Defender update causes Windows Hardware Stack Protection mess
2023-04-19 21:57

In a confusing mess, a recent Microsoft Defender update rolled out a new security feature called 'Kernel-mode Hardware-enforced Stack Protection,' while removing the LSA protection feature. A recent Microsoft Defender update has made this feature even more confusing, as after it is installed, the LSA Protection feature is removed and replaced by a new feature called Kernel-mode Hardware-enforced Stack Protection.

The Attacks that can Target your Windows Active Directory
2023-04-18 14:07

Active Directory is at the center of many attacks as it is still the predominant source of identity and access management in the enterprise. Hackers commonly target Active Directory with various attack techniques spanning many attack vectors.

Compatibility mess breaks not one but two Windows password tools
2023-04-14 17:50

Integrating the Local Administrator Password Solution into Windows and Windows Server that came with updates earlier this week is causing interoperability problems with what's called legacy LAPS, Microsoft says. Redmond touted the LAPS integration in the April 11 KB5025224 and KB5025239 cumulative updates, writing that "Windows LAPS is a huge improvement in virtually every area beyond Legacy LAPS.".

Microsoft: Windows LAPS is incompatible with legacy policies
2023-04-13 19:13

Microsoft is investigating an interoperability bug between the recently added Windows Local Administrator Password Solution feature and legacy LAPS policies. Windows LAPS helps admins manage passwords for local administrator accounts on Azure Active Directory-joined or Windows Server Active Directory-joined devices by automatically rotating and backing them up to AD domain controllers.

Windows 11 is getting a new 'Presence sensing' privacy setting
2023-04-13 18:19

Windows 11 is getting a new privacy setting that allows users to control whether applications can detect when actively interacting with the device. The new privacy setting is called 'Presence sensing' and allows you to configure whether applications can use APIs to determine if a user is active or inactive in Windows.

Windows admins warned to patch critical MSMQ QueueJumper bug
2023-04-12 17:31

Security researchers and experts warn of a critical vulnerability in the Windows Message Queuing middleware service patched by Microsoft during this month's Patch Tuesday and exposing hundreds of thousands of systems to attacks. MSMQ is available on all Windows operating systems as an optional component that provides apps with network communication capabilities with "Guaranteed message delivery," and it can be enabled via PowerShell or the Control Panel.