Security News

Microsoft has a new utility to the PowerToys toolset that will help Windows users find the processes using selected files and unlock them without requiring a third-party tool. As its name implies, the new File Locksmith utility can be used to deal with locked files that can't be deleted or opened because Windows says another process is using them.

Microsoft is now testing a new way to help Windows 11 users get more out of its Windows Search by displaying tip flyouts in the taskbar. Starting today, Windows 11 will display tips prodding Windows Insiders who have installed the latest Windows 11 Dev build to search their PC and the web from the taskbar.

A cybersecurity firm has issued another unofficial patch to squash a bug in Windows that Microsoft has yet to fix, with this hole being actively exploited to spread ransomware. Specifically, an attacker could prevent Windows from putting the MotW flag on files extracted from a ZIP archive obtained from an untrusted source.

Mozilla has fixed a known issue causing the Firefox web browser to freeze when copying text on Windows 11 devices where the Suggested Actions clipboard feature is enabled. The issue impacts Firefox users running Microsoft's latest OS release, Windows 11, version 22H2, where this new feature is enabled by default.

An unofficial patch has been made available for an actively exploited security flaw in Microsoft Windows that makes it possible for files signed with malformed signatures to sneak past Mark-of-the-Web protections. The fix, released by 0patch, arrives weeks after HP Wolf Security disclosed a Magniber ransomware campaign that targets users with fake security updates which employ a JavaScript file to proliferate the file-encrypting malware.

A free unofficial patch has been released for an actively exploited zero-day that allows files signed with malformed signatures to bypass Mark-of-the-Web security warnings in Windows 10 and Windows 11. What made these Magniber JavaScript files stand out was that even though they contained a Mark-of-a-Web, Windows did not display any security warnings when they were launched.

Raspberry Robin, a worm that spreads through Windows systems via USB drives, has rapidly evolved: now backdoor access is being sold or offered to infected machines so that ransomware, among other code, can be installed by cybercriminals. In a report on Thursday, Microsoft's Security Threat Intelligence unit said Raspberry Robin is now "Part of a complex and interconnected malware ecosystem" with links to other families of malicious code and ties to ransomware infections.

Microsoft says Windows domain join processes may fail with "0xaac" errors after applying this month's security updates. The issue stems from hardening changes introduced when addressing the CVE-2022-38042 elevation of privilege vulnerability in the Active Directory Domain Services that would allow attackers to gain domain administrator privileges.

Microsoft is investigating a known issue causing OneDrive and OneDrive for Business crashes on Windows 10 systems where customers have installed updates released earlier this month. "After installing KB5018410 or later updates, OneDrive might unexpectedly close," the company explained in a Windows health dashboard update.

Microsoft has released the optional KB5018482 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. [...]