Security News

Microsoft has released the optional KB5017380 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. This update includes numerous bug fixes and enhancements, including a new FIDO2 and Windows Hello authentication features. The KB5017380 cumulative update preview is part of Microsoft's September 2022 monthly "C" update, allowing admins to test upcoming fixes released in the October 2022 Patch Tuesday.

Microsoft has released the final version of security configuration baseline settings for Windows 11, version 22H2, downloadable today using the Microsoft Security Compliance Toolkit.While the new baseline adds extra defenses focusing on multiple areas, the highlight of the latest Windows 11 security baseline is the addition of Kernel Mode Hardware-enforced Stack Protection that provides additional hardware-level protection for kernel code against malware threats.

Microsoft has released the next version of Windows 11 called "22H2," otherwise known as the Windows 11 2022 Update, and it is available as an optional update for users running at least Windows 10 2004 or an older version of Windows 11. Windows 11 21H2 is the first feature update for Microsoft's new operating system, coming with numerous features and security improvements to enhance the operating system's overall experience, making it worth installing.

Microsoft has already confirmed the features coming to Windows 11 with version 22H2 and users can test them by joining the Windows Insider Program. One of the new features is the redesigned Task Manager.

The Windows 10 KB5017308 cumulative update released this Patch Tuesday is reportedly causing Group Policy Object issues, according to admin reports. "Running Windows Update Standalone Installer with the /uninstall switch on the combined package will not work because the combined package contains the SSU. You cannot remove the SSU from the system after installation."

Microsoft has reminded customers that all editions of Windows 10, version 21H1 will reach the end of service in three months, on December 13, 2022. The company said in a support document published on Wednesday that Windows 10 21H1 that systems running these Windows editions will no longer receive security updates.

CISA added two new vulnerabilities to its list of security bugs exploited in the wild today, including a Windows privilege escalation vulnerability and an arbitrary code execution flaw affecting iPhones and Macs. Apple also patched the arbitrary code execution vulnerability on Monday and confirmed that it was exploited in attacks as a zero-day bug in the iOS and macOS kernel.

Security analysts have found a severe security vulnerability in the desktop app for Microsoft Teams that gives threat actors access to authentication tokens and accounts with multi-factor authentication turned on. The newly discovered security issue impacts versions of the application for Windows, Linux, and Mac and refers to Microsoft Teams storing user authentication tokens in clear text without protecting access to them.

State-backed Chinese hackers have developed a Linux variant for the SideWalk backdoor used against Windows systems belonging to targets in the academic sector. The SideWalk Linux backdoor has been observed in the past, initially being tracked as StageClient by security researchers at cybersecurity company ESET. An early variant of the malware was spotted by researchers at 360 Netlab, the threat intelligence team at Chinese internet security company Qihoo 360, and detailed two years ago in a blog post about the Specter botnet hitting IP cameras.

September's Patch Tuesday is here and it brings, among other things, fixes from Microsoft for one security bug that miscreants have used to fully take over Windows systems along with details of a second vulnerability that, while not yet under attack, has already been publicly disclosed. "Seeing as this vulnerability was reported to Microsoft by four different cybersecurity companies, it is highly likely that it is being leveraged extensively in the wild - specifically by APT groups and malware authors - to gain elevated privileges," Bharat Jogi, director of vulnerability and threat research at Qualys, told The Register.