Security News
Microsoft has released optional out-of-band updates to fix a known issue triggering Kerberos sign-in failures and other authentication problems on enterprise Windows domain controllers after installing cumulative updates released during November's Patch Tuesday. "After installing updates released on November 8, 2022 or later on Windows Servers with the Domain Controller role, you might have issues with Kerberos authentication," Microsoft explained.
Phishing emails distributing the QBot malware are using a DLL hijacking flaw in the Windows 10 Control Panel to infect computers, likely as an attempt to evade detection by security software. If a threat actor creates a malicious DLL using the same name as one of the program's required DLLs and stores it in the same folder as the executable, the program would load that malicious DLL instead and infect the computer.
Microsoft has resolved a known issue triggering errors and temporarily causing the taskbar and desktop to disappear on Windows 10 systems. "You might experience an error in which the desktop or taskbar might momentarily disappear, or your device might become unresponsive," Microsoft explains on the Windows health dashboard.
Microsoft has released this month's optional KB5020030 Preview cumulative update for all editions of Windows 10 20H2, 21H1, 21H2, and 22H2. Today's update comes with ten bug fixes and enhancements, including fixes for persistent Microsoft Store update failures and an issue causing Direct3D 9 to crash when using Microsoft Remote Desktop. The KB5020030 cumulative update preview is part of Microsoft's November 2022 monthly "C" update, and it enables admins to test fixes rolling out to all users with the December 2022 Patch Tuesday.
We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.
We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.
Microsoft is working on a fix for a new known issue behind lower-than-expected performance or stuttering in some games on systems running Windows 11 22H2. According to Redmond, this performance hit is likely caused by some apps and games inadvertently enabling GPU performance debugging features. "Some games and apps might experience lower than expected performance or stuttering on Windows 11, version 22H2," the company says on the Windows Health dashboard.
Windows 11 will soon let you filter processes in the Task Manager by their name, process ID, or publisher, making it easier to find a running program. As new versions of Windows are released, the Task Manager has increasingly begun to fill up with a long list of running processes.
Windows has fixed a bug that prevented Mark of the Web flags from propagating to files within downloaded ISO files, dealing a massive blow to malware distributors and developers. According to Bill Demirkapi, an engineer in Microsoft MSRC's Vulnerability and Mitigations team, a bug was fixed that prevented the MoTW flag from propagating to files inside an ISO disk image.
A malware loader deemed in June to be a "Work in progress" is now fully functional and infecting thousands of Windows corporate and home PCs. IceXLoader version 3 was discovered in the summer by Fortinet's FortiGuard Labs, which wrote that the malware's features were incomplete and it appeared to have been ported to the Nim programming language. IceXLoader was originally sold on the dark web for $118 per lifetime license by a group of developers that also sells other commodity malware and claims to have more than 200 clients, FortiGuard wrote.