Security News

The August 2022 Patch Tuesday has arrived, with fixes for an unexpectedly high number of vulnerabilities in various Microsoft products, including two zero-days: one actively exploited and one not yet. CVE-2022-34713 is a vulnerability in Microsoft Windows Support Diagnostic Tool that allows for remote code execution.

Microsoft has released security updates to address a high severity Windows zero-day vulnerability with publicly available exploit code and abused in attacks. DogWalk was publicly disclosed by security researcher Imre Rad more than two years ago, in January 2020, after Microsoft replied to his report saying it won't provide a fix because this isn't a security issue.

Microsoft has released the Windows 11 KB5016629 cumulative update with security updates, improvements, including fixes for File Explorer and the Start Menu and a new Focus Assist feature. KB5016629 is a mandatory cumulative update containing the August 2022 Patch Tuesday security updates for vulnerabilities discovered in previous months.

Microsoft has released the Windows 10 KB5016616 and KB5016623 cumulative updates for versions 21H2, version 21H1, version 20H2, and 1809 to fix security vulnerabilities and resolve bugs and performance issues. This update is not available for Windows 10 1909 or Windows 10 2004.

Microsoft has warned today that Windows devices with the newest supported processors are susceptible to data damage on Windows 11 and Windows Server 2022. "Windows devices that support the newest Vector Advanced Encryption Standard instruction set might be susceptible to data damage," the company revealed today.

An extensive series of attacks detected in January used new Windows malware to backdoor government entities and organizations in the defense industry from several countries in Eastern Europe. Kaspersky linked the campaign with a Chinese APT group tracked as TA428, known for its information theft and espionage focus and attacking organizations in Asia and Eastern Europe [1, 2, 3, 4]. The threat actors successfully compromised the networks of dozens of targets, sometimes even taking control of their entire IT infrastructure by hijacking systems used to manage security solutions.

Microsoft has already begun testing the new Windows 10 22H2 version in the Windows Insider Release preview channel, allowing both consumers and the enterprise to test its new feature before it is officially released. Windows 10 22H2 is not a significant release and does not bring a major overhaul to Windows 10, but Microsoft says this update comes with a scoped set of new features.

A new ransomware family called 'GwisinLocker' targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines. On Wednesday, Korean cybersecurity experts at Ahnlab published a report on the Windows encryptor, and yesterday, security researchers at ReversingLabs published their technical analysis of the Linux version.

That's because changing the passwords has to be done manually and individually, plus you have to find a way to keep everyone up to date on the unique latest strong password for each server without saving those passwords somewhere an attacker can also find them, like a PASSWORDS.XLS spreadsheet. The Local Administrator Password Solution is a tool Microsoft has offered since 2015 that deals with exactly that problem.

Smart App Control, a Windows 11 security feature that blocks threats at the process level, now comes with support for blocking several file types threat actors have recently adopted to infect targets with malware in phishing attacks. "Windows 11 with smart app control blocks iso and lnk files that have mark of the web just like Macros," David Weston, Microsoft's VP for Enterprise and OS Security, tweeted on Tuesday.