Security News

Why? GitLab explained: "Due to Microsoft Windows' dominance in desktop operating systems, Windows is the platform most targeted by spyware, viruses, and ransomware." Windows' security mess has never been just because Windows is more popular.

The U.S. Cybersecurity and Infrastructure Security Agency has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation. Officially tracked as CVE-2022-34713 and informally referred to as DogWalk, the security flaw in MSDT allows an attacker to place a malicious executable into the Windows Startup folder.

How to reset your Windows 10 password when you forget it We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. You can reset the password for a Microsoft Account from the Windows 10 login screen or from your Microsoft Account webpage.

The August 2022 Patch Tuesday has arrived, with fixes for an unexpectedly high number of vulnerabilities in various Microsoft products, including two zero-days: one actively exploited and one not yet. CVE-2022-34713 is a vulnerability in Microsoft Windows Support Diagnostic Tool that allows for remote code execution.

Microsoft has released security updates to address a high severity Windows zero-day vulnerability with publicly available exploit code and abused in attacks. DogWalk was publicly disclosed by security researcher Imre Rad more than two years ago, in January 2020, after Microsoft replied to his report saying it won't provide a fix because this isn't a security issue.

Microsoft has released the Windows 11 KB5016629 cumulative update with security updates, improvements, including fixes for File Explorer and the Start Menu and a new Focus Assist feature. KB5016629 is a mandatory cumulative update containing the August 2022 Patch Tuesday security updates for vulnerabilities discovered in previous months.

Microsoft has released the Windows 10 KB5016616 and KB5016623 cumulative updates for versions 21H2, version 21H1, version 20H2, and 1809 to fix security vulnerabilities and resolve bugs and performance issues. This update is not available for Windows 10 1909 or Windows 10 2004.

Microsoft has warned today that Windows devices with the newest supported processors are susceptible to data damage on Windows 11 and Windows Server 2022. "Windows devices that support the newest Vector Advanced Encryption Standard instruction set might be susceptible to data damage," the company revealed today.

An extensive series of attacks detected in January used new Windows malware to backdoor government entities and organizations in the defense industry from several countries in Eastern Europe. Kaspersky linked the campaign with a Chinese APT group tracked as TA428, known for its information theft and espionage focus and attacking organizations in Asia and Eastern Europe [1, 2, 3, 4]. The threat actors successfully compromised the networks of dozens of targets, sometimes even taking control of their entire IT infrastructure by hijacking systems used to manage security solutions.

Microsoft has already begun testing the new Windows 10 22H2 version in the Windows Insider Release preview channel, allowing both consumers and the enterprise to test its new feature before it is officially released. Windows 10 22H2 is not a significant release and does not bring a major overhaul to Windows 10, but Microsoft says this update comes with a scoped set of new features.