Security News

Windows users who have installed a new KB5012170 security update for Secure Boot have encountered various issues, ranging from boots failing with BitLocker Recovery prompts to performance issues. During the August 2022 Patch Tuesday, Microsoft released the standalone KB5012170 'Security update for Secure Boot DBX' to resolve vulnerabilities found in various UEFI bootloaders that threat actors could use to bypass the Windows Secure Boot feature and execute unsigned code.

Microsoft is warning that users may see a 0x800f0922 error when trying to install Windows KB5012170 Secure Boot security update on currently supported operating systems for consumers and the enterprise-class Server version. Error 0x800f0922 is related strictly to KB5012170, a security update for the Secure Boot DBX, a repository that holds revoked signatures for Unified Extensible Firmware Interface bootloaders.

A pair of reports from cybersecurity firms SEKOIA and Trend Micro sheds light on a new campaign undertaken by a Chinese threat actor named Lucky Mouse that involves leveraging a trojanized version of a cross-platform messaging app to backdoor systems. Infection chains leverage a chat application called MiMi, with its installer files compromised to download and install HyperBro samples for the Windows operating system and rshell artifacts for Linux and macOS. As many as 13 different entities located in Taiwan and the Philippines have been at the receiving end of the attacks, eight of whom have been hit with rshell.

Some signed third-party bootloaders for the Unified Extensible Firmware Interface could allow attackers to execute unauthorized code in an early stage of the boot process, before the operating system loads. Eclypsium security researchers Mickey Shkatov and Jesse Michael discovered vulnerabilities affecting UEFI bootloaders from third-party vendors that could be exploited to bypass the Secure Boot feature on Windows machines.

Why? GitLab explained: "Due to Microsoft Windows' dominance in desktop operating systems, Windows is the platform most targeted by spyware, viruses, and ransomware." Windows' security mess has never been just because Windows is more popular.

The U.S. Cybersecurity and Infrastructure Security Agency has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation. Officially tracked as CVE-2022-34713 and informally referred to as DogWalk, the security flaw in MSDT allows an attacker to place a malicious executable into the Windows Startup folder.

How to reset your Windows 10 password when you forget it We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. You can reset the password for a Microsoft Account from the Windows 10 login screen or from your Microsoft Account webpage.

The August 2022 Patch Tuesday has arrived, with fixes for an unexpectedly high number of vulnerabilities in various Microsoft products, including two zero-days: one actively exploited and one not yet. CVE-2022-34713 is a vulnerability in Microsoft Windows Support Diagnostic Tool that allows for remote code execution.

Microsoft has released security updates to address a high severity Windows zero-day vulnerability with publicly available exploit code and abused in attacks. DogWalk was publicly disclosed by security researcher Imre Rad more than two years ago, in January 2020, after Microsoft replied to his report saying it won't provide a fix because this isn't a security issue.

Microsoft has released the Windows 11 KB5016629 cumulative update with security updates, improvements, including fixes for File Explorer and the Start Menu and a new Focus Assist feature. KB5016629 is a mandatory cumulative update containing the August 2022 Patch Tuesday security updates for vulnerabilities discovered in previous months.