Security News

Microsoft has released the optional KB5009596 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2. This update includes fixes for reboots on domain controllers, L2TP VPN connection issues, and 25 other fixes or improvements. The KB5009596 cumulative update preview is part of Microsoft's January 2022 monthly "C" update, allowing admins to test upcoming fixes being released in the February 2022 Patch Tuesday.

Microsoft has started the forced rollout of Windows 10, version 21H2 to more devices approaching the end of service as part of a first machine learning training phase. Windows 10 21H2 is also rolling out to seekers on Windows 10 2004 or newer through a fast update experience similar to a monthly update.

Microsoft released a list of twenty-five group policies that admins should not use in Windows 10 and Windows 11 as they do not provide optimal behavior or cause unexpected results. Windows Senior Program Manager Aria Carley hinted in December warned admins that admins should avoid using various group policies in Windows 10 and Windows 11.

Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. While a fix for the Outlook search issue is already rolling out to all impacted Windows 10 devices, Microsoft says it's still "Working on a resolution and will provide an update in an upcoming release" for affected Windows 11 systems.

Microsoft has fixed a known issue causing search issues for Outlook users after installing Windows 10 security updates released since November 2021. While a fix for the Outlook search issue is already rolling out to all impacted Windows 10 devices, Microsoft says it's still "Working on a resolution and will provide an update in an upcoming release" for affected Windows 11 systems.

The new update is now available for Windows 10 version 21H2, version 21H1, and version 20H2 As per the official release notes, Microsoft has published two main cumulative updates for Windows 10 - KB5009543 and KB5009545. This month's cumulative updates include security fixes for November 2021 Update, May 2021 Update, October 2020 Update.

Microsoft has released the final version of security configuration baseline settings for Windows 10, version 21H2, available today from the Microsoft Security Compliance Toolkit.The highlight of the new Windows 10 security baseline is the addition of tamper protection as a setting to enable by default.

December 2021 Patch Tuesday is rolling out to devices on Windows 10 version 2004, version 20H2, version 21H1 and version 21H2. As per the official release notes, Microsoft has published two cumulative updates - KB5008212 and KB5008206. Like the November release, this month's security updates include security fixes for November 2021 Update, May 2021 Update, October 2020 Update, and May 2020 Update.

Researchers have discovered a drive-by remote code-execution bug in Windows 10 via Internet Explorer 11/Edge Legacy - the EdgeHTML-based browser that's currently the default browser on Windows 10 PCs - and Microsoft Teams. In this case, the issue lies in the Windows 10/11 default Uniform Resource Identifier handler for ms-officecmd: URIs are used by the Microsoft Office Universal Windows Platform app to launch other Office desktop applications.

Researchers have discovered a drive-by remote code-execution bug in Windows 10 via Internet Explorer 11/Edge Legacy - the EdgeHTML-based browser that's currently the default browser on Windows 10 PCs - and Microsoft Teams. In this case, the issue lies in the Windows 10/11 default Uniform Resource Identifier handler for ms-officecmd: URIs are used by the Microsoft Office Universal Windows Platform app to launch other Office desktop applications.