Security News

The TrickBot gang operators are now abusing the Windows 10 App Installer to deploy their BazarLoader malware on the systems of targets who fall victim to a highly targeted spam campaign. When clicking the button, the browser will first show a warning asking the victim if they want to allow the site to open App Installer.

AMD has fixed a long list of security vulnerabilities found in its graphics driver for Windows 10 devices, allowing attackers to execute arbitrary code and elevate privileges on vulnerable systems. "In a comprehensive analysis of the AMD Escape calls, a potential set of weaknesses in several APIs was discovered, which could result in escalation of privilege, denial of service, information disclosure, KASLR bypass, or arbitrary write to kernel memory," AMD explained.

Microsoft has reminded users today that all editions of Windows 10, version 2004 and Windows Server, version 2004, will reach end of servicing on December 14, 2021. Customers still using end of service software are advised to upgrade to the latest version of Windows 10 or to Windows 11 as soon as possible to keep their systems secure and bug-free.

The new update is now available for Windows 10 version 2004, version 20H2 and version 21H1. As per the official release notes, Microsoft has published cumulative updates KB5007186 and KB5007189. This month's cumulative updates apparently include security fixes for May 2021 Update, October 2020 Update, and May 2020 Update.

Microsoft has designated Windows 10, version 21H1 for broad deployment, making it available to everyone via Windows Update. Microsoft officially started rolling out Windows 10 21H1 in May 2020, but it hasn't been offered to all those checking for updates via Windows Update until now.

Microsoft has released the optional KB5006738 Preview cumulative update for Windows 10 2004, Windows 10 20H2, and Windows 10 21H1. Microsoft says this update and a separate Windows Server preview update will fix all outstanding printing issues affecting users since they mitigated the PrintNightmare vulnerabilities. The KB5006738 cumulative update is part of Microsoft's September 2021 monthly "C" update, allowing Windows users to test upcoming fixes before they are released as part of the upcoming November 2021 Patch Tuesday.

Microsoft has begun force installing the PC Health Check application on Windows 10 devices using a new KB5005463 update. PC Health Check is a new diagnostics tool created by Microsoft and released in conjunction with Windows 11 that provides various troubleshooting and maintenance features.

Microsoft is preparing Windows 10 21H2, the next Windows 10 version, for a November 2021 release and is now rolling it out to all Windows Insiders in the Release Preview Channel. The Windows 10 21H2 feature update is offered as an optional update through the "Seeker" experience in Windows Update to Insiders who go to Settings > Update & Security > Windows Update.

Microsoft has fixed a known Windows 10 issue causing smartcard authentication to fail when trying to connect using Remote Desktop after installing the cumulative updates released during last month's Patch Tuesday. Microsoft has already rolled out a fix to address this issue via the Known Issue Rollback feature to affected Windows 10 devices.

Windows 10, iOS 15, Google Chrome, Apple Safari, Microsoft Exchange Server, and Ubuntu 20 were successfully broken into using original, never-before-seen exploits at the Tianfu Cup 2021, the fourth edition of the international cybersecurity contest held in the city of Chengdu, China. The Chinese version of Pwn2Own was started in 2018 in the wake of government regulation in the country that barred security researchers from participating in international hacking competitions because of national security concerns.