Security News
Microsoft Windows 10 and Windows 11 users are at risk of a new unpatched vulnerability that was recently disclosed publicly. As we reported last week, the vulnerability - SeriousSAM - allows attackers with low-level permissions to access Windows system files to perform a Pass-the-Hash attack.
Kaseya obtains universal REvil decryptorThere's finally some good news for the MSPs and their customers that have been hit by the REvil ransomware gang via compromised Kaseya VSA software: a universal decryptor has made it available to affected organizations. Easily exploitable, unpatched Windows privilege escalation flaw revealedA researcher has unearthed an easily exploitable vulnerability in Windows 10 that may allow local non-administrative users to gain administrative-level privileges.
With the release of Windows 10's March 2021 updates and subsequent updates, some users have been experiencing performance issues when playing games. These gaming issues include decreased frame rate, stuttering in certain games, and flickering textures.
Microsoft says customers may experience printing and scanning issues on devices using smart card authentication after installing July 2021 Windows 10 security updates on a domain controller. Windows 10 users who encounter this issue are advised to first check if they have the latest drivers and firmware installed on the non-compliant and misbehaving printing or scanning devices.
A privilege escalation bug, affecting versions of Windows 10, received a workaround fix by Microsoft Wednesday to prevent attackers from accessing data and creating new accounts on compromised systems. The bug, dubbed SeriousSAM, affects the Security Accounts Manager database in all versions of Windows 10.
Microsoft Defender Application Guard protects your networks and data from malicious applications running in your web browser, but you must install and activate it first. In a previous article, we noted that many of the security features listed as absolute requirements for a successful Windows 11 installation are already available as options in Windows 10, you just have to turn them on manually.
Microsoft has shared a workaround for a Windows 10 zero-day vulnerability that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges. "An elevation of privilege vulnerability exists because of overly permissive Access Control Lists on multiple system files, including the Security Accounts Manager database," Microsoft explains in a security advisory published on Tuesday evening.
Microsoft has shared a workaround for a Windows 10 zero-day vulnerability that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges. "An elevation of privilege vulnerability exists because of overly permissive Access Control Lists on multiple system files, including the Security Accounts Manager database," Microsoft explains in a security advisory published on Tuesday evening.
Microsoft has shared a workaround for a Windows 10 zero-day vulnerability that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges. "An elevation of privilege vulnerability exists because of overly permissive Access Control Lists on multiple system files, including the Security Accounts Manager database," Microsoft explains in a security advisory published on Tuesday evening.
Windows 10 and Windows 11 are vulnerable to a local elevation of privilege vulnerability after discovering that users with low privileges can access sensitive Registry database files. The database files associated with the Windows Registry are stored under the C:Windowssystem32config folder and are broken up into different files such as SYSTEM, SECURITY, SAM, DEFAULT, and SOFTWARE. As these files contain sensitive information about all user accounts on a device and security tokens used by Windows features, they should be restricted from being viewed by regular users with no elevated privileges.