Security News

Microsoft has published the Windows 10 KB5022282 and KB5022286 cumulative updates for versions 22H2, version 21H2, version 21H1, and 1809 to fix security vulnerabilities and resolve known bugs. This update is not available for Windows 10 1909 or Windows 10 2004.

Some users running Windows 10 who installed the KB5021233 cumulative update this month are seeing their operating system crash with the Blue Screen of Death, Microsoft is warning. In an entry over the weekend in its Windows Health Dashboard, the company wrote that the update might cause "a mismatch between the file versions of hidparse.sys in c:/windows/system32 and c:/windows/system32/drivers, which might cause signature validation to fail when cleanup occurs."

Government entities in Ukraine have been breached as part of a new campaign that leveraged trojanized versions of Windows 10 installer files to conduct post-exploitation activities. Mandiant, which discovered the supply chain attack around mid-July 2022, said the malicious ISO files were distributed via Ukrainian- and Russian-language Torrent websites.

Ukrainian government entities were hacked in targeted attacks after their networks were first compromised via trojanized ISO files posing as legitimate Windows 10 installers. While analyzing several infected devices on Ukrainian Government networks, Mandiant also spotted scheduled tasks set up in mid-July 2022 and designed to receive commands that would get executed via PowerShell.

Multiple editions of Windows 10 21H1 have reached their end of service on this month's Patch Tuesday, as Microsoft reminded customers yesterday. Since Windows 10 21H1 will no longer receive security updates, customers are advised to upgrade to the latest release as soon as possible to avoid exposing their systems to attacks exploiting unpatched security vulnerabilities.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Microsoft has tagged Windows 10, version 22H2 for broad deployment, thus making it available to everyone via Windows Update. "If you have an eligible device, you can install this feature update by opening Windows Update Settings and selecting Check for updates. Once the update is ready for your device, you will see the option to Download and install," Microsoft says on the Windows health dashboard.

Microsoft has resolved a known issue triggering errors and temporarily causing the taskbar and desktop to disappear on Windows 10 systems. "You might experience an error in which the desktop or taskbar might momentarily disappear, or your device might become unresponsive," Microsoft explains on the Windows health dashboard.

Microsoft has released this month's optional KB5020030 Preview cumulative update for all editions of Windows 10 20H2, 21H1, 21H2, and 22H2. Today's update comes with ten bug fixes and enhancements, including fixes for persistent Microsoft Store update failures and an issue causing Direct3D 9 to crash when using Microsoft Remote Desktop. The KB5020030 cumulative update preview is part of Microsoft's November 2022 monthly "C" update, and it enables admins to test fixes rolling out to all users with the December 2022 Patch Tuesday.

Microsoft has reminded customers today that all editions of Windows 10 21H1 are reaching the end of service next month. Windows customers should upgrade to the latest release as soon as possible to avoid exposing their devices to attacks exploiting unpatched security vulnerabilities since Windows 10 21H1 will no longer receive security updates.