March 12, 2024 at 02:05PM Microsoft released the KB5035845 cumulative update for Windows 10 21H2 and 22H2, addressing 60 vulnerabilities, including 18 remote code execution flaws. Users can install it via Windows Update or manually from the Microsoft Update Catalog. The update provides nine new changes and fixes, including improvements for Windows share and Windows … Read more
March 11, 2024 at 12:30AM Microsoft took six months to patch a rootkit vulnerability in Windows discovered by North Korean hackers Lazarus Group. Avast researchers notified Microsoft of an admin-to-kernel exploit, but Microsoft did not prioritize the matter, waiting until February’s patch Tuesday to fix the issue. Critical vulnerabilities were also found in recent Apple … Read more
March 8, 2024 at 09:57AM SecurityWeek’s cybersecurity news roundup offers a concise collection of important stories that may have been overlooked. This week’s highlights include IBM’s launch of a new cyber response training facility, Google’s termination of accounts involved in influence operations, updates on Microsoft’s Secure Future Initiative, and cybersecurity resources released by CISA and … Read more
March 7, 2024 at 01:01PM Microsoft’s Windows 10 KB5001716 update, aimed at enhancing Windows Update functionality, is ironically causing installation issues and 0x80070643 errors. The update, initially released in October 2023, is being reissued, leading to reported installation problems. To resolve this, users can uninstall the older update and reinstall the current KB5001716 update for … Read more
March 5, 2024 at 02:28PM Microsoft has announced the end of support for Windows Subsystem for Android on March 5th, 2025. This feature allows users to run native Android apps in a virtualized environment on Windows 11. Amazon has also provided details on the end of support, with users able to continue using installed apps … Read more
March 2, 2024 at 10:58AM Microsoft recently patched a high-severity Windows Kernel vulnerability, CVE-2024-21338, which was actively exploited for six months after it was reported. The flaw allowed attackers to gain SYSTEM privileges without user interaction. Avast discovered that North Korean Lazarus hackers used the vulnerability to gain kernel-level access and evade security tools. Windows … Read more
March 1, 2024 at 08:57AM The US cybersecurity agency CISA added a high-severity elevation of privilege flaw in Microsoft Streaming Service to its Known Exploited Vulnerabilities catalog, warning of active exploitation. The flaw, tracked as CVE-2023-29360, could allow attackers to gain System privileges. CISA urges organizations to apply patches and has a deadline of March … Read more
February 29, 2024 at 12:54PM Microsoft has extended non-security preview updates for Windows 11 22H2 to mid-2025, based on user feedback, allowing more customers to benefit from continuous innovation. Different editions have varying support end dates, with forced installations of Windows 11 23H2 on eligible systems. This update addresses known issues, including glitches with desktop … Read more
February 29, 2024 at 07:09AM The Lazarus Group exploited a zero-day privilege escalation flaw in the Windows Kernel, gaining kernel-level access and disabling security software. Microsoft patched the vulnerability (CVE-2024-21338) as part of Patch Tuesday updates. The group used an in-the-wild admin-to-kernel exploit, allowing them to run the FudModule rootkit, bypass security checks, and disable … Read more
February 23, 2024 at 07:57AM The latest update for Microsoft’s Windows Photos app introduces a new generative erase tool powered by AI, enabling users to seamlessly remove unwanted objects from their photos with improved realism. This feature is being rolled out to Windows Insiders and will require an update to version 2024.11020.21001.0 or higher. Additionally, … Read more