August 7, 2024 at 04:31PM SafeBreach security researcher Alon Leviev disclosed at Black Hat 2024 two unpatched zero-days that can be exploited in downgrade attacks on up-to-date Windows 10, 11, and Windows Server systems. Microsoft issued advisories for CVE-2024-38202 and CVE-2024-21302, providing mitigation guidance. The vulnerabilities allow for system compromise, making fully patched systems susceptible … Read more
August 7, 2024 at 11:12AM SafeBreach Labs researcher Alon Leviev disclosed critical flaws in Microsoft’s Windows Update, enabling software downgrade attacks that render fully patched Windows machines susceptible to past vulnerabilities. Leviev demonstrated these downgrades at the recent Black Hat conference in Las Vegas and worked with Microsoft to develop a security update to mitigate … Read more
July 29, 2024 at 09:06AM Google apologized for an incident that affected its password manager for millions of Windows users, coinciding with Windows administrators mitigating the impact of a faulty CrowdStrike update. The issue, limited to Windows users on the M127 version of Chrome, prevented them from accessing saved passwords. The incident underscores the risks … Read more
July 26, 2024 at 06:59PM CrowdStrike’s update caused widespread disruption, particularly in healthcare, with over half of the Health Information Sharing and Analysis Center affected. Recovery efforts continue, with only 18% fully recovered as of July 25. Microsoft released a USB Recovery Tool, but some systems, especially in healthcare, require manual intervention. The outage may … Read more
July 25, 2024 at 02:41PM Microsoft has released the optional KB5040527 preview cumulative update for Windows 11 23H2 and 22H2, addressing issues with Windows Backup, upgrade failures, and Windows Defender Application Control. Users can install the update via Windows Update or from the Microsoft Update Catalog. This release comes with additional fixes and improvements and … Read more
July 23, 2024 at 05:52PM Microsoft released the July 2024 preview update for Windows 10, version 22H2 (KB5040525), offering fixes for issues such as Windows Defender Application Control causing app crashes and system memory exhaustion. This optional cumulative update aims to enhance the user experience by allowing administrators to test changes before the mandatory Patch … Read more
July 23, 2024 at 08:15AM CrowdStrike’s new technique is speeding up the system restoration process after millions of Windows devices experienced outages due to a faulty update. Despite Microsoft and CrowdStrike’s efforts, some organizations are still struggling. Threat actors are taking advantage of the situation with phishing and malware, including a new stealer called Daolpu. … Read more
July 22, 2024 at 08:02AM The July 19 CrowdStrike glitch caused widespread Microsoft outages, affecting 29,000 customers and paralyzing world sectors. Recovery is labor-intensive, requiring manual PC booting and could take days or weeks. Experts criticize CrowdStrike’s testing, rollout, and Friday update deployment. The incident raises regulatory scrutiny and attracts cyber adversaries. CrowdStrike faces challenges … Read more
July 21, 2024 at 09:30AM Microsoft reported that 8.5 million Windows devices were affected by a CrowdStrike software update causing major IT outages. They released a USB tool for IT administrators to expedite repairs, requiring a 64-bit Windows client with 8GB free space. Though impacting less than 1% of machines, Microsoft is deploying experts to … Read more
July 20, 2024 at 09:54AM Cybersecurity firm CrowdStrike issued additional technical information and remediation guidance in response to a faulty update that caused global IT outages. A logic error triggered critical system failures on Windows systems but did not affect Mac and Linux. CrowdStrike provided workaround steps and a Dashboard feature to assist affected organizations. … Read more