14 Nov, 2024

Microsoft patches Windows zero-day exploited in attacks on Ukraine

Suspected Russian hackers were caught exploiting a recently patched Windows vulnerability as a zero-day in ongoing attacks targeting Ukrainian entities. The security flaw (CVE-2024-43451) is an NTLM Hash Disclosure spoofing vulnerability reported by ClearSky security researchers, which can be exploited to steal the logged-in user’s NTLMv2 hash by forcing connections to a remote attacker-controlled server. […]

2 mins read

Microsoft fixes bugs causing Windows Server 2025 blue screens, install issues

Microsoft has fixed several bugs that cause install, upgrade, and Blue Screen of Death (BSOD) issues on Windows Server 2025 devices with a high core count. The symptoms include Windows Server 2025 installation or upgrading processes failing or hanging, as well as server boot and restarts taking as much as three hours (or even more […]

2 mins read

Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws

Today is Microsoft’s November 2024 Patch Tuesday, which includes security updates for 91 flaws, including four zero-days, two of which are actively exploited. This Patch Tuesday fixed four critical vulnerabilities, which include two remote code execution and two elevation of privileges flaws. The number of bugs in each vulnerability category is listed below: This count […]

12 mins read

Windows 11 KB5046617 and KB5046633 cumulative updates released

Microsoft has released the Windows 11 KB5046617 and KB5046633 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. Both KB5046617 and KB5046633 are mandatory cumulative updates as they contain the November 2024 Patch Tuesday security updates for vulnerabilities discovered in previous months. Windows 11 users can install today’s update by going to Start > Settings > Windows Update and clicking on ‘Check for Updates.’ You can […]

6 mins read

Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools

Microsoft has finally confirmed that some Windows Server 2019 and 2022 systems were “unexpectedly” upgraded to Windows Server 2025 on devices if updates were managed using third-party patch management tools. The company also updated the Windows release health dashboard on November 6 to say that Windows Server 2025 is now offered as an optional update on Windows […]

3 mins read

Windows 11 is adding a ‘Share’ button to the Start menu and Taskbar

Microsoft wants you to share content/items more frequently, so it’s now adding the “Share” button everywhere, including the Start menu and even the taskbar. Windows 11’s Share UI is a built-in feature that lets you quickly share content from apps or files. When you use the Share button, a panel appears showing options to share […]

1 min read

Microsoft says recent Windows 11 updates break SSH connections

Microsoft has confirmed that last month’s Windows security updates are breaking SSH connections on some Windows 11 22H2 and 23H2 systems. This newly acknowledged issue affects enterprise, IOT, and education customers, but the company says that only a “limited number” of devices are impacted. Microsoft is also investigating whether consumer customers using Windows 11 Home […]

2 mins read

Hackers increasingly use Winos4.0 post-exploitation kit in attacks

Hackers are increasingly targeting Windows users with the malicious Winos4.0 framework, distributed via seemingly benign game-related apps. The toolkit is the equivalent of Sliver and Cobalt Strike post-exploitation frameworks and it was documented by Trend Micro this summer in a report on attacks against Chinese users. At the time, a threat actor tracked as Void Arachne/Silver Fox lured victims […]

2 mins read

New SteelFox malware hijacks Windows PCs using vulnerable driver

A new malicious package called ‘SteelFox’ mines for cryptocurrency and steals credit card data by using the “bring your own vulnerable driver” technique to get SYSTEM privileges on Windows machines. The malware bundle dropper is distributed through forums and torrent trackers as a crack tool that activates legitimate versions of various software like Foxit PDF Editor, JetBrains and […]

3 mins read

Windows infected with backdoored Linux VMs in new phishing attacks

A new phishing campaign dubbed ‘CRON#TRAP’ infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks. Using virtual machines to conduct attacks is nothing new, with ransomware gangs and cryptominers using them to stealthily perform malicious activity. However, threat actors commonly install these manually after they breach a network. A […]

3 mins read