Search the Community

Windows Hotpatch is now avaialble for Windows 11 versoin 24H2 users. The first reports about Microsoft bringing this feature to the client version of Windows appeared in early 2024, and now, the feature is publicly available but with a big catch. For those unfamiliar with Windows Hotpatch, it is a feature found on server versions of the operating system. Hotpatching applies security updates to in-memory processes, thus eliminating the need for a reboot. In addition to making security updates more seamless for the end users (everyone hates those update prompts), the feature gives IT admins peace of mind that everyone within their organization can have the latest security update right here and right now, regardless of what people are doing or when they reboot their computers. With Windows Hotpatch, computers receive a single baseline update every quarter (a restart is necessary) with two months of hotpatches that do not require restarts (other updates might still require a restart). However, there is a catch. As of right now, Windows Hotpatch is only available for Windows 11 Enterprise version 24H2 (Windows 11 Enterprise E3, E5, F3, or Windows 11 Education A3, A5, or Windows 365 Enterprise). Windows 11 Home and Professional do not support hotpatching. Also, you need a PC with an Intel or AMD processor. ARM-based devices are also supported, but the feature currently remains in public preview. Microsoft says ARM PCs will receive Hotpatch support "at a later date." If you are interested, you can learn more about Windows Hotpatch here (announcement post) and here (documentation). If you are a regular user and Hotpatch does not apply to you, you might be interested in Quick Machine Recovery, which will help you fix computers that cannot boot by getting necessary updates and patches within Windows RE. QMR is currently in public testing, and Microsoft will bring it to all Windows 11 editions, including Home. Source Hope you enjoyed this news post. Thank you for appreciating my time and effort posting news every day for many years. News posts... 2023: 5,800+ | 2024: 5,700+ | 2025 (till end of March): 1,357 RIP Matrix | Farewell my friend

Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. Tracked as CVE-2024-43047 and CVE-2024-43093, the two issues are marked as exploited in limited, targeted attacks. "There are indications that the following may be under limited, targeted exploitation," says Google's advisory. The CVE-2024-43047 flaw is a high-severity use-after-free issue in closed-source Qualcomm components within the Android kernel that elevates privileges. The flaw was first disclosed in early October 2024 by Qualcomm as a problem in its Digital Signal Processor (DSP) service. CVE-2024-43093 is also a high-severity elevation of privilege flaw, this time impacting the Android Framework component and Google Play system updates, specifically in the Documents UI. Google did not disclose who discovered the CVE-2024-43093 vulnerability. While Google did not share any details on how the vulnerabilities were exploited, as researchers at Amnesty International discovered CVE-2024-43047, it could indicate that the flaw was used in targeted spyware attacks. Out of the remaining 49 flaws fixed this time, only one, CVE-2024-38408, is classified as critical, also impacting Qualcomm's proprietary components. The security issues fixed this month impact Android versions between 12 and 15, with some being limited to specific versions of the mobile operating system. Google issues two patch levels each month, in this case, November 1 (2024-11-01 Patch Level) and November 5 (2024-11-05 Patch Level). The first level addresses core Android vulnerabilities, with 17 issues this time, while the second patch level encompasses those plus vendor-specific fixes (Qualcomm, MediaTek, etc.), counting an additional 34 fixes this month. To apply the latest update, head to Settings > System > Software updates > System update. Alternatively, go to Settings > Security & privacy > System & updates > Security update. A restart will be required to apply the update. Android 11 and older are no longer supported but may receive security updates to critical issues for actively exploited flaws through Google Play system updates, though that's not guaranteed. The best course of action for devices still running those older releases should be either to replace them with newer models or use a third-party Android distribution that incorporates the latest security fixes. Source Hope you enjoyed this news post. Thank you for appreciating my time and effort posting news every day for many years. 2023: Over 5,800 news posts | 2024 (till end of October): 4,832 news posts RIP Matrix | Farewell my friend

Microsoft released emergency security updates for Edge, Teams, and Skype to patch two zero-day vulnerabilities in open-source libraries used by the three products. The first bug is a flaw tracked as CVE-2023-4863 and caused by a heap buffer overflow weakness in the WebP code library (libwebp), whose impact ranges from crashes to arbitrary code execution. The second one (CVE-2023-5217) is also caused by heap buffer overflow weakness in the VP8 encoding of the libvpx video codec library, which could lead to app crashes or allow arbitrary code execution following successful exploitation. The libwebp library is used by a large number of projects for encoding and decoding images in the WebP format, including modern web browsers like Safari, Mozilla Firefox, Microsoft Edge, Opera, and the native Android web browsers, as well as popular apps like 1Password and Signal. libvpx is used for VP8 and VP9 video encoding and decoding by desktop video player software and online streaming services like Netflix, YouTube, and Amazon Prime Video. "Microsoft is aware and has released patches associated with the two Open-Source Software security vulnerabilities, CVE-2023-4863 and CVE-2023-5217," Redmond revealed in a Microsoft Security Response Center advisory published Monday. The two security flaws only affect a limited number of Microsoft products, with the company patching Microsoft Edge, Microsoft Teams for Desktop, Skype for Desktop, and Webp Image Extensions against CVE-2023-4863 and Microsoft Edge against CVE-2023-5217. The Microsoft Store will automatically update all affected Webp Image Extensions users. However, the security update will not be installed if Microsoft Store automatic updates are disabled. Exploited in spyware attacks Both vulnerabilities were tagged as exploited in the wild when disclosed earlier this month, although there are no details on these attacks. However, the bugs were reported by Apple Security Engineering and Architecture (SEAR), Google Threat Analysis Group (TAG), and the Citizen Lab, the last two research teams with a proven record of finding and disclosing zero-days exploited in targeted spyware attacks. "Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Google said when revealing that CVE-2023-4863 has been exploited in the wild. "We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed." Google assigned a second CVE ID (CVE-2023-5129) to the libwebp security vulnerability, tagging it as a maximum severity bug, which caused confusion within the cybersecurity community. While a Google spokesperson did not reply to a request for comment, the new CVE ID was later rejected by MITRE for being a duplicate of CVE-2023-4863. Update: Revised article to remove incorrect link between CVE-2023-5217 and Predator spyware attacks. Source

Microsoft is ending support for Windows Server 2012 and Windows Server 2012 R2 in October 2023. Just like the recently dropped operating systems Windows 7 and Windows 8.1, Windows Server 2012 will not receive any more security updates, fixes and other updates after it reaches end of support. Enterprise customers have the option to extend support by up to three years by paying Microsoft the equivalent of a full licence price annually. Microsoft customers who are not eligible for the special treatment and those who don't want to pay Microsoft that much money for extending support may consider 0Patch's service instead. The company is also offering three years of extended support for Windows Server 2012 and 2012 R2, similarly to how it is still supporting Windows Server 2008 R2 with important security updates. Unlike Microsoft, it is making no distinction between customers and offering the service to anyone. 0Patch will support Windows Server 2012 and 2012 R2 with critical security patches until at least October 2026. Support may be extended further if there is enough demand after October 2026. Both Pro and Enterprise plans will support Server 2012 and Server 2012 R2 from October onward. Pricing is 24.95 EUR plus taxes for a single-user license and 34.95 EUR plus taxes for a single-user Enterprise license per year. 0Patch monitors critical security patches for supported operating systems and creates micropatches to address these. A wide range of Microsoft products are supported currently, including Windows 7, Windows Server 2008, Microsoft Edge and Microsoft Office 2013. The patches are applied in memory, which means that files are not modified by the security patches. Another difference to Microsoft updates is that the patches may be enabled and disabled while the system is running. There is no need for restarting the system to apply patches or undo a patch. To get started using 0Patch to secure Windows Server 2012 or Windows Server 2012 R2 for at least three years, customers need to create an 0Patch account at the site, install the latest security updates for the operating systems that Microsoft released, and install the 0Patch Agent software on the server and link it to the 0Patch account. Additional information about 0Patch's support for supplying Windows Server 2012 and Windows Server 2012 R2 with at least 3 years of security updates is available on the company's blog. Source

Mozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client. Tracked as CVE-2023-4863, the security flaw is caused by a heap buffer overflow in the WebP code library (libwebp), whose impact spans from crashes to arbitrary code execution. "Opening a malicious WebP image could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild," Mozilla said in an advisory published on Tuesday. Mozilla addressed the exploited zero-day in Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1, and Thunderbird 115.2.2. Even though specific details regarding the WebP flaw's exploitation in attacks remain undisclosed, this critical vulnerability is being abused in real-world scenarios. Hence, users are strongly advised to install updated versions of Firefox and Thunderbird to safeguard their systems against potential attacks. As Mozilla revealed in today's security advisory, the CVE-2023-4863 zero-day also impacts other software using the vulnerable WebP code library version. One of them is the Google Chrome web browser, which was patched against this flaw on Monday when Google warned that it's "aware that an exploit for CVE-2023-4863 exists in the wild." The Chrome security updates are rolling out to users in the Stable and Extended stable channels and are expected to reach the entire user base over the coming days or weeks. Apple's Security Engineering and Architecture (SEAR) team and The Citizen Lab at the University of Toronto's Munk School were the ones who reported the bug on September 6th. The security researchers at Citizen Lab also have a history of identifying and disclosing zero-day vulnerabilities frequently exploited in targeted espionage campaigns led by government-affiliated threat actors. These campaigns typically focus on individuals at significant risk of attack, including journalists, opposition politicians, and dissidents. On Thursday, Apple also patched two zero-days tagged by Citizen Lab as exploited in the wild as part of an exploit chain dubbed BLASTPASS to deploy NSO Group's Pegasus mercenary spyware onto fully patched iPhones. Today, the BLASTPASS patches were also backported to older iPhone models, including iPhone 6s models, the iPhone 7, and the first generation of iPhone SE. Source

A few days ago, Apple released an update to patch a couple of security flaws in its current operating systems. The company has now released iOS 15.7.9, iPadOS 15.7.9, macOS 12.6.9, macOS 11.7.10 to fix one of the security issues that affected older devices. In case you missed it, here's what happened last week. Researchers at The Citizen Lab at The University of Toronto's Munk School, who had been analyzing an iPhone belonging to a member of a civil society organization in Washington, had discovered that the device was targeted in a Pegasus mercenary spyware attack. The experts had also found that the attack used a zero-day, zero-click vulnerability which required no interaction from the user. There was not just one, but two security loopholes in the operating systems, that had been targeted by cybercriminals. The researchers had quickly reached out to Apple to report about the issues and to share their findings with the company, to help protect other users from similar targeted attacks. Apple's Security Engineering and Architecture team had acknowledged the bugs, and confirmed the fact that the flaws have been actively exploited by hackers. The Cupertino company released a patch a few days ago, to fix the flaws in the iOS 16.6.1, iPadOS 16.6.1, and macOS Ventura 13.5.2 updates. Interestingly, Apple had confirmed to the folk at Citizen Lab that Lockdown Mode, which is available for the three operating systems, had been successful in preventing the security attack. This feature is not available in older versions of iOS, iPadOS, and macOS, so the only way to stay safe is to keep your device up to date with the latest security updates. Apple releases iOS 15.7.9, iPadOS 15.7.9, macOS 12.6.9, macOS 11.7.10 Since Apple had not released an update for older versions of its operating systems last week, I had speculated that the vulnerabilities possibly didn't affect older versions of macOS, but I was wrong. Or was I partially right? According to the release notes that have been published on the company's website, only one of the 2 actively exploited issues that I mentioned in the previous article, were found to impact macOS 11 Big Sur and macOS 12 Monterey. And as it turns out, it appears that iOS 15 and iPadOS 15 were also vulnerable to the security risk. The good news is Apple has patched the issue on all 4 operating systems, in order to protect users who have the old devices. The security loophole in question, which was tracked under CVE-2023-41064, could allow maliciously crafted images to lead to arbitrary code execution. Apple fixed a buffer overflow issue with improved memory handling, to mitigate the problem. The security patch is available as part of the following updates: iOS 15.7.9, iPadOS 15.7.9, macOS 12.6.9 Monterey, macOS 11.7.10 Big Sur. iPhones and iPads that are eligible for receiving the update include the iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation). It's great to see that Apple is being responsible in patching out security issues in iPhones that were released 7 years ago. It is even more impressive if you consider the fact that some Macs which run on Big Sur were launched over a decade ago. Apple will release iOS 17 and iPadOS 17 today, during the iPhone 15 launch event. Source

ASUS has released new firmware with cumulative security updates that address vulnerabilities in multiple router models, warning customers to immediately update their devices or restrict WAN access until they're secured. As the company explains, the newly released firmware contains fixes for nine security flaws, including high and critical ones. The most severe of them are tracked as CVE-2022-26376 and CVE-2018-1160. The first is a critical memory corruption weakness in the Asuswrt firmware for Asus routers that could let attackers trigger denial-of-services states or gain code execution. The other critical patch is for an almost five-year-old CVE-2018-1160 bug caused by an out-of-bounds write Netatalk weakness that can also be exploited to gain arbitrary code execution on unpatched devices. "Please note, if you choose not to install this new firmware version, we strongly recommend disabling services accessible from the WAN side to avoid potential unwanted intrusions. These services include remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger," ASUS warned in a security advisory published today. "We strongly encourage you to periodically audit both your equipment and your security procedures, as this will ensure that you will be better protected." The list of impacted devices includes the following models: GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000, and TUF-AX5400. Customers are urged to patch immediately ASUS warned users of impacted routers to update them to the latest firmware as soon as possible, available via the support website, each product's page, or via links provided in today's advisory. The company also recommends creating distinct passwords for the wireless network and router administration pages of at least eight characters (combining uppercase letters, numbers, and symbols) and avoiding using the same password for multiple devices or services. The support website also provides detailed information on updating the firmware to the latest version and the measures users can take to make their routers more secure. ASUS' warning should be taken seriously, seeing that the company's products have been known to be targeted by botnets before. For instance, in Mach 2022, ASUS warned of Cyclops Blink malware attacks targeting multiple ASUS router models to gain persistence and use them for remote access into compromised networks. One month earlier, in February 2022, a joint security advisory from U.S. and U.K. cybersecurity agencies linked the Cyclops Blink botnet to the Russian military Sandworm threat group before disrupting it and preventing its use in attacks. Source

Google has released the monthly security updates for Android operating system, which comes with fixes for 46 vulnerabilities. Three of the issues are likely actively exploited in the wild. “There are indications that the following [vulnerabilities] may be under limited, targeted exploitation,” reads Google’s bulletin, highlighting CVE-2023-26083, CVE-2021-29256, and CVE-2023-2136. CVE-2023-26083 is a medium-severity memory leak flaw in the Arm Mali GPU driver for Bifrost, Avalon, and Valhall chips, which was leveraged in an exploit chain that delivered spyware to Samsung devices in December 2022. The vulnerability was deemed sufficiently severe to trigger a CISA order for federal agencies to patch it in April 2023. CVE-2021-29256 is a high-severity (CVSS v3.1: 8.8) unprivileged information disclosure and root privilege escalation flaw also impacting specific versions of the Bifrost and Midgard Arm Mali GPU kernel drivers. The third vulnerability is a critical-severity one with a score of 9.6 out of 10, identified as CVE-2023-2136. It is an integer overflow bug in Skia, Google’s open-source multi-platform 2D graphics library that is also used in Chrome, where it was fixed in April. The most severe of the security problems that Google fixed this month is CVE-2023-21250, a critical vulnerability in Android’s System component that impacts Android versions 11, 12, and 13. Exploiting CVE-2023-21250 could lead to remote code execution with no user interaction or additional execution privileges, Google says without providing extra details. The update follows the standard system of releasing two patch levels, one (2023-07-01) for core Android components (framework) and a second (2023-07-05) for kernel and closed source components, allowing device manufacturers to selectively apply what concerns their models’ hardware. Those getting the first patch level receive the current month’s framework updates and both levels of the previous month, in this case, June 2023. Users who see the second patch level on their update screen get all the above, plus the July 2023 vendor and kernel patches. This month’s Android security update covers Android versions 11, 12, and 13, but depending on the scope of the addressed vulnerabilities, they may impact older OS versions that are no longer supported. In those cases, replacing your device with a newer model or installing a third-party Android distribution that implements security updates for older devices, albeit at a delay, would be advisable. Source

Mozilla has released security updates for multiple products to address zero-day vulnerabilities exploited during the Pwn2Own Vancouver 2022 hacking contest. If exploited, the two critical flaws can let attackers gain JavaScript code execution on mobile and desktop devices running vulnerable versions of Firefox, Firefox ESR, Firefox for Android, and Thunderbird. The zero-days have been fixed in Firefox 100.0.2, Firefox ESR 91.9.1, Firefox for Android 100.3, and Thunderbird 91.9.1. Manfred Paul (@_manfp) earned $100,000 and 10 Master of Pwn points after demoing prototype pollution and improper input validation bugs on the first day of Pwn2Own. The first vulnerability is a prototype pollution in Top-Level Await implementation (tracked as CVE-2022-1802) that can let an attacker corrupt the methods of an Array object in JavaScript using prototype pollution to achieve JavaScript code execution in a privileged context. The second one (CVE-2022-1529) allows attackers to abuse Java object indexing improper input validation in prototype pollution injection attacks. "An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process," Mozilla explained. The Cybersecurity and Infrastructure Security Agency (CISA) also encouraged admins and users on Monday to patch these security flaws, given that threat actors could exploit them to "take control of an affected system." Mozilla patched these vulnerabilities two days after they were exploited and reported at the Pwn2Own hacking contest by Manfred Paul. However, vendors don't usually hurry to release patches after Pwn2Own since they have 90 days to push security fixes until Trend Micro's Zero Day Initiative publicly discloses them. Pwn2Own 2022 Vancouver ended on May 20 after 17 competitors earned $1,155,000 for zero-day exploits and exploit chains demonstrated over three days after 21 attempts. Security researchers also earned $400,000 for 26 zero-day exploits targeting ICS and SCADA products demoed between April 19 and April 21 during the 2022 Pwn2Own Miami contest. Mozilla fixes Firefox, Thunderbird zero-days exploited at Pwn2Own

WordPress force installs Jetpack security update on 5 million sites Automattic, the company behind the WordPress content management system, force deploys a security update on over five million websites running the Jetpack WordPress plug-in. Jetpack is a remarkably popular WordPress plug-in that provides free security, performance, and website management features, including brute-force attack protection, site backups, secure logins, and malware scanning. The plugin has more than 5 million active installations, and it is developed and maintained by Automattic, the company behind WordPress. No in the wild exploitation The vulnerability was found in the Carousel feature and its option to display comments for each image, with nguyenhg_vcs being the one credited for responsibly disclosing the security bug. No other details are available regarding this security flaw to protect the sites that haven't yet been updated. However, we do know that Automattic addressed it with added authorization logic. The announcement made by Automattic says the bug impacts all versions starting with the Jetpack 2.0 release and going back to November 2012. The Jetpack development team added that it found no evidence that the vulnerability has been exploited in the wild. "However, now that the update has been released, it is only a matter of time before someone tries to take advantage of this vulnerability," the developers warn. Jetpack patch Automattic is force installing patched versions on all websites running vulnerable Jetpack versions, with most sites already having been updated. "To help you in this process, we worked with the WordPress.org Security Team to release patched versions of every version of Jetpack since 2.0," Automattic said. "Most websites have been or will soon be automatically updated to a secured version." Currently, download stats available on the WordPress Plugins site confirm that the security updates have been pushed to most if not all exposed websites. Jetpack downloads history Forced updates used to patch critical bugs affecting millions This is not the first time Automattic used the automated deployment of security updates to patch vulnerable plug-ins or WordPress installations. WordPress lead developer Andrew Nacin stated in 2015 that the company had used automated updates only five times since its launch. Samuel Wood, another WordPress developer, added in October 2020 that Automattic used the forced security updates feature to push "security releases for plugins many times" since WordPress 3.7 was released. This hints at the fact that Automattic deploys forced updates to patch plug-ins used by millions of sites against critical security vulnerabilities. For instance, in 2019, Jetpack received a critical security update to fix a bug in the way the plug-in processed embed code. Another security update addressed an issue found during an internal audit of the Contact Form block in December 2018. A May 2016 critical security update patched a vulnerability in the way some Jetpack shortcodes were processed. In related news, in 2018, threat actors also found a method to install backdoored plugins on WordPress websites using weakly protected WordPress.com accounts and Jetpack's remote management feature. WordPress force installs Jetpack security update on 5 million sites

Microsoft announce extension of security updates for Windows Server 2008, 2012 and SQL Server 2012 The internet has become increasingly dangerous, making it very difficult for Microsoft to simply abandon old software which is often running important infrastructure. At Inspire 2021 Microsoft announced that they will continue to release Extended Security Updates for Windows Server 2008 and 2012, and for SQL Server 2012. Windows Server 2012 and 2012 R2 was set to exit Extended Support on the 10th October 2023, but Microsoft has confirmed that this will be pushed back 3 years, while SQL Server 2012 will also get another 3 years beyond its earlier July 12, 2022 end of support date. Extended support of course costs a pretty penny, but Microsoft is prepared to offer it for free if you move your Windows Server to their Azure cloud using Azure Hybrid Benefit, which Microsoft says is the cheapest way to run Windows Server and SQL Server in the cloud. If you decide to stay on-prem, Microsoft is demanding a price escalator, with year one of support costing three-quarters of your licence costs, year two the price will be at full price, and in year three Extended Security Updates will cost 125 per cent of the license cost. Read all the detail at Microsoft here. via The Register Microsoft announce extension of security updates for Windows Server 2008, 2012 and SQL Server 2012

Microsoft releases mandatory Windows updates to fix PrintNightmare exploit [Update] Earlier last week, Microsoft acknowledged that it was investigating a critical vulnerability in Windows 10 that when exploited could let attackers run arbitrary code on the victim’s system. The vulnerability, tracked under CVE-2021-34527, is present in the Windows Print Spooler service and is termed print "PrintNightmare" that can allow for remote code execution (RCE). As the vulnerability was still being investigated, the Redmond firm listed two possible workarounds to mitigate the risks caused by the bug. Today, the firm has provided an update in the Microsoft Security Response Center (MSRC) listing for the vulnerability noting that it is rolling out a patch for the latest Windows 10 versions to address the issue. The update, KB5004945, is currently rolling out to the three most recent Windows 10 versions, 2004, 20H2, and 21H1, bumping them to Windows 10 builds 19041.1083, 19042.1083, and 19043.1083, respectively. Since these versions are based on the same codebase, the updates are identical for all the versions. The changelog and documentation for the update are yet to go live. Considering that these are security updates to fix a critical vulnerability, they are mandatory updates and are downloaded automatically through Windows Update. Users can also manually download the patch from the Update Catalog here. Future patches, such as the upcoming Patch Tuesday updates, will contain these fixes. There is no word from the firm on how the vulnerability affects older versions of the OS, though it notes that it has completed the investigation of the issue. The updates today are only rolling out to the three most recent and fully supported Windows 10 versions, but it will not be surprising to see a patch being made available for older versions still being supported for Enterprise and Education customers sooner, as the firm notes that supported Windows versions that do not receive an update today will get one "shortly after July 6". For those unaware, the PrintNightmare vulnerability is caused by the Print Spooler service not restricting access to a function that is used to install printer drivers remotely. An attacker that gains unrestricted access can execute arbitrary code with SYSTEM privileges, examples of which are already available on the web. Considering the severity of the vulnerability, it is best for all users to update to the latest build as soon as possible. Update: The patches are available for most supported Windows 10, Windows 8.1, and Windows 7 (ESU users). You can either update via Windows Update, or head to the MSRC document to find links to the requisite Update Catalog pages. The company has also provided the KB article links, but as is the case these days, those pages are yet to be updated. Windows 10 version 1607, Windows Server 2012, and Windows Server 2016 are yet to receive updates. Here is the complete list of links posted by the firm: Product Severity Article Download Windows Server 2012 R2 (Server Core installation) Critical 5004954 Monthly Rollup Windows Server 2012 R2 (Server Core installation) Critical 5004958 Security Only Windows Server 2012 R2 Critical 5004954 Monthly Rollup Windows Server 2012 R2 Critical 5004958 Security Only Windows Server 2012 (Server Core installation) Critical Windows Server 2012 Critical Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Critical 5004953 Monthly Rollup Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Critical 5004951 Security Only Windows Server 2008 R2 for x64-based Systems Service Pack 1 Critical 5004953 Monthly Rollup Windows Server 2008 R2 for x64-based Systems Service Pack 1 Critical 5004951 Security Only Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Critical 5004955 Monthly Rollup Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Critical 5004959 Security Only Windows Server 2008 for x64-based Systems Service Pack 2 Critical 5004955 Monthly Rollup Windows Server 2008 for x64-based Systems Service Pack 2 Critical 5004959 Security Only Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Critical 5004955 Monthly Rollup Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Critical 5004959 Security Only Windows Server 2008 for 32-bit Systems Service Pack 2 Critical 5004955 Monthly Rollup Windows Server 2008 for 32-bit Systems Service Pack 2 Critical 5004959 Security Only Windows 8.1 for x64-based systems Critical 5004954 Monthly Rollup Windows 8.1 for x64-based systems Critical 5004958 Security Only Windows 8.1 for 32-bit systems Critical 5004954 Monthly Rollup Windows 8.1 for 32-bit systems Critical 5004958 Security Only Windows 7 for x64-based Systems Service Pack 1 Critical 5004953 Monthly Rollup Windows 7 for x64-based Systems Service Pack 1 Critical 5004951 Security Only Windows 7 for 32-bit Systems Service Pack 1 Critical 5004953 Monthly Rollup Windows 7 for 32-bit Systems Service Pack 1 Critical 5004951 Security Only Windows Server 2016 (Server Core installation) Critical Windows Server 2016 Critical Windows 10 Version 1607 for x64-based Systems Critical Windows 10 Version 1607 for 32-bit Systems Critical Windows 10 for x64-based Systems Critical 5004950 Security Update Windows 10 for 32-bit Systems Critical 5004950 Security Update Windows Server, version 20H2 (Server Core Installation) Critical 5004945 Security Update Windows 10 Version 20H2 for ARM64-based Systems Critical 5004945 Security Update Windows 10 Version 20H2 for 32-bit Systems Critical 5004945 Security Update Windows 10 Version 20H2 for x64-based Systems Critical 5004945 Security Update Windows Server, version 2004 (Server Core installation) Critical 5004945 Security Update Windows 10 Version 2004 for x64-based Systems Critical 5004945 Security Update Windows 10 Version 2004 for ARM64-based Systems Critical 5004945 Security Update Windows 10 Version 2004 for 32-bit Systems Critical 5004945 Security Update Windows 10 Version 21H1 for 32-bit Systems Critical 5004945 Security Update Windows 10 Version 21H1 for ARM64-based Systems Critical 5004945 Security Update Windows 10 Version 21H1 for x64-based Systems Critical 5004945 Security Update Windows 10 Version 1909 for ARM64-based Systems Critical 5004946 Security Update Windows 10 Version 1909 for x64-based Systems Critical 5004946 Security Update Windows 10 Version 1909 for 32-bit Systems Critical 5004946 Security Update Windows Server 2019 (Server Core installation) Critical 5004947 Security Update Windows Server 2019 Critical 5004947 Security Update Windows 10 Version 1809 for ARM64-based Systems Critical 5004947 Security Update Windows 10 Version 1809 for x64-based Systems Critical 5004947 Security Update Windows 10 Version 1809 for 32-bit Systems Critical 5004947 Security Update Update 2: The KB articles are now live for those interested in reading through the changelog. For Windows 10, the changelog is mostly similar across versions. Here is how the firm details the update: Addresses a remote code execution exploit in the Windows Print Spooler service, known as “PrintNightmare”, as documented in CVE-2021-34527. After installing this and later Windows updates, users who are not administrators can only install signed print drivers to a print server. By default, administrators can install signed and unsigned printer drivers to a print server. The installed root certificates in the system’s Trusted Root Certification Authorities trusts signed drivers. Microsoft recommends that you immediately install this update on all supported Windows client and server operating system, starting with devices that currently host the print server role. You also have the option to configure the RestrictDriverInstallationToAdministrators registry setting to prevent non-administrators from installing signed printer drivers on a print server. For more information, see KB5005010. Microsoft releases mandatory Windows updates to fix PrintNightmare exploit [Update]

If your browser is prompting you to restart now may be a good time to do so. Microsoft and Google have released an urgent fix for a browser vulnerability in their Chromium-based browsers which can be exploited simply by visiting a web page or clicking a link. According to the BSI: Several vulnerabilities in Google Chrome and Microsoft Chrome-based Edge have been disclosed. An attacker can exploit this with unknown effects. To exploit it, it is sufficient to call up a maliciously designed website or to click a link to such a page. The vulnerabilities have been judged as Risk level 4, meaning they are high impact and easy to exploit. Microsoft has updated their Edge browser to version 92.0.902.78 and list 6 vulnerabilities fixed by the update: CVE-2021-30604,CVE-2021-30603, CVE-2021-30602,CVE-2021-30601, CVE-2021-30599, CVE-2021-30598 Unfortunately, more details regarding the exploits are not available yet. The Chrome browser is affected by the same issues – simply restarting your browser should be sufficient to install the updates. via Winfuture. Microsoft and Google release urgent browser security update for Risk Level 4 Drive-by exploit

May Android security updates patch 4 zero-days exploited in the wild According to info provided by Google's Project Zero team, four Android security vulnerabilities were exploited in the wild as zero-day bugs before being patched earlier this month. Attacks attempting to exploit these flaws were targeted and impacted a limited number of users based on information shared after this month's Android security updates were published. "There are indications that CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664 may be under limited, targeted exploitation," a recently updated version of the May 2021 Android Security Bulletin reveals. For 2021, we've surpassed the number of 0-days detected in-the-wild in all of 2020. That's great!https://t.co/o4F74b68Fh — Maddie Stone (@maddiestone) May 19, 2021 The four Android vulnerabilities impact Qualcomm GPU and Arm Mali GPU Driver components. Qualcomm and Arm have published further details on each vulnerability via security advisories issued separately [1, 2]. Android users are recommended to install this month's security updates as soon as possible if they are impacted by these issues. CVE-ID CVE-2021-1905 Impact Qualcomm - Use After Free in Graphics. Possible use after free due to improper handling of memory mapping of multiple processes simultaneously. CVE-2021-1906 Qualcomm - Detection of Error Condition Without Action in Graphics. Improper handling of address deregistration on failure can lead to new GPU address allocation failure. CVE-2021-28663 ARM - Mali GPU Kernel Driver allows improper operations on GPU memory. A non-privileged user can make improper operations on GPU memory to enter into a use-after-free scenario and may be able to gain root privilege, and/or disclose information. CVE-2021-28664 ARM - Mali GPU Kernel Driver elevates CPU RO pages to writable. A non-privileged user can get a write access to read-only memory, and may be able to gain root privilege, corrupt memory and modify the memory of other processes. This month's Android security updates also include patches for critical vulnerabilities in the System component that could be exploited by remote attackers using specially crafted files to execute arbitrary malicious code within the context of a privileged process. Regrettably, users who haven't switched to new devices that still receive monthly security updates might not be able to install these patches. To put things into perspective, more than 9% of all Android devices are still running Android 8.1 Oreo (released in December 2017), and roughly 19% Android Pie 9.0 (released in August 2018), according to StatCounter data. In December, Qualcomm also addressed a high severity security vulnerability in Mobile Station Modem (MSM) chips (including the latest 5G-capable versions) that could allow attackers to access smartphone users' text messages, call history, and listen in on their conversations. Last year, Qualcomm fixed more vulnerabilities impacting the Snapdragon chip Digital Signal Processor (DSP) chip and enabling attackers to take control of smartphones without user interaction and create unremovable malware that can evade detection. Other bugs that could allow decrypting some WPA2-encrypted wireless network packets, accessing critical data, and two flaws in the Snapdragon SoC WLAN firmware allowing over the air compromise of the modem and the Android kernel were also patched during the last two years. Source: May Android security updates patch 4 zero-days exploited in the wild

Google has released the March 2022 security updates for Android 10, 11, and 12, addressing three critical severity flaws, one of which affects all devices running the latest version of the mobile OS. Tracked as CVE-2021-39708, the flaw lies in the Android System component, and it's an escalation of privilege problem requiring no user interaction or additional execution privileges. "The most severe of these issues is a critical security vulnerability in the System component that could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." - mentions Google's bulletin. The other two critical flaws are CVE-2021-1942 and CVE-2021-35110, both affecting closed-source components on Qualcomm-based devices. For a full list of which Qualcomm chipsets are affected by these two vulnerabilities, check out the chipmaker's security bulletin. No further technical details have been published for any of the fixed vulnerabilities, as doing so would put users running an older patch level at risk. Other fixes that land with the March 2022 update are: 1 medium severity escalation of privilege flaw in Android runtime (version 12) 5 high severity escalation of privileges flaws in Android Framework (versions 10, 11, 12) 2 high severity denial of service flaws in Android Framework (version 12) 1 high severity information disclosure in Media Framework (versions 10, 11, 12) 8 high severity escalation of privilege flaws in System (versions 10, 11, 12) 1 high severity information disclosure flaw in System (versions 10, 11, 12) 4 high severity escalation of privilege flaws in Kernel 1 high severity information disclosure in Kernel 3 high severity flaws in MediaTek components 10 high severity flaws in Qualcomm components As is the case every month, Google has released two patch levels for March 2022, one denoted as "2022-03-01" and one as "2022-03-05". The second patch level includes everything in the first set plus fixes for third-party closed source and Kernel components that may not apply to all devices. As such, your device vendor may choose to push the first level to save on roll-out time, and it won't necessarily mean that you are left vulnerable to exploitation. With the only exception being Google's Pixel line which receives these security updates immediately, all other vendors will need some time to bundle the patches for each of their models, as different hardware configurations require dedicated testing and fine-tuning. If you are running anything older than Android 10, consider upgrading to a new and actively supported device or flashing your existing with a third-party Android ROM that's based on a recent AOSP version. Android's March 2022 security updates fix three critical bugs

Google released another point release update for Google Chrome 108 Stable that addresses 8 security issues in the web browser. This is the second security update for Chrome 108, which itself fixed 28 security issues in the browser as well. The first Chrome 108 point release update fixed a security issue that was exploited in the wild at the time. The new Chrome update, released today, fixes issues that do not appear to be exploited yet, as Google makes no mention of that on the Chrome Releases website. Chrome 108: second security update The security update is already available for all supported desktop operating systems and for Android. As usual, it is possible to download the update immediately on desktop systems by opening chrome://settings/help in the browser's address bar. Chrome displays the installed version on the page and runs a check for updates. Any update found is downloaded and installed automatically. A restart is required to complete the update. The following versions of Chrome should be displayed after installation of the update: Chrome for Mac and Linux: 108.0.5359.124 Chrome for Windows: 108.0.5359.124 or 108.0.5359.125 Chrome Extended for Mac:108.0.5359.124 Chrome Extended for Windows: 108.0.5359.125 Chrome for Android: 108.0.5359.128 Just compare the version shown on the Help Settings page with the listed version above. Google reveals information about five of the eight security issues on the blog. The company does not disclose security issues that it discovered internally. There is no critical security issue, but four are rated high and one is rated medium. [$7000][1383991] High CVE-2022-4436: Use after free in Blink Media. Reported by Anonymous on 2022-11-15 [$6000][1394692] High CVE-2022-4437: Use after free in Mojo IPC. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-11-30 [$1500][1381871] High CVE-2022-4438: Use after free in Blink Frames. Reported by Anonymous on 2022-11-07 [$TBD][1392661] High CVE-2022-4439: Use after free in Aura. Reported by Anonymous on 2022-11-22 [$3000][1382761] Medium CVE-2022-4440: Use after free in Profiles. Reported by Anonymous on 2022-11-09 Desktop versions of Chrome and the Android version are affected by the security issues. Administrators may want to update Chrome to the new version as soon as possible to protect devices against potential attacks targeting the security issues. The next major Chrome release is scheduled for January 10, 2023. Expect other Chromium-based browsers to release updates as well to fix the issues in their browsers. Google Chrome 108 security update fixes 8 security issues

Google has released a security update for its Chrome desktop and Android browsers. The update brings the stable channel version of Chrome to 103.0.5060.134 on the desktop, and to 103.0.5060.129 on Android. The security update is already available. Most Chrome browsers will receive the update automatically, thanks to the built-in automatic updating functionality. Chrome users may speed up the installation of the security update on desktop versions of Chrome by loading chrome://settings/help in the browser's address bar. The current version is displayed on the page and Chrome runs a check for updates to find out if a new version is available. If not installed already, Chrome will download and install the security update. A restart is required to complete the upgrade. The Android version of Chrome does not support such an option, as updates are distributed exclusively via Google Play. Google Chrome 103 security fixes Google published an article on the Chrome Releases Blog to inform Chrome users and administrators about the update. The blog post confirms that 11 different security issues are patched in the new Chrome release. Six of these, all reported by third-party researchers, are mentioned specifically on the blog. Google does not list security issues that it found internally on the blog. The maximum severity rating of all 11 security issues is high, the second highest after critical. Here is the full list as reported by Google: [$16000][1336266] High CVE-2022-2477 : Use after free in Guest View. Reported by anonymous on 2022-06-14 [$7500][1335861] High CVE-2022-2478 : Use after free in PDF. Reported by triplepwns on 2022-06-13 [$3000][1329987] High CVE-2022-2479 : Insufficient validation of untrusted input in File. Reported by anonymous on 2022-05-28 [$NA][1339844] High CVE-2022-2480 : Use after free in Service Worker API. Reported by Sergei Glazunov of Google Project Zero on 2022-06-27 [$TBD][1341603] High CVE-2022-2481: Use after free in Views. Reported by YoungJoo Lee(@ashuu_lee) of CompSecLab at Seoul National University on 2022-07-04 [$7000][1308341] Low CVE-2022-2163: Use after free in Cast UI and Toolbar. Reported by Chaoyuan Peng (@ret2happy) on 2022-03-21 Google makes no mention of attacks in the wild. It is still recommended to update Chrome to the latest version as soon as possible. Google released the first Chrome 103 release earlier this month; this update included a fix for a 0-day vulnerability that was exploited in the wild. Now You: do you use Google Chrome? Google Chrome 103 update fixes 11 security issues Frontpaged: Google Chrome 103.0.5060.134

Microsoft has released security updates and non-security updates for client and server versions of its Windows operating system and other company products, including Microsoft Office, on the April 12, 2022 Patch Tuesday. The updates are already available via Windows Updates, other update management products and services, and as direct downloads. Our overview assists home users and system administrators in understanding the updates and getting the information they need to update products that they use. The guide includes direct download links, links to support websites, information about critical updates, known issues, and other bits that are important when it comes to updating. You can check out the March 2022 Microsoft update guide here. Microsoft Windows Security Updates: March 2022 The following Excel spreadsheet includes the released security updates for Windows and other company products. Just download it with a click on the following link: microsoft-windows-security-updates-april-2022 Executive Summary All supported client and server versions of Windows are affected by at least 4 critical security issues. Windows clients with known issues: Windows 7, Windows 8.1, Windows 10 version 1607, 1809, 1909, 20H2, 21H1, 21H2, and Windows 11 Windows server versions with known issues: Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, and 2022 Other Microsoft products with security updates: .NET Framework, Azure SDK, Active Directory Domain Services, Azure Site Recovery, Microsoft Edge, LDAP, Visual Studio, Microsoft Office, and others. Windows 10 version 20h2 Pro and Home are reaching end of servicing next month. Operating System Distribution Windows 7 (extended support only): 41 vulnerabilities: 4 critical and 37 important Windows SMB Remote Code Execution Vulnerability -- CVE-2022-24500 Windows Server Service Remote Code Execution Vulnerability -- CVE-2022-24541 Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2022-26809 Windows LDAP Remote Code Execution Vulnerability -- CVE-2022-26919 Windows 8.1: 51 vulnerabilities: 7 critical and 44 important Windows SMB Remote Code Execution Vulnerability -- CVE-2022-24500 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24497 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-22008 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24491 Windows Server Service Remote Code Execution Vulnerability -- CVE-2022-24541 Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2022-26809 Windows LDAP Remote Code Execution Vulnerability -- CVE-2022-26919 Windows 10 version 1909: 68 vulnerabilities: 8 critical and 60 important Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24497 Windows SMB Remote Code Execution Vulnerability -- CVE-2022-24500 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-22008 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-24537 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24491 Windows Server Service Remote Code Execution Vulnerability -- CVE-2022-24541 Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2022-26809 Windows LDAP Remote Code Execution Vulnerability -- CVE-2022-26919 Windows 10 version 20H2, 21H1 and 21H2 : 72 vulnerabilities, 9 critical and 63 important Windows LDAP Remote Code Execution Vulnerability -- CVE-2022-26919 Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2022-26809 Windows Server Service Remote Code Execution Vulnerability -- CVE-2022-24541 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24491 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-24537 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-23257 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-22008 Windows SMB Remote Code Execution Vulnerability -- CVE-2022-24500 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24497 Windows 11: 69 vulnerabilities, 9 critical and 60 important Windows LDAP Remote Code Execution Vulnerability -- CVE-2022-26919 Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2022-26809 Windows Server Service Remote Code Execution Vulnerability -- CVE-2022-24541 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24491 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-24537 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-23257 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-22008 Windows SMB Remote Code Execution Vulnerability -- CVE-2022-24500 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24497 Windows Server products Windows Server 2008 R2 (extended support only): 51 vulnerabilities: 4 critical and 47 important Windows SMB Remote Code Execution Vulnerability -- CVE-2022-24500 Windows Server Service Remote Code Execution Vulnerability -- CVE-2022-24541 Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2022-26809 Windows LDAP Remote Code Execution Vulnerability -- CVE-2022-26919 Windows Server 2012 R2: 66 vulnerabilities: 5 critical and 22 important Windows SMB Remote Code Execution Vulnerability -- CVE-2022-24500 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24497 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-22008 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24491 Windows Server Service Remote Code Execution Vulnerability -- CVE-2022-24541 Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2022-26809 Windows LDAP Remote Code Execution Vulnerability -- CVE-2022-26919 Windows Server 2016: 86 vulnerabilities: 8 critical and 78 important Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24497 Windows SMB Remote Code Execution Vulnerability -- CVE-2022-24500 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-22008 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-24537 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24491 Windows Server Service Remote Code Execution Vulnerability -- CVE-2022-24541 Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2022-26809 Windows LDAP Remote Code Execution Vulnerability -- CVE-2022-26919 Windows Server 2019: 93 vulnerabilities: 0critical and 28 important Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24497 Windows SMB Remote Code Execution Vulnerability -- CVE-2022-24500 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-22008 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-24537 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24491 Windows Server Service Remote Code Execution Vulnerability -- CVE-2022-24541 Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2022-26809 Windows LDAP Remote Code Execution Vulnerability -- CVE-2022-26919 Windows Server 2022: 98 vulnerabilities: 0 critical and 28 important Windows LDAP Remote Code Execution Vulnerability -- CVE-2022-26919 Remote Procedure Call Runtime Remote Code Execution Vulnerability -- CVE-2022-26809 Windows Server Service Remote Code Execution Vulnerability -- CVE-2022-24541 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24491 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-24537 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-23257 Windows Hyper-V Remote Code Execution Vulnerability -- CVE-2022-22008 Windows SMB Remote Code Execution Vulnerability -- CVE-2022-24500 Windows Network File System Remote Code Execution Vulnerability -- CVE-2022-24497 Windows Security Updates Windows 7 SP1 and Windows Server 2008 R2 Monthly Rollup: KB5012626 Security-Only: KB5012649 Updates and improvements: Fixed a Windows Media Center issue that had users configure the application on each start. Fixed a memory leak that was introduced in the November 2021 cumulative update. It caused a decrease in performance on domain controllers. Fixed an issue that could cause Event ID 37 to be logged during password change scenarios. Fixed an Access Denied error when writing a service principal name alias and Host/Name already exists on another object. Fixed a domain joins failing issue in environments that use DNS hostnames. Fixed an issue that prevented the changing of expired passwords when signing in. Windows 8.1 and Windows Server 2012 R2 Monthly Rollup: KB5012670 Security-only: KB5012639 Updates and improvements: Fixed a Windows Media Center issue that had users configure the application on each start. Fixed a memory leak that was introduced in the November 2021 cumulative update. It caused a decrease in performance on domain controllers. Fixed an issue that could cause Event ID 37 to be logged during password change scenarios. Fixed a domain joins failing issue in environments that use DNS hostnames. Fixed an issue that made Windows go into BitLocker Recovery after servicing updates. (monthly-rollup only). Fixed an issue that prevented the changing of expired passwords when signing in. (monthly-rollup only). Fixed an issue that caused a Denial of Service vulnerability on Cluster Shared Volumes. (monthly-rollup only). Windows 10 version 20H2, 21H1 and 21H2 Support Page: KB5012599 Fixed an issue that caused a Denial of Service vulnerability on Cluster Shared Volumes. (monthly-rollup only). Plus, everything that was mentioned in the preview update here. Windows 11 Support Page: KB5012592 Updates and improvements: Fixes are listed on the preview update's release page here. Other security updates 2022-04 Security Only Quality Update for Windows Server 2008 (KB5012632) 2022-04 Security Monthly Quality Rollup for Windows Server 2008 (KB5012658) 2022-04 Security Monthly Quality Rollup for Windows Embedded 8 Standard and Windows Server 2012 (KB5012650) 2022-04 Security Only Quality Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5012666) 2022-04 Cumulative Update for Windows 10 Version 1909 (KB5012591) 2022-04 Cumulative Update for Windows Server 2016 and Windows 10 Version 1607 (KB5012596) 2022-04 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5012604) 2022-04 Cumulative Update for Windows Server 2019 and Windows 10 Version 1809 (KB5012647) 2022-04 Cumulative Update for Windows 10 (KB5012653) .NET Framework 2022-04 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5012122) 2022-04 Security and Quality Rollup for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5012124) 2022-04 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5012129) 2022-04 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2 (KB5012130) 2022-04 Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5012131) 2022-04 Security and Quality Rollup for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012 (KB5012136) 2022-04 Security and Quality Rollup for .NET Framework 2.0, 3.0 for Windows Server 2008 (KB5012137) 2022-04 Security and Quality Rollup for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5012138) 2022-04 Security and Quality Rollup for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2 (KB5012139) 2022-04 Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5012140) 2022-04 Security and Quality Rollup for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5012141) 2022-04 Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2 (KB5012142) 2022-04 Security Only Update for .NET Framework 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5012143) 2022-04 Security Only Update for .NET Framework 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5012144) 2022-04 Security Only Update for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5012145) 2022-04 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5012146) 2022-04 Security Only Update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows 8.1 and Windows Server 2012 R2 (KB5012147) 2022-04 Security Only Update for .NET Framework 4.6 and 4.6.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5012148) 2022-04 Security Only Update for .NET Framework 3.5 for Windows Embedded 8 Standard and Windows Server 2012 (KB5012149) 2022-04 Security Only Update for .NET Framework 2.0, 3.0 for Windows Server 2008 (KB5012150) 2022-04 Security Only Update for .NET Framework 3.5.1 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5012151) 2022-04 Security Only Update for .NET Framework 3.5 for Windows 8.1 and Windows Server 2012 R2 (KB5012152) 2022-04 Security Only Update for .NET Framework 4.5.2 for Windows Embedded 8 Standard and Windows Server 2012 (KB5012153) 2022-04 Security Only Update for .NET Framework 4.5.2 for Windows Embedded Standard 7, Windows 7, Windows Server 2008 R2, and Windows Server 2008 (KB5012154) 2022-04 Security Only Update for .NET Framework 4.5.2 for Windows 8.1 and Windows Server 2012 R2 (KB5012155) 2022-04 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5012324) 2022-04 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5012325) 2022-04 Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5012326) 2022-04 Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 and 4.6.2 for Windows Server 2008 (KB5012327) 2022-04 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5012329) 2022-04 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5012330) 2022-04 Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Windows Server 2012 R2 (KB5012331) 2022-04 Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 and 4.6.2 for Windows Server 2008 (KB5012332) 2022-04 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H1, Windows Server, version 20H2, Windows 10 Version 20H2, Windows 10 Version 2004, Windows 10 Version 1909, Windows 10 Version 1903, Windows 10 Version 1809, and Windows 10 Version 1607 (KB5012117) 2022-04 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 and Windows 10 Version 1607 (KB5012118) 2022-04 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5012119) 2022-04 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1909 (KB5012120) 2022-04 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 (KB5012121) 2022-04 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 for ARM64 (KB5012123) 2022-04 Cumulative Update for .NET Framework 3.5 and 4.7.2 for Windows Server 2019 and Windows 10 Version 1809 (KB5012128) 2022-04 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows Server 2019 and Windows 10 Version 1809 (KB5012328) 2022-04 Security and Quality Rollup for .NET Framework 4.8 for Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB5012125) Servicing Stack Updates 2022-04 Servicing Stack Update for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB5012672) 2022-04 Servicing Stack Update for Windows 10 (KB5013269) 2022-04 Servicing Stack Update for Windows Embedded 8 Standard and Windows Server 2012 (KB5013270) Known Issues Windows 7 SP1 and Windows Server 2008 R2 (Old) Updates may show as failed and may be uninstalled because the machine is not on ESU. Expected behavior. (Old) Certain operations such as rename may fail on Cluster Shared Volumes. Perform the operation from a process with administrator privileges. Perform the operation from a node that does not have CSV ownership. Windows 8.1 and Windows Server 2012 R2 (Old) Certain operations such as rename may fail on Cluster Shared Volumes. Perform the operation from a process with administrator privileges. Perform the operation from a node that does not have CSV ownership. (Old) Issues with apps using the " Microsoft .NET Framework to acquire or set Active Directory Forest Trust Information". These may fail, close, or may throw errors messages such as access violation (0xc0000005). Install out-of-band updates for the .NET Framework version that the app in question uses. Microsoft has links to these on the support page. Windows 10 versions 20H2, 21H1 and 21H2 (Old) Custom installations may not receive the new Microsoft Edge web browser, while the old version may be removed. Workaround described on the support page. (Old) Some devices can't install updates after installation of KB5003690 (June 21, 2021). Error PSFX_E_MATCHING_BINARY_MISSING is displayed. Workaround instructions are available here. (Old) Connections may fail to authentication when using smart card authentication in Remote Desktop Connections. Resolved according to Microsoft, should not be experienced anymore. (NEW) After installing the January 11, 2022 updates or later updates, recovery discs on CD or DVD created using the Backup and Restore tool (Windows 7) may be unable to start. Recovery discs created earlier are not affected. Microsoft is working on a resolution. Windows 11 (NEW) After installing the January 11, 2022 updates or later updates, recovery discs on CD or DVD created using the Backup and Restore tool (Windows 7) may be unable to start. Recovery discs created earlier are not affected. Microsoft is working on a resolution. Security advisories and updates ADV 990001 -- Latest Servicing Stack Updates Non-security updates Microsoft Office Updates You find Office update information here. How to download and install the April 2022 security updates Critical updates are downloaded and installed automatically on most Home Windows devices. On other systems, administrators may need to download and install updates manually, or allow updates to be installed after reviewing them carefully. Home users may use the following method to check for updates manually (and speed up the installation of updates in the process): Select Start, type Windows Update and load the Windows Update item that is displayed. Select check for updates to run a manual check for updates. Direct update downloads Below are resource pages with direct download links, if you prefer to download the updates to install them manually. Windows 7 and Server 2008 R2 KB5012626 -- 2022-04 Security Monthly Quality Rollup for Windows 7 KB5012649 -- 2022-04 Security Only Quality Update for Windows 7 Windows 8.1 and Windows Server 2012 R2 KB5012670 -- 2022-04 Security Monthly Quality Rollup for Windows 8.1 KB5012639 -- 2022-04 Security Only Quality Update for Windows 8.1 Windows 10 (version 20H2) KB5012599 -- 2022-04 Cumulative Update for Windows 10 Version 20H2 Windows 10 (version 21H1) KB5012599 -- 2022-04 Cumulative Update for Windows 10 Version 21H1 Windows 10 (version 21H2) KB5012599 -- 2022-04 Cumulative Update for Windows 10 Version 21H2 Windows 11 KB5012592 -- 2022-04 Cumulative Update for Windows 11 Additional resources April 2022 Security Updates release notes List of software updates for Microsoft products List of the latest Windows Updates and Services Packs Security Updates Guide Microsoft Update Catalog site Our in-depth Windows update guide How to install optional updates on Windows 10 Windows 11 Update History Windows 10 Update History Windows 8.1 Update History Windows 7 Update History Microsoft Windows Security Updates April 2022 overview

Microsoft has now made it possible to receive notifications about new security updates through a new RSS feed for the Security Update Guide. When Microsoft fixes a security vulnerability in one of its products, they disclose details in the Security Update Guide (SUG). Typically, Microsoft discloses new vulnerabilities twice a month, the bulk being the monthly Patch Tuesday and when Microsoft fixes vulnerabilities in Microsoft Edge. However, if a new vulnerability is publicly disclosed before Microsoft can fix it and Microsoft believes it is important for customers to be aware, they will add new entries to SUG when releasing out-of-band advisories. For example, last month, Microsoft added two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082 to the SUG. While these bugs have not received any security updates yet, Microsoft did release mitigations that can help protect Internet-exposed servers, illustrating the need to stay aware of new security issues. While email notifications for additions to the Security Update Guide, they require a user to create a Microsoft account to receive them and are not sent immediately. Due to this, many customers have requested Microsoft add an RSS feed to the Security Update Guide so they can get immediate notifications when a new CVE is added. "With regards to the RSS feed, we have received feedback from some of our customers that an RSS feed on the Security Update Guide (SUG) would be greatly appreciated," Microsoft said in today's announcement. "A few customers have even asked for it to be the default form of communication. We heard your feedback, and you can now obtain SUG updates by pasting the URL of the RSS feed in any RSS reader." The URL for the new RSS feed is now live at https://api.msrc.microsoft.com/update-guide/rss and is also shared in the SUG using an RSS icon, as shown below. New RSS icon in the Security Update Guide To use the new RSS feed feature, you need to install an RSS Feed reader, whether a desktop application, mobile app, or browser extension. Once you subscribe to the feed, you will automatically receive notifications when Microsoft adds a new CVE to the Security Update Guide, helping keep you aware of the latest security risks. Once you subscribe to the feed, you will begin to receive notifications when Microsoft adds a new CVE to the Security Update Guide, helping keep you aware of the latest security risks. Microsoft adds new RSS feed for security update notifications

The Debian Project has announced that the Debian Long Term Support (LTS) Team is taking over security support for Debian 11 now that it is three years old. The LTS Team takes over this responsibility from the Security and Release Teams, which can now focus on the current Debian 12 and soon-to-be-released Debian 13. Now that the LTS Team has taken over Debian 11 updates, users can continue using it until August 31, 2026. With that said, the announcement recommends that people upgrade their machine to the current stable, Debian 12. This LTS phase will give anyone who needs it time to upgrade more graciously if they have a lot of data that needs backing up, etc. It's best not to wait until August 2026 to upgrade, though. While the base packages should continue to be maintained, the Debian Project warns that a few of your packages may not be supported by the LTS Team. To identify any packages that won't be supported, users can install the debian-security-support package and then run check-support-status presumably from the terminal to get a list of unsupported packages. If you find a critical package that you would like to get support for, you can email [email protected]. If you do have unmaintained packages installed on your system, it's probably a good idea to remove them from the terminal using the apt remove command preceded by sudo, of course. According to the Debian Wiki, it appears mostly to be game packages that support is being dropped during the LTS period. While Debian has a reputation for being rock solid, it is also better suited for people more familiar with Linux than total newbies. One of the reasons for this is that upgrading between major versions is done from the command line instead of a graphical tool like Ubuntu or Fedora. If you want to upgrade to Debian 12, check out the DebianUpgrade page in the Debian Wiki for detailed instructions and read very carefully; don't just skim-read. Source Hope you enjoyed this news post. Thank you for appreciating my time and effort posting news every single day for many years. 2023: Over 5,800 news posts | 2024 (till end of July): 3,313 news posts

Linux Mint has released version 20.3, codenamed 'Una,' as a long-term support version that will receive security updates until 2025. Long-term support releases are for those who favor stability over bleeding-edge software and experimental features, so Linux Mint 20.3 is ideal for those who want to keep the same system without significant changes for years. Mint is one of the most popular and widely used Linux distributions available today, using a Ubuntu base along with a desktop environment called 'Cinnamon' that will be more familiar to Windows users. The reason why Mint is so popular mainly has to do with the complete out-of-the-box experience it offers, coming with proprietary format codecs, closed-source GPU drivers, and a variety of helpful multimedia apps pre-installed. These features allow users to start using the Linux distribution without installing too many other packages. Linux Mint 20.3 running Cinnamon 5.2 Source: Linux Mint New in this release The highlights in Linux Mint 20.3 are the following: Dark mode is now omnipresent in apps and DE elements, giving a more coherent user experience. The Hypnotix IPTV player has received UI revamp and a new search function. A new Document Manager called ‘Thingy’ has been introduced, featuring reading progress history. The Sticky Notes app now has a search function. All themes have been tweaked for a modernized look and feel, and were optimized for dark mode. The printing and scanning system was upgraded to support recent models from HP. The Xreader PDF reader now has a manga reading mode. Cinnamon 5.2 has integrated the calendar and added event management function with wider syncing integration potential (Evolution, Google Calendar, Mozilla Thunderbird). New document manager Thingy Source: Linux Mint If the Cinnamon desktop environment isn’t your cup of tea, Linux Mint 20.3 is also available in two more flavors, MATE and XFCE. MATE is a fork of GNOME 2, a desktop environment that was discontinued ten years ago, so it’s suitable for those who prefer a more old-school look but with GTK 3 support. The XFCE is a lightweight and speedy desktop environment which thrives by balancing modern looks with simplicity in form and function. If you’re already using Linux Mint and you’re looking for instructions on how to upgrade to the latest version, you follow the steps in Mint's official guide. Apart from some theme-related quirks and breakages that are easy to fix, most users who upgraded over the weekend report that it went well. To download the latest ISO and perform a clean install, which is the recommended way to upgrade, use one of the mirrors provided in the new release announcement. Linux Mint 20.3 released promising security updates until 2025