_medium.jpg)
Microsoft's Secured Core initiative builds all Surface devices with integrated hardware, firmware, and software defenses. This approach gives Microsoft greater control over security updates.
Windows 11 security RSS
Microsoft will be disabling TLS versions 1.0 and 1.1 on Windows very soon. The company announced it earlier today and is part of its broader strategy to make the whole of Windows OS more secure.
David Weston, who is the Windows security boss at Microsoft, says the tech giant is working on security features of next-gen Windows 11 and there might just be more TPM-like features.
Microsoft has released a useful tool for users so that they can check for compatibility issues with memory integrity or HVCI (hypervisor-protected code integrity), a key security feature in Windows.
An AMD fTPM side channel security flaw dubbed "faulTPM" has been discovered by researchers. This security bug can even bypass BitLocker and it affects modern Windows 11-supported Ryzen chips.
Microsoft has been working on integrating Rust into Windows for a while. A senior exec David Weston recently confirmed that Rust-based code will soon be booting inside Windows kernel.
Microsoft may have quietly fixed the Local Security Authority (LSA) is off issue with a recent update to Defender. The company is also pushing out new kernel-mode hardware stack protection.
Microsoft has published some helpful guidance against the BlackLotus UEFI bootkit vulnerability that can bypass Secure Boot, VBS, BitLocker, Windows Defender, and more to infect updated Windows PCs.
_medium.jpg)
If you are on Windows 11, and you have encountered the LSA protection is off message recently, even though it is on, Microsoft has confirmed it's a bug. A workaround for it has also been provided.
_medium.jpg)
An old, persistent "Standard hardware security not supported" bug has come back to haunt Windows 11 users according to multiple reports online. The issue is affecting those who have supported PCs.
Microsoft is seemingly enabling VBS on Windows 10 as well, something which was limited to Windows 11 only previously. This could lead to potential performance loss as latest testing indicates.
Microsoft has made the life of system admins and IT admins a bit easier. The company recently announced that it had quietly made welcome changes to the way the AppLocker app control policies worked.
Microsoft has disabled the Remote Mailslot legacy protocol by default in Windows 11 build 25314. A senior Microsoft manager has called it "disgusting" and "crap", saying that it will be removed soon.
Starting with Chrome version 111, the Chrome Cleanup Tool will be turned off for Windows users due to a decline in user complaints about unwanted software and improved defenses against malware.
Microsoft recently deprecated MSDT to make Windows 11 more secure, because threat actors exploited it for nefarious reasons. Following that, the company is now adding an option to uninstall VBScipt.
_medium.jpg)
Microsoft has made an important change in recent Windows 11 Pro Insider Preview builds by disabling SMB guest authentication fallbacks by default. This has been done to improve the security of the OS.
Microsoft has revealed that it is retiring MSDT in two years. This is right in time for Windows 12 and it could be a welcomed change as MSDT has recently been exploited by threat actors.
Microsoft has extended Intel's mult-key Total Memory Encryption technology support to Windows 11 22H2 as well. This means the new feature update just got more secure than it already was.
Core isolation offers a set of virtualization-based security features that offer extra protection from hackers and malicious scripts. Learn how to enable Core Isolation's Memory Integrity feature.
_medium.jpg)
With the rollout of the Windows 11 2022 Update now underway, Microsoft has confirmed that a lot of previously announced security features are now generally available. More are coming soon too.
_medium.jpg)
VBS or Core Isolation feature on Windows 11 is seemingly causing multiple problems on various tweaking tools like MSI's Afterburner and Intel's Extreme Tuning Utility (XTU), among others.
Microsoft Defender for Endpoint has done quite well in a new LSASS credentials dumping protection test recently conducted by AV-Comparatives. In the test, Defender has scored the full marks.
The latest Dev channel release for Windows 11 Insiders, build 25188, was released today. Under the hood, the company has updated the Security Core boot driver which may have enhanced the security.
With Patch Tuesday recently, Microsoft released the KB5012170 update which adds new vulnerable UEFI signatures to the Secure Boot DBX. The newly added signatures are related to the GRUB vulnerability.
The Smart App Control security feature on Windows 11 has gained new improvements. In addition to Office macros, the utility can now also block many more potentially malicious file types.
_medium.jpg)
Certain Windows PCs with Gigabyte and Asus motherboards have been found to be infected with a new "CosmicStrand" UEFI rootkit. The malware is an evolution of an older rootkit dubbed "Spy Shadow".
Back at CES, Lenovo launched its ThinkPad Z series with Microsoft Pluton powered by Ryzen 6000. However, these new notebooks refuse to run non-Windows OS, like Linux, without firmware tweak.
The Windows 11 22H2 (Sun Valley 2) RTM build 22621 has resurrected an old bug whereupon a system gets a "hardware security not supported" message even on PCs that meet the necessary requirements.
Windows 11 has several new security-related features. One of these features called Smart App Control that intelligently blocks suspicious apps and files blocked one of Microsoft's own files.
On Day One of the annual Pwn2Own ethical hacking event, Microsoft's Windows 11 as well as Teams was successfully hacked every time. However, on Day Two, not every attempt ended up in success.
During the first day of Pwn2Own Vancouver 2022, participants demonstrated various zero-day exploits and security loopholes in popular Microsoft products, such as Windows 11 and Teams.
The Powershell Windows Toolbox that was hosted on GitHub was found to contain malicious files. This third-party Windows tool claimed to install Google Play Store, debloat Windows 11, and more.
AV-Comparatives has released its latest March 2022 anti-virus program assessment report which shows that Microsoft Defender has really poor offline detection rate. Aside from that, it has done well.
Microsoft has released a new Windows 11 Release Preview Channel build 22000.651 under KB5012643. The new release brings several fixes and improvements including some related to TPM and Secure Boot.
Microsoft Defender now has a new feature that will protect Windows 11, Windows 10, and Windows Server devices from malicious drivers. The feature is termed "Microsoft Vulnerable Driver Blocklist".
Ryzen 6000 Rembrandt APUs are the first chips in the world to bring Microsoft Pluton support. But despite also being a partner with the Redmond giant, Intel will not support Pluton, for now.
A fake Microsoft lookalike website has been discovered recently which is distributing a dangerous RedLine malware in the form of a Windows 11 installer package. The RedLine malware is a stealer.
After the recent leak of some Windows 11 features, we have today a fresh set of leaks that reveal more features like Taskbar overflow flyout, and a new reminder for users that run unsupported PCs.
_medium.jpg)
Microsft said earlier today via a blog post that it will block all Office files (Access, Excel, PowerPoint, Visio, and Word), that contain VBA Macros, by default, to protect users from malware.
Lenovo has confirmed that its ThinkPad business notebooks for 2022, based on the Ryzen 6000 Rembrandt mobile APUs, will come with the Microsoft Pluton security feature disabled by default.
