Remember the Spectre CPU vulnerability that reared its head for the first time in 2017? Variant 2 of Spectre is back, and as such, Microsoft has published guidance about the mitigation.
Windows 11 security RSS
The Patch Tuesday updates for the last few months have quietly rolled out a new UCPD driver. This new driver by Microsoft is seemingly intended to block default app switches by Registry hacks.
Microsoft is finally making a change to Windows that has been long overdue. The company is killing support for 1024-bit RSA keys for TLS authentication making future Windows more secure.
Microsoft is about to update its UEFI Secure Boot Keys required for certificate management. These keys are from the Windows 8 era and are set to expire soon, just a couple of years from now.
TPM sniffing attacks, which we have covered before, are possible even on modern Intel-powered hardware running the latest Windows 11. Such attacks may however be preventable by Microsoft's Pluton.
_medium.jpg)
Microsoft's Secured Core initiative builds all Surface devices with integrated hardware, firmware, and software defenses. This approach gives Microsoft greater control over security updates.
Microsoft will be disabling TLS versions 1.0 and 1.1 on Windows very soon. The company announced it earlier today and is part of its broader strategy to make the whole of Windows OS more secure.
David Weston, who is the Windows security boss at Microsoft, says the tech giant is working on security features of next-gen Windows 11 and there might just be more TPM-like features.
Microsoft has released a useful tool for users so that they can check for compatibility issues with memory integrity or HVCI (hypervisor-protected code integrity), a key security feature in Windows.
An AMD fTPM side channel security flaw dubbed "faulTPM" has been discovered by researchers. This security bug can even bypass BitLocker and it affects modern Windows 11-supported Ryzen chips.
Microsoft has been working on integrating Rust into Windows for a while. A senior exec David Weston recently confirmed that Rust-based code will soon be booting inside Windows kernel.
Microsoft may have quietly fixed the Local Security Authority (LSA) is off issue with a recent update to Defender. The company is also pushing out new kernel-mode hardware stack protection.
Microsoft has published some helpful guidance against the BlackLotus UEFI bootkit vulnerability that can bypass Secure Boot, VBS, BitLocker, Windows Defender, and more to infect updated Windows PCs.
_medium.jpg)
If you are on Windows 11, and you have encountered the LSA protection is off message recently, even though it is on, Microsoft has confirmed it's a bug. A workaround for it has also been provided.
_medium.jpg)
An old, persistent "Standard hardware security not supported" bug has come back to haunt Windows 11 users according to multiple reports online. The issue is affecting those who have supported PCs.
Microsoft is seemingly enabling VBS on Windows 10 as well, something which was limited to Windows 11 only previously. This could lead to potential performance loss as latest testing indicates.
Microsoft has made the life of system admins and IT admins a bit easier. The company recently announced that it had quietly made welcome changes to the way the AppLocker app control policies worked.
Microsoft has disabled the Remote Mailslot legacy protocol by default in Windows 11 build 25314. A senior Microsoft manager has called it "disgusting" and "crap", saying that it will be removed soon.
Starting with Chrome version 111, the Chrome Cleanup Tool will be turned off for Windows users due to a decline in user complaints about unwanted software and improved defenses against malware.
Microsoft recently deprecated MSDT to make Windows 11 more secure, because threat actors exploited it for nefarious reasons. Following that, the company is now adding an option to uninstall VBScipt.
_medium.jpg)
Microsoft has made an important change in recent Windows 11 Pro Insider Preview builds by disabling SMB guest authentication fallbacks by default. This has been done to improve the security of the OS.
Microsoft has revealed that it is retiring MSDT in two years. This is right in time for Windows 12 and it could be a welcomed change as MSDT has recently been exploited by threat actors.
Microsoft has extended Intel's mult-key Total Memory Encryption technology support to Windows 11 22H2 as well. This means the new feature update just got more secure than it already was.
Core isolation offers a set of virtualization-based security features that offer extra protection from hackers and malicious scripts. Learn how to enable Core Isolation's Memory Integrity feature.
_medium.jpg)
With the rollout of the Windows 11 2022 Update now underway, Microsoft has confirmed that a lot of previously announced security features are now generally available. More are coming soon too.
_medium.jpg)
VBS or Core Isolation feature on Windows 11 is seemingly causing multiple problems on various tweaking tools like MSI's Afterburner and Intel's Extreme Tuning Utility (XTU), among others.
Microsoft Defender for Endpoint has done quite well in a new LSASS credentials dumping protection test recently conducted by AV-Comparatives. In the test, Defender has scored the full marks.
The latest Dev channel release for Windows 11 Insiders, build 25188, was released today. Under the hood, the company has updated the Security Core boot driver which may have enhanced the security.
With Patch Tuesday recently, Microsoft released the KB5012170 update which adds new vulnerable UEFI signatures to the Secure Boot DBX. The newly added signatures are related to the GRUB vulnerability.
The Smart App Control security feature on Windows 11 has gained new improvements. In addition to Office macros, the utility can now also block many more potentially malicious file types.
_medium.jpg)
Certain Windows PCs with Gigabyte and Asus motherboards have been found to be infected with a new "CosmicStrand" UEFI rootkit. The malware is an evolution of an older rootkit dubbed "Spy Shadow".
Back at CES, Lenovo launched its ThinkPad Z series with Microsoft Pluton powered by Ryzen 6000. However, these new notebooks refuse to run non-Windows OS, like Linux, without firmware tweak.
The Windows 11 22H2 (Sun Valley 2) RTM build 22621 has resurrected an old bug whereupon a system gets a "hardware security not supported" message even on PCs that meet the necessary requirements.
Windows 11 has several new security-related features. One of these features called Smart App Control that intelligently blocks suspicious apps and files blocked one of Microsoft's own files.
On Day One of the annual Pwn2Own ethical hacking event, Microsoft's Windows 11 as well as Teams was successfully hacked every time. However, on Day Two, not every attempt ended up in success.
During the first day of Pwn2Own Vancouver 2022, participants demonstrated various zero-day exploits and security loopholes in popular Microsoft products, such as Windows 11 and Teams.
The Powershell Windows Toolbox that was hosted on GitHub was found to contain malicious files. This third-party Windows tool claimed to install Google Play Store, debloat Windows 11, and more.
AV-Comparatives has released its latest March 2022 anti-virus program assessment report which shows that Microsoft Defender has really poor offline detection rate. Aside from that, it has done well.
Microsoft has released a new Windows 11 Release Preview Channel build 22000.651 under KB5012643. The new release brings several fixes and improvements including some related to TPM and Secure Boot.
Microsoft Defender now has a new feature that will protect Windows 11, Windows 10, and Windows Server devices from malicious drivers. The feature is termed "Microsoft Vulnerable Driver Blocklist".
Microsoft raising Windows 11 24H2 system requirement to block CPUs without SSE4.2 and PopCnt
The new Microsoft Planner adds more task features designed for frontline workers
Dell explains how to check if your Windows 11 computer is 'AI-Enabled'
New version of Tiny11 Builder lets you debloat any Windows 11 build or version
Recommended by 
We're on Mastodon!
We're on Mastodon!