Vue lecture

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.

Vulnerable UEFI shims allow decade-long bypass of Microsoft Secure Boot

Vulnerable UEFI shims allow decade-long bypass of Microsoft Secure Boot
ESET researchers have identified 11 vulnerable UEFI shim bootloaders that allow attackers to bypass Secure Boot on nearly any UEFI-based system. These shims, some dating back to 2013, remained signed by Microsoft despite containing critical flaws or authorizing vulnerable secondary components. Because these binaries were never revoked, attackers can use them to execute untrusted code and deploy persistent bootkits like BlackLotus or BootKitty.

Source

Microsoft fixes Windows 11 bug that consumed hundreds of gigabytes of storage

Microsoft fixes Windows 11 bug that consumed hundreds of gigabytes of storage
Microsoft has released the July 2026 Patch Tuesday update (KB5101650) to resolve a critical storage bug affecting Windows 11 versions 24H2 and 25H2. The issue stems from the Capability Access Manager service (camsvc), which failed to properly checkpoint its write-ahead log file, CapabilityAccessManager.db-wal. This failure caused the hidden file to grow indefinitely, with some users reporting it consumed over 500GB of disk space.

Source

Microsoft releases Snapdragon X2 Surface for Business with enhanced AI performance

Microsoft releases Snapdragon X2 Surface for Business with enhanced AI performance
Microsoft has launched the commercial editions of the Surface Pro 13 and Surface Laptop 8, featuring Qualcomm’s Snapdragon X2 processors. These business-specific models ship with Windows 11 Pro and are designed for enterprise procurement channels and volume licensing. Administrators can manage these endpoints using standard commercial tools while benefiting from integrated security features like hardware-based privacy screens on select laptop models.

Source

Microsoft halts Windows 11 updates for Dell PCs due to driver conflicts

Microsoft halts Windows 11 updates for Dell PCs due to driver conflicts
Microsoft has implemented a compatibility hold on the July 2026 Patch Tuesday update, KB5101650, for specific Dell computers. This decision follows reports of severe stability issues, including unexpected system shutdowns and significant performance degradation. The problem is currently limited to Intel-based Dell devices running Windows 11 versions 24H2 and 25H2.

Source

Windows 11 KB5101650 introduces indefinite update pausing and system recovery

Windows 11 KB5101650 introduces indefinite update pausing and system recovery
The July 2026 security update for Windows 11, identified as KB5101650, introduces a redesigned Windows Update pause mechanism featuring a calendar-style interface. Users can now select a specific end date to defer updates for up to 35 days, a significant shift from the previous fixed-duration blocks. While the initial limit remains 35 days, the pause can be manually renewed indefinitely as it expires, providing granular control over the update cadence.

Source

Mozilla warns Windows 11 26H2 backup defaults may stifle browser choice

Mozilla warns Windows 11 26H2 backup defaults may stifle browser choice
Mozilla has accused Microsoft of using manipulative design patterns to aggressively push the Edge browser over competing software. A recent study highlights concerns regarding the Windows Backup app, which is expected to be enabled by default in the upcoming Windows 11 26H2 update. Researchers claim this tool fails to preserve third-party browser preferences when users migrate their data from Windows 10 to Windows 11.

Source

LabubaRAT malware masquerades as NVIDIA software to target Windows systems

LabubaRAT malware masquerades as NVIDIA software to target Windows systems
A newly discovered Rust-based remote access trojan named LabubaRAT is targeting Windows environments by impersonating legitimate NVIDIA system components. The malware uses the filename nvidia-sysruntime.exe and includes NVIDIA-themed metadata to evade detection by administrators and security tools. This implant functions as a comprehensive framework for persistent access, allowing attackers to profile hosts and identify installed security products.

Source

Windows 11 July 2026 updates harden RDP security and fix OLE automation

Windows 11 July 2026 updates harden RDP security and fix OLE automation
Microsoft has released the July 2026 Patch Tuesday cumulative updates for Windows 11 versions 23H2 through 25H2. These mandatory security patches address 571 vulnerabilities, including three zero-day exploits currently being tracked by researchers. Administrators can deploy KB5101650 for the latest versions or KB5099414 for 23H2 via Windows Update and the Microsoft Update Catalog.

Source

Microsoft extends Windows 10 consumer security updates through 2027

Microsoft extends Windows 10 consumer security updates through 2027
Microsoft has released the KB5099539 extended security update for Windows 10 as part of the July 2026 Patch Tuesday cycle. This release addresses 570 vulnerabilities, including two actively exploited zero-day flaws and one publicly disclosed vulnerability. While the operating system has reached its standard end of support, Microsoft quietly extended the free Extended Security Updates (ESU) program for consumers until October 12, 2027.

Source

Operation Muck and Load targets developers with hundreds of fake GitHub repositories

Operation Muck and Load targets developers with hundreds of fake GitHub repositories
A large-scale malware campaign dubbed Operation Muck and Load has deployed nearly 300 fraudulent GitHub repositories to distribute infostealers and remote access trojans. These repositories impersonate legitimate security tools, cryptocurrency services, and developer utilities to lure users through search engine optimization. The campaign utilizes spoofed trust badges and "Download Secure Content" buttons to trick visitors into downloading malicious ZIP archives.

Source

Microsoft redesigns WSL resource management to prevent subsystem crashes

Microsoft redesigns WSL resource management to prevent subsystem crashes
Microsoft has overhauled the resource management architecture for Windows Subsystem for Linux to prevent demanding workloads from crashing the entire environment. Previously, resource-heavy operations like software compilation could trigger out-of-memory events that left the subsystem unresponsive even after usage subsided. The new design ensures that essential background services always have the necessary overhead to maintain communication with the host Windows OS.

Source

Windows 11 search overhaul prioritizes local results and removes promotional ads

Windows 11 search overhaul prioritizes local results and removes promotional ads
Microsoft is rolling out a significant update to the Windows 11 search experience that prioritizes local files, apps, and settings over web-based content. This overhaul is part of the broader Windows K2 initiative, which aims to address user feedback regarding operating system clutter and performance issues. The update is currently available to Windows Insiders in the Experimental Channel and is expected to reach all users later this year.

Source

Vulnerable UEFI shims allow attackers to bypass Secure Boot protections

Vulnerable UEFI shims allow attackers to bypass Secure Boot protections
Researchers have identified at least eleven vulnerable UEFI shim bootloaders that allow attackers to bypass Secure Boot on any system trusting the Microsoft third-party certificate authority. These shims, primarily version 0.9 or older, act as a bridge between firmware and the operating system but contain decade-old flaws that can be exploited to execute unsigned code. Because attackers can simply bring their own copy of a trusted but vulnerable binary to a target machine, the protection is undermined regardless of the installed operating system.

Source

Google Workspace adds FIDO2 security keys and passkeys to Windows login

Google Workspace adds FIDO2 security keys and passkeys to Windows login
Google Credential Provider for Windows (GCPW) now supports FIDO2-compliant physical security keys as a second-factor authentication method. This tool allows users to access Windows 10 and 11 devices using their Google Workspace credentials rather than traditional local or Active Directory accounts. The update aims to strengthen organizational security by introducing phishing-resistant hardware authentication directly at the Windows login screen.

Source

Microsoft tests Copilot PC Insights to diagnose performance despite high RAM usage

Microsoft tests Copilot PC Insights to diagnose performance despite high RAM usage
Microsoft is testing an experimental Windows 11 feature called PC Insights that allows Copilot to analyze live system data. The tool provides conversational answers regarding hardware state, including CPU and RAM utilization, storage capacity, battery health, and BIOS information. Users can ask plain-language questions to identify performance bottlenecks or verify if specific software can be installed based on current disk space.

Source

Windows settings backup becomes enabled by default in Windows 11 26H2

Windows settings backup becomes enabled by default in Windows 11 26H2
Microsoft is shifting the default behavior for Windows settings backup and restore from disabled to enabled starting with Windows 11 version 26H2. This change applies to Microsoft Entra-joined and hybrid-joined enterprise devices, automatically backing up user settings and Microsoft Store app lists to Exchange Online storage. The transition aims to simplify PC refresh cycles and device migrations by ensuring a baseline of resilience is active without manual intervention.

Source

Windows 11 Cross Device Service bug causes massive RAM and storage consumption

Windows 11 Cross Device Service bug causes massive RAM and storage consumption
Windows 11 users are reporting a significant memory leak tied to the Cross Device Service, a background component used by the Phone Link application. This service facilitates features like notification syncing and clipboard sharing but can erroneously consume between 15GB and 30GB of RAM. The issue appears to develop gradually over time, eventually degrading system performance and forcing users to manually terminate the process via Task Manager.

Source

Microsoft clarifies Windows monthly servicing and enterprise channel unification

Microsoft clarifies Windows monthly servicing and enterprise channel unification
Microsoft has detailed its modern Windows servicing model, which centers on cumulative monthly security updates released on the second Tuesday of each month. These "Patch Tuesday" rollouts bundle all previous security and non-security fixes to simplify deployment and reduce version fragmentation across client and server endpoints. Administrators can also utilize optional non-security preview updates released late in the month to validate upcoming features and fixes before they are integrated into the next mandatory rollup.

Source

Managing CodexSandboxUser accounts and profile errors in Windows 11

Managing CodexSandboxUser accounts and profile errors in Windows 11
OpenAI Codex creates local security principals such as CodexSandboxUser, CodexSandboxOffline, and CodexSandboxOnline to execute AI-generated commands in an isolated environment. This architecture prevents potentially unsafe code from accessing the primary user's files or system settings by running tasks with limited privileges. These accounts are legitimate security features and should remain on the system as long as the Codex Desktop tool or related CLI utilities are in use.

Source

❌