Windows 11 2022 Update

Microsoft released the “first major update” for Windows 11 on Tuesday, September 20, 2022, as Windows 11 nears its first anniversary. According to a blog posted by Microsoft, the Windows 11 update focuses on four key areas:

● Making the PC easier and safer to use for everyone
● Empowering people to be more productive
● Making Windows the best place to connect, create and play
● Delivering added security, management, and flexibility to the workplace

Microsoft is committed to making computers more accessible. An added accessibility feature includes system-wide live captions to automatically generate captions from any form of audio content on Windows 11.

Windows 11 also includes snap layouts which have become a game changer for multitasking by helping users optimize their applications and documents. In addition, Microsoft introduced Focus sessions and Do Not Disturb to assist in minimizing distractions.

Advanced artificial intelligence features significantly improve the new Windows Studio camera and audio effects. The Voice Focus, background blur, eye contact, and automatic framing features can assist users in conference calls and content creation.

According to Microsoft, “Windows 11 provides layers of hardware and software integration for powerful, out-of-the-box protection from the moment you start your device – and we’re
continuing to innovate.” For example, within the Windows 11 update is the launch of Microsoft Defender SmartScreen. Microsoft Defender SmartScreen will alert users when their login credentials are entered on a malicious application or website.

The Windows 11 2022 is packed with many subtle changes that all come together to boost
productivity and empower creativity. The changes include enhancements to the file explorer, photo applications, taskbar overflow, and much more.

Microsoft Windows users can access the new features by updating and restarting their
computers. To begin the update for Windows 11 2022, users can go to the start menu, select settings, then choose update and security from the list of options. Next, users are taken to the menu, where they can update and restart their computer immediately or schedule the restart.

Updating to Windows 11, users can experience all the newly added and improved on applications to increase productivity while protecting from known vulnerabilities.

Microsoft 365 Accounts Targeted In New BEC Scam

Recently, researchers at Mitiga have sounded the alarm about a new Business Email Compromise (BEC) campaign.  They discovered evidence of the campaign responding to another incident and have watched the campaign grow in scope and scale over time.

Here’s how the attack works:

The individual targeted by the campaign receives an email that appears to be from a bank and explains that the corporate account they usually send payments to has been frozen while a financial audit is underway.

In the meantime, the email explains that if the target needs to send payments, they can follow the instructions below the message.

The instructions appear to be inside a document behind a DocuSign wall, which is a contract management platform used widely in the corporate world.

To access the instructions, a potential victim needs to press the “Review Documents” button, which hands the victim off to a website controlled by the hackers.

These websites typically have names that appear to be legitimate companies the victim is familiar with, but a careful review of the URL will reveal an intentional typo, which gave rise to the term “typosquatting” to describe this very phenomenon.

On this page, the victim is asked to log into the Windows domain. If they do so, they inadvertently hand the attackers their Microsoft 365 account details which can be used later for any nefarious purpose the hacker’s desire.

On the face of it, this may not seem terribly convincing, but the hackers employ several tricks to make it seem completely legitimate.  Chief among these is the fact that the hackers hijack existing email streams and interrupt them. So to a reader who’s not paying close attention, the instructions seem to come from someone the victim is having an ongoing conversation with.

So far, the campaign has been devastatingly effective, so keep your guard up.  You don’t want to become their next victim.

Microsoft 365 Suggests Rollback After Issues From Update

Does your company use Microsoft 365?  If so, and you’ve noticed that your Office apps have begun to crash mysteriously and inexplicably, be aware that the latest update (build 15330.20298) is the culprit.

Unfortunately, the bug was introduced in the Enterprise channel during the company’s regularly scheduled “Patch Tuesday.”

The error manifests itself when users try to open a contact card or hover over a contact’s name or picture in shared documents, emails, or comments.

For their part, the company has moved quickly. Although they have not identified the root cause of the issue yet, in the meantime, they went back to the last version confirmed to not contain the bug.

Microsoft is advising any users who have installed version 2206 to roll back to version 2205 to get around the issue. For Admins, the company drafted specific rollback instructions and posted them on their website.

For some time last year, Microsoft’s updates were plagued with issues and several annoying bugs crept into the mix in just about every update the company made.

They re-doubled their efforts and tightened up their processes, and the number of faulty updates declined markedly.  This latest update breaks the trend.  With any luck, this will prove to be a one-time mistake with their next update, and the updates that follow will be smooth sailing.  Given the trouble in the recent past, it’s something that bears paying close attention to in the weeks ahead.

Kudos to Microsoft’s engineers for their fast action here, and we hope that the issue will be resolved before much longer.  It’s unfortunate any time a new bug is introduced, especially to a system as complex as Microsoft 365. Overall, the company has done a good job of addressing issues as they arise, and we expect that to be the case in this instance.

Microsoft Office And Google Docs Sync For Offline Use

Recently, Google announced a small but significant change to Google Docs.  Now, if you have enabled offline access for files you have stored on your Google Drive, the system will auto-sync any Microsoft PowerPoint, Excel, or Word files if you have opened them with Google Slides, Sheets, or Docs.

This is a tremendously handy change.

It allows you to switch freely between Google Docs and Microsoft Word, for example, giving you the best of both worlds and a fantastic amount of added convenience.

Since the update, there are a few lingering misconceptions about the capabilities of the new feature.

Here’s the scoop:

  • It only works if you’re using Chrome or Microsoft Edge as your desktop browser
  • You can create, open, and edit Google Docs, Sheets, and Slides offline
  • You can edit Microsoft Word files (.docx), Excel files (.xlsx), and PowerPoint files (.pptx) directly within Google Docs, Sheets, and Slides respectively with no need to convert the files you’re working on

Naturally, you must be signed into your Google account to make any offline syncing possible. Note that your Google Workspace administrator may choose to implement a policy that prevents access to Workspace data offline as a security protocol.

It’s hard to understate just how handy this feature is if you’re in the habit of moving between document editing and creation ecosystems.  Once you give it a try though, you’re probably going to wonder how you ever got along without it.

Kudos to Google for working with their tech rival and going the extra mile to create an even better user experience.  Though it’s certainly true that the company has made its share of missteps, it is improvements like these that demonstrate why Google is among the best of the best.

Give the new feature a try.  We think you’ll love it.

New Malware Uses Word Documents To Get On Your System

Researchers at HP have discovered a new malware loader that they’ve dubbed SVCReady.  While new malware strains are common, this one is distinct for a couple of different reasons.

Like many malicious programs, this spreads primarily via phishing email campaigns.  One way that this new strain differs however, is the fact that the malware is loaded onto the target machine via specially crafted Word documents attached to the email.

The idea is that these Word documents leverage VBGA macro code to execute shellcode that’s stored in the properties of the Word document.  That’s both new and dangerous.

The HP researchers found evidence that tracks the malicious code back to its origin in April of 2022, with the developers releasing several updates just one month later in May.  The number of updates is suggestive of a large, well-organized team that is committed to continued development of their new toy.

Currently, SVCReady boasts the following capabilities:

  • Download a file to the infected client
  • Take a screenshot
  • Run a shell command
  • Check if it is running in a virtual machine
  • Collect system information (a short and a “normal” version)
  • Check the USB status, i.e., the number of devices plugged-in
  • Establish persistence through a scheduled task
  • Run a file
  • And run a file using RunPeNative in memory

In addition to these capabilities, SVCReady can also fetch additional payloads from the command-and-control server.  While the bullet points above are dangerous in their way, it is the last, recently added capability that makes the new malware strain especially dangerous.  It enables the hackers to tailor the level of destruction for each infected target.

Worse, the new strain contains bits of code that lead the HP researchers to conclude that the threat actor TA551 may be behind it.  This is a large, well-organized group with ties to multiple other hacking organizations and ransomware affiliates. That implies that SVCReady may soon become much more widely available than it is now.

You will want to be sure this one stays on your radar.

1 2 3 8