Questionable patch left a bunch of Windows systems open to attack


Microsoft has revealed that a botched update disabled endpoint security protections on a large number of Windows systems.

Although PCs running Windows 10 and Windows 11 are not affected, the offending patch left devices running Windows Server 2019 and 2022 open to attack.

“After installing KB5007205 or later updates, Microsoft Defender for Endpoint may not start or run on devices with a Windows Server Core installation,” Microsoft warned, in an article on Health Dashboard of Windows Server.

The company says it is currently developing a fix to resolve the issue, but did not immediately respond to our request for clarification as to when customers can expect the issue to be resolved.

No more Windows security concerns

Unfortunately, this is not the only issue introduced in the latest round of Windows updates. Microsoft was also forced to deploy a fix for a bug that prevented Kaspersky’s anti-virus applications from opening after installing updates using Microsoft Installer.

Unlike the Windows Server issue, this issue affected regular users running Windows 10 and 11 as well as businesses.

“After installing a Windows update, Kaspersky Endpoint Security for Windows continues to function properly and system security remains intact. However, errors can occur when attempting to upgrade the application, install a private patch, or change the scope of application components, ”Kaspersky wrote in a commentary. supporting document.

Separately, Trend Micro security researchers have revealed an exploit for a zero-day vulnerability that could allow an attacker to gain administrative privileges on all supported versions of Windows.

Microsoft attempted to fix a connected issue as part of the most recent Patch Tuesday, but analysis of the fix revealed a workaround that led to this new, more dangerous elevation of privilege vulnerability.

Via computer beep

Source link


Comments are closed.