One of Microsoft’s biggest Windows 11 updates yet brought a massive number of security flaw fixes

Microsoft has issued a mammoth Windows 11 update that brings fixes for around 150 security flaws in the operating system, as well as fixes for 67 Remote Code Execution (RCE) vulnerabilities. RCEs enable malicious actors to deploy their code to a target device remotely, often being able to do so without a person’s consent or knowledge – so this is a Windows 11 update you definitely want to install ASAP. 

This update was rolled out on Microsoft’s Patch Tuesday (the second Tuesday of every month), a monthly update when Microsoft releases security updates. 

Three of these were classed as ‘critical’ vulnerabilities, meaning that Microsoft saw them as posing a particularly hefty risk to users. According to Bleeping Computer, more than half of the RCE vulnerabilities were found in Microsoft SQL drivers; essential software components that facilitate communication between Microsoft apps and its servers, leading to speculation that the SQL drivers share a common flaw that is being exploited by malicious users. 

The three vulnerabilities classed as ‘critical’ had to do with Windows Defender, ironically an app designed by Microsoft to protect users from online threats. 

Windows Defender extension for Chrome

(Image credit: Future)

A possibly record-setting update

KrebsonSecurity, a security news site, claims that this security update sets a record for the number of Windows 11 issues addressed, making it the largest update Microsoft has released this year (so far) and the largest released since 2017. 

The number of bugs is broken down as follows:

  • 31 Elevation of Privilege Vulnerabilities
  • 29 Security Feature Bypass Vulnerabilities
  • 67 Remote Code Execution Vulnerabilities
  • 13 Information Disclosure Vulnerabilities
  • 7 Denial of Service Vulnerabilities
  • 3 Spoofing Vulnerabilities

These spanned across several apps and functionalities, including Microsoft Office apps, Bitlocker, Windows Defender, Azure, and more. 

Two zero-day loopholes that were cause for concern

Two zero-day vulnerabilities were also addressed by Microsoft in April’s Patch Tuesday update, and apparently, they have been exploited in malware attacks. Zero-day vulnerabilities are flaws in software that potentially harmful actors find and possibly exploit before the software’s developers discover it. The zero refers to the proverbial buffer of time that developers have in terms of urgency to develop a patch to address the issue. 

Microsoft hasn’t said whether the zero-day flaws were being actively exploited, but this information was shared by Sophos (a software and hardware company) and Trend Micro (a cybersecurity platform). 

One of these has been labeled CVE-2024-26234 by Microsoft, and it’s been classed as a Proxy Drive Spoofing Vulnerability. The other, CVE-2024-29988, was classed as a SmartScreen Prompt Security Feature Bypass Vulnerability.

You can see the full list of vulnerabilities in a report by Bleeping Computer. Mashable points to the fact that Windows necessitates such a vast number of patches and changes because Windows is used as the operating system on different manufacturers’ machines and has to constantly keep up with accommodating a variety of hardware configurations.   

Some users might find Windows 11’s need for frequent updates annoying, which could lead them to consider alternative operating systems like macOS. If you’re sticking with Windows 11, KrebsonSecurity recommends that you back up your computer’s data before installing the update. I’m glad Microsoft continues to address bugs and security risks in Windows 11, even if that does mean we’re nagged to update the OS more than some of its competitors, and I would urge users to make sure that they install this update, which you can do through Windows Update if your PC hasn’t started this process already. 


TechRadar – All the latest technology news

Read More

Another big reason to install iOS 17.4 right now – it fixes two major security threats

Apple has just launched iOS 17.4, and right now everyone’s attention is focused on how it lets you run third-party app stores on your iPhone – although only if you're in the European Union. But there’s another important reason you should upgrade: it fixes two extremely serious security flaws.

In a new security post (via BleepingComputer), Apple says that iOS 17.4 and iPadOS 17.4 resolve two zero-day bugs in the iOS kernel and Apple’s RTKit that might allow an attacker to bypass your device’s kernel memory protections. That could potentially give malicious actors very high-level access to your device, so it’s imperative that you patch your iPhone as soon as possible by opening the Settings app, going to General > Software Update and following the on-screen instructions.

These issues are not just hypothetical; Apple says it is “aware of a report that this issue may have been exploited” in both cases, and if a zero-day flaw has been actively exploited it means hackers have been able to take advantage of these issues without anyone knowing. With that in mind, there’s every reason to update your device now that Apple has issued a set of fixes.

Apple says the bugs affect a wide range of devices: the iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later. In other words, a lot of people are potentially impacted.

Actively exploited

holding an iphone

(Image credit: Shutterstock)

Zero-day flaws like these are usually exploited in targeted attacks, often by sophisticated state-sponsored groups. Apple didn’t share any details of how or when these vulnerabilities were put to nefarious use, nor whether they were discovered by Apple’s own security teams or by external researchers.

Apple devices are known for their strong defenses, but are increasingly falling under hackers’ crosshairs. Recent research suggests that there were 20 active zero-day flaws targeting Apple products in 2023 – double the number of the previous year. According to BleepingComputer, three zero-day attacks on Apple devices have been patched so far in 2024.

This kind of exploit demonstrates why it’s so important to keep all of your devices updated with the latest patches, especially if they include security fixes. Leaving yourself vulnerable is a dangerous gamble when there are extremely sophisticated hacking groups out there in the wild. With that in mind, make sure you download the latest iOS 17.4 update as soon as you can.

You might also like

TechRadar – All the latest technology news

Read More

Say goodbye to the recent Blue Screen of Death drama in your life with these new fixes from Intel

If you’ve recently been confronted by the fearsome Blue Screen of Death (also known as BSOD… yes, it’s got its own acronym) when using Windows 11, Intel might have pinpointed the cause and is offering a fix. According to Intel, the recent BSOD is likely caused by a faulty Wi-Fi driver, for which it’s released an update that should resolve this. It’s also released an update for Bluetooth, version 23.30, that should bring additional stability. 

Intel WLAN driver version 23.30 is Intel’s February 2024 Wi-Fi update that should stop Windows 11 from crashing and showing the BSOD. This update addresses more than just the crashing issue in Windows 11, as detailed in Intel’s full release notes for the update. Other improvements include an improved Quality of Service (QoS) which will help devices prioritize internet traffic better, and Windows Latest explains that this could improve the overall internet performance of a device connected to a router used by multiple devices. Intel has also made changes that should improve network latency, which is good news for those who like to play games online.

Since installing the initial driver update, users have been reporting issues like Windows System Event ID 5002 errors have been a common occurrence. Other issues included problems with finding Wi-Fi networks and connecting to monitors using the wireless Miracast function. 

Windows 11 Update showing on laptop in an office

(Image credit: TechRadar)

How and when you can expect these updates

If you have a suitable Windows 11 device with Intel Wi-Fi and Bluetooth components, you can expect these updates to land in your device’s Windows Update app. If for whatever reason you do not see these or you want to speed up the process (given they’ve not been installed already), you can use the Intel Driver and Support Assistant (iDSA) to download and install them. You can do this by going to Intel’s website and downloading the installation file for the iDSA, and opening up the app once installed. Get the app to check for updates, and if they’re available for your device, they should show up. If you have issues with the updates once they’re installed, you should be able to revert to older versions using the Device Manager app.

If you’re having other issues with your Windows 11 device, Intel-based or not, you can download and install the Windows 11 February 2024 optional update. This version comes with a host of updates and fixes and should also deliver a boost in performance. These are set to be installed automatically with Microsoft’s Windows 11 Moment 5 updates but are available to try in this optional update. Fixes for connectivity and Wi-Fi issues are always good news, so this is a welcome development from Intel, and I would always recommend installing updates that are available both for improved functionality and the most up-to-date security improvements.


TechRadar – All the latest technology news

Read More

New Windows 11 update makes a small but important tweak to Copilot and fixes some nasty bugs

Windows 11 just got a new cumulative update that applies a bunch of security fixes, and makes a small number of changes to the OS, although they include some important tweaks.

The most interesting change here is that Microsoft has decided to give the Copilot button a new home on the taskbar.

As previously seen in testing with Windows 11, the icon to invoke the AI assistant is now on the far right of the taskbar, in the system tray area.

Patch KB5034765, which is for both Windows 11 23H2 and 22H2 versions, also applies an important fix for Explorer.exe which is affecting some PCs. This bug can happen when restarting a PC that has a game controller attached, and means that Explorer.exe stops responding – basically, the desktop (File Explorer) locks up, which is obviously bad news.

Microsoft also let us know that a bug that meant announcements from Narrator (the screen reading tool) were coming through too slowly has been remedied (when using natural voices with Narrator, that is).

Analysis: Don’t expect Copilot relocation right away

As mentioned, there’s the usual raft of security patches with this new update, which are important to apply to keep your Windows 11 PC fully secure.

The big change is the shift for the Copilot button, with it being ushered along the taskbar to the system tray area as mentioned. Why do this? The reasoning is that the Copilot panel is over on the right, so having its button just below where the UI appears makes sense, which is fair enough.

Remember that those who don’t want a Copilot button can drop it from the taskbar, anyway (and folks who want to go further than that and strip out the AI entirely from Windows 11 can do so – kind of, though we wouldn’t recommend it).

Note that not everyone will get this repositioning of Copilot straight away, as Microsoft notes that Windows 11 PCs will get this tweak at different times. In other words, this is another gradual rollout, so it may be some time yet before Copilot shuffles over onto the right of your taskbar – but rest assured, it’ll happen.

While we’re always somewhat cautious around any new update, at least for the first couple of days after it debuts, thus far it seems there are no known issues being reported with KB5034765 (on the likes of Reddit). So far, so good, then, and hopefully the mentioned bug fixes don’t come with any unintended side effects elsewhere in the OS.

You might also like…

TechRadar – All the latest technology news

Read More

macOS Sonoma 14.4 will bring new emojis and bug fixes soon – here’s how to try the public beta

A new beta version of macOS Sonoma 14.4 has just been made available for the public, allowing Mac users to get an early look into what the new update may entail in its final form – as well as getting to try out some of the new features and fixes. 

Among the regular refinements and bug fixes we normally see with most small software updates like this, macOS Sonoma 14.4 also offers new emoji characters! The new emojis include a melting face (perfect for a hot day – or a response to bad news on a particularly slow work day), two hands making a little heart, and a moose, amongst others. 

The fixes address some issues reported by testers and developers from the first public beta, which include potential issues with Safari and Messages. I’ve been running on the previous public beta version, and I’ve noticed issues with my messages not syncing between my iPhone 15 and Mac Mini, and since downloading the beta I’ve noticed some improvements with getting notifications and syncing message threads, which is good news for anyone else currently experiencing that issue. 

Want to give it a go yourself? Here’s how

If you’d like to download the public beta of macOS Sonoma 14.4 yourself and give it a go, you can sign up for access straight from your device's settings menu. You can access the public beta by heading over to your System Settings, going to the software update page ‘General’ section of the menu, and clicking on the option labeled ‘Beta updates’. 

Once you do that, a small pop-up will appear to let you decide between enabling developer or public beta updates. We would recommend not selecting the developer option if you’re a regular user planning to try it on your personal Mac or Macbook because beta updates in general can be quite unstable and are not really intended for everyday use – and the developer-targeted version is liable to have even more bugs.

Plus, compared to the public beta versions of updates, developer versions are likely to have features or changes that might never be made available to the public in the long run. Instead, if you enable the public beta of Sonoma 14.4 you can get an early look at features that are more likely to be part of an actual public release. 

Via PC Tablet 

You might also like…

TechRadar – All the latest technology news

Read More

New Windows 11 update fixes a whole lot of things – but breaks some as well

Windows 11 users who are installing the latest update are having some serious issues, from many accounts.

Windows Latest reported that there are bugs in the preview update – so yes, this is an optional update, not something you have to install – that are causing major problems with Windows 11’s interface in one way or another.

For starters, with patch KB5034204, some users are apparently experiencing a glitch where File Explorer – the folders and files on the desktop – is becoming unresponsive. This can lead to the whole desktop going blank (all folders and icons disappearing) for a while, before returning to normal, we’re told. Others are reporting File Explorer crashing while shutting down their PC.

Windows Latest further details reports of icons like the Recycle Bin vanishing, taskbar icons not working, and even the Windows 11 taskbar itself going missing, as complained about on Reddit (plus this is a problem the tech site encountered itself).

The other issue folks seem to be experiencing with KB5034204 is that the update fails to install. There are complaints on Microsoft’s Feedback Hub that the installation process reaches 100%, so looks like it has finished, but then crashes out with a message mentioning missing files. Stop code errors (like ‘0x8007000d’) are also in evidence with these installation mishaps.

Analysis: Out of the frying pan…

Clearly, we need to take into account that this is a preview update, meaning that it’s still officially in testing, and optional patches like this aren’t installed unless you specifically ask for them. As with any pre-release software, you can expect problems, in other words.

Even so, you might want an optional update because it provides a fix for a bug you’re suffering with, and in the case of KB5034204, it resolves a couple of notable issues disrupting video chats and streaming audio (and a misbehaving Start menu, too, plus more besides).

However, in this case, you might swap one problem for another when installing this optional update, and possibly a worse glitch (the wonkiness caused with the Windows 11 interface outlined above seems pretty nasty).

That said, there is a solution (kind of) for the missing taskbar at least, which is to press the Windows key + X – apparently, that sees the bar come back, but its behavior may still be odd going by the various reports around this particular bug.

It’s disappointing to see installation failures popping up again with this preview update, mainly because this was a flaw in evidence with the January cumulative update. It seems that Microsoft hasn’t resolved this yet, then, and the fear is that it might still be present in the February update for Windows 11 (which this preview is an advance version of, as you may realize).

You might also like…

TechRadar – All the latest technology news

Read More

Windows 11 update applies a bunch of fixes for a Start menu glitch, video chat bug and more

Windows 11 just received a new update which comes with a whole load of bug fixes for versions 23H2 and 22H2, including the resolution of an issue affecting video chats, and a problem with the Start menu.

Patch KB5034204 just became available, but it’s worth noting upfront that this is a preview update, so it’s still in beta effectively.

As mentioned, one of the more important fixes here is the smoothing over of a bug relating to video calls – now this one has been squashed, these calls should be more reliable. (So if you were having problems with video chat stability in one way or another, hopefully that’ll no longer be the case after this update).

If you own a pair of Bluetooth Low Energy (BLE) Audio earbuds, you may have experienced the sound dropping out when streaming music – that has also been resolved with KB5034204. Also, a problem with Bluetooth phone calls – where the audio fails to route through your PC, when you answer the call on the computer – has similarly been stamped out.

Another bug Microsoft has cured is search functionality failing to work on the Start menu.

Microsoft has also addressed a problem where troubleshooters fail – not very useful given that you only run a troubleshooter when you’re already trying to solve an issue with your Windows 11 system. That bug happens when using the Get Help app, we’re told.

There are a whole host of other fixes, too, including one for Gallery in File Explorer that means you can’t close a tooltip (a small flaw, but an annoying one). For the full list of fixes implemented, check out Microsoft’s support document.

Analysis: Take a chance – or not?

Should you download a preview update? This is a topic we’ve discussed before, and the short answer is probably not – unless you really need one of the fixes provided.

As mentioned, by its very nature, a preview update is not yet finished – that’s why these are marked as optional, and aren’t automatically piped through to your PC (you have to manually download them from Windows Update). In short, there’s more chance of things going wrong with a preview update.

However, if you’re one of the Windows 11 users who are experiencing a more aggravating issue, like video calls or your streaming music playback being ruined, then you might decide installing the update is likely worth the risk (which should be a limited risk, after all – these updates are nearly done at this stage).

That’s the other point to bear in mind, though – as they’re nearly done, you won’t have to wait long for the fully finished cumulative update to arrive next month. In this case, this preview will become the February update for Windows 11 released on February 13, so that’s only a few weeks away now.

Generally speaking, it’s probably worth holding out unless there’s something that’s really bugging you (pardon the pun) in Windows 11 right now, and it’s one of those listed fixes.

You might also like…

TechRadar – All the latest technology news

Read More

Windows 10 gets a fresh lock screen weather widget and bug fixes in new update

Microsoft has dropped a new preview update (KB5034203), bringing an updated lock screen weather widget to Windows 10 alongside regular bug fixes. The update also comes with changes to comply with the European Union’s Digital Markets Act – however, these changes are set to roll out gradually rather than all at once.

The update will bring more life to the weather experience on Windows 10, including more interactive weather updates, allowing you to hover your cursor over the widget on your lock screen to see more information about current weather conditions in your area. Clicking on the weather ‘card’ will then sign you into your device and open up Microsoft Edge with a full weather broadcast.

Alongside the updated widget, update KB5034203 comes with other fixes such as addressing issues that affect BitLocker data-only encryption, the failure of some apps in Windows 10 to respond to changed keyboard language, and a fix for an annoying bug that caused the Internet Explorer shortcut to become unresponsive for some users.

Optional, but still worth an update

In terms of compliance with the European Union’s Digital Markets Act, Microsoft released a blog post directed to Windows Insiders back in November addressing plans to ensure Windows 11 and Windows 10 follow the set obligations.

The Digital Markets Act includes a wide range of requirements that Microsoft will have to adhere to within the EU – most notably, the ability for users to uninstall any Windows app, including Cortana and Edge. According to the blog post, Microsoft will “be updating Windows 10, version 22H2 and Windows 11, version 23H2 PCs in the EEA to be compliant by March 6th, 2024.”

So, we can expect more of these smaller-scale updates in the coming months to both Windows 10 and Windows 11. I'm pleased to see Microsoft continuing the effort to keep Windows 10 updated, considering many people are still quite hesitant to jump ship to Windows 11.

KB5034203 is an optional preview update at the moment, so you’ll have to install it manually if you’d like to check these features out yourself right now. Head over to the ‘Update and Security’ section of your setting and click the ‘Windows Update’ tab. There you’ll see a list of optional updates available and a link to download and install the update. Enjoy!

You might also like…

TechRadar – All the latest technology news

Read More

Windows 10 gets security boost and bug fixes in Microsoft’s first big update of 2024

Microsoft might be pushing forward with integrating AI into as many aspects of Windows 11 as possible, but it’s not totally forgotten about Windows 10 users. The older version of Windows continues to be very popular among Windows’ user base, and fortunately for them, Microsoft has just released update KB5034122 for Windows 10 that brings an array of bug fixes and serious security upgrades. 

Two of the bugs that the update addresses are to do with smart card usage and an issue with scroll bars. Maybe not the most thrilling updates, but this is pretty in line with Microsoft’s messaging about Windows 10. 

According to the tech titan, it’s more or less closed up shop when it comes to working on significant new features for Windows 10 and users shouldn’t expect to see any major changes in the future. Update KB5034122 serves as evidence of this with it being mostly maintenance and fixes from Microsoft, but let’s not forget that Microsoft’s shiny new all-in-one AI assistant, Windows Copilot, was made available to Windows 10 users last year. We’ll have to see if Copilot will see upgrades and improvements in Windows 10 considering that its current functionality is fairly limited.

Microsoft Teams copilot

(Image credit: Microsoft Teams)

What's new in update KB5034122

This update tackles security issues, as well as a quality upgrade to Windows 10’s servicing stack, the Windows component that enables users to install Windows updates. Microsoft also gives more details about the bug fixes that are included in this update: 

You can find a full rundown of what this update addresses on Microsoft’s Support blog, and it does make note of some known issues that still exist in this version of Windows 10 and gives suggested workarounds with instructions. It follows up each workaround for each presently-existing problem with the following statement to reassure Windows 10 users: 

We are working on a resolution and will provide an update in an upcoming release.

KB5034122 should be prompted for install on Windows 10 devices automatically because it’s a security update, but if for whatever reason your Windows 10 device has not downloaded it already, you can download it manually. You should definitely do this as it’s important to have the most up to date security fixes no matter what Windows version you use, and you can get it from the Microsoft Update Catalog

Good for Microsoft for keeping an eye on Windows 10 and recognizing that it remains a fan favorite. However, it’s clearly determined to get as much use out of its investment and collaboration with OpenAI, utilising GPT technology however it can.

Recently, Windows watchers have spotted that Notepad is getting a ChatGPT-powered writing assistant and text editing AI tool, with some users expressing that they’d rather Notepad stayed the simple, straightforward app that it came to be known as. Perhaps as Microsoft goes down the path of ramping up AI integration, Windows 10 will be a refuge option for those that want their operating system and apps to be a little less intelligent. 


TechRadar – All the latest technology news

Read More

Microsoft swiftly fixes a Wi-Fi bug that caused havoc for some Windows 11 users

Microsoft has fixed a Windows 11 bug that was causing havoc for students across the globe.

The software giant confirmed that the problem – which meant that university Wi-Fi networks (and those at other educational establishments) failed to work for some students – was caused by patches KB5032288 and KB5033375.

The latter is the cumulative update for December in Windows 11, and the former is the preview version of that upgrade (unsurprisingly, as they are essentially the same thing).

The good news is that the solution came alongside the confirmation of the bug.

Microsoft got in touch with us directly to point out the fix, with the company also announcing on its release health status dashboard: “This issue is resolved using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices and non-managed business devices. Restarting your Windows device might help the resolution apply to your device faster.”

Analysis: A swiftly delivered save

It’s great to see Microsoft move quickly with the fix here, as this was a pretty nasty issue for those students affected. It seems that it was mainly universities, businesses, and public Wi-Fi networks where this gremlin struck, with Microsoft telling us that it’s “not likely to occur on home networks” (though that doesn’t rule out the possibility completely).

At any rate, you don’t have to do anything to cure these Wi-Fi blues. The Known Issue Rollback means that Microsoft is rolling back the problematic part of the update, while leaving the rest of it in place (to redeploy that faulty bit at a later date, when it’s fixed up and no longer causing Wi-Fi woes).

The catch is that the issue rollback takes a bit of time to filter through to everyone, up to 24 hours as noted. However, that announcement was made late in the day yesterday, and all affected users should have the fix in around the next five hours or so, all being well. If you’re getting impatient, as Microsoft advises, you can try a reboot to surface the fix.

You might also like…

TechRadar – All the latest technology news

Read More