Windows 10: Windows 11 2022 Update: security improvements

Discus and support Windows 11 2022 Update: security improvements in Windows 10 News to solve the problem; Microsoft released the first feature update for Windows 11 this week. The new version of Windows 11 introduces a number of usability improvements and... Discussion in 'Windows 10 News' started by GHacks, Sep 22, 2022 at 7:32 AM.

  1. GHacks
    GHacks New Member

    Windows 11 2022 Update: security improvements


    Microsoft released the first feature update for Windows 11 this week. The new version of Windows 11 introduces a number of usability improvements and some new features, with more promised to be dropped in October 2022.

    Microsoft did provide a summary of some of the security features and improvements that went into the Windows 11 2022 Update, but failed to reveal details on those features.

    In a hurry? Here are the main security-related changes

    • Smart App Control, a new security feature that blocks untrusted and potentially dangerous applications, enabled on new devices or reset devices.
    • Hypervisor-protected code integrity (HVCI) enabled on all Windows 11 devices.
    • Microsoft vulnerable driver block list enabled on new devices by default and opt-in available for old devices.
    • Enhanced phishing protection in Microsoft Defender Smartscreen
    Smart App Control


    Windows 11 2022 Update: security improvements smart-app-control.png

    Smart App Control is a new security feature that is designed to improve protection against untrusted applications.

    Microsoft describes the feature in the following way:


    Smart App Control is a new feature for individuals or small businesses designed to help prevent scripting attacks and protect users from running untrusted or unsigned applications often associated with malware or attack tools

    Broken down to its core, Smart App Control blocks the execution of certain file types downloaded from the Internet and untrusted applications. It is a cloud-powered security service according to Microsoft. When Smart App Control determines that the app is safe,

    Here is an overview of the different scan results of the security feature:

    • App is determined safe -- allowed to run on the Windows 11 PC.
    • App is determined to be malicious or potentially unwanted -- blocked from running on the PC.
    • Smart App Control can't predict either way:
      • if the app has a valid signature -- allowed to run on the Windows device.
      • if the app has no valid signature -- blocked from running on the PC.

    When enabled Smart App Control runs in evaluation mode at first. Windows 11 uses the mode to determine whether Smart App Control should be enabled in full mode on the system. The execution of apps and files is not blocked in evaluation mode.

    Windows 11 2022 Update: security improvements smart-app-control-blocked.png

    There is currently no option to allow the execution of an app that Smart App Control blocked on the system.

    Smart App Control may be turned off by system administrators, but the turning off is permanent. There is no option to enable the security feature again after it has been turned off on the running system. The only available options, according to Microsoft, are to reset the PC or to clean install Windows 11.

    Additionally, Smart App Control is only available on new Windows 11 2022 Update installations. Upgraded devices won't get the feature. A likely reason for that is that the feature may interfere with applications and files that are already on the Windows PC.

    Enhanced phishing protection


    Windows 11 2022 Update: security improvements enhanced-phishing-protection.png

    Enhanced phishing protection is a new security feature that is integrated into the Windows 11 2022 Update. Windows 11 detects automatically when users enter the Windows account password into applications or websites, and checks whether the app or website has a secure trusted connection.

    If that is not the case, Windows 11 informs users about the potential danger- Enhanced phishing protection works with Microsoft Account, Active Directory, Azure Active Directory and local passwords, any Chromium-based browser and applications.

    Windows 11 2022 Update: security improvements phishing-protection.png

    Whenever enhanced phishing protection detects unsafe usage of the Windows passwords, two things happen:

    1. The user is informed about the issue and gets the suggestion to change the account password immediately.
    2. The incident is reported to IT through the MDE portaIT through the MDE portal.

    Enhanced Phishing Protection warns users about reuse of the Windows 11 account password next to that using a popup. Last but not least, Windows Security will warn users if they try to store the account password in a local app, such as Notepad.

    The feature is part of SmartScreen.

    Windows 11 administrators may configure it on the following way:

    1. Open Start > Settings, or use Windows-I to open the Settings app using the keyboard shortcut.
    2. Go to Privacy & Security > Windows Security.
    3. Activate the "Open Windows Security" button on the page.
    4. Open App & Browser Control.
    5. Select the "Reputation-based protection settings" link on the page that opens.
    6. The following options are listed under Phishing Protection:
      • Turn phishing protection on or off.
      • "Warn me about malicious apps and sites" (on by default).
      • "Warn me about password reuse" (off by default).
      • "Warn me about unsafe password storage" (off by default).

    Additional information about the feature, including Enterprise policy options, is available on Microsoft's Tech Community website.

    Vulnerable driver protection


    Microsoft added two new protections that protect Windows 11 devices against driver attacks. Drivers, just like other software, may introduce security issues, which threat actors may exploit.

    The Windows 11 2022 Update uses a new vulnerable driver block list to block certain drivers from being loaded by the operating system. Often, updated drivers are available, which administrators may install to add support for a device to the operating system.

    The block list feature takes advantage of Windows Defender Application Control to block vulnerable driver versions from running on the Windows device.

    The second protective feature is called Hypervisor-protected code integrity (HVCI), which uses virtualization-based security (VBS). It is available on devices with Intel 8th generation or newer chipsets.

    At its core, it ensures that only validated code may be executed in kernel mode. It achieves this by running kernel mode code integrity "inside the secure VBS environment instead of the main Windows kernel".

    It protects against attacks that rely "on the ability to inject malicious code into the kernel" of the Windows operating system.

    Credential Guard

    Credential Guard is enabled on Windows 11 Enterprise systems. Microsoft notes that the feature increase protections from vulnerabilities "greatly" and that it prevents "the use of malicious exploits that attempt to defeat protections".

    Closing Words

    Not all security features are available for all Windows 11 2022 Update users. Some require a fresh install or reset, others Enterprise versions of Windows 11 or special hardware.

    All Windows 11 devices benefit from the vulnerable driver block list and phishing protection by default. The latter can be turned off in Windows Security.

    Now You: what is your take on these security features?

    Thank you for being a Ghacks reader. The post Windows 11 2022 Update: security improvements appeared first on gHacks Technology News.

    read more...
     

  2. Cumulative updates for Windows 10 and Windows 11 - April 2022

    The following release notes coincide with the Cumulative updates for all the supported versions of Windows, for the month of April 2022.

    Windows 11

    Windows 11 (original release): KB5012592 Build 22000.613

    April 12, 2022—KB5012592 (OS Build 22000.613) (microsoft.com)

    This security update includes improvements that were a part of update KB5011563 (released March 22, 2022) and also addresses the following issues:

    • This update contains miscellaneous security improvements to internal OS functionality. No additional issues were documented for this release.
    Windows 11 servicing stack update - 22000.581

    This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.

    Windows 10

    Windows 10, version 20H2; Windows 10, version 21H1; and Windows 10, version 21H2 – KB5009543 Build 19042.1466; 19043.1466; and 19044.1066

    April 12, 2022—KB5012599 (OS Builds 19042.1645, 19043.1645, and 19044.1645) (microsoft.com)

    This security update includes improvements that were a part of update KB5011543 (released March 22, 2022) and also addresses the following issues:

    • Addresses an issue that causes a Denial of Service vulnerability on Cluster Shared Volumes (CSV). For more information, see CVE-2020-26784.
    Windows 10 servicing stack update - 19042.1613, 19043.1613, and 19044.1613

    This update makes quality improvements to the servicing stack, which is the component that installs Windows updates. Servicing stack updates (SSU) ensure that you have a robust and reliable servicing stack so that your devices can receive and install Microsoft updates.

    3/15/22
    IMPORTANT Windows 10, version 20H2 will reach end of service on May 10, 2022 for devices running the Home, Pro, Pro Education, and Pro for Workstations editions. After May 10, 2022, these devices will no longer receive monthly security and quality updates that contain protection from the latest security threats. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10 or Windows 11.

    We will continue to service the following editions: Enterprise, IoT Enterprise, Windows on Surface Hub, and Windows Server, version 20H2.

    Download the updates manually from the Microsoft Update Catalog.
     
    Sumit (Volunteer Moderator), Sep 22, 2022 at 7:34 AM
    #2
  3. Microsoft June 2022 Security Updates

    June 2022 Security Updates
    Updates this Month


    This release consists of security updates for the following products, features and roles.



    • .NET and Visual Studio
    • Azure OMI
    • Azure Real Time Operating System
    • Azure Service Fabric Container
    • Intel
    • Microsoft Edge (Chromium-based)
    • Microsoft Office
    • Microsoft Office Excel
    • Microsoft Office SharePoint
    • Microsoft Windows ALPC
    • Microsoft Windows Codecs Library
    • Remote Volume Shadow Copy Service (RVSS)
    • Role: Windows Hyper-V
    • SQL Server
    • Windows Ancillary Function Driver for WinSock
    • Windows App Store
    • Windows Autopilot
    • Windows Container Isolation FS Filter Driver
    • Windows Container Manager Service
    • Windows Defender
    • Windows Encrypting File System (EFS)
    • Windows File History Service
    • Windows Installer
    • Windows iSCSI
    • Windows Kerberos
    • Windows Kernel
    • Windows LDAP - Lightweight Directory Access Protocol
    • Windows Local Security Authority Subsystem Service
    • Windows Media
    • Windows Network Address Translation (NAT)
    • Windows Network File System
    • Windows PowerShell
    • Windows SMB
    Please note the following information regarding the security updates:


    Security Update Guide Blog Posts

    Date Blog Post

    January 11, 2022 Coming Soon: New Security Update Guide Notification System

    February 9, 2021 Continuing to Listen: Good News about the Security Update Guide API

    January 13, 2021 Security Update Guide Supports CVEs Assigned by Industry Partners

    December 8, 2020 Security Update Guide: Let’s keep the conversation going

    November 9, 2020 Vulnerability Descriptions in the New Version of the Security Update Guide

    Relevant Information


    • The new Hotpatching feature is now generally available. Please see Hotpatching feature for Windows Server Azure Edition virtual machines (VMs) for more information.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog. For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • Microsoft is improving Windows Release Notes. For more information, please see What's next for Windows release notes.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    FAQs, Mitigations, and Workarounds

    The following CVEs have FAQs, Mitigations, or Workarounds. You can see these in more detail from the Vulnerabilities tab by selecting FAQs, Mitigations and Workarounds columns in the Edit Columns panel.



    Known Issues

    You can see these in more detail from the Deployments tab by selecting Known Issues column in the Edit Columns panel.


    For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).


    KB Article Applies To

    5002219 SharePoint Foundation 2013

    5014692 Windows Server 2019

    5014697 Windows 11

    5014699 Windows 10, version 20H2, Windows Server, version 20H2, Windows 10, version 21H1, Windows 10, version 21H2

    5014738 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)

    5014741 Windows Server 2012 (Security-only update)

    5014742 Windows 7, Windows Server 2008 R2 (Security-only update)

    5014743 Windows Server 2008 (Security-only update)

    5014746 Windows 8.1, Windows Server 2012 R2 (Security-only update)

    5014747 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)

    5014748 Windows 7, Windows Server 2008 R2 (Monthly Rollup)

    5014752 Windows Server 2008 (Monthly Rollup)

    Released: Jun 14, 2022

    June 2022 Security Updates - Release Notes - Security Update Guide - Microsoft
     
    NICK ADSL UK, Sep 22, 2022 at 7:34 AM
    #3
  4. Brink Win User

    Windows 11 2022 Update: security improvements

    KB5012170: Security update for Secure Boot DBX: August 9, 2022

    Read more: https://support.microsoft.com/en-us/...8-c42bd211bb15
     
Thema:

Windows 11 2022 Update: security improvements

Loading...
  1. Windows 11 2022 Update: security improvements - Similar Threads - 2022 Update security

  2. Microsoft September 2022 Security Updates

    in Windows 10 Software and Apps
    Microsoft September 2022 Security Updates: Updates this MonthThis release consists of security updates for the following products, features and roles..NET and Visual Studio.NET FrameworkAzure ArcCache SpeculationHTTP.sysMicrosoft DynamicsMicrosoft Edge Chromium-basedMicrosoft Graphics ComponentMicrosoft...
  3. Microsoft improves SMB compression in Windows 11 and Server 2022

    in Windows 10 News
    Microsoft improves SMB compression in Windows 11 and Server 2022: Microsoft released optional updates for the company's Windows 11 and Windows Server 2022 operating systems earlier this month. One of the new features of the releases reveals that the operating systems compress files now regardless of size. [ATTACH] source: Microsoft The...
  4. Microsoft August 2022 Security Updates

    in Windows 10 Software and Apps
    Microsoft August 2022 Security Updates: August 2022 Security UpdatesUpdates this MonthThis release consists of security updates for the following products, features and roles..NET CoreActive Directory Domain ServicesAzure Batch Node AgentAzure Real Time Operating SystemAzure Site RecoveryAzure SphereMicrosoft ATA...
  5. Microsoft May 2022 Security Updates

    in Windows 10 Gaming
    Microsoft May 2022 Security Updates: May 2022 Security UpdatesUpdates this MonthThis release consists of security updates for the following products, features and roles..NET and Visual StudioMicrosoft Exchange ServerMicrosoft Graphics ComponentMicrosoft Local Security Authority Server lsasrvMicrosoft...
  6. Microsoft April 2022 Security Updates

    in Windows 10 Gaming
    Microsoft April 2022 Security Updates: April 2022 Security UpdatesUpdates this MonthThis release consists of security updates for the following products, features and roles..NET FrameworkActive Directory Domain ServicesAzure SDKAzure Site RecoveryLDAP - Lightweight Directory Access ProtocolMicrosoft Bluetooth...
  7. Microsoft March 2022 Security Updates

    in Windows 10 Software and Apps
    Microsoft March 2022 Security Updates: March 2022 Security UpdatesUpdates this MonthThis release consists of security updates for the following products, features and roles..NET and Visual StudioAzure Site RecoveryMicrosoft Defender for EndpointMicrosoft Defender for IoTMicrosoft Edge Chromium-basedMicrosoft...
  8. Microsoft March 2022 Security Updates

    in Windows 10 Installation and Upgrade
    Microsoft March 2022 Security Updates: March 2022 Security UpdatesUpdates this MonthThis release consists of security updates for the following products, features and roles..NET and Visual StudioAzure Site RecoveryMicrosoft Defender for EndpointMicrosoft Defender for IoTMicrosoft Edge Chromium-basedMicrosoft...
  9. Windows 10 February 2022 updates issues and improvements

    in Windows 10 News
    Windows 10 February 2022 updates issues and improvements: Windows 10 February 2022 cumulative update (not to be confused with major Windows 11 release coming this month) is now available for everyone. February 2022 Patch Tuesday update is about both security and non-security improvements, especially if you did not install the last...
  10. Microsoft January 2022 Security Updates

    in Windows 10 Software and Apps
    Microsoft January 2022 Security Updates: January 2022 Security UpdatesUpdates this MonthThis release consists of security updates for the following products, features and roles..NET FrameworkMicrosoft DynamicsMicrosoft Edge Chromium-basedMicrosoft Exchange ServerMicrosoft Graphics ComponentMicrosoft OfficeMicrosoft...