TechnixGuru

In the Beta Channel, Microsoft recently released Windows 11 Insider Preview Build 22635.2776 (KB5032292). A notable change is the enhanced integration of Microsoft Teams into Windows Share. Although this build does not introduce any new features, it does add some significant improvements and changes to the operating system.

More specifically, Windows 11 users with a Microsoft Entra ID now have the ability to directly share files to designated Microsoft Teams Channels and group chats through the Windows Share window. This new functionality simplifies communication by eliminating the need to open Teams and manually transfer files, making it easier for users to share documents with friends, family, or colleagues. This integration is expected to greatly improve the user experience, especially for those who regularly collaborate using Microsoft Teams.

As this feature is currently available in the Beta Channel, it is likely to make its way into the stable Windows 11 channel in the coming weeks. Let’s explore the changes and improvements it brings.

What You Need to Know About KB5032292

Gradually rolling out to the Beta Channel with a toggle switch

Windows Share: If you’re signed in with a Microsoft Entra ID, you can now share files with your Microsoft Teams contacts (work or school) as well as with specific Microsoft Teams Channels and group chats directly within the Windows Share window if you have a Microsoft Entra ID.

Windows Ink is now expanding its use of digital handwriting (inking) beyond just specific edit boxes. This feature will now be available in multiple languages and locales, including Chinese Simplified (People’s Republic of China), English (Australia, Canada, India, and United Kingdom), French (Canada and France), German (Germany), Italian (Italy), Japanese (Japan), Korean (Korea), Portuguese (Brazil), Spanish (Mexico and Spain). Additionally, the update includes improved recognition technology as well as new gestures for deleting, selecting, joining, splitting words, and inserting a new line.

In Task Manager, the process grouping has been improved.

Gradually rolling out fixes to the Beta Channel with toggle on Computer desktops: In contrast themes, desktop tooltips in Task view were hard to read.

Drag and drop windows in Task View to different desktops may now place them in the background of other windows unexpectedly. The live captions sometimes showed the same line of text twice due to a bug.

The Beta Channel is gradually rolling out improvements and changes.

The latest update includes the release of account-related notifications for Microsoft accounts on the Settings homepage. A Microsoft account is essential for connecting Windows to various Microsoft apps, securing data backups, and managing subscriptions. To enhance security measures, users can opt to add additional steps to avoid getting locked out of their accounts. These notifications will now appear on the Start menu and Settings page. To manage these notifications, go to Settings > Privacy & security > General.

As a result, Windows 11 Insider Preview Build provides notable improvements, particularly the integration of Microsoft Teams into Windows Share. As a result, users signed in with Microsoft Entra IDs will have an easier time sharing files, offering a more seamless and efficient collaboration experience.

As a result of the expansion of digital handwriting support in Windows Ink to multiple languages and locales, this feature becomes more accessible to a wider range of users. Task Manager’s process grouping capabilities have also been enhanced to improve performance monitoring.

The fixes addressed in this build, including those related to desktop tooltips and live captions, contribute to a more stable and user-friendly environment. By rolling out the update gradually, Microsoft can gather feedback and resolve any potential issues before they reach a wider audience.

Additionally, Microsoft’s commitment to improving user account security and providing an interactive and informative user experience is demonstrated by the addition of account-related notifications for Microsoft accounts on the Settings homepage. As a result of this feature, account management will be improved and system security will be improved.

Microsoft will continue to refine Windows 11 with these incremental updates, providing users with a more polished and feature-rich operating system in the near future. The Beta Channel serves as a testing ground for these enhancements, ensuring the final release meets the high standards expected of the Windows operating system.

News on Microsoft ChatGPT

Cybersecurity researchers uncover zero-day flaws exploited for router and video recorder attacks
In a concerning development, experts at networking firm Akamai have discovered that malicious actors are actively exploiting two previously unknown zero-day vulnerabilities to compromise routers and video recorders. These vulnerabilities are being leveraged to build a formidable botnet employed in distributed denial-of-service (DDoS) attacks, raising alarms within the cybersecurity community. The vulnerabilities, which have not been disclosed to the manufacturers or the broader security research community, enable remote code execution when affected devices use default administrative credentials.
The attackers are exploiting these vulnerabilities to compromise devices and subsequently infect them with Mirai, a powerful open-source malware notorious for turning routers, cameras, and various IoT devices into a botnet capable of launching DDoS attacks of unprecedented scale.
Specifically, one vulnerability targets network video recorders, while the other targets an “outlet-based wireless LAN router designed for hotels and residential applications.” The router in question is manufactured by a Japan-based company known for producing multiple switches and routers. Researchers note that the exploited router feature is widespread, raising concerns that multiple router models from the same manufacturer could be vulnerable.
Upon discovering these zero days, Akamai promptly reported the vulnerabilities to both manufacturers. One manufacturer has provided assurances that security patches will be released next month. However, Akamai has refrained from disclosing the specific devices or manufacturers until fixes are implemented to prevent wider exploitation of the zero-days.
Akamai emphasizes the delicate balance between responsible disclosure, aimed at aiding defenders and oversharing information that could potentially enable further abuse by threat actors. The company has provided a comprehensive list of file hashes, IP addresses, and domain addresses associated with the attacks to enable network administrators and device owners to check whether their devices have been targeted.
The method employed for remote code execution involves command injection, requiring the attacker to authenticate using default credentials in the vulnerable device. The authentication and injection are executed through a standard POST request.
Akamai estimates that at least 7,000 devices may be vulnerable, with the actual number potentially higher. The use of Mirai in these attacks is noteworthy, as Mirai gained significant attention in 2016 when it orchestrated a DDoS attack on the security news site KrebsOnSecurity, setting a record with a 620 gigabit-per-second assault.
Mirai is distinctive in its ability to compromise routers, security cameras, and other IoT devices, a phenomenon not widely observed before its emergence. Furthermore, Mirai’s source code quickly became publicly available, leading to its adoption in larger-scale DDoS attacks targeting gaming platforms and their associated ISPs. The Mirai strain involved in the recent attacks, known as JenX, has undergone modifications, employing fewer domain names than usual to connect to command-and-control servers. Some malware samples also exhibit ties to a separate Mirai variant called hailBot.
Interestingly, the code used in these zero-day attacks, which includes offensive racist slurs, closely resembles that observed in DDoS attacks reported by a China-based security firm targeting a Russian news website in May. This convergence of tactics raises questions about the potential collaboration or shared resources among threat actors employing Mirai-based attacks.
The image below shows a side-by-side comparison.

Payloads exploiting the zero-days are:
alert tcp any any -> any any (msg:”InfectedSlurs 0day exploit #1 attempt”; content:”lang=”; content:”useNTPServer=”; content:”synccheck=”; content:”timeserver=”; content:”interval=”; content:”enableNTPServer=”; sid:1000006;)
and
alert tcp any any -> any any (msg:”InfectedSlurs 0day exploit #2 attempt”; content:”page_suc=”; content:”system.general.datetime=”; content:”ntp.general.hostname=”; pcre:”ntp.general.hostname=”; content:”ntp.general.dst=”; content:”ntp.general.dst.adjust=”; content:”system.general.timezone=”; content:”system.general.tzname=”; content:”ntp.general.enable=”; sid:1000005;)

People or organizations concerned with the possibility they’re being targeted with these exploits can use Snort rules and indicators of compromise published by Akamail to detect and repel attacks. At the moment, there is no way to identify the specific devices that are vulnerable or the manufacturers of those devices.

Original Article was published on: https://arstechnica.com/security/2023/11/thousands-of-routers-and-cameras-vulnerable-to-new-0-day-attacks-by-hostile-botnet/