Microsoft has identified a new malware, Lumma, which has been found on approximately 394,000 Windows PCs. The Lumma password stealer is designed to capture sensitive login information, raising significant security concerns for users. Microsoft is urging users to take precautions to protect their devices from this threat.

Microsoft is developing an AI prototype called Project Ire, designed to autonomously reverse-engineer malware without human intervention. This initiative aims to enhance cybersecurity by quickly analyzing and understanding malicious software to improve defenses against cyber threats.

Microsoft has dismantled the Lumma Stealer operation, a malware distribution network involved in stealing user credentials and sensitive information. The company's actions included seizing domains associated with the malware, significantly disrupting its functionality and targeting cybercriminal activities.

Microsoft will disable all ActiveX controls by default in Microsoft 365 and Office 2024 applications to enhance security and reduce the risk of malware. Users will see a notification when attempting to open documents with ActiveX controls, and while they can enable ActiveX through the Trust Center, Microsoft advises keeping it disabled unless necessary. This decision is part of a broader initiative to strengthen security against vulnerabilities exploited by cybercriminals.

Microsoft has introduced an autonomous AI system named Project Ire that can reverse-engineer and identify malware without human intervention. This innovative approach marks a significant advancement in cybersecurity, automating processes traditionally performed by security experts. The company continues to prioritize security, launching initiatives like the Zero Day Quest to enhance its defenses.

Researchers have identified two Secure Boot exploits, with Microsoft addressing only one in its latest security update. The patched vulnerability, affecting over 50 device manufacturers, allows attackers with physical access to disable Secure Boot and potentially install malware before the operating system loads. The exploit's root cause lies in a critical vulnerability in firmware flashing tools used by DT Research, which were improperly authenticated for wider device compatibility.