API

Winsage
August 18, 2025
Microsoft is addressing an issue with the Windows Update Standalone Installer (WUSA) that affects the installation of Windows updates from network shares, primarily impacting Windows 11 24H2 and Windows Server 2025 systems in enterprise networks. The problem leads to updates failing with the error ERRORBADPATHNAME when multiple .msu files are present on a network share. This issue does not occur with single .msu files or local installations. A Known Issue Rollback (KIR) is available to mitigate the problem for home and non-managed business devices, while IT administrators can implement a Group Policy fix for affected systems. Users can also avoid the issue by saving .msu files locally for installation.
Winsage
August 14, 2025
Windows 11 Insider Preview Build 27924 has been released to the Canary Channel, with ISOs now available for download. New features include the rollout of Copilot+ PC experiences, which will gradually introduce improvements to Windows Search and Settings. Advanced settings have been redesigned, now allowing users to enable long paths, manage virtual workspaces, and view Git information in File Explorer. Changes include adjustments to the pointer indicator and a temporary change in the keyboard shortcut for it. The Windows MIDI Services have undergone a breaking change requiring updates for applications using the MIDI 2.0 SDK. Fixes have been made for issues related to upgrades, widgets, remote desktop, and webauth.dll crashes. Known issues include problems with Windows Hello PIN and Group Policy Editor. An update for the Snipping Tool introduces window mode screen recording. Insiders are reminded that Canary Channel builds are early development versions and may not align with future Windows releases.
Winsage
August 14, 2025
Microsoft has addressed 67 vulnerabilities in its supported Windows versions, including Windows 10, Windows 11, and Windows Server. Users on Windows 7 and Windows 8.1 have not received updates for some time. Upgrading to Windows 11 24H2 is recommended for continued protection. Two critical remote code execution (RCE) vulnerabilities are CVE-2025-53766, affecting the Graphics Device Interface API, and CVE-2025-50165, impacting the Windows Graphics Component. Both can be exploited by visiting a specially crafted website. Three critical vulnerabilities in Hyper-V include CVE-2025-48807, which allows code execution from a guest system to the host; CVE-2025-53781, which poses a data leak risk; and CVE-2025-49707, a spoofing vulnerability. Additionally, 12 vulnerabilities in the Routing and Remote Access Service (RRAS) have been addressed, with half classified as RCE vulnerabilities and the other half as data leaks. CVE-2025-53779, affecting Kerberos for Windows Server 2025, could allow an attacker to gain administrator rights under specific conditions, but is classified as medium risk.
Tech Optimizer
August 7, 2025
Attackers have been using the ThrottleStop.sys driver to disable antivirus software in compromised networks since October 2024. This driver, designed for CPU throttling, allows malware to gain kernel-level memory access and terminate security processes. Initial access is typically gained through stolen RDP credentials or brute-forced administrative accounts, enabling the deployment of the AV killer alongside ransomware like MedusaLocker. Once inside, attackers extract additional user credentials using tools like Mimikatz and move laterally with Pass-the-Hash techniques. They upload two key components, ThrottleBlood.sys (the renamed driver) and All.exe (the AV killer), to user directories. The malware effectively disables Windows Defender and other endpoint protections, leading to severe data encryption in industries with exposed RDP endpoints, particularly affecting victims in Brazil, Ukraine, Kazakhstan, Belarus, and Russia. Securelist analysts noted that traditional self-defense features in Kaspersky products can counter this AV killer, but many organizations still rely on less effective solutions. The malware exploits two vulnerable IOCTL functions in the ThrottleStop.sys driver, allowing arbitrary memory reads and writes. It uses a loop to match and terminate antivirus processes by invoking kernel functions. The malware avoids detection by restoring original kernel bytes after execution. This situation highlights the need for improved driver integrity monitoring and robust security strategies.
Winsage
August 6, 2025
OpenAI has made its gpt-oss models, with 120 billion and 20 billion parameters, available for public use on AWS's Bedrock platform, marking the first open model release since GPT-2 in 2019. These models are not entirely open source, as users do not have access to the underlying code or training datasets. AWS's chief evangelist, Danilo Poccia, expressed enthusiasm for the integration of these models, which are designed for coding, scientific analysis, and mathematical reasoning, and can be integrated into business workflows. Analysts note that OpenAI's models provide substantial value compared to competitors, aligning with Amazon's cost-saving strategy. AWS hosts various open models, but Claude from Anthropic was absent from the recent press release, indicating a complex competitive landscape. The addition of OpenAI's models to AWS is seen as a potential step towards deeper collaboration between the two companies.
Winsage
August 6, 2025
AWS has introduced two new OpenAI models with open weights, the gpt-oss-120b and gpt-oss-20b, available through Amazon Bedrock and Amazon SageMaker JumpStart. These models are designed for text generation and reasoning tasks, excelling in coding, scientific analysis, and mathematical reasoning, with performance comparable to leading alternatives. They support a context window of 128K and adjustable reasoning levels (low, medium, high). Users can access these models via an OpenAI-compatible endpoint in Bedrock, utilizing the OpenAI SDK or Bedrock APIs for integration. To access the models in Amazon Bedrock, users must request access through the console and can evaluate them using the Chat/Test playground. The process for using the OpenAI SDK involves configuring the API endpoint and authentication with an Amazon Bedrock API key. Users can build AI agents using frameworks that support the Amazon Bedrock API or OpenAI API, with deployment facilitated by Amazon Bedrock AgentCore. The OpenAI models are available in the US West (Oregon) region through Amazon Bedrock and in the US East (Ohio, N. Virginia) and Asia Pacific (Mumbai, Tokyo) regions via SageMaker JumpStart. Each model provides full chain-of-thought output capabilities for enhanced interpretability. They can be modified and customized to meet specific needs, and security measures are in place to ensure robust evaluation processes. Compatibility with the standard GPT-4 tokenizer is also included. For cost details, users can refer to the Amazon Bedrock and SageMaker AI pricing pages.
AppWizard
August 5, 2025
The Gemini Android application beta has introduced a feature allowing users to attach audio files, such as MP3s, to chat conversations. This feature, noted in version 16.30.59.sa.arm64 of the Google app beta, includes a “Talk live about this” prompt when a file is attached. However, the audio processing capabilities are still in early development, with inconsistent processing of audio input and occasional irrelevance in responses. The Gemini API supports audio input for tasks like generating descriptions, summarizing spoken information, and transcribing speech, with support for MP3, WAV, and FLAC formats. The integration of audio file attachment is part of a broader development initiative by Google, although no official launch date has been announced.
Search