We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

code security

Unpatched Windows Shortcut Vulnerability Let Attackers Execute Remote Code
Winsage
April 30, 2025

Unpatched Windows Shortcut Vulnerability Let Attackers Execute Remote Code

Security researcher Nafiez has discovered a vulnerability in Windows LNK files that allows remote code execution without user interaction. Microsoft has chosen not to address this issue, stating it does not meet their security servicing criteria. The vulnerability exploits specific components of LNK files, enabling attackers to create malicious shortcuts that initiate silent network connections when a user accesses a folder containing them. The exploit involves manipulating the HasArguments flag, EnvironmentVariableDataBlock, and embedding UNC paths. Microsoft defends its inaction by citing the Mark of the Web (MOTW) feature as adequate protection, despite concerns from security experts about its effectiveness. Previous vulnerabilities in LNK files have been addressed by Microsoft, and the availability of proof-of-concept code raises fears of potential exploitation by malicious actors.
Google releases enterprise-grade Gemini tier in Android Studio
AppWizard
April 9, 2025

Google releases enterprise-grade Gemini tier in Android Studio

Google has introduced a new version of Gemini for Android Studio, specifically designed for businesses. This version ensures that company code is not saved by Google and is not used for AI model training. It includes IP protection against claims related to AI-generated code. The offering, available through Gemini Code Assist Standard or Enterprise subscriptions, enhances existing features with security and IP protections, including tools like build and sync error support and App Quality Insights. Google emphasizes its commitment to security with certifications such as SOC 1/2/3 and ISO/IEC 27001. Additionally, businesses benefit from IP indemnification against copyright infringement claims related to AI-generated code. The enterprise-grade version can be accessed via the Android Studio Narwhal build on the Canary release channel with an eligible Gemini Code Assist license.
Search