command-line Archives

Winsage

August 18, 2025

Microsoft: WUSA may fail to install recent Windows updates

Microsoft is addressing an issue with the Windows Update Standalone Installer (WUSA) that affects the installation of Windows updates from network shares, primarily impacting Windows 11 24H2 and Windows Server 2025 systems in enterprise networks. The problem leads to updates failing with the error ERRORBADPATHNAME when multiple .msu files are present on a network share. This issue does not occur with single .msu files or local installations. A Known Issue Rollback (KIR) is available to mitigate the problem for home and non-managed business devices, while IT administrators can implement a Group Policy fix for affected systems. Users can also avoid the issue by saving .msu files locally for installation.

AppWizard

August 16, 2025

Lilbits: Desktop Linux apps on Android phones, Xbox PC gaming on ARM-based computers, and a cheaper Kindle color

Google has introduced an experimental Linux terminal application for Android users that allows the installation of Debian within a virtual machine, enabling command-line applications on Android devices. Users with Pixel 6 or later models running the latest canary builds of Android 16 can potentially enable graphical user interface (GUI) applications. An early preview of desktop Linux applications, including Chromium and GIMP, has been demonstrated on the Google Pixel 8 Pro using this new Terminal app. The Xbox PC app has added a feature for downloading games for local play on Windows 11 PCs with ARM-based processors, currently available to select members of the Windows Insider and Xbox Insider preview programs. HTC has launched Vive Eagle smart glasses in Taiwan, starting at 9, which include cameras, microphones, speakers, and AI features but lack a display. Amazon is reportedly developing a more affordable Kindle with a color display, featuring a 6-inch screen and improved color saturation.

Winsage

August 14, 2025

Ditch Windows Explorer! These programs are better for fast file transfers!

Windows Explorer struggles with file transfer speeds, capping around 3GBps, while SSD technology can reach up to 15GBps. Alternatives like XCOPY and FastCopy are recommended for better performance. XCOPY is a command-line utility that can significantly streamline file operations, offering various command switches such as /E (copies directories and subdirectories), /J (utilizes unbuffered I/O), /Q (suppresses file name display), and /I (assumes destination is a directory). FastCopy is a user-friendly tool that integrates into Explorer's context menus and often exceeds XCOPY's speeds, achieving nearly 9GBps in testing. XCOPY outperforms Windows Explorer by two to three times, while FastCopy achieves speeds up to 3.5 times that of Explorer.

AppWizard

August 13, 2025

Fake Minecraft Installer Spreads NjRat Spyware to Steal Data

Point Wild’s Lat61 Threat Intelligence Team has identified a new cyber threat targeting Minecraft fans, involving malware disguised as a Minecraft installer that steals personal data. This threat is associated with an unofficial browser-based Minecraft clone called Eaglercraft 1.12 Offline, commonly used in schools. The malware, a Remote Access Trojan (RAT) named NjRat, can capture keystrokes, access webcams and microphones, and establish a backdoor in the system by adding a hidden program called WindowsServices.exe to startup files. It can crash the system to avoid detection by security tools. The attack begins with a malicious file that, when executed, distracts the user with a fake game while downloading harmful files in the background. The malware connects to a remote server in India, allowing attackers to control the infected computer and extract data. Users are advised to download Minecraft only from official sources and be cautious with third-party applications.

Winsage

August 13, 2025

Microsoft removes PowerShell 2.0 from Windows 11, Windows Server

Microsoft is removing PowerShell 2.0 from Windows 11 version 24H2 in August and from Windows Server 2025 in September. This follows its earlier removal for Windows Insiders in July 2025. Users relying on legacy scripts or software that depend on PowerShell 2.0 must update their systems or implement workarounds to avoid disruptions. PowerShell 5.1 and PowerShell 7.x will remain available and supported. Customers using older Microsoft server products like Exchange, SharePoint, and SQL Server will be directly affected. Microsoft recommends migrating scripts and tools to PowerShell 5.1 or 7 and replacing outdated software that requires PowerShell 2.0 support.

AppWizard

August 13, 2025

Hands-on: We ran full desktop Linux apps on an Android phone!

The Linux Terminal app on Android is set to support graphical Linux applications, requiring a Pixel 6 or newer device and the latest 2507 Android Canary release. Users must enable the Linux Terminal by navigating to Settings > System > Developer options > Linux development environment and toggling it on. To enable hardware acceleration, users need to create an empty file named virglrenderer in the /sdcard/linux directory. After launching the Terminal app, users will download necessary files to boot Debian and can install Flatpak to run graphical applications. Users can launch apps by initiating a graphical environment or installing XFCE for a desktop experience.

Winsage

August 12, 2025

InstallAware Launches Setup Virtualization Technology “Project OS/3,” Running Windows Binaries Directly on Linux and macOS.

InstallAware Software has launched "Project OS/3," a solution that simplifies running Windows applications on Linux and macOS by using Wine. Users can install Wine through an intuitive graphical user interface (GUI) setup wizard, eliminating the need for command-line interactions. The installation process is initiated with a single click, and once Wine is set up, "Project OS/3" injects the Windows application along with necessary files and registry keys into the Wine instance, ensuring the application is operational with original shortcuts recreated on the host system. Developers can provide a Windows setup file, and the tool will create a ready-to-run native code installation for both Linux and macOS, addressing compatibility issues typically encountered with Wine. The ease of use is facilitated by InstallAware Studio Admin's PackageAware setup capture technology and InstallAware Multi Platform's native code setup engines, which automatically retarget captured Windows installations onto designated Wine instances. "Project OS/3" also offers a graphical method for installing Wine, providing a quicker alternative for compatible setups. InstallAware Software, founded in 2003, specializes in cloud infrastructure and enterprise software deployment, and offers InstallAware 2025 for free for open-source projects, with paid editions available.

Winsage

August 5, 2025

Ollama’s new app makes using local AI LLMs on your Windows 11 PC a breeze — no more need to chat in the terminal

Ollama allows users to engage with AI language models directly on personal computers, with an improved installation process that simplifies access through a system tray or Start Menu. The application features a user-friendly interface for typing queries and includes the ability to adjust context window size and support for multimodal inputs, such as images and code files. Some advanced functionalities still require command-line interface (CLI) usage. Recommended system specifications include an 11th Gen Intel CPU or Zen 4-based AMD CPU with AVX-512 support and a minimum of 16GB of RAM, while offline functionality is a key advantage.

AppWizard

August 5, 2025

New Android Malware Poses as SBI Card and Axis Bank Apps to Steal Financial Data

McAfee’s Mobile Research Team has identified a malware campaign targeting Android users in India, specifically Hindi speakers. The malware disguises itself as legitimate financial applications from banks like SBI Card, Axis Bank, and IndusInd Bank. It is distributed through phishing websites that mimic official banking portals and uses authentic assets to appear credible. The malware has dual functionality: it exfiltrates personal and financial data and mines Monero cryptocurrency using the XMRig tool, activated remotely via Firebase Cloud Messaging (FCM). It masquerades as a Google Play update, prompting users to install it, which leads to data theft. Upon installation, the malware presents a fake Google Play interface and requests sensitive information, which is sent to a command-and-control server. After data submission, users see a misleading confirmation page. The malware employs a multi-stage dropper to evade detection, with remote activation capabilities that keep it dormant until triggered. Phishing sites promote the malicious APK through SMS, WhatsApp, or social media. McAfee has reported these threats to Google, resulting in the blocking of the associated FCM account. All variants are classified as high-risk, with infections primarily in India but some in other regions. Users are advised to download apps only from Google Play and to be cautious with unsolicited links. Indicators of Compromise (IOCs) include specific APKs for various credit cards and phishing site URLs related to the campaign.

Tech Optimizer

August 4, 2025

Zero-Day Flaw in PostgreSQL Exploited to Target BeyondTrust Systems

A significant PostgreSQL vulnerability, CVE-2025–1094, was identified during the investigation of another vulnerability, CVE-2024–12356, which was exploited in the BeyondTrust breach in December 2024. The breach involved unauthorized access to BeyondTrust's systems and was linked to the state-sponsored hacking group Silk Typhoon from China. The U.S. Treasury Department confirmed its network was compromised through a stolen BeyondTrust API key. CVE-2025–1094 is an SQL injection vulnerability that allows attackers to execute arbitrary SQL commands due to improper handling of invalid UTF-8 byte sequences. Rapid7 found that CVE-2024–12356's exploitation relied on CVE-2025–1094, and that CVE-2025–1094 could be exploited independently. BeyondTrust issued patches for these vulnerabilities, but the patch for CVE-2024–12356 did not directly address the underlying cause of CVE-2025–1094. The exploitation of these vulnerabilities underscores the need for timely patching and proactive security measures in organizations using PostgreSQL.