cybersecurity

Winsage
July 9, 2025
Microsoft addressed a total of 130 vulnerabilities in its latest Patch Tuesday initiative. A significant vulnerability in SQL Server, identified as CVE-2025-49719, has a CVSS score of 7.5 and is due to improper input validation, potentially allowing unauthorized access to sensitive data. It affects SQL Server versions from 2016 to 2022. Another critical vulnerability, CVE-2025-47981, has a CVSS score of 9.8 and allows unauthenticated remote code execution without user interaction. This vulnerability poses a high risk due to its low attack complexity and potential for lateral movement within networks. Additionally, the update includes 16 vulnerabilities affecting Microsoft Office, with four categorized as more likely to be exploited.
AppWizard
July 8, 2025
Activision has temporarily removed the Microsoft Store version of “Call of Duty: WWII” due to a serious security breach involving a vulnerability that allowed hackers unauthorized access to players' computers. The company is investigating the situation and is working on a patch to resolve the exploit. Players have reported hacking incidents while playing, with concerns raised about a remote code execution vulnerability. The affected version of the game differs from those on Steam, as it contained an outdated flaw that had already been patched elsewhere. Activision has faced multiple hacking incidents in recent years, including issues with its anti-cheat system and malware targeting players. The company has also experienced layoffs that have impacted its cybersecurity resources.
AppWizard
July 8, 2025
Activision has temporarily removed the PC Game Pass version of Call of Duty: WW2 due to reports of an unspecified issue, with concerns raised about a potential remote code execution (RCE) exploit causing disruptive app pop-ups, unexpected PC shutdowns, and inappropriate content. The game is unavailable on both the Game Pass and Microsoft Store but remains accessible on Steam and Battle.net. Community feedback indicates that the game may be vulnerable to RCE exploits, allowing malicious actors to execute harmful code on players' systems. A notable incident involved streamer Wrioh, who reported being "hacked," with a video showing a pop-up claiming, "just RCE'd your ass," and a change to their desktop wallpaper. The VX-Underground malware research collective shared images of an alleged RCE attack, highlighting an "unpatched RCE exploit" and instances of trolling with pop-ups and inappropriate content. VX-Underground speculated that the attacker could deploy various forms of malware, though their primary intent seems to be creating chaos. As of now, Call of Duty: WW2 for PC Game Pass and the Microsoft Store remains offline, with no updates from Activision on its return.
Tech Optimizer
July 8, 2025
Amazon Prime Day features significant deals in cybersecurity, including the Norton 360 Premium package, which offers coverage for ten devices. Norton includes anti-scam protection that identifies malicious links, robust malware detection, and parental controls for online safety. It also provides a Secure VPN for encrypting internet traffic and uses Genie AI to monitor the dark web for personal information leaks, notifying users of data breaches. Other Prime Day antivirus options include basic software for single-device protection and family plans with limited device coverage.
Tech Optimizer
July 8, 2025
Nearly a dozen malicious extensions in Google’s Chrome Web Store have collectively received 1.7 million downloads. These extensions can track browser activity, redirect users to harmful websites, and include various types such as VPNs and weather tools. Koi Security reported these extensions to Google, resulting in the removal of some, but others remain available. Users are advised to monitor their online activities and utilize antivirus software for protection.
AppWizard
July 8, 2025
The PC version of Call of Duty: WWII has been temporarily taken offline due to a serious security concern involving a remote code execution (RCE) vulnerability. This flaw allows attackers to execute malicious code on players' machines without consent, leading to unauthorized control during multiplayer sessions. Exploits reported include opening command prompts, sending messages via Notepad, forcing remote shutdowns, and changing desktop wallpapers. The vulnerability is particularly concerning for PC gamers using Microsoft’s Game Pass subscription service, as it stems from the game's reliance on peer-to-peer networking. Activision is speculated to be enhancing its anti-cheat systems in response, but the effectiveness of updates to address the RCE vulnerability is uncertain.
Search