We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

cybersecurity expert

A mysterious new Windows 11 folder appeared - and now there's a new exploit
Winsage
April 30, 2025

A mysterious new Windows 11 folder appeared – and now there’s a new exploit

Windows 11 users encountered the "inetpub" folder after the April 2023 update (KB5055523), which is a crucial component for addressing the security vulnerability CVE-2025-21204. Microsoft stated that the folder should not be removed, as it helps manage Windows Update security vulnerabilities by preventing unauthorized control through symbolic links. However, cybersecurity expert Kevin Beaumont revealed that the same patch introduced a new vulnerability that could allow remote exploitation, prompting Microsoft to acknowledge this issue with a "Moderate" status and indicate that a fix is forthcoming. Users are advised to keep their systems updated and not delete the "inetpub" folder. If the folder is deleted, it can be restored by enabling Internet Information Services in the Control Panel.
Avast Antivirus Vulnerability Let Attackers Escalate Privileges
Tech Optimizer
April 30, 2025

Avast Antivirus Vulnerability Let Attackers Escalate Privileges

A significant vulnerability, designated as CVE-2025-3500, has been identified in Avast Free Antivirus, allowing attackers to gain elevated system privileges and execute malicious code at the kernel level. The vulnerability has a high CVSS score of 8.8 and was publicly disclosed on April 24, 2025, shortly after a patch was implemented. It originates from inadequate validation of user-supplied data in the aswbidsdriver kernel driver, leading to an integer overflow prior to buffer allocation. Attackers must first execute low-privileged code on the target system to exploit this vulnerability. The flaw affects multiple versions of Avast Free Antivirus, specifically versions ranging from 20.1.2397 to 2016.11.1.2262. A fix was released in version 25.3.9983.922, and users are urged to update their software promptly. Security experts recommend enabling automatic updates and using standard user accounts for daily activities to mitigate risks.
Windows "inetpub" security fix can be abused to block future updates
Winsage
April 25, 2025

Windows “inetpub” security fix can be abused to block future updates

A recent Microsoft security update has created a new 'inetpub' folder in the root of the system drive, linked to a fix for a Windows Process Activation elevation of privilege vulnerability (CVE-2025-21204). This folder has appeared on systems without Internet Information Services (IIS) installed. Microsoft advises users not to delete the folder, as it enhances system protection. However, cybersecurity expert Kevin Beaumont has shown that the 'inetpub' folder can be manipulated by non-administrative users to create a junction that redirects to a Windows file, potentially obstructing future Windows updates and resulting in a 0x800F081F error code. Microsoft has classified this issue as "Medium" severity and has closed the case, indicating it may be addressed in future updates.
Windows Recall Is Finally Rolling Out To Customers
Winsage
April 11, 2025

Windows Recall Is Finally Rolling Out To Customers

Microsoft is rolling out its Windows Recall feature, which captures near-constant screenshots of user activity to allow natural language searches for content. Concerns have been raised by cybersecurity expert Kevin Beaumont, who warns that it could reverse cybersecurity progress by a decade. Users must opt-in and use Windows Hello for authentication to access their stored images, which can be paused at any time. Recall captures snapshots during various tasks and allows users to reopen applications or documents and perform actions directly from these snapshots. The rollout will occur gradually, and the tech community is monitoring its impact on cybersecurity.
Search