We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

driver update synchronization

Microsoft extends support for key Windows tool - but probably not the one you'd expect
Winsage
April 9, 2025

Microsoft extends support for key Windows tool – but probably not the one you’d expect

Microsoft will continue to support driver update synchronization for Windows Server Update Services (WSUS) servers, postponing the planned deprecation initially set for April 18 due to customer feedback. Paul Reed, Azure Compliance Senior Program Manager, noted the importance of this feature for organizations, particularly in regulated environments. A revised timeline for the future of WSUS driver synchronization will be developed, and Microsoft is open to ongoing customer feedback.
Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824)
Winsage
April 8, 2025

Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824)

April 2025 Patch Tuesday introduced fixes for over 120 vulnerabilities, including a critical zero-day vulnerability (CVE-2025-29824) that is actively exploited. CVE-2025-29824 is a user-after-free vulnerability in the Windows Common Log File System (CLFS), allowing privilege escalation to SYSTEM on compromised Windows machines. Microsoft has patched 32 CLFS vulnerabilities since 2022, with six exploited in the wild. Updates for Windows 10 are not yet available. Other notable vulnerabilities include CVE-2025-26663 and CVE-2025-26670, both unauthenticated user-after-free vulnerabilities in Windows LDAP, and CVE-2025-27480 and CVE-2025-27482 in Windows Remote Desktop Services. None of these vulnerabilities have been patched for Windows 10 systems, but updates are forthcoming. Microsoft reversed its decision to discontinue driver update synchronization to WSUS servers, confirming that WSUS will continue to synchronize driver updates.
Windows Server Update Services live to patch another day
Winsage
April 8, 2025

Windows Server Update Services live to patch another day

Microsoft has announced an extension of support for Windows Server Update Services (WSUS), postponing the planned end of support originally set for April 2025, in response to user feedback. The decision comes shortly before the scheduled cutoff and addresses challenges associated with disconnected device scenarios. Initially, Microsoft planned to make drivers available only through the Microsoft Update Catalog, but user feedback prompted a change. While some IT administrators may welcome the decision, others argue that WSUS is outdated and lacks essential capabilities for modern security. Gene Moody, field CTO at Action1, noted that WSUS is ill-equipped to meet contemporary demands and highlighted its limitations in enforcing updates and providing real-time visibility. Moody suggested that the extension of support is influenced by specific scenarios where WSUS remains necessary, such as environments with legal obligations or air-gapped networks. He cautioned that this decision should not be seen as a shift away from Microsoft's goal of phasing out WSUS in favor of cloud-based solutions.
Search