experts Archives

AppWizard

May 3, 2025

Photo appears to shows Mike Waltz using Signal-like app that can archive messages

White House Deputy Press Secretary Anna Kelly confirmed that the encrypted messaging application Signal is officially sanctioned for government use and installed on government-issued devices. The National Security Council has not commented on the related app, TeleMessage, which is derived from Signal and designed to help government entities comply with records retention laws. TeleMessage was founded in 1999, acquired by Smarsh in 2024, and has been involved in government contracts, including a .1 million contract with the Department of Homeland Security and FEMA that began in February 2023 and will conclude in August 2025. Tom Padgett, Smarsh’s president for enterprise business, stated that like Signal, messages sent through TeleMessage are encrypted, but the app does not address security issues raised by a recent incident involving Signal. The specifics of how government officials utilize TeleMessage remain unclear, and five cybersecurity experts admitted they were unfamiliar with the app prior to recent developments. TeleMessage licenses parts of its technology, including its encryption protocol, to other companies, but Signal clarified there is no formal agreement with TeleMessage and expressed concerns about the privacy and security of unofficial versions of their app.

Winsage

May 2, 2025

Alarming update: Windows 11 may deprive users of all data

In the recent Windows 11 24H2 update, the bypassnro.cmd script was removed, leading to the automatic activation of BitLocker disk encryption for both corporate and home users. This change has raised concerns about data security, performance degradation, and the risk of irreversible data loss, particularly due to the lack of user notifications when BitLocker is activated. Users are advised to back up their encryption keys to prevent permanent loss of access to files. Microsoft has provided a guide for backing up and recovering BitLocker keys, and users can manually disable BitLocker through the registry or settings. Additionally, Huawei is considering moving away from Windows to its proprietary operating system.

Winsage

May 2, 2025

Microsoft has no plans to fix Windows RDP bug that lets you log in with old passwords

Microsoft has decided not to address a significant security vulnerability in its Windows Remote Desktop Protocol (RDP) that allows users to log into machines using outdated cached passwords, even after those passwords have been updated or changed. This situation creates a potential backdoor for unauthorized access, raising security concerns. Microsoft defends this functionality as a design choice to prevent users from being locked out of their machines, prioritizing accessibility over security.

Winsage

April 30, 2025

Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.

The ability to use a revoked password for Remote Desktop Protocol (RDP) access on Windows machines linked to Microsoft or Azure accounts allows users to log in with either a dedicated password or the credentials from their online account. Even after changing the account password, the old password remains valid for RDP logins indefinitely, and in some cases, multiple previous passwords may still grant access. This behavior poses significant security risks, especially if the account has been compromised, as changing the password does not block access via RDP with the old password. The issue arises from credential caching on the local machine, where the initial login credentials are stored securely, allowing continued access without online verification.

Winsage

April 30, 2025

Unpatched Windows Shortcut Vulnerability Let Attackers Execute Remote Code

Security researcher Nafiez has discovered a vulnerability in Windows LNK files that allows remote code execution without user interaction. Microsoft has chosen not to address this issue, stating it does not meet their security servicing criteria. The vulnerability exploits specific components of LNK files, enabling attackers to create malicious shortcuts that initiate silent network connections when a user accesses a folder containing them. The exploit involves manipulating the HasArguments flag, EnvironmentVariableDataBlock, and embedding UNC paths. Microsoft defends its inaction by citing the Mark of the Web (MOTW) feature as adequate protection, despite concerns from security experts about its effectiveness. Previous vulnerabilities in LNK files have been addressed by Microsoft, and the availability of proof-of-concept code raises fears of potential exploitation by malicious actors.

Tech Optimizer

April 30, 2025

5 Free Antivirus Programs To Eliminate Malware and Viruses (2025)

Users are increasingly seeking effective malware protection without the cost of premium software, leading to the emergence of free antivirus programs that offer robust security features. This trend is particularly beneficial for Windows 11 users who want real-time protection while staying within budget. Several leading cybersecurity firms provide free antivirus solutions equipped with advanced features such as real-time scanning, phishing defenses, cloud-based malware detection, and system optimization tools. These free programs can adequately protect a diverse audience, including gamers, remote workers, students, and casual users. Top free antivirus programs for Windows 11 in 2025 include: 1. Bitdefender Antivirus Free: Utilizes the same malware engine as its paid version, offers real-time detection, anti-phishing protection, and is ultra-light on system resources. 2. Microsoft Defender Antivirus: Integrated into Windows 11, provides cloud-delivered protection and built-in ransomware mitigation without ads. 3. Avast Free Antivirus: Offers additional tools like network scanning and a Do Not Disturb mode for gaming. 4. AVG AntiVirus Free: Features a simpler interface, link and attachment protection, and fewer pop-ups. 5. TotalAV Free Antivirus: A newer option with a clean interface, real-time protection, and a junk file cleaner. Key factors to consider when selecting free antivirus software include real-time protection, low resource usage, minimal intrusion, and extra security tools. While free solutions are suitable for most users, premium protection may be necessary for small businesses or those handling sensitive data. For gamers, Bitdefender and Avast are recommended for their low system impact and gaming modes. For remote workers, Microsoft Defender and TotalAV are highlighted for their ease of use and integrated protections. Essential features of effective antivirus programs include robust virus protection, real-time scanning, and a behavior shield to detect new threats. Performance should not significantly slow down the system, and the interface should be user-friendly. Experts recommend Windows Defender for basic protection, with AVG and Avast receiving endorsements for their feature balance, while Bitdefender Free is noted for its detection rates and minimal system impact. Free antivirus programs may lack advanced features and technical support compared to paid versions.

Tech Optimizer

April 30, 2025

Avast Antivirus Vulnerability Let Attackers Escalate Privileges

A significant vulnerability, designated as CVE-2025-3500, has been identified in Avast Free Antivirus, allowing attackers to gain elevated system privileges and execute malicious code at the kernel level. The vulnerability has a high CVSS score of 8.8 and was publicly disclosed on April 24, 2025, shortly after a patch was implemented. It originates from inadequate validation of user-supplied data in the aswbidsdriver kernel driver, leading to an integer overflow prior to buffer allocation. Attackers must first execute low-privileged code on the target system to exploit this vulnerability. The flaw affects multiple versions of Avast Free Antivirus, specifically versions ranging from 20.1.2397 to 2016.11.1.2262. A fix was released in version 25.3.9983.922, and users are urged to update their software promptly. Security experts recommend enabling automatic updates and using standard user accounts for daily activities to mitigate risks.

Winsage

April 29, 2025

Microsoft’s AI Secretly Copying All Your Private Messages

Microsoft is relaunching its AI-driven feature, Recall, which continuously captures background screenshots on Copilot+ PCs optimized for AI functionalities. Initially introduced in May, Recall was retracted due to privacy concerns over unencrypted storage of screenshots containing sensitive user data. After testing through Microsoft's Insider program, Recall has been updated to encrypt the screenshot database and requires users to opt in to save screenshots. However, it still poses risks by potentially capturing sensitive information from communications without the knowledge of other parties involved. Security researcher Kevin Beaumont has noted that the sensitive information filter is unreliable, and the encrypted database is only secured by a basic four-digit PIN. Beaumont's testing revealed that Recall indexed everything it stored, including ephemeral messages and images. He cautioned users to check if Recall is enabled when discussing sensitive topics with others on Windows PCs.

Winsage

April 28, 2025

Microsoft makes hot patching a paid feature for Windows Server 2025

Hotpatching in Windows Server 2025 allows system administrators to apply security updates without rebooting, enhancing response times to vulnerabilities. Microsoft will introduce a subscription model for this feature starting July 1, 2024, at an initial rate of [openai_gpt model="gpt-4o-mini" prompt="Summarize the content and extract only the fact described in the text bellow. The summary shall NOT include a title, introduction and conclusion. Text: Hotpatching emerges as a significant advancement in the realm of Windows Server 2025, allowing system administrators to implement security updates without the need for system reboots. This capability enhances the speed at which organizations can respond to vulnerabilities, aligning with the growing demand for agile IT operations. However, Microsoft has decided to place this feature behind a paywall, introducing a subscription model that will take effect from July 1, 2024, at an initial rate of .50 per core per month. Notably, users operating on Azure will be exempt from this charge, providing a clear incentive for cloud-based deployments. Previously available in Azure Hotpatching is not an entirely new concept; it has been successfully utilized in various environments, including the Linux kernel, VMware products, and the Xen hypervisor. Microsoft has previously offered hot patching capabilities for Windows Server: Azure Edition and version 2022 within the Azure cloud ecosystem. In August 2024, the company unveiled a preview of hot patching for Windows Server 2025 in Azure, followed by an additional preview for deployments managed through the Arc hybrid and multicloud management system in September. This latest preview marks a pivotal moment, as it introduces hot patching for Windows Server 2025 Standard and Datacenter Edition, enabling on-premises applications of this technology for the first time. Microsoft has characterized this feature as a “game changer,” highlighting its potential to redefine patch management for enterprises. Subscription model and patching cycle Under the new subscription model, Microsoft anticipates releasing eight hot patches annually. However, it is important to note that there may be instances where a restart is still required for security purposes. As the transition to the paid version approaches, users currently in the preview phase will be automatically migrated unless they opt out by June 30, 2024. This move has drawn parallels to Microsoft's previous strategies regarding detailed logs, which have sparked concern among security experts. Critics argue that by monetizing essential security features, Microsoft risks compromising the overall security posture for users who may not opt for these additional services. While hotpatching was initially heralded as a cornerstone innovation for Windows Server 2025, its placement behind a paywall raises questions about the balance between enhanced security and cost considerations for organizations. Read also: Windows Server 2025 updates cause problems" max_tokens="3500" temperature="0.3" top_p="1.0" best_of="1" presence_penalty="0.1" frequency_penalty="frequency_penalty"].50 per core per month, with Azure users exempt from this charge. Hotpatching has been previously available in Azure and is now being introduced for on-premises applications in Windows Server 2025 Standard and Datacenter Edition. Microsoft plans to release eight hot patches annually, although some may still require a restart. Users in the preview phase will be automatically migrated to the paid version unless they opt out by June 30, 2024. Critics express concern that monetizing essential security features may compromise overall security for users who do not subscribe.

AppWizard

April 27, 2025

‘Andor,’ ‘You,’ ‘Havoc,’ ‘Babygirl,’ and the best to stream this weekend — plus ‘A Minecraft Movie’ surprise

Andor, the prequel to Rogue One, returns for its second and final season, featuring Diego Luna as Cassian Andor. The 12-episode season will be released in three-episode segments over four weeks. Étoile, a series by Amy Sherman-Palladino and Dan Palladino, follows two ballet companies struggling financially and is streaming on Prime Video. The Netflix series You returns for its fifth season, with all 10 episodes available for streaming. Brett Goldstein's stand-up special, The Second Best Night of Your Life, airs Saturday at 10 p.m. ET/PT on HBO and Max. A24’s film Babygirl, starring Nicole Kidman, is now streaming on Max. Other films available include Havoc on Netflix, Freaky Tales on VOD, Ash on VOD, and Azrael on Hulu. Tombstone, originally released in 1993, has a new 4K Ultra HD version available digitally. A book titled A Minecraft Movie: From Block to Big Screen chronicles the making of the Minecraft movie, available at Amazon and other booksellers.