integrity Archives

Winsage

June 12, 2025

Windows Task Scheduler Vulnerability Let Attackers Escalate Privileges

A critical security vulnerability, designated as CVE-2025-33067, has been identified in the Windows Task Scheduler, allowing attackers to escalate privileges to SYSTEM level access without prior administrative rights. This vulnerability is rated as "Important" with a CVSS score of 8.4 and is due to improper privilege management within the Windows Kernel’s task scheduling component. It affects multiple Windows versions, including Windows 10 (Versions 1607, 1809, 21H2, 22H2), Windows 11 (22H2, 23H2, 24H2), and Windows Server 2016-2025. Microsoft released security updates on June 10, 2025, to address this flaw across 27 different Windows configurations. The vulnerability requires local system access, no prior privileges, and no user interaction, making it particularly dangerous. Security researcher Alexander Pudwill discovered and disclosed the vulnerability.

Tech Optimizer

June 12, 2025

That ‘unsubscribe’ link is actually a hidden security risk

The "click to unsubscribe" button in emails may pose a security threat, as engaging with it can lead users to malicious websites. TK Keanini, CTO at DNSFilter, noted that about one in every 644 clicks on such links can direct users to phishing sites designed to steal sensitive information and introduce malware. Experts advise skepticism towards unsubscribe requests from untrusted senders and recommend using "list-unsubscribe headers" in email clients for safer management of subscriptions. Alternatives include using spam filters, blacklisting senders, and employing disposable email addresses for added protection. Additionally, having robust antivirus software is crucial for safeguarding against potential malware threats.

Winsage

June 12, 2025

UEFI BIOS flaws: SecureBoot bypass and firmware replacement possible

Recent findings have identified two vulnerabilities in various UEFI BIOS versions from multiple manufacturers, compromising the SecureBoot mechanism. These vulnerabilities allow attackers to bypass SecureBoot protections and replace firmware, particularly in Insyde BIOSes. The issues stem from unprotected NVRAM variables, specifically the "IhisiParamBuffer," which can be manipulated to execute unsigned UEFI binaries. Affected UEFI applications include "DTBios" and "BiosFlashShell" from DTResearch, with a CVSS score of 8.2. Microsoft has added 14 new hashes to its DBX database to mitigate these risks. Additionally, a vulnerability in the Insyde H2O UEFI firmware app allows attackers to infiltrate digital certificates due to the insecure handling of the "SecureFlashCertData" variable, which is incorrectly treated as trusted memory. This flaw, known as "Hydroph0bia," has a CVSS score of 7.8 and enables unauthorized execution of firmware certified with manipulated certificates. Manufacturers are urged to provide firmware updates to address these vulnerabilities, as inconsistent support for locking UEFI variables raises security concerns.

Winsage

June 11, 2025

Windows 10 Support Ends in 4 Months. Here’s What You Need to Know

Windows 11 began its rollout to eligible devices in October 2021. The official end of support for Windows 10 is set for October 14, 2025. A significant portion of over one billion Windows users have yet to upgrade to Windows 11. Windows 11 features a redesigned Start Menu, improved multitasking capabilities, and greater accessibility to Android apps. After support for Windows 10 ends, users can still use the software, but it will no longer receive security updates. Free upgrades to eligible Windows 10 PCs have been available since October 5, 2021, and will continue through 2025. Users on Windows 7 must first upgrade to Windows 10 to qualify for the free upgrade to Windows 11. A definitive timeline for the end of support for Windows 11 is uncertain, but it is expected to have a similar lifespan to Windows 10.

Winsage

June 11, 2025

Microsoft Windows Secure Boot Bypass Confirmed

The second Tuesday of each month is when Microsoft releases monthly security updates for Windows. A significant zero-day vulnerability, CVE-2025-3052, has been identified, affecting all Windows users and allowing a Secure Boot bypass. This vulnerability could compromise system integrity by enabling malware to infiltrate Windows PCs and servers. CVE-2025-3052 is classified as a memory corruption issue within a module signed with Microsoft’s third-party UEFI certificate and can execute unsigned code during the boot process, potentially allowing attackers to install bootkits.

Winsage

June 11, 2025

A worrying Windows SecureBoot issue could let hackers install malware – here’s what we know, and whether you need to update

Researchers at Binarly have identified a critical vulnerability in a widely trusted BIOS update utility that operates on most modern systems using UEFI firmware. This utility, signed with Microsoft’s UEFI CA 2011 certificate, contains a flaw that could be exploited by malicious actors to disable essential security measures and install bootkit malware on personal computers. Microsoft addressed the issue by including a fix in its June 2025 Patch Tuesday cumulative update. The UEFI Secure Boot process is crucial for maintaining system integrity by verifying the authenticity of bootloaders and operating systems.

Winsage

June 11, 2025

Upgrading Windows 10 to 11: Here’s everything you need to know

Microsoft is offering a free upgrade from Windows 10 to Windows 11 for eligible devices that meet the minimum system requirements and use the appropriate upgrade tools. Official support for Windows 10 will end on October 14, 2025, after which Microsoft will stop providing free security updates, technical support, and bug fixes. Users can obtain a paid Extended Security Updates (ESU) program for an additional year of critical security updates. Windows 11 requires specific hardware prerequisites, including TPM 2.0 and compatible processors. Users can check their PC's eligibility for the update using the free PC Integrity Checker app. To upgrade, users can download the Windows 11 Installation Wizard or use the Rufus tool to create a bootable USB stick for installation. Backing up data before upgrading is recommended.

Winsage

June 9, 2025

If you deleted that mysterious Windows file Microsoft told you not to, there’s a new script to restore it

The 'inetpub' folder, which appears on system drives (C:) after the April 2025 security update for Windows 10 and 11, is essential for protecting users against the security vulnerability CVE-2025-21204. This vulnerability involves improper link resolution before file access and can allow an authorized attacker to escalate privileges. Although the folder may seem empty and Internet Information Services (IIS) might not be in use, its deletion can compromise the effectiveness of the security patch, exposing systems to vulnerabilities. Microsoft recommends using a PowerShell script to restore the folder if deleted, rather than recreating it through IIS, which may add unwanted system folders.

Winsage

June 6, 2025

Microsoft shares script to restore inetpub folder you shouldn’t delete

Microsoft has released a PowerShell script to help restore the C:Inetpub folder, which is crucial for addressing a high-severity privilege escalation vulnerability associated with Windows Process Activation. The folder's unexpected appearance after the April 2025 Windows security updates led some users to delete it, inadvertently exposing their systems to vulnerabilities. Microsoft emphasizes that the folder should not be deleted, as it is integral to the security framework, regardless of whether Internet Information Services (IIS) is active. The script allows administrators to recreate the folder with the correct permissions and access control settings.

AppWizard

June 6, 2025

Activision says COD microtransaction ads were accidental test

Activision clarified that the microtransactions in the Loadout menus of Black Ops 6 and Warzone were not intended for public release and were part of an internal test that accidentally went live during the Season 04 update. The company stated that this UI feature test, which revealed select store content, was published in error and has since been removed from the live game.