IT security Archives

Winsage

October 14, 2025

Microsoft October Patch Tuesday for Windows 11 Fixes 175 Flaws

Microsoft's October 2025 Patch Tuesday addressed 175 vulnerabilities, including two zero-day elevation-of-privilege flaws: CVE-2025-24990, related to the legacy ltmdm64.sys Agere Modem driver, and CVE-2025-59230, affecting the Remote Access Connection Manager. Five vulnerabilities were classified as critical, including CVE-2025-59246 (remote code execution in Azure Entra ID), CVE-2025-55315 (ASP.NET Core vulnerability), CVE-2025-49708 (Microsoft Graphics Component bug), CVE-2025-59287 (Windows Server Update Service flaw), and CVE-2025-59228 (SharePoint vulnerability). The update (KB5066835) also resolved usability issues, such as print preview hangs and input detection failures. Microsoft notified administrators about the expiration of Secure Boot certificates in June 2026. Windows 11 users can install the update via Settings > Windows Update, requiring a system restart and data backup before installation.

Winsage

September 28, 2025

Is end of service leaving your system vulnerable? The risks no IT leader can ignore

Unsupported operating systems and device software lack regular updates, making them vulnerable to cyber attacks. Devices running on unsupported platforms can become gateways for attackers, as they are susceptible to known exploits that can be easily weaponized. According to Microsoft’s 2024 Digital Defense Report, over 90% of successful ransomware attacks target unmanaged endpoints. Unsupported versions can bypass standard security solutions and often fail compatibility checks with modern security tools, leading to significant protection gaps. Additionally, these vulnerabilities can be exploited to steal credentials and gain unauthorized access, posing risks to overall network security.

Tech Optimizer

September 12, 2025

Best Antivirus for Windows (September 2025): Avast Awarded Top PC Security Solution by Software Experts

Avast has been recognized as the top antivirus solution for Windows in Software Experts' September 2025 annual review. The evaluation highlighted Avast's effectiveness in addressing cybersecurity threats and its commitment to enhancing digital protection, privacy, and user experience. Avast Premium Security offers real-time threat protection, anti-scam intelligence, email and web safety, and integrates AI-powered tools for enhanced security. Avast Ultimate combines Avast Premium Security with additional tools like SecureLine VPN and AntiTrack, allowing activation on up to 10 devices. Additionally, Avast received recognition from AV-TEST as one of the best Windows antivirus software for home users in evaluations conducted during May and June 2025.

Winsage

August 22, 2025

IGEL benefits from seismic VMware and Windows 10 shifts

IGEL Technology, founded in 2001, initially specialized in thin clients but has shifted towards software solutions that protect endpoints with a read-only operating system, reducing the attack surface by up to 95 percent. Each endpoint operates statelessly, retaining no memory of past interactions, and is managed through a unified portal that integrates with various vendors like Zscaler and CrowdStrike. IGEL's solutions allow for the integration of endpoints in operational technology environments without introducing additional security vulnerabilities, effectively replacing EDR systems with over 120 integrations. The company aims to extend the lifespan of endpoints from 3-5 years to 6-8 years, providing significant cost savings and addressing the challenges posed by the transition from Windows 10 to Windows 11. IGEL's approach enhances security while offering flexibility in application delivery options, although it does not eliminate all cyber threats.

Winsage

August 8, 2025

German researchers show ‘Windows Hell No’ flaw at Black Hat

Microsoft is working to move Windows users away from traditional passwords to its Hello biometrics system. Researchers from ERNW Research, supported by the German government, discovered a critical vulnerability in Hello that allows individuals with local admin access or malware credentials to inject biometric data, bypassing security measures. Hello facilitates authentication for business users by connecting corporate PCs to platforms like Entra ID or Active Directory, storing a cryptographic key in a database linked to Microsoft's Windows Biometric Service. While Enhanced Sign-in Security (ESS) is designed to mitigate such vulnerabilities, not all PCs are compatible with it. During a presentation, researchers demonstrated the flaw by logging in with a facial scan and then injecting a captured facial scan to unlock the device. They suggested that users without ESS disable biometric authentication and revert to using a PIN. Microsoft has not yet responded to these findings, which are part of a research program called Windows Dissect.

Winsage

June 9, 2025

Microsoft: Remedy for security vulnerability due to deleted “inetpub” folder

A recent Microsoft security update has created a new folder named "inetpub" on Windows systems, which is essential for system security. If users delete this folder, it can lead to significant vulnerabilities. Microsoft has released a Powershell script, Set-InetpubFolderAcl.ps1, to restore the "inetpub" folder and set the correct permissions. Systems that installed the April security update (KB5055528) must take immediate action if the "inetpub" directory is missing. The script also updates access rights for the "DeviceHealthAttestation" directory, if it exists. Administrative rights are required to run the script. This issue was highlighted by IT security researcher Kevin Beaumont, who noted that deleting the "inetpub" folder could disrupt the installation of future security updates.

Tech Optimizer

May 2, 2025

The Pillars of AI-Driven Security

The cybersecurity landscape has shifted from traditional methods like firewalls and antivirus software to more sophisticated, AI-driven strategies. The 2024 Verizon Data Breach Investigations Report identifies ransomware as a leading attack type, with a median time to compromise now measured in hours. The attack surface is expanding due to remote work, cloud adoption, and IoT devices, while traditional security measures struggle to keep up. AI enhances security across three domains: prevention, detection, and response. 1. Prevention: AI distinguishes between legitimate and suspicious activities, improving predictive accuracy and enabling proactive defenses against attacks. AI models can identify zero-day malware and fileless attacks by focusing on behavior. 2. Detection: AI-powered tools like SIEM systems analyze vast amounts of data to identify risks and suspicious patterns in near real-time, reducing false positives and highlighting low-and-slow attacks and insider threats. 3. Response: AI automates rapid containment and remediation actions, allowing human analysts to focus on more complex tasks. Generative AI can assist in drafting incident reports and suggesting remediation measures. AI-driven security offers scale and efficiency, reducing breach costs significantly for organizations that utilize it. AI models adapt to evolving threats, and AI tools help bridge the cybersecurity skills gap. However, challenges include potential biases in AI models, the need for talent and change management, and privacy concerns. Organizations are encouraged to adopt AI-driven security as a core component of their digital defense strategy to improve risk posture and threat response.

Winsage

April 24, 2025

Microsoft security patch opens up new security vulnerability

Microsoft's recent update aimed at fixing a security vulnerability (CVE-2025-2104) has unintentionally created an "inetpub" folder on the system drive of Windows operating systems. This folder's creation has raised concerns among IT security researchers, particularly Kevin Beaumont, who warns that it could lead to issues with Windows updates. Users can create junctions that redirect to the "inetpub" folder, potentially causing failures in installing updates and leaving systems vulnerable. Microsoft has stated that the "inetpub" folder should not be deleted and that its presence is part of security enhancements.

Winsage

March 25, 2025

How To Secure Windows on a Mid-Sized Business Budget

Access provides advice on IT challenges, career transitions, and workplace dynamics. A mid-sized company faced a ransomware scare due to a user opening a malicious attachment but recovered data without paying the ransom. To enhance security in a Windows environment on a limited budget, the following steps are recommended: 1. Evaluate data storage by centralizing it on servers rather than individual workstations to improve security and simplify backups. 2. Implement the principle of Least Privilege Access, limiting user access to only necessary resources to reduce potential damage during attacks. 3. Utilize Microsoft's AppLocker to control which applications can run on Windows desktops, blocking unauthorized software. 4. Set up a ransomware kill switch using a custom PowerShell script to monitor for suspicious activities and trigger defensive actions if ransomware is detected.

Winsage

March 19, 2025

Windows 11 has a hidden FAQ page in testing that tells you why your PC is slow

Windows 11 will introduce a new FAQ page in its Settings app to help users identify potential limitations of their PCs. This feature, currently hidden in Dev Channel builds, will answer questions about the OS version and evaluate GPU adequacy for gaming and video tasks. It will also analyze the impact of having 4-8GB of RAM on performance. The feature can be activated using the third-party utility ViVeTool with ID “5530588,” but its effectiveness may vary across systems. Microsoft has faced criticism for Windows 11's strict minimum hardware requirements, which may prevent many PCs from upgrading from Windows 10. This situation may force users to upgrade hardware or consider alternatives like ChromeOS. Microsoft aims to enhance user experience with Windows 11, which may lead to increased hardware sales and user satisfaction.