Microsoft Archives

Winsage

June 11, 2025

Microsoft warns of 66 flaws to fix for this Patch Tuesday

Microsoft has announced a significant update addressing 66 vulnerabilities, including a zero-day vulnerability disclosed on the same day. Ten critical patches have been identified, with two currently being exploited. Microsoft is also patching older platforms like Windows Server 2008 and Internet Explorer. One critical vulnerability, CVE-2025-33053, has been exploited by the Stealth Falcon hacking group since March, allowing remote code execution via the WebDAV extension. Another critical vulnerability, CVE-2025-5419, affects the Chromium V8 JavaScript engine in Microsoft Edge. CVE-2025-33073 is an escalation of privilege vulnerability in the Windows SMB Client, with a CVSS score of 8.8. Four critical vulnerabilities in Microsoft Office include CVE-2025-47162, CVE-2025-47164, CVE-2025-47167, and CVE-2025-47953. Four critical remote code execution vulnerabilities include CVE-2025-47172, CVE-2025-29828, CVE-2025-32710, and CVE-2025-33071. Two elevation-of-privilege flaws are CVE-2025-47966 and CVE-2025-33070. Adobe has prioritized fixes for Adobe Commerce and Adobe's Experience Manager, addressing 254 CVEs. Adobe Acrobat users will receive ten fixes, including four critical ones. Fortinet has patched CVE-2023-42788 in FortiAnalyzer 7.4. SAP resolved 14 issues, with CVE-2025-42989 being the only critical patch, associated with the NetWeaver Application Server and a CVSS score of 9.6.

AppWizard

June 11, 2025

Yep, PlayStation’s PC Games Will Be Playable on Xbox’s New Handheld System

Microsoft announced the ROG Xbox Ally, a handheld device developed in collaboration with Asus, designed to function as a handheld PC operating on the Windows platform. It allows gamers to access their entire Xbox library, play games natively, utilize cloud gaming services, or engage in remote play. The device is compatible with various PC launchers and storefronts, including Steam and the Epic Games Store, enabling users to play titles beyond the Xbox ecosystem. This includes the opportunity to play Sony's first-party titles, such as Marvel's Spider-Man 2, God of War Ragnarok, and Horizon Forbidden West, on the Xbox Ally.

Winsage

June 10, 2025

Microsoft Patch Tuesday addresses 66 vulnerabilities, including an actively exploited zero-day

Microsoft addressed 66 vulnerabilities in a recent Patch Tuesday update, including a critical zero-day exploit, CVE-2025-33053, which has been exploited by the espionage group Stealth Falcon against a defense contractor in Turkey. Stealth Falcon has targeted high-profile government and defense entities in the Middle East and Africa since 2012. CISA has added CVE-2025-33053 to its catalog of known exploited vulnerabilities. The group employs innovative infection methods, including WebDAV and multi-stage loaders. Many organizations may be at risk due to inadequate security measures for WebDAV, with estimates suggesting up to 80% of organizations could be vulnerable. The update also includes another critical vulnerability, CVE-2025-47966, allowing unauthorized access to sensitive information in Power Automate, as well as 17 vulnerabilities affecting Microsoft Office products, with three likely to be exploited.

Winsage

June 10, 2025

Windows 10 KB5060533 cumulative update released with 7 changes, fixes

Microsoft has released the KB5060533 cumulative update for Windows 10 22H2 and 21H2, which includes security patches addressing seven zero-day vulnerabilities. The update reintroduces seconds to the time display in the Calendar flyout, enhances the Rich Calendar feature, and adds descriptive text for the Weather button. It fixes rendering issues with GB18030 characters and resolves a problem with the Windows Account Sync Consent system in the European Economic Area. The update also addresses a known issue causing Hyper-V virtual machines to freeze or restart unexpectedly. A current issue involves blurry NOTO fonts at 96 DPI in Chromium-based browsers, with a workaround of adjusting display scaling to 125% or 150%. After installation, Windows 10 22H2 will be upgraded to build 19045.5965 and Windows 10 21H2 to build 19044.5965. Users can manually download the update from the Microsoft Update Catalog.

Winsage

June 10, 2025

APT Hackers Exploited WebDAV 0-Day RCE Vulnerability in the Wild to Deploy Malware

A cyberattack campaign by the advanced persistent threat group Stealth Falcon targeted a prominent Turkish defense company using a zero-day vulnerability identified as CVE-2025-33053. This vulnerability allowed attackers to manipulate the working directory of legitimate Windows tools to execute malware from their WebDAV servers. The attack was initiated through a spear-phishing email containing a malicious .url file that directed the system to a legitimate Internet Explorer utility, which was then exploited to execute malicious files. The attackers employed process hollowing to bypass traditional defenses. Stealth Falcon, also known as FruityArmor, has been conducting cyber espionage since at least 2012, targeting government and defense sectors in Turkey, Qatar, Egypt, and Yemen. The attack involved a multi-stage infection chain leading to the deployment of "Horus Agent," a custom implant designed for advanced reconnaissance and equipped with anti-analysis techniques. Researchers identified additional custom tools used by Stealth Falcon, including a DC Credential Dumper and a custom keylogger. The group utilizes repurposed legitimate domains to blend their infrastructure with legitimate traffic, complicating detection efforts.

AppWizard

June 10, 2025

Today’s Android app deals and freebies: Cyberlords

This afternoon, the Google Play store is offering various discounted games and applications for Android users. Significant hardware discounts include the Microsoft Platinum Snapdragon X Elite OLED Surface Pro available at a notable price reduction, and the ASUS ZenBook A14 OLED Snapdragon X Plus Copilot+ PC also seeing a price drop. The Galaxy Tab S10 FE and FE+ bundles are discounted by , and the Galaxy Watch 7 is available for 9. Featured app deals include Cyberlords – Arcology, MAYATCH, and Achikaps Pro.

Winsage

June 10, 2025

Windows 11 is getting a nifty trick for quickly mirroring your Android phone right from the Start menu

Microsoft is testing a new feature in the Phone Link app for Windows 11 that allows users to mirror their Android smartphone screens onto their Windows desktops with a single click. This feature is currently being tested with a select group of users and is integrated within the Phone Link panel in the Start menu. It works particularly well with Samsung Galaxy smartphones and is compatible with specific Android devices, including Samsung Galaxy models, Asus (ROG-branded), Honor, OnePlus, Oppo, Surface Duo, Vivo, and Xiaomi. The rollout is expected to coincide with a cumulative update for Windows 11 on June 10, although initial availability may be limited. The Phone Link panel began rolling out in April for Windows 11 versions 23H2 and 24H2, with wider access becoming available in May.

Winsage

June 10, 2025

Xbox’s new handheld is a surprisingly comfortable way to play Gears

The Xbox Ally X is a new handheld gaming device developed in collaboration with Asus, positioned as an alternative to the Steam Deck and the upcoming Switch 2. It includes the ROG Xbox Ally and the Xbox Ally X. The device is noted for its comfort, with hand grips designed to resemble an Xbox controller, making it more enjoyable to hold compared to the Steam Deck. During a demonstration, gameplay with Gears of War: Reloaded was smooth, and the ergonomic design of the Ally X potentially improved performance. The device's weight is comparable to the Steam Deck, and it offers a significant difference in comfort during extended play sessions. The user interface and navigation between Xbox and Steam games remain unexplored, but the device's comfort and portability suggest it could be a favored option for on-the-go gaming.

Winsage

June 10, 2025

Arm says Windows game compatibility is up to developers

Arm-powered Windows devices using Qualcomm Snapdragon processors are noted for their sleek designs and long battery life. While core compatibility issues have been largely resolved, gaming remains a challenge due to anti-cheat program compatibility, which can prevent games from launching. Chris Bergey from Arm Holdings mentioned that most users spend about 90% of their time on applications with native Arm versions. Major developers like Epic Games are exploring ways to improve compatibility with Arm-based systems. Additionally, anti-cheat issues affect the Steam Deck, which operates on an AMD processor but lacks native versions of several popular anti-cheat systems. As Arm-based Windows devices gain market share, game developers are expected to prioritize support for these platforms. The integration of Windows and Steam into Arm-based handheld devices could transform the gaming landscape, especially with improved battery life and efficiency.

Winsage

June 10, 2025

Microsoft’s big Windows 11 Start menu redesign is great news for OLED monitor owners like me – and you can try it right now

Microsoft is enhancing its Windows 11 operating system, particularly the Start menu, with updates currently available for beta testers. These modifications aim to streamline user navigation and make it easier to manage applications. Users can categorize applications for a more organized interface or revert to a traditional grid view. The update improves scrolling and application discovery, benefiting those who use their devices for gaming or productivity. The changes are aesthetically pleasing, especially for OLED monitor users, and may alleviate concerns about screen burn-in. There is hope that similar customization features could be extended to gaming applications, addressing potential burn-in risks associated with on-screen build numbers in games.