We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

Patch Tuesday updates

New Security Warning After 1 Billion Windows Users Told Do Not Delete
Winsage
April 27, 2025

New Security Warning After 1 Billion Windows Users Told Do Not Delete

Microsoft's recent security update for Windows has raised concerns among users due to the introduction of a new vulnerability. The update, intended to address the CVE-2025-21204 vulnerability, inadvertently created a folder named inetpub, which Microsoft claims is essential for user protection. Security researcher Kevin Beaumont has warned that this update has introduced a denial of service vulnerability that allows non-admin users to halt future Windows security updates. Microsoft has classified the issue as moderate in severity and suggested that deleting the inetpub symlink and retrying the update may resolve the problem. The report has been forwarded to the Windows security team for potential further action.
Windows 11 KB5055627 update released with 30 new changes, fixes
Winsage
April 26, 2025

Windows 11 KB5055627 update released with 30 new changes, fixes

Microsoft has released the KB5055627 preview cumulative update for Windows 11 24H2, which introduces new features and bug fixes. This update is part of optional non-security preview updates and does not include security updates. Users can install it via Settings under Windows Update or download it directly from the Microsoft Update Catalog. The update elevates Windows 11 24H2 systems to build 26100.3915 and includes features such as Recall (preview), Click to Do (preview), improved Windows Search, Narrator enhancements, Phone Link, interactive Widgets, curated views in File Explorer, updated Settings for app recommendations, and Windows Studio Effects. It also addresses bugs related to blue screen errors, DHCP Client connectivity issues, Windows Hello functionality, and provides estimated offline times for updates. Notable issues include potential installation blocks for Citrix components and download issues for Roblox players on Windows Arm devices, with workarounds available.
Windows "inetpub" security fix can be abused to block future updates
Winsage
April 25, 2025

Windows “inetpub” security fix can be abused to block future updates

A recent Microsoft security update has created a new 'inetpub' folder in the root of the system drive, linked to a fix for a Windows Process Activation elevation of privilege vulnerability (CVE-2025-21204). This folder has appeared on systems without Internet Information Services (IIS) installed. Microsoft advises users not to delete the folder, as it enhances system protection. However, cybersecurity expert Kevin Beaumont has shown that the 'inetpub' folder can be manipulated by non-administrative users to create a junction that redirects to a Windows file, potentially obstructing future Windows updates and resulting in a 0x800F081F error code. Microsoft has classified this issue as "Medium" severity and has closed the case, indicating it may be addressed in future updates.
Windows vulnerability with NTLM hash abuse exploited for phishing
Winsage
April 19, 2025

Windows vulnerability with NTLM hash abuse exploited for phishing

A vulnerability in Windows, identified as CVE-2025-24054, is being exploited in phishing campaigns targeting government and private organizations. Initially considered low-risk, it was addressed in Microsoft's March 2025 Patch Tuesday updates. Following the release of these patches, Check Point observed a rise in exploitation attempts, particularly linked to the Russian group APT28. Attackers sent phishing emails with Dropbox links containing .library-ms files, which, when accessed, connected to an external SMB server controlled by the attackers, allowing interception of NTLM hashes. A subsequent wave of attacks involved .library-ms files sent as direct attachments, requiring minimal user interaction to exploit the vulnerability. The malicious ZIP archive also contained files exploiting older NTLM vulnerabilities. Check Point identified the attackers' SMB servers with specific IP addresses. Despite being classified as medium-severity, the vulnerability's potential impact is significant, prompting organizations to apply the March 2025 updates and consider disabling NTLM authentication if not essential.
Windows 11 Update Fiasco: Microsoft Confirms Blue Screen Of Death. Here’s What To Do
Winsage
April 18, 2025

Windows 11 Update Fiasco: Microsoft Confirms Blue Screen Of Death. Here’s What To Do

Reports of the Blue Screen of Death (BSOD) have emerged following updates to Windows 11, with Microsoft confirming the issue in a support document. Users may encounter a blue screen exception with error code 0x18B (SECUREKERNELERROR) after installing the latest updates, specifically linked to the Windows 11 version 2H42 release and affecting updates KB5053598, KB5053656, and KB5055523. Microsoft is working on a fix and has deployed a server-side update to disable changes causing the BSOD. Affected users are advised to check for updates multiple times to receive the server-side patch quickly. Additionally, the April update has caused issues with Windows Hello functionalities, which Microsoft plans to address in a future update scheduled for May 2025.
Don't delete inetpub folder. It's a Windows security fix
Winsage
April 15, 2025

Don’t delete inetpub folder. It’s a Windows security fix

A new folder, typically located at C:inetpub, appears on Windows systems after installing the April Patch Tuesday updates for Windows 10 and 11. This folder is created as a security measure related to the vulnerability CVE-2025-21204, which could allow unauthorized access to system-level file management. Microsoft advises users to leave this folder untouched, as it is established with read-only SYSTEM-level access to prevent privilege escalation exploits. The folder will be created even if Internet Information Services (IIS) is not installed, and there are currently no known exploits for CVE-2025-21204. If the folder is deleted, it can be recreated by enabling IIS in the Windows features settings. Users can also manually create the folder with the appropriate permissions if desired.
Windows warning: Don't delete that weird 'inetpub' folder. Already did? Here's your fix
Winsage
April 14, 2025

Windows warning: Don’t delete that weird ‘inetpub’ folder. Already did? Here’s your fix

Windows 10 and Windows 11 users who installed the April Patch Tuesday updates may find a new folder named inetpub on their system drive. This folder is associated with Microsoft’s Internet Information Services (IIS) and is important for addressing the CVE-2025-21204 vulnerability, which involves improper handling of symbolic links. Microsoft advises users not to delete the inetpub folder, as it plays a crucial role in system security. If the folder has been deleted, it can be restored by enabling IIS through the Control Panel. Enabling IIS will recreate the folder and ensure it retains the necessary protective measures.
Microsoft’s New Windows Update — 1 Billion Users Warned: Do Not Delete
Winsage
April 13, 2025

Microsoft’s New Windows Update — 1 Billion Users Warned: Do Not Delete

Windows users are facing security challenges, including a zero-day vulnerability that threatens Windows passwords and hackers bypassing Windows Defender. Microsoft has discontinued VPN support for Windows Defender users and withdrawn security support for Windows 10. A new folder named "inetpub" was created following the April 8 Patch Tuesday updates as part of the fix for CVE-2025-21204, a vulnerability in the Windows Update Stack. This folder has raised concerns among users, prompting Microsoft to advise against deleting it. The creation of the inetpub folder is intended to enhance security, although its purpose remains unclear. Microsoft confirmed that the folder is created regardless of whether Internet Information Services (IIS) is installed on the user's device.
Search