patch updates Archives

Winsage

October 15, 2025

Microsoft’s October ‘Patch Tuesday’ Update Fixes Over 170 Flaws

On the second Tuesday of each month, Microsoft releases a significant security update for Windows users, known as "Patch Tuesday." In October, the update addresses over 170 security vulnerabilities, including: - 80 elevation of privilege vulnerabilities - 31 remote code execution vulnerabilities - 28 information disclosure vulnerabilities - 11 security feature bypass vulnerabilities - 11 denial of service vulnerabilities - 10 spoofing vulnerabilities The total number of patches, including those for Azure, Mariner, and earlier disclosed vulnerabilities, exceeds 200. This update includes fixes for eight vulnerabilities classified as "Critical," comprising five remote code execution vulnerabilities and three elevation of privilege vulnerabilities. Additionally, six zero-day vulnerabilities are addressed, with three publicly disclosed and three actively exploited. The exploited vulnerabilities include: 1. CVE-2025-24990: Windows Agere Modem Driver Elevation of Privilege Vulnerability 2. CVE-2025-59230: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability 3. CVE-2025-47827: Secure Boot bypass in IGEL OS before version 11 The publicly disclosed vulnerabilities are: 1. CVE-2025-0033: AMD RMP Corruption During SNP Initialization 2. CVE-2025-24052: Windows Agere Modem Driver Elevation of Privilege Vulnerability 3. CVE-2025-2884: Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation Microsoft has also ceased support for Windows 10, meaning users not enrolled in Extended Security Updates will not receive future security patches.

Winsage

October 15, 2025

Microsoft frightful Patch Tuesday: 175+ CVEs, 3 under attack

Microsoft's October Patch Tuesday addressed 175 vulnerabilities, including 21 non-Microsoft CVEs. Among these, three vulnerabilities are under active attack: 1. CVE-2025-24990: An elevation of privilege bug in the Agere Modem driver (rated 7.8) that allows attackers to gain administrator privileges on supported Windows versions. The driver has been removed in the update. 2. CVE-2025-59230: An elevation of privilege vulnerability in the Windows Remote Access Connection Manager (rated 7.8) that could grant SYSTEM privileges to attackers. 3. CVE-2025-47827: A Secure Boot bypass flaw (rated 4.6) in the IGEL OS that allows attackers to bypass Secure Boot. Three publicly known vulnerabilities include: 1. CVE-2025-0033: A critical vulnerability affecting AMD EPYC processors with SEV-SNP, requiring a patch that is still in development. 2. CVE-2025-24052: An elevation of privilege vulnerability in the Agere Modem driver (rated 7.8) that is publicly known but not yet exploited. 3. CVE-2025-2884: An out-of-bounds read vulnerability in the TCG TPM2.0 reference implementation's CryptHmacSign function. Additionally, 16 other critical-severity flaws were highlighted, including CVE-2025-59287, a 9.8-rated vulnerability in Windows Server Update Services that allows unauthenticated remote attackers to trigger unsafe object deserialization, leading to remote code execution. Adobe released 12 updates for 36 vulnerabilities, including critical CVEs in Substance 3D Stager, Dimension, Illustrator, and FrameMaker. SAP issued 13 new security notes, with four rated critical, including a fix for an OS command execution flaw in Netweaver. Ivanti provided advisories for vulnerabilities in Endpoint Manager Mobile and Neurons for MDM, which have not yet been exploited.

AppWizard

October 12, 2025

Abiotic Factor gets new roadmap featuring a mystery crossover, DLC plans, and new difficulty modes alongside dev Q&A: ‘We’re terrified of our obligations to the community so be nice, we love you’

Abiotic Factor is a survival game that combines a whimsical narrative with immersive gameplay. The developers have announced a roadmap for upcoming content, including two DLCs: the Temple of Stone, set to release before the end of fall, and a new sector expected next summer. They hinted at two potential crossovers, with references to Peter Pan and Sega Bass Fishing, and the possibility of integrating elements from Valve's universe. In a recent video Q&A, developers expressed their excitement about the game's positive reception and their commitment to the community.

AppWizard

August 16, 2025

As the legal debate between Subnautica 2’s publisher and former studio execs rages, the original game and its spinoff quietly receive small patches and big discounts

Subnautica 2 is facing a legal dispute after the dismissal of its leadership team by publisher Krafton, with former leaders alleging that Krafton plans to delay the game's launch beyond 2025 to avoid a financial payout. Krafton claims the game is not ready for early access and accuses the former leaders of neglecting their roles. The 2025 patch for Subnautica has introduced controller support, improved gameplay mechanics, and fixed various bugs, while Below Zero's patch focuses on enhancing the Snowfox vehicle's controls and reducing damage from terrain impacts. Both games are currently discounted by 75%. Subnautica 2 is now expected to enter early access in 2026.

Winsage

July 24, 2025

SMEs need channel help moving off Windows 10

71% of IT decision-makers view the transition to Windows 11 as an opportunity to enhance PC infrastructure. 64% of UK decision-makers consider the ability to run AI applications as critical for their organizations. Currently, 20% of customers have not started transitioning from Windows 10, 25% have completed the migration, and 44% are working towards the October end-of-life support deadline. Small firms are particularly lagging in this transition. Analysts predict a global PC market growth of 5.8% in 2025, with total shipments expected to reach 272 million units, following a 9% growth in Q1 and a 7.4% year-on-year improvement in Q2.

AppWizard

February 3, 2025

Final Fantasy VII Rebirth PC 1.001 Patch Updates DirectStorage To Latest Version, Improves Game Stability and More

The first patch for Final Fantasy VII Rebirth on PC, version 1.001, has been released, weighing 17.65 GB. It includes stability improvements and enhancements, such as setting the graphics preset to Low on Steam Deck and DLSS as the default anti-aliasing option if supported. DirectStorage has also been updated. The patch notes do not mention specific performance improvements. Modders have released 4K texture packs and integrated characters like Sephiroth and Zack into the game, though these characters are incomplete. Final Fantasy VII Rebirth is available on PC and PlayStation 5.

Winsage

November 24, 2024

KB5048779: Microsoft improves Windows 11 24H2 OOBE (initial setup experience)

Microsoft has released an Out of Box Experience (OOBE) update for Windows 11, version 24H2, identified as KB5048779. This update enhances the OOBE process and is available only when OOBE updates are installed. Additionally, a Setup file update under KB5047134 has been made available. The "Tailored Experiences" section has been rebranded as "Personalized offers" within the OOBE. OOBE updates install automatically during setup if the user has an active internet connection. Critical driver updates and essential Windows zero-day patch updates will download automatically during OOBE, and users cannot opt-out of these updates. Users will be notified when their device is checking for and applying updates, and they may receive the latest Windows Updates if a newer version is available towards the end of the OOBE process.

Winsage

August 26, 2024

I really hope this rumored change to Windows updates is true | Digital Trends

Microsoft is exploring the implementation of hot-patching for Windows 11 24H2, which aims to streamline the update process without requiring mandatory restarts. This method will primarily apply to x86 versions of Windows and will be limited to monthly security updates. Users can expect fewer reboots, although a restart will still be necessary after every two hot-patch updates due to the release of four baseline updates that require a reboot. The benefits of hot-patching include reduced disruption, faster update processes, enhanced security, and simplified management with Azure Update Manager. Microsoft has previously used hot-patching successfully on Windows servers and Xbox consoles. No official timeline for the rollout of this feature has been announced.

Winsage

August 16, 2024

Microsoft posts guidance for CVE-2024-21302 VBS flaw that downgrades modern Windows PCs

Microsoft released Patch Tuesday updates for Windows operating systems, including KB5041580, KB5041578, KB5041773, and KB5041782 for Windows 10, and KB5041585, KB5041592 for Windows 11 versions 23H2, 22H2, and 21H2, along with KB5041571 for the upcoming 24H2 version. The company retired the problematic WinRE updates, KB5034440 and KB5034441. A newly discovered security vulnerability, tracked as CVE-2024-21302 and CVE-2024-38202, allows attackers to downgrade systems to vulnerable states undetected. This vulnerability affects Windows 10, Windows 11, Windows Server 2016, and higher systems, enabling attackers to replace current system files with outdated versions. Microsoft is developing a security update to address this issue and has released mitigation strategies for supported Windows versions. Administrators can deploy a Microsoft-signed revocation policy to prevent loading vulnerable VBS system files. Home users are advised against manually installing the policy and should wait for an automatic fix.