scripting Archives

Winsage

May 14, 2025

Microsoft Confirms Windows Is Under Attack — You Must Act Now

Microsoft has confirmed multiple zero-day vulnerabilities being actively targeted by malicious actors. One significant vulnerability is CVE-2025-30397, a memory corruption flaw in the Windows scripting engine that affects all versions of Windows and allows code execution over the network. It has a CVSS score of 7.8 and is considered critical. Successful exploitation requires the target to use Edge in Internet Explorer Mode and for the user to click a malicious link. Other vulnerabilities include: - CVE-2025-32709: An elevation of privilege vulnerability in the Windows ancillary function driver for WinSock, affecting Windows Server 12 and later. - CVE-2025-32701 and CVE-2025-32706: Vulnerabilities in the Windows Common Log File Driver System that could allow local attackers to gain system privileges, affecting all versions of Windows. - CVE-2025-30400: An elevation of privilege vulnerability in the Windows desktop window manager, affecting Windows 10, Server 2016, and later OS versions. Windows users are urged to update their systems with the latest security patches immediately.

Winsage

May 14, 2025

Patch Tuesday for May: Five zero day vulnerabilities CISOs should focus on

A vulnerability identified as CVE-2025-30397 can be exploited when Microsoft Edge is in “Internet Explorer” mode, which is typically not the default setting but may be necessary for certain users. Another vulnerability, CVE-2025-29831, can only be exploited during a restart of the Remote Desktop Protocol (RDP) service. SAP has released 18 Security Notes to address various vulnerabilities, including critical authorization issues, remote code execution, information disclosure, and cross-site scripting.

Winsage

May 14, 2025

Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network

Microsoft has identified a memory corruption vulnerability in its Scripting Engine, designated as CVE-2025-30397. This vulnerability allows unauthorized remote code execution and is classified as “Important” under CWE-843 (Type Confusion). It was disclosed in the May 2025 Patch Tuesday updates and arises from improper handling of resource types. Exploitation occurs when a user clicks a specially crafted URL in Microsoft Edge's Internet Explorer Mode, potentially compromising system confidentiality, integrity, and availability. Although the attack complexity is high, successful exploitation has been confirmed in the wild. Microsoft has issued patches for all supported Windows versions, and users are advised to apply these updates and consider disabling Internet Explorer Mode to reduce risk.

Winsage

May 6, 2025

I used Sophia Script to take back control of Windows 11, and I wish I did it sooner

Sophia Script is a PowerShell module available on GitHub that simplifies the process of adjusting Windows settings through the command line interface (CLI), offering over 150 regularly updated functions. It provides GUI-based options for managing tasks like telemetry settings, scheduling tasks, and uninstalling OneDrive, allowing users to select multiple tasks at once. The setup process involves opening the main PS1 file in Notepad++, changing the directory, and executing a command from GitHub, with comprehensive instructions available. Users can customize settings by adding or replacing code with a hashtag next to the script they wish to run, and it allows changes to be applied across all user accounts. Sophia Script is particularly useful for configuring new PCs or fresh installations, as it helps remove unnecessary bloatware and streamline system performance. It can uninstall Microsoft apps, including the Windows Copilot app, and has created five scheduled tasks after running, saving time compared to traditional methods. The creator, Farag2, is also developing a GUI version, SophiApp 2.0.

Winsage

April 18, 2025

XYplorer is the best dual-pane file manager that I’ve used on Windows

XYplorer is a dual-pane file manager that enhances productivity with its intuitive interface and robust features, allowing simultaneous access to two folders for easier file management. It offers customization options, advanced search capabilities, file previews, batch renaming, and scripting automation. XYplorer is lightweight, providing faster performance and quicker search results compared to Windows File Explorer. It also has a portable version that can run from a flash drive without installation. XYplorer operates as trialware for 30 days, after which users can purchase a license.

Winsage

April 6, 2025

5 best dual-pane file managers for Windows power users

The default Windows File Explorer lacks multi-pane support, making file management cumbersome for users who frequently transfer files between folders or manage multiple drives. Dual-pane or multi-pane third-party file managers offer solutions by allowing users to view and manage multiple folders side by side within a single window. Total Commander is a veteran dual-pane file manager with built-in FTP support, fast file transfers, and comprehensive archive handling. Directory Opus is a premium file management solution with a dual-pane layout, tabbed navigation, and features like batch file operations and scripting capabilities. FreeCommander XE is a free dual-pane file manager that offers essential features such as tabbed browsing and folder synchronization. XYplorer is a portable dual-pane file manager designed for speed, featuring tabbed browsing and powerful search functions. Q-Dir, or Quad-Directory Explorer, allows for up to four panes in a single window and supports drag-and-drop functionality and color filters.

Winsage

April 2, 2025

Download freeCAD (free) for Windows, macOS and Linux

FreeCAD is a free computer-aided design (CAD) software that offers a comprehensive suite of features comparable to expensive alternatives. It has a parametric modeling engine that allows users to make seamless adjustments to design parameters, ensuring changes are automatically reflected throughout the design. The software includes multiple workbenches for different design phases, such as the Sketcher for 2D geometry and the Part and Design workbenches for solid modeling. FreeCAD also features Computer Numerical Control (CNC) capabilities for converting 3D models into G-code and provides Finite Element Analysis (FEA) tools for stress testing designs. Advanced users can utilize Python scripting for automation and customize their experience with industry-specific plugins. FreeCAD supports various file formats, including STEP, IGES, STL, SVG, DXF, OBJ, IFC, and DAE.

Tech Optimizer

March 31, 2025

Fileless XMRig-C3 Cryptominer Targets PostgreSQL Servers

Wiz Threat Research has reported a new variant of a malicious campaign targeting misconfigured and publicly exposed PostgreSQL servers, attributed to the threat actor JINX-0126. This actor exploits vulnerable PostgreSQL instances with weak login credentials to gain unauthorized access and deploy XMRig-C3 cryptominers. The campaign has evolved to include advanced evasion techniques, such as using unique hashes for binaries and executing payloads in a fileless manner to avoid detection. The analysis indicates that the threat actor assigns unique mining workers to each victim, with three distinct wallets identified, suggesting over 1,500 affected victims. Nearly 90% of cloud environments host PostgreSQL instances, with about one-third publicly exposed. The threat actor scans for poorly configured services, exploiting default weak credentials to gain access and execute malicious payloads. Upon successful login, the actor performs reconnaissance and executes a dropper script to deploy an obfuscated Golang binary, which contains an encrypted configuration with critical system information. The malware establishes persistence by creating cron jobs and modifying access controls. The actor also creates high-privilege roles for continued access and weakens the default admin user. The analysis identified three wallets associated with the campaign, with each wallet having around 550 workers. The Wiz Dynamic Scanner can identify exposed PostgreSQL services, while the Wiz Runtime Sensor detects malicious activities associated with this threat. The report includes specific wallet addresses, a file hosting service, and file hashes related to the malware. Techniques used by the malware align with various MITRE ATT&CK® techniques, including credential access, defense evasion, and resource hijacking.

AppWizard

March 27, 2025

The Best Minecraft Updates (And How They Changed Multiplayer Forever)

Minecraft has evolved significantly since its inception, with various updates introducing new features and enhancing gameplay. 1. Beta 1.8 (2011): Introduced hunger, sprinting, strongholds, and villages, marking the transition to survival mode and boosting multiplayer dynamics with the rise of PvP servers and Hunger Games-style minigames. 2. Release 1.3 (2012): Unified single-player and multiplayer modes, allowing single-player worlds to function as lightweight servers and introducing command blocks for scripting events, enhancing multiplayer experiences. 3. Release 1.7 (2013): Added new biomes and improved world generation, enriching multiplayer exploration and encouraging themed survival worlds and roleplay. 4. Release 1.8 (2014): Introduced armor stands, banners, and enhanced creator tools, allowing for custom lobbies and scripted events, fostering a thriving multiplayer scene. 5. Release 1.13 (2018): Revitalized oceans with new features like coral reefs and improved swimming mechanics, leading to water-themed multiplayer worlds and ambitious server designs. 6. Release 1.16 (2020): Transformed the Nether with new biomes and mobs, introducing Netherite and creating new survival challenges and PvE zones for multiplayer. 7. Releases 1.17 & 1.18 (2021): Overhauled terrain generation, expanding world height and creating dynamic multiplayer experiences with group mining expeditions and scenic base-building. 8. Release 1.20 (2023): Focused on storytelling with new features like archaeology and sniffer mobs, promoting collaborative narratives and community-driven experiences in multiplayer.

Winsage

March 19, 2025

3 reasons Chocolatey is an amazing package manager for Windows

Chocolatey is a package manager for Windows 11 that requires initial setup via PowerShell commands but is easy to use once installed. It excels in automation, allowing users to create custom scripts for package deployment and integrates with Ansible for provisioning on virtual machines. Chocolatey has an extensive repository with over 10,000 applications and supports multiple package formats. While the free version is suitable for average users, premium features require a paid license, and alternatives like WinGet may be better for those seeking free and open-source options.