security initiatives Archives

Winsage

April 20, 2025

587 Windows Vulnerabilities — A Microsoft Security Record Breaker

Microsoft has reported a record number of 1,360 security vulnerabilities for its products in 2024, marking an 11% increase from 2023. This includes 587 vulnerabilities in Windows (33 classified as critical) and 684 in Windows Server (43 classified as critical). The increase in reported vulnerabilities suggests that security researchers are effectively identifying weaknesses, and Microsoft has invested over a million dollars in bounties to encourage this. The proactive communication and remediation process during Patch Tuesday enhances security, indicating that Microsoft is committed to addressing vulnerabilities rather than being indifferent to user security.

Winsage

April 13, 2025

Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed

Microsoft addressed over 120 vulnerabilities during its April 2025 Patch Tuesday, including a critical zero-day vulnerability (CVE-2025-29824) that is actively exploited. WinRAR users are urged to update to version 7.11 due to a vulnerability (CVE-2025-31334) that allows attackers to bypass Windows' Mark of the Web security feature. Chief Information Security Officers (CISOs) are experiencing security platform fatigue due to the proliferation of multiple security tools. President Donald Trump signed an Executive Order revoking security clearances for Chris Krebs and his colleagues at SentinelOne. Cyber crisis simulations are becoming essential for organizational preparedness against evolving cyber threats. Fortinet has released patches for vulnerabilities, including a critical flaw (CVE-2024-48887) in FortiSwitch appliances. WhatsApp users should update their Windows client app to fix a vulnerability (CVE-2025-30401) that could allow harmful code execution. Kevin Serafin, CISO at Ecolab, discussed aligning security initiatives with business objectives. There is a rise in compromised large language model (LLM) attacks and risks associated with AI autonomy. New open-source tools like the YES3 Scanner and APTRS have been developed to enhance security capabilities. The cybersecurity job market remains strong, with increasing demand for skilled professionals.

AppWizard

February 3, 2025

Google blocked 2.36 million risky Android apps from Play Store in 2024

Google blocked 2.3 million Android app submissions to the Play Store in 2024 due to policy violations that posed risks to users. The company also banned 158,000 developer accounts for attempting to introduce harmful applications, including malware and spyware. The number of blocked apps increased from 2,280,000 in 2023 and 1,500,000 in 2022, aided by AI assistance in 92% of human reviews. Google prevented 1.3 million apps from gaining excessive permissions and upgraded Google Play Protect, which scanned over 200 billion apps daily and identified over 13 million new malware apps from outside Google Play. The Google Play SDK index added 80 trusted SDKs, and the Play Integrity API adoption led to an 80% reduction in abuse from untrusted sources. Google's untrusted APK installation blocking system expanded to several countries and thwarted 36 million installation attempts of 200,000 unique apps from reaching 10 million Android devices.

Winsage

November 20, 2024

Windows security and resiliency: Protecting your business

Microsoft prioritizes security and is set to unveil new security advancements during Ignite 2024, including insights from a July incident and investments to enhance security measures. The Secure Future Initiative (SFI) has dedicated the equivalent of 34,000 full-time engineers to address security challenges. The upcoming November update will provide insights and actionable learnings for customers. The Windows Resiliency Initiative focuses on improving reliability, enabling more applications to run without admin privileges, implementing stronger controls over applications and drivers, and enhancing identity protection against phishing attacks. Quick Machine Recovery will allow IT administrators to execute fixes remotely, available to the Windows Insider Program in early 2025. Microsoft is evolving partnerships with endpoint security providers through the Microsoft Virus Initiative (MVI) and is developing new capabilities for security product developers. A private preview for these capabilities will be available in July 2025, and Microsoft is transitioning to safer programming languages. Windows 11 is designed to be more secure than Windows 10, requiring a hardware-backed security baseline for new PCs. Features like Windows Hello Enhanced Sign-in Security and the Microsoft Pluton security processor enhance security. Windows 11 has led to a reported 62% reduction in security incidents and a threefold decrease in firmware attacks. New features in Windows 11 address challenges such as overprivileged users, unverified apps, and insecure credentials. Administrator protection allows users to make system changes securely without persistent admin privileges. Multifactor Authentication (MFA) is emphasized, with Windows Hello serving as the built-in MFA solution. Smart App Control and App Control for Business policies ensure that only verified applications can run, while Windows Protected Print integrates with Mopria-certified devices to enhance security. Personal Data Encryption safeguards files in known folders, and Hotpatch allows critical security updates without system restarts. Zero Trust DNS restricts devices to approved domains, and Config Refresh helps maintain preferred configurations. Microsoft emphasizes collaboration with OEMs and app developers to ensure Windows is secure by design and default.

Tech Optimizer

November 1, 2024

EDB Announces Commitment to Achieving FedRAMP Authorization

EnterpriseDB (EDB) is pursuing Federal Risk and Authorization Management Program (FedRAMP) Authorization to enhance its secure and compliant solutions for over 1,500 enterprise customers, including government organizations like the Department of Defense (DoD) and the Department of Justice (DOJ). EDB aims to support national security initiatives and facilitate the development of sovereign data and AI solutions. To expedite the FedRAMP authorization process, EDB will use the Game Warden platform from Second Front Systems, which allows applications to inherit pre-approved security controls. This collaboration aims to provide federal agencies with advanced technology while adhering to stringent security standards. EDB Postgres AI is designed to meet enterprise-grade demands for various workloads and will accommodate Controlled Unclassified Information (CUI) and National Security Systems (NSS)-based workloads.

AppWizard

August 21, 2024

Google Play Store’s Bug Bounty Program to End on August 31

Google's bug bounty program for Android apps, the Google Play Security Reward Program (GPSRP), will conclude on August 31, 2024. Launched in 2017, the program incentivized researchers to find security vulnerabilities in popular Android applications, initially targeting select developers with rewards up to ,000 for critical issues. In 2019, it expanded to all apps with over 100 million downloads, increasing potential payouts to 0,000. The decision to end the program is due to a decline in actionable vulnerabilities reported, attributed to improvements in Android OS security. Google will continue investing in other security initiatives, such as the Android Vulnerability Rewards Program (AVRP). Researchers are encouraged to submit findings before the program ends, with reports due by September 15 and final decisions by September 30.

AppWizard

August 20, 2024

Google is ending its Android app store bug bounty program

Google will conclude the Google Play Security Reward Program on August 31, 2024, after nearly seven years of operation since its launch in October 2017. The decision to end the program is attributed to improvements in the security of the Android operating system and a decrease in actionable vulnerabilities reported by researchers. Reports submitted before the conclusion date will be triaged by September 15, with reward decisions finalized by September 30. In the previous financial year, Google blocked 2.28 million privacy-violating applications and banned 333,000 malicious developer accounts. The termination of the program raises concerns about the potential decrease in motivation for researchers to report vulnerabilities, which could lead to increased future vulnerabilities on the platform.

Winsage

August 15, 2024

Microsoft To Add AirDrop-Like Feature To Windows PCs And Android

Microsoft is introducing a new file-sharing feature for Windows PCs and Android devices, similar to Apple’s AirDrop, through Phone Link and the Link to Windows app. Users can share files by selecting a file on their PC, right-clicking to choose “Share,” and selecting Phone Link. Windows notifications for Phone Link must be enabled to monitor transfer progress, and a notification will confirm successful sharing. This feature is currently rolling out to Windows Insiders in the Release Preview Channel, with a wider release planned. Requirements include a PC with Windows 10 (May 2019 update or later) or Windows 11, an Android smartphone running version 9.0 or above, and specific app versions for Link to Windows and Phone Link. Additionally, Microsoft has linked security initiatives to employee performance reviews, indicating that contributions to security efforts may affect salary increases and promotions. The company has expanded its Secure Future Initiative to include all employees in security performance metrics. Microsoft has also removed advertisements from the latest version of Skype and improved AI image creation tools, along with introducing automatic sign-in with OneAuth.