security threats Archives

Winsage

June 6, 2025

Microsoft Issues Critical Windows Update—Do Not Delete This

Users may face a significant vulnerability related to a Windows update from April 2025, particularly concerning the "inetpub" folder, which is essential for the security of Windows 11 systems. Microsoft clarified that this folder, linked to Internet Information Services (IIS) and necessary for hosting capabilities, should not be deleted. If users have removed the folder, they must restore it to address the security patch for CVE-2025-21204, as its absence can lead to risks such as privilege escalation and unauthorized access. Microsoft has provided a PowerShell script to restore the folder without enabling IIS, and users are advised to follow specific commands to execute the fix. However, many users may not take action, leaving their systems vulnerable.

Winsage

June 4, 2025

KDE opens its doors to “Windows 10 exiles” as it claims Microsoft wants to turn your computer “into junk”

Microsoft will cease support for Windows 10 on October 14, leaving users vulnerable to bugs and security threats. Users have options to upgrade to Windows 11, invest in new hardware, or switch to alternative operating systems like Linux. The KDE group is promoting Linux, particularly Linux Mint, as a solution for those feeling abandoned by Microsoft, warning that users may face issues such as data breaches and inability to run new applications without updates. They also highlight the environmental impact of forced upgrades, labeling it "tech extortion." KDE advocates for the adoption of Linux to revitalize older hardware and regain control over computing experiences.

Winsage

June 2, 2025

Microsoft’s Bad News—500 Million Windows Users Must Now Decide

A recent advisory warns Windows users about vulnerabilities, emphasizing the need to upgrade from Windows 10 to Windows 11 due to the impending cessation of support for Windows 10 in October. Asus has highlighted that users of Windows 10 or older systems will soon lose regular updates and support. Currently, around 750 million users are on Windows 10, with 500 million potentially eligible for a free upgrade to Windows 11. Recent market data shows Windows 10's user share has increased from 41% in April to over 43% in May, while Windows 11 has declined by 3.5%. The urgency for upgrades is heightened as the deadline for Windows 10 support approaches, raising concerns about a potential cybersecurity crisis.

Winsage

May 26, 2025

Microsoft releases an update to tackle a built-in issue in Windows images, but who is it for?

Microsoft encourages users to adopt the latest version of Windows or a version eligible for monthly security updates to protect against security threats. Older Windows ISOs are vulnerable due to outdated security updates and antimalware software. Microsoft has released an update for Microsoft Defender to enhance the security of these older Windows images. This update includes the latest Microsoft Defender binaries, which must be applied offline to WIM and VHD files for Windows 11, Windows 10 (Enterprise, Pro, Home), Windows Server 2022, 2019, and 2016. The update improves both the anti-malware client and engine, with package sizes of 78.2 MB for ARM64, 128 MB for x86, and 132 MB for x64 systems. Users need a 64-bit version of Windows 10 or later, PowerShell 5.1 or later, and specific modules to implement the update. Regular updates every three months are recommended for optimal security.

Tech Optimizer

May 19, 2025

Microsoft Defender deactivated by new tool

The OpenEoX Technical Committee, part of OASIS, has introduced a draft framework to standardize end-of-life security notices for software and hardware, involving companies like Microsoft, Cisco, Oracle, IBM, Dell, and RedHat. The framework aims to provide clear communication about the security status of technology, helping organizations manage risks associated with legacy systems. It outlines a structured approach for notifying users about end-of-life status, enabling informed decisions on upgrades or replacements to improve security.

Winsage

May 1, 2025

Microsoft RDP apparently lets you log in with expired passwords – and it apparently doesn’t have plans to fix the issue

Security researcher Daniel Wade has revealed that Microsoft’s Remote Desktop Protocol (RDP) allows users to log into systems using previously revoked passwords, raising concerns about user security. Wade highlights that this feature undermines the trust users place in password management, as changing passwords is expected to prevent unauthorized access. This issue affects a wide range of users, from individuals to employees in small businesses and hybrid work environments. Despite the increasing sophistication of cyberattacks on password managers, Microsoft has stated it will not change this RDP functionality.

Winsage

April 18, 2025

Microsoft still has a massive Windows 10 problem – and there’s no easy way out

Microsoft's Windows 10 will reach its end-of-support date on October 14, 2025, after a standard 10-year support lifecycle. Most editions, including Home, Pro, and Enterprise, will stop receiving updates, although PCs running Windows 10 will continue to function without updates. Windows 10 Enterprise Long Term Servicing editions have different end dates, with some extending support until 2029. Current data indicates that approximately 1.6% of Windows 10 PCs are replaced by Windows 11 each month, suggesting that around 35% of the 1.4 billion Windows devices will still be using Windows 10 by the end-of-support date, equating to over 500 million PCs potentially vulnerable to cyber threats. As of April 2025, about 54% of PCs globally are still running Windows 10. Users likely to remain on Windows 10 include those with incompatible hardware, corporate environments that have standardized on Windows 10, and users resistant to upgrading due to dissatisfaction with Windows 11. Microsoft faces challenges related to a significant number of unsupported PCs, and while extended support options exist for enterprise customers, consumer adoption is expected to be low. Users unable or unwilling to upgrade may consider non-Microsoft operating systems or continue using Windows 10 without official support, which poses security risks.

AppWizard

April 10, 2025

How Gaming Is Regulated On Android’s App Store

The Google Play Store offers millions of mobile games and enforces strict regulations to ensure user safety and legal compliance. These regulations cover content policies, monetization practices, data protection, technical requirements, and regional compliance. Games must adhere to content policies that prohibit hate speech, excessive violence, and misrepresentation, and must be rated by the International Age Rating Coalition (IARC). Monetization strategies require developers to use Google’s payment system for in-app purchases and disclose pricing and refund policies. Gambling games must have the necessary licenses and disclose odds for loot boxes. Data privacy guidelines mandate clear communication about data collection and user consent. Technical standards require games to function well across devices and be free from security threats. Google employs automated and manual reviews to enforce compliance, with consequences for violations ranging from warnings to permanent bans. Regional compliance is necessary, particularly in areas with strict regulations like China and the EU.

Winsage

April 8, 2025

Windows Server Update Services live to patch another day

Microsoft has announced an extension of support for Windows Server Update Services (WSUS), postponing the planned end of support originally set for April 2025, in response to user feedback. The decision comes shortly before the scheduled cutoff and addresses challenges associated with disconnected device scenarios. Initially, Microsoft planned to make drivers available only through the Microsoft Update Catalog, but user feedback prompted a change. While some IT administrators may welcome the decision, others argue that WSUS is outdated and lacks essential capabilities for modern security. Gene Moody, field CTO at Action1, noted that WSUS is ill-equipped to meet contemporary demands and highlighted its limitations in enforcing updates and providing real-time visibility. Moody suggested that the extension of support is influenced by specific scenarios where WSUS remains necessary, such as environments with legal obligations or air-gapped networks. He cautioned that this decision should not be seen as a shift away from Microsoft's goal of phasing out WSUS in favor of cloud-based solutions.

Winsage

April 2, 2025

Microsoft’s Free Upgrade Deadline—Millions Of Windows Users Suddenly Move

Microsoft has made significant changes to Windows, including the elimination of passwords and new account access methods, while warning users about risks like data breaches and identity theft. Windows 10 users face an urgent transition as support ends in six months, with a free upgrade to Windows 11 available for eligible PCs. Recent data shows a 4% increase in Windows 10 users switching to Windows 11, with Windows 10's market share dropping to 54% and Windows 11 rising to over 40%. However, security hardware requirements may prevent some users from upgrading, potentially affecting around 240 million PCs. Users can purchase a 12-month extension for home use, while business users may incur higher fees for extended support. After the support deadline, Microsoft will stop providing updates and security fixes for Windows 10, increasing cybersecurity vulnerabilities. Transitioning to Windows 11 is crucial for users to access the latest security features.