security threats Archives

Winsage

July 11, 2025

Microsoft enables JScript9Legacy scripting engine to improve Windows 11 security

Microsoft is phasing out JScript in Windows 11 24H2 in favor of JScript9Legacy to enhance security. JScript9Legacy is enabled by default and will manage all scripting processes previously reliant on JScript without requiring user action. This new scripting engine offers improved performance, compatibility with modern web standards, and advanced security features to mitigate risks such as cross-site scripting (XSS). The transition is designed to be seamless, although Microsoft has not provided procedures for reverting to JScript if compatibility issues arise. The change is limited to Windows 11 24H2, with no updates planned for earlier Windows versions.

Winsage

July 11, 2025

Can’t upgrade your Windows 10 PC? You have 5 options and 3 months to act

The end-of-support date for Windows 10 is October 14, 2025, after which Microsoft will no longer provide technical support, security, or reliability fixes. Users can continue using Windows 10 without updates at their own risk, buy new PCs or rent virtual PCs through Windows 365, switch to a Linux distribution or ChromeOS Flex, sign up for the Extended Security Updates (ESU) program for continued security updates, or attempt to upgrade incompatible hardware to Windows 11 through specific methods.

AppWizard

July 9, 2025

Activision pulls Call of Duty game after PC players are hacked

Activision has removed Call of Duty: WWII from the Microsoft Store and Game Pass due to security breaches affecting players. The game is offline while the publisher investigates reports of hacks experienced by PC users. It remains available on Steam and other consoles. Players have reported significant security threats, including a video from streamer Wrioh demonstrating hacking incidents. The version of the game on Microsoft’s platforms reportedly contained an outdated flaw.

AppWizard

July 8, 2025

Google could soon protect your Android device from dangerous PWAs and WebAPKs (APK teardown)

Google is planning to enhance its Play Protect service by potentially adding scanning capabilities for Progressive Web Apps (PWAs) and WebAPKs during installation to improve user security against malicious threats. Recent code discoveries indicate that Google intends to enable verification for PWAs, as suggested by a code snippet found in the Google Play Store version 46.9.20-31. PWAs can be installed on devices through an "Add to Home screen" option, and when done via Chrome on Android, they receive a WebAPK, which integrates them more deeply into the Android ecosystem. Code snippets hinting at WebAPK scanning have also been uncovered, indicating a response to reports of malicious use of PWAs and WebAPKs for phishing schemes. However, the implementation of these scanning features has not been officially announced, and their availability remains uncertain.

AppWizard

July 6, 2025

Cybersecurity alert: 10 Android apps spy on your conversations without your knowledge, remove them from your phone immediately

Recent findings have identified a cyberespionage campaign using Google Play to distribute malicious applications, with four apps on the Play Store and six through other channels. The campaign disguises itself as romantic outreach via messaging services like Facebook Messenger and WhatsApp. The malicious applications fall into three categories: 1. Standard Messaging Applications, which gather personal information and include the VajraSpy trojan. 2. Accessibility Exploiters, which use accessibility features to intercept communications and include the Wave Chat app that records calls and captures keystrokes. 3. News Medium Impersonators, which solicit phone numbers and can intercept contacts and sensitive documents. Twelve dangerous applications have been flagged: Rafaqat, Private Talk, MeetMe, Let’s Chat, Quick Chat, Chit Cat, YohooTalk, TikTok, Hello Cha, Nidus, GlowChat, and Wave Chat. The first six apps had over 1,400 downloads before removal. These applications use advanced techniques to bypass Android security protocols, allowing eavesdropping on communications. Users are advised to uninstall these apps immediately, exercise caution when downloading new applications, and regularly review app permissions and system updates to enhance security.

Winsage

July 2, 2025

How to secure your printer with Windows 11’s new Protected Print mode

Nine percent of Windows security issues are attributed to its printing system. In 2021, a flaw in the printer spooler, known as "Print Nightmare," was discovered, allowing attackers elevated system rights. Microsoft introduced Windows Protected Print mode (WPP) in the Windows 11 24H2 update to address these vulnerabilities. WPP replaces manufacturer-specific drivers and prevents the installation of new printer drivers, limiting printer spooler tasks to user rights. WPP is based on the Internet Print Protocol (IPP) and is compatible with printers certified by the Mobile Printing Alliance. Users must manually enable WPP through the Settings menu. Once activated, Windows manages print jobs using its WPP driver, and users can find additional tools in the Microsoft Store. To deactivate WPP, users can return to the Settings and remove it, which requires reinstalling the original manufacturer’s drivers.

Winsage

June 18, 2025

Windows 10 End Nears: Switch to Linux for Security

Microsoft will cease support for Windows 10 on October 14, 2025, affecting an estimated 200 to 400 million devices that will no longer receive updates or patches, exposing them to security vulnerabilities. Transitioning to Windows 11 requires modern hardware specifications, which many older devices lack. Users must decide between investing in new hardware, opting for extended security updates, or switching to alternative operating systems like Linux. The Document Foundation advocates for Linux and LibreOffice as viable alternatives, emphasizing their ability to run on older hardware and providing robust security updates. Linux offers users greater control and transparency, addressing privacy concerns associated with proprietary systems. LibreOffice supports open document formats, ensuring long-term accessibility without vendor constraints. The end of Windows 10 support may prompt significant shifts in the tech industry, encouraging a move towards systems that prioritize sustainability and user rights.

Winsage

June 17, 2025

Windows 10 End Nears: Switch to Linux for Security

Microsoft will cease support for Windows 10 on October 14, 2025, leaving an estimated 200 to 400 million devices vulnerable to security risks due to a lack of updates. Users must choose between upgrading to Windows 11, which has strict hardware requirements, paying for extended security updates, or switching to alternative operating systems like Linux. The Document Foundation advocates for Linux and LibreOffice as viable options, emphasizing their ability to run on older hardware and provide robust security updates without vendor lock-in. Privacy concerns regarding data collection by major tech companies are highlighted, with Linux offering users greater control and transparency. The transition away from Windows 10 is seen as an opportunity to promote user empowerment and sustainability in technology choices.

Winsage

June 16, 2025

Update Windows Now — Microsoft Confirms System Takeover Danger

CVE-2025-33073 is a Windows authentication relay attack vulnerability with a CVSS score of 8.8, indicating high severity. It allows attackers to gain SYSTEM privileges on affected systems. Currently, there is no evidence of active exploitation, but the public disclosure raises concerns. Exploitation involves executing a malicious script that makes the victim's machine connect to the attacker's system using SMB. Security researchers have described it as an authenticated remote command execution on machines that do not enforce SMB signing. Microsoft has released a fix as part of the June Patch Tuesday security updates to address this vulnerability.

Tech Optimizer

June 10, 2025

Norton 360 Deluxe antivirus review

Norton 360 Deluxe is a comprehensive antivirus solution that offers extensive security features, including protection against botnets, brute force attacks, and vulnerabilities related to file and print sharing. It provides webcam protection, secure application sandboxing, and a Safe Search feature for risky websites. Users can create a rescue disk for emergencies. Scanning capabilities include quick scans, full scans, targeted folder scans, and a pre-boot deep scan, with the full scan completing in about four minutes. Parental controls allow management of screen time and website access across devices, while the included VPN can disable internet access if a compromised site is visited. Performance testing showed that Norton 360 Deluxe efficiently processed 927,000 files in about four minutes on various devices, significantly outperforming competitors like Bitdefender and McAfee. The Startup Scan feature is thorough but takes longer. The VPN maintained download speeds without noticeable degradation. Additional features include privacy monitoring tools, performance checks for outdated software, junk file removal, and limited cloud backup support for Windows devices. The user-friendly interface highlights key features and includes a search function for easy navigation. Norton provides 24/7 support through online chat and phone, with no email support available. The initial interaction with the virtual agent was efficient, followed by prompt human support.