security vulnerabilities Archives

Tech Optimizer

June 3, 2025

I learned these 6 antivirus myths for PCs are completely wrong

Antivirus software on Windows was once essential due to security vulnerabilities, but built-in protection in Windows 8 and later versions often suffices for everyday use. Modern third-party antivirus applications are designed to be efficient and have minimal impact on system performance. All operating systems, including macOS, Linux, iOS, and Android, are susceptible to malware, contrary to the belief that only Windows needs antivirus protection. Manual virus scans are no longer necessary as modern solutions provide real-time monitoring. Antivirus software should be part of a broader security strategy that includes regular updates and secure online practices. Relying solely on cautious behavior is insufficient, as threats can emerge from various sources. Using antivirus software is still recommended, and users can complement built-in security features with third-party solutions.

AppWizard

June 2, 2025

Preinstalled Android Apps Found Leaking PINs and Executing Malicious Commands

On May 30, 2025, CERT Polska disclosed three security vulnerabilities affecting preinstalled Android applications on Ulefone and Krüger&Matz smartphones: CVE-2024-13915, CVE-2024-13916, and CVE-2024-13917. - CVE-2024-13915: The com.pri.factorytest application allows any app to invoke the FactoryResetService, enabling unauthorized factory resets due to improper export controls (CWE-926). - CVE-2024-13916: The com.pri.applock application exposes a public method that allows malicious apps to steal the user’s PIN, representing an exposure of sensitive system information (CWE-497). - CVE-2024-13917: The exported activity in com.pri.applock allows privilege escalation by enabling malicious apps to inject intents with system-level privileges if they have access to the compromised PIN (CWE-926). Users of affected devices are advised to seek firmware updates or mitigations from their vendors.

Winsage

May 30, 2025

Windows 11’s May security update is crashing PCs with code 0xc0000098

Microsoft rolled out update KB5058405 for Windows 11 23H2 to address critical security vulnerabilities, but users are reporting significant issues, including boot failures with error code 0xc0000098. This problem affects both Windows 11 23H2 and 22H2, primarily in virtual environments like Azure Virtual Machines and on-premises virtual machines hosted on Citrix or Hyper-V. Home users with Windows Home or Pro editions are less likely to experience this issue. The error indicates a missing or corrupted ACPI.sys file, which is essential for managing hardware resources and power states. Microsoft is currently investigating the issue and has not yet provided a resolution.

Tech Optimizer

May 29, 2025

Windows PCs at risk as new tool disarms built-in security

All modern Windows PCs come with Microsoft Defender, a built-in antivirus solution. A tool called Defendnot can disable Microsoft Defender by tricking Windows into believing another antivirus is active. It uses an undocumented API to register a counterfeit antivirus, which leads to Microsoft Defender being automatically disabled without user notification. Defendnot creates a scheduled task for persistence and allows customization of the antivirus name. It is a successor to a previous project, No-Defender, which was removed due to copyright issues. Currently, Microsoft Defender flags Defendnot as a threat.

Winsage

May 29, 2025

Windows 10 KB5058481 update brings seconds back to calendar flyout

Microsoft has released the optional KB5058481 preview cumulative update for Windows 10 22H2, which includes seven changes, notably the restoration of seconds to the time display in the calendar flyout. This update is part of the routine "optional non-security preview updates" and does not address security vulnerabilities. Users can install the update by navigating to Settings and manually checking for updates. Upon installation, Windows 10 22H2 will be updated to build 19045.5917. The update also includes enhancements for user experience and addresses a known issue with NOTO fonts appearing blurry at 96 DPI, particularly affecting CJK text in Chromium-based browsers. A temporary solution is to adjust the display scaling to 125% or 150%.

Winsage

May 28, 2025

Did Microsoft Change Windows 11 Requirements? – Here’s the Truth

Microsoft has not changed the official requirements for Windows 11 since its launch. Users need a compatible 64-bit processor (1GHz or faster with at least two cores), a minimum of 4GB of RAM, and 64GB of storage. Essential features include UEFI firmware that supports Secure Boot and TPM version 2.0, DirectX 12 compatible graphics with a WDDM 2.0 driver, and displays of at least 9 inches with a resolution of 720p. Microsoft allows experienced users to manually install Windows 11 on unsupported devices at their own risk, but this is not advisable due to potential issues. The strict requirements are intended to enhance security and performance. Users can check compatibility with the PC Health Check Tool. Microsoft will support Windows 10 until October 14, 2025, after which there will be no official support. For those whose systems do not meet the specifications, upgrading hardware or purchasing a new PC may be necessary.

Winsage

May 28, 2025

The Windows File Explorer is still so bad when it comes to networked drives

File Explorer in Windows 11 has usability issues, particularly with sluggish search functionality and problems accessing networked drives. Users often experience drives disappearing after reboot, inaccessibility to files, and freezing of File Explorer, with error codes like c0000375 indicating deeper issues. The networked drive feature relies on outdated technology, as Microsoft has deprecated older protocols like SMBv1, complicating file sharing. Users can mitigate freezing by restarting File Explorer and ensuring network settings are correctly configured, such as setting Wi-Fi to private and enabling file sharing options. Excessive pinned items in Quick Access can cause crashes, and clearing the cache may resolve these issues. Alternatives to File Explorer, like XYplorer and File Pilot, can provide better access to networked drives. Overall, the challenges stem from outdated technology and the corruption of the Quick Access cache, with third-party solutions available for relief.

Winsage

May 27, 2025

Computers running on Microsoft’s Windows 10 must be updated

Microsoft will end support for Windows 10 on October 14, meaning devices will no longer receive security updates, bug fixes, or technical support, which could lead to security vulnerabilities. At Case Western Reserve University (CWRU), many computers can be upgraded to Windows 11 without disruption, and the upgrade process is being managed by University Technology ([U]Tech). Some devices may need assessment for compatibility, and [U]Tech will contact those affected. Early planning is important to avoid disruptions, ensure budget allocation, and maintain security. Users should contact [U]Tech if they have not been reached by June 30 and provide their device information. Assistance is available through various channels, including a support form and the [U]Tech C.A.R.E. Center.

Winsage

May 26, 2025

Deadline approaching: It’s time to say goodbye to Windows 10

Microsoft will officially discontinue support for Windows 10 on October 14, 2025. Users are encouraged to upgrade to Windows 11, which has specific hardware requirements including a modern processor, a minimum of 4 GB of RAM, and a TPM 2.0 security chip. To check compatibility, users can use the PC Health Check app. If a device does not meet the requirements, hardware upgrades or firmware adjustments may be necessary. If the BIOS mode is set to Legacy, users must convert the hard drive from MBR to GPT using the command mbr2gpt /convert /allowfullOS. It is recommended to back up data before upgrading. Microsoft is also offering an Extended Security Updates (ESU) option for approximately €27, extending support for an additional year.

Winsage

May 20, 2025

Microsoft releases emergency hotfix for Windows 10’s May update issues

Microsoft released an out-of-band update, KB5061768, for Windows 10 users to address urgent security vulnerabilities. This update is available through the Microsoft Update Catalog for Windows 10 versions 1903 and later, including Windows 10 LTSB, and supports both x86 and x64 architectures. The download size ranges from 415 MB to 711 MB. The update is crucial for users experiencing BitLocker issues and blue screen crashes after the May Windows 10 patch, particularly on devices with Intel Trusted Execution Technology enabled on 10th-generation Intel vPro processors or newer. Users unable to install the update due to boot issues should disable Intel VT for Direct I/O and Intel Trusted Execution Technology in the BIOS/UEFI settings to allow normal startup and apply the update.