We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

security vulnerability

Warning — Microsoft Windows Defender Can Be Disabled By Hackers
Winsage
May 12, 2025

Warning — Microsoft Windows Defender Can Be Disabled By Hackers

A critical cloud security vulnerability rated 10/10 has been reported for Microsoft users, along with persistent denial of service attacks affecting Windows and warnings about password theft. A new tool called Defendnot has been released, which can disable Windows Defender, Microsoft's antivirus protection. Developed by a security researcher known as es3n1n, Defendnot simplifies the process of bypassing Windows Defender by tricking it into disabling itself. It uses undocumented application programming interfaces (APIs) to convince Windows Defender that another antivirus solution is present, without relying on third-party antivirus code. The availability of Defendnot poses a significant risk, potentially aiding malicious actors.
Google's May 2025 Pixel update is here with bug fixes and a critical security patch
AppWizard
May 7, 2025

Google’s May 2025 Pixel update is here with bug fixes and a critical security patch

The May 2025 security update for Google Pixel devices began deployment on May 6, addressing a critical zero-day security vulnerability (CVE-2025-27363) and including three bug fixes along with 28 security patches. The rollout may take about one week to reach all devices, depending on models and carriers. The update prevents devices from reverting to older, vulnerable versions of the bootloader. It also resolves specific issues for Google Pixel 6 and newer devices, including improvements in microphone recording quality, resolution of Bluetooth pairing issues with certain smartwatches, and correction of secondary language display issues in quick settings. Users are advised to check for the update in the Settings app under System > Software update.
Windows 10 is fading fast - and Microsoft's CEO just made that crystal clear
Winsage
May 2, 2025

Windows 10 is fading fast – and Microsoft’s CEO just made that crystal clear

Microsoft CEO Satya Nadella announced the transition from Windows 10 to Windows 11 during the third-quarter earnings call, highlighting that Windows 10's end-of-support date is October 14, 2025. Windows 11, launched in 2021, has seen a nearly 75% increase in commercial deployment since last year. Surveys show that Windows 10's user base dropped from 70% in April 2024 to 54%. The upgrade to Windows 11 is free for eligible hardware, but the system requirements are more demanding. Windows contributes only 9% to Microsoft's overall income in fiscal year 2024.
Microsoft has no plans to fix Windows RDP bug that lets you log in with old passwords
Winsage
May 2, 2025

Microsoft has no plans to fix Windows RDP bug that lets you log in with old passwords

Microsoft has decided not to address a significant security vulnerability in its Windows Remote Desktop Protocol (RDP) that allows users to log into machines using outdated cached passwords, even after those passwords have been updated or changed. This situation creates a potential backdoor for unauthorized access, raising security concerns. Microsoft defends this functionality as a design choice to prevent users from being locked out of their machines, prioritizing accessibility over security.
A mysterious new Windows 11 folder appeared - and now there's a new exploit
Winsage
April 30, 2025

A mysterious new Windows 11 folder appeared – and now there’s a new exploit

Windows 11 users encountered the "inetpub" folder after the April 2023 update (KB5055523), which is a crucial component for addressing the security vulnerability CVE-2025-21204. Microsoft stated that the folder should not be removed, as it helps manage Windows Update security vulnerabilities by preventing unauthorized control through symbolic links. However, cybersecurity expert Kevin Beaumont revealed that the same patch introduced a new vulnerability that could allow remote exploitation, prompting Microsoft to acknowledge this issue with a "Moderate" status and indicate that a fix is forthcoming. Users are advised to keep their systems updated and not delete the "inetpub" folder. If the folder is deleted, it can be restored by enabling Internet Information Services in the Control Panel.
Microsoft's Patch for Symlink Vulnerability Introduces New Windows Denial-of-Service Flaw
Winsage
April 25, 2025

Microsoft’s Patch for Symlink Vulnerability Introduces New Windows Denial-of-Service Flaw

In early April 2025, Microsoft addressed a security vulnerability (CVE-2025-21204) related to symbolic links in the Windows servicing stack, specifically affecting the c:inetpub directory used by Internet Information Services (IIS). The updates created the c:inetpub folder with appropriate permissions to mitigate risks. However, this fix introduced a new denial-of-service (DoS) vulnerability, allowing non-administrative users to create junction points on the c: drive, disrupting the Windows Update mechanism. A command such as "mklink /j c:inetpub c:windowssystem32notepad.exe" could be used to exploit this flaw, preventing systems from receiving future security patches. As of April 25, Microsoft had not released a patch or acknowledged the issue, leaving systems vulnerable and emphasizing the need for monitoring user permissions and manually removing suspicious symlinks.
Microsoft mystery folder fix might need a fix of its own
Winsage
April 24, 2025

Microsoft mystery folder fix might need a fix of its own

Microsoft's recent patch for CVE-2025-21204 inadvertently reintroduced the inetpub folder at c:inetpub as part of its mitigation strategy, raising concerns among system administrators. Security researcher Kevin Beaumont discovered that this folder created a new vulnerability when he used the mklink command with the /j parameter to redirect the folder to a system executable (notepad.exe). This allowed standard users to prevent Windows updates without administrative rights, as the command could be executed on default-configured systems. Beaumont has notified Microsoft of this vulnerability, but the company has not yet responded.
Search