We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

software vulnerabilities

Patch Tuesday fixes an exploited bug, but not for Windows 10
Winsage
April 9, 2025

Patch Tuesday fixes an exploited bug, but not for Windows 10

Microsoft's Patch Tuesday updates addressed over 120 vulnerabilities, including one actively exploited flaw (CVE-2025-29824) and 11 critical issues. CVE-2025-29824 is an elevation of privilege vulnerability in the Windows Common Log File System Driver, targeted by the group Storm-2460 to deploy ransomware called PipeMagic, affecting victims in the US, Spain, Venezuela, and Saudi Arabia. This vulnerability has a CVSS score of 7.8 and allows attackers to escalate privileges due to a use-after-free flaw. Patches for Windows Server and Windows 11 have been released, but Windows 10 users are still awaiting a fix, with Microsoft promising updates soon. Among the critical vulnerabilities addressed, all allow for remote code execution (RCE). Notable vulnerabilities include: - CVE-2025-26670: LDAP Client RCE, Critical, CVSS 8.1 - CVE-2025-27752: Microsoft Excel RCE, Critical, CVSS 7.8 - CVE-2025-29791: Microsoft Excel RCE, Critical, CVSS 7.8 - CVE-2025-27745: Microsoft Office RCE, Critical, CVSS 7.8 - CVE-2025-27748: Microsoft Office RCE, Critical, CVSS 7.8 - CVE-2025-27749: Microsoft Office RCE, Critical, CVSS 7.8 - CVE-2025-27491: Windows Hyper-V RCE, Critical, CVSS 7.1 - CVE-2025-26663: Windows LDAP RCE, Critical, CVSS 8.1 - CVE-2025-27480: Windows RDP RCE, Critical, CVSS 8.1 - CVE-2025-27482: Windows RDP RCE, Critical, CVSS 8.1 - CVE-2025-26686: Windows TCP/IP RCE, Critical, CVSS 7.5 - CVE-2025-29809: Windows Kerberos Security Feature Bypass, Important, CVSS 7.1 Dustin Childs from ZDI noted that CVE-2025-29809 requires additional measures beyond standard patching. CVE-2025-26663 and CVE-2025-26670 are considered wormable, necessitating prompt updates, especially for networks exposing LDAP services. Adobe released over 50 fixes for vulnerabilities in products like Cold Fusion, After Effects, and Photoshop, with some issues in Cold Fusion classified as critical. AMD updated advisories regarding GPU access and various Ryzen AI software vulnerabilities.
Top 10 Best Ransomware Protection Tools
Tech Optimizer
February 23, 2025

Top 10 Best Ransomware Protection Tools

Ransomware is a type of malicious software that encrypts files, making them inaccessible until a ransom is paid, usually in cryptocurrency. Ransom demands can range from a few hundred to several thousand dollars, causing significant disruptions and financial losses. Key examples of ransomware include WannaCry, Petya, CryptoLocker, Ryuk, REvil, and Snake. To protect against ransomware, it is crucial to keep software updated, use anti-virus solutions, be cautious with unknown attachments or links, and regularly back up important data. Effective protection tools include backup solutions, anti-virus software, firewalls, and ransomware-specific solutions. Free protection options include Windows Defender, Malwarebytes Anti-Ransomware, Bitdefender Anti-Ransomware, Avast Anti-Ransomware, and Kaspersky Anti-Ransomware Tool for Business. Ransomware can be categorized into locker ransomware, screen ransomware, and encrypting ransomware.
EDB announces Secure Open Software Solution for EDB Postgres AI Enterprise and Government Deployments
Tech Optimizer
February 4, 2025

EDB announces Secure Open Software Solution for EDB Postgres AI Enterprise and Government Deployments

EDB has announced the EDB Postgres® AI platform, which now includes a Secure Open Source solution aimed at enhancing security for enterprise and government deployments. Key features include: - Supply Chain Security to mitigate risks from third-party software vulnerabilities. - Automated Standards Compliance to simplify adherence to industry standards. - Government Security Assurance to meet stringent security requirements. EDB has also expanded security partnerships with Fortanix and Entrust to improve key management for sensitive data protection.
Micropatchers share fix for NTLM hash leak flaw in Windows
Winsage
December 7, 2024

Micropatchers share fix for NTLM hash leak flaw in Windows

Acros Security has identified an unpatched NTLM vulnerability in Microsoft Windows, affecting versions from Windows 7 to Windows 11 v24H2, which risks credential theft. The vulnerability can be exploited through Windows Explorer when users view a malicious file, exposing their NTLM hash to remote attackers. Acros plans to release a micropatch to mitigate the risk and has contacted Microsoft regarding the issue. Historically, Acros has reported several zero-day vulnerabilities to Microsoft. The micropatching industry aims to provide more permanent solutions to security flaws, though it may introduce complications. As Windows 10 approaches retirement, IT managers may increasingly consider micropatching for system protection. Mainstream support for Windows 7 ended in 2015, with extended support concluding in 2020.
What I learned from 3 years of running Windows 11 on “unsupported” PCs
Winsage
October 25, 2024

What I learned from 3 years of running Windows 11 on “unsupported” PCs

Midrange and high-end laptops have seen enhancements such as high-resolution displays, taller screen aspect ratios (16:10 and 3:2), USB-C charging, and backlit keyboards. The ThinkPad X230 features a booklight next to the webcam for keyboard illumination but lacks a backlit keyboard. Recent laptops offer upgrades that improve productivity and user satisfaction, particularly for Windows 11 support. Windows 11 requires security features like TPM 2.0, hypervisor-protected code integrity (HVCI), and mode-based execution control (MBEC), which enhance data protection but may affect performance on older systems. Older PCs face vulnerabilities due to the lack of support for the latest security updates and BIOS fixes, increasing their risk.
October 2024 Patch Tuesday: Updates and Analysis
Winsage
October 9, 2024

October 2024 Patch Tuesday: Updates and Analysis

Microsoft released a patch for CVE-2024-43572, a vulnerability in the Microsoft Management Console, rated Important with a CVSS score of 7.8, allowing remote code execution through malicious MSC files. Another patch was issued for CVE-2024-43573, a Moderate spoofing vulnerability in the Windows MSHTML Platform with a CVSS score of 6.5, affecting multiple Microsoft products. Additionally, three critical vulnerabilities were identified: CVE-2024-43468 in Microsoft Configuration Manager (CVSS score 9.8), CVE-2024-43488 in the Arduino extension for Visual Studio Code (CVSS score 8.8), and CVE-2024-43582 in the Remote Desktop Protocol Server (CVSS score 8.1). The CrowdStrike Falcon® platform introduced a Patch Tuesday dashboard for tracking vulnerabilities, and organizations are encouraged to adopt comprehensive cybersecurity strategies beyond just patching.
Why Total Security in Messengers is Impossible: Insights from Egor Alshevski
AppWizard
September 20, 2024

Why Total Security in Messengers is Impossible: Insights from Egor Alshevski

The protection of personal information and online security is a critical concern in the digital landscape, with messaging applications claiming to use open-source code and advanced encryption techniques. However, achieving absolute security is complex and often unattainable. Egor Alshevski, CEO of InTouch AG, states that creating a completely secure messenger is impossible due to inherent vulnerabilities from software flaws, hardware issues, and evolving cybercriminal tactics. Government intervention poses significant challenges, with legislation like Australia’s Assistance and Access Act of 2018 requiring backdoors in encryption, undermining secure messaging. The proposed EU Child Sexual Abuse Regulation could dismantle encryption by mandating communication scanning, further compromising privacy. Governments utilize techniques like GSM ID tracking and exploiting device software vulnerabilities to access encrypted communications. While encryption protects message content, metadata remains accessible and can reveal communication habits. Users can enhance their security by regularly updating software and choosing messengers that publish their source code, although these measures are not foolproof. Open-source code allows independent security audits but can also be exploited by malicious actors. End-to-end encryption protects message content but faces threats from legislation and metadata leaks. AI and machine learning can improve security by analyzing data for suspicious activities, but their potential misuse raises concerns about mass surveillance and privacy infringement. The future of messenger security will depend on balancing individual privacy with legitimate security needs, continuous innovation, and collaboration among technologists, policymakers, and civil society. Despite advancements, the notion of a 100% secure messenger remains a myth, and vulnerabilities will persist.
August 2024 Patch Tuesday: Updates and Analysis | CrowdStrike
Winsage
August 15, 2024

August 2024 Patch Tuesday: Updates and Analysis | CrowdStrike

Microsoft's August 2024 Patch Tuesday addressed 85 vulnerabilities, including six zero-day exploits. The vulnerabilities are categorized as CVE-2024-38213, CVE-2024-38193, CVE-2024-38189, CVE-2024-38178, CVE-2024-38107, and CVE-2024-38106. Six vulnerabilities are classified as Critical, while the remaining 79 are rated Important or Moderate. The predominant risk types include elevation of privilege (37%) and remote code execution (35%). Windows products received 43 patches, with 21 for the Extended Security Update (ESU) and 8 for Microsoft Office. Notable zero-day vulnerabilities include: - CVE-2024-38189 in Microsoft Project (CVSS 8.8) allows remote code execution. - CVE-2024-38193 in Windows Ancillary Function Driver for WinSock (CVSS 7.8) allows privilege escalation. - CVE-2024-38107 in Windows Power Dependency Coordinator (CVSS 7.8) allows privilege escalation. - CVE-2024-38178 in the Scripting Engine (CVSS 7.5) allows remote code execution. - CVE-2024-38106 in the Windows kernel (CVSS 7.0) allows privilege escalation. - CVE-2024-38213 in Windows Mark of the Web Security (CVSS 6.5) allows security warning bypass. Critical vulnerabilities include: - CVE-2024-38063 (CVSS 9.8) in Windows TCP/IP allows remote code execution. - CVE-2024-38140 (CVSS 9.8) in Windows Reliable Multicast Transport Driver allows remote code execution. - CVE-2024-38109 (CVSS 9.1) in Azure Health Bot allows privilege escalation. - CVE-2024-38159 and CVE-2024-38160 (both CVSS 9.1) in Windows Network Virtualization allow remote code execution. - CVE-2023-40547 (CVSS 8.8) impacts Secure Boot. Additional vulnerabilities with existing proof of concept include: - CVE-2024-38199 (CVSS 9.8) in Windows Line Printer Daemon allows remote code execution. - CVE-2024-38202 (CVSS 7.3) in Windows Update Stack allows privilege escalation. - CVE-2024-21302 (CVSS 6.7) in Windows Secure Kernel Mode allows privilege escalation.
Back to the future: Windows Update is now a trojan horse for hackers
Winsage
August 9, 2024

Back to the future: Windows Update is now a trojan horse for hackers

Downgrade attacks, or version-rollback attacks, exploit software vulnerabilities by reverting it to an outdated, insecure version. This tactic allows cybercriminals to exploit previously addressed issues, increasing the risk of data breaches and unauthorized access. Businesses, particularly those using Windows environments, face heightened risks as these attacks can reverse security patches, exposing systems to vulnerabilities. The consequences include operational disruptions, costly downtime, and potential regulatory penalties, especially for industries like financial services, healthcare, and the public sector, which operate under strict compliance mandates.
Search