NewApp Digest
search bot

system reboot

Microsoft fixes six actively exploited flaws in latest Windows 11 update
Winsage
February 11, 2026

Microsoft fixes six actively exploited flaws in latest Windows 11 update

Microsoft's February 2026 Patch Tuesday addressed 59 vulnerabilities in Windows 11, with six confirmed as actively exploited. The most critical vulnerability is CVE-2026-21510, a Windows Shell security feature bypass with a CVSS rating of 8.8, allowing attackers to evade warnings by tricking users into opening malicious files. Another significant vulnerability, CVE-2026-21513, also rated at 8.8, affects MSHTML and allows remote attackers to bypass execution prompts through malicious code in HTML or shortcut files. CVE-2026-21514 impacts Microsoft Word and enables adversaries to disable OLE mitigations, posing risks through document-based attacks. Two local privilege escalation vulnerabilities are CVE-2026-21519 in Desktop Window Manager and CVE-2026-21533 in Windows Remote Desktop Services, with CVSS scores of 7.8. CVE-2026-21525 is a denial-of-service vulnerability in Remote Access Connection Manager. The update includes 53 additional vulnerabilities across various Microsoft products and services, with CVE-2026-21531 in Azure SDK rated at 9.8 and CVE-2026-20841 affecting Windows Notepad rated at 8.8. The cumulative update for Windows 11 (KB5077181) also includes enhancements and resolves WPA3 Wi-Fi connectivity issues. Microsoft reminded users of the June 2026 expiration of Secure Boot certificates, which requires timely updates to ensure secure booting. Users can install the updates via Windows Update.
Microsoft fixes 114 flaws in year's first Windows 11 Patch Tuesday
Winsage
January 13, 2026

Microsoft fixes 114 flaws in year’s first Windows 11 Patch Tuesday

Microsoft's January 2026 Patch Tuesday update, KB5074109, addresses 114 vulnerabilities, including a critical zero-day vulnerability (CVE-2026-20805) in the Windows Desktop Window Manager (DWM) that has been actively exploited. The update is applicable to Windows 11 versions 24H2 and 25H2 and includes security enhancements and updates to AI components. Other high-severity vulnerabilities addressed include CVE-2026-20816 (privilege escalation in Windows Installer), CVE-2026-20817 (elevation of privilege in Windows Error Reporting), CVE-2026-20840 (vulnerability in Windows NTFS), CVE-2026-20843 (flaw in Routing and Remote Access Service), CVE-2026-20860 (vulnerability in Ancillary Function Driver for WinSock), and CVE-2026-20871 (another DWM vulnerability). The update removes legacy modem drivers to minimize the attack surface and resolves reliability issues in Azure Virtual Desktop and WSL networking. It also changes the default setting for Windows Deployment Services (WDS) to disable hands-free deployment. Users can install the update through Windows Update, and a system reboot is required for full application.
New Windows 11 feature aims to diagnose crashes — will check RAM after BSODs to look for problems
Winsage
October 29, 2025

New Windows 11 feature aims to diagnose crashes — will check RAM after BSODs to look for problems

Microsoft is introducing a new memory diagnostic scan for Windows 11, which activates after a Blue Screen of Death (BSOD) incident. This feature is currently available to users in the dev channel through Windows 11 Insider Preview Build 26220.6982 (KB5067109). After a BSOD, users will see a pop-up window that allows them to schedule a memory scan for the next reboot or skip it. The scan aims to address memory corruption issues that can cause system errors and will be selectively triggered for crashes likely related to memory problems.
Microsoft Issues Emergency Patch for Actively Exploited Critical WSUS Vulnerability
Winsage
October 24, 2025

Microsoft Issues Emergency Patch for Actively Exploited Critical WSUS Vulnerability

Microsoft has released out-of-band security updates to address a critical vulnerability in the Windows Server Update Service (WSUS), identified as CVE-2025-59287, which has a CVSS score of 9.8 and is actively being exploited. The vulnerability allows unauthorized remote code execution due to unsafe deserialization of untrusted data. It affects various supported versions of Windows Server, including 2012, 2012 R2, 2016, 2019, 2022, and 2025 (23H2 Edition, Server Core installation). Microsoft recommends applying the patch and rebooting the system, or alternatively, disabling the WSUS Server Role or blocking inbound traffic to Ports 8530 and 8531. The Dutch National Cyber Security Centre (NCSC) reported active exploitation on the same day the updates were released. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog, requiring federal agencies to address it by November 14, 2025.
Windows Server emergency patches fix WSUS bug with PoC exploit
Winsage
October 24, 2025

Windows Server emergency patches fix WSUS bug with PoC exploit

Microsoft has released out-of-band security updates to address a critical-severity vulnerability in its Windows Server Update Service (WSUS), tracked as CVE-2025-59287. This remote code execution flaw affects Windows servers with the WSUS Server Role enabled, allowing low-complexity remote attacks without user interaction. If the WSUS server role is enabled and the fix is not installed, the server becomes vulnerable. Microsoft recommends that customers install the updates immediately and provided alternative measures, such as disabling the WSUS Server Role or blocking inbound traffic to Ports 8530 and 8531. The update is cumulative and supersedes all previous updates for affected versions. After installation, WSUS will no longer display synchronization error details as a temporary risk mitigation measure.
Microsoft issues out-of-band patch for critical WSUS flaw
Winsage
October 24, 2025

Microsoft issues out-of-band patch for critical WSUS flaw

Microsoft has released an urgent out-of-band update to address a critical vulnerability (CVE-2025-59287) in Windows Server Update Services (WSUS), affecting Windows Server versions from 2012 to 2025. This remote code execution flaw allows unauthenticated attackers to execute arbitrary code due to insecure deserialization of untrusted data. Only servers with the WSUS role enabled are at risk. Administrators unable to apply the patch should consider disabling the WSUS role or blocking inbound traffic to ports 8530 and 8531. The update is cumulative and requires a system reboot after installation. WSUS is deprecated but remains supported, with Microsoft advising a transition to alternatives like its cloud-based Intune service.
Your Windows 11 PC has an emergency shutdown feature - here's where to find it
Winsage
October 20, 2025

Your Windows 11 PC has an emergency shutdown feature – here’s where to find it

A little-known Emergency Restart method for Windows 11 can be accessed by pressing CTRL + ALT + DEL and holding the CTRL key while clicking the power button. This prompts a message warning that any unsaved data will be lost and advises using it as a last resort. The method serves as an alternative to a hard reset when the system is unresponsive. Personal tests have shown no adverse effects from its use, and there are no restrictions on how often it can be employed. Additionally, users can restart their machines using the Command Prompt by typing shutdown /r.
Search