system security Archives

Winsage

June 18, 2025

It’s time to update Asus Armoury Crate, folks—the latest vulnerability could allow hackers to compromise your Windows OS

A newly discovered vulnerability in Asus Armoury Crate, identified as CVE-2025-3464, has a severity rating of 8.4 out of 10 and allows hackers to gain low-level privileges on Windows systems. The affected versions of Armoury Crate range from V5.9.9.0 to V6.1.18.0. Researcher Marcin "Icewall" Noga from Cisco Talos highlighted this issue, prompting Asus to issue a product security advisory. Users are advised to verify their version of Armoury Crate and update to the latest version if necessary. No incidents of this exploit being actively used have been reported thus far. This is the second vulnerability found in an Asus utility within two months, following a separate issue with DriverHub reported in May.

Winsage

June 12, 2025

UEFI BIOS flaws: SecureBoot bypass and firmware replacement possible

Recent findings have identified two vulnerabilities in various UEFI BIOS versions from multiple manufacturers, compromising the SecureBoot mechanism. These vulnerabilities allow attackers to bypass SecureBoot protections and replace firmware, particularly in Insyde BIOSes. The issues stem from unprotected NVRAM variables, specifically the "IhisiParamBuffer," which can be manipulated to execute unsigned UEFI binaries. Affected UEFI applications include "DTBios" and "BiosFlashShell" from DTResearch, with a CVSS score of 8.2. Microsoft has added 14 new hashes to its DBX database to mitigate these risks. Additionally, a vulnerability in the Insyde H2O UEFI firmware app allows attackers to infiltrate digital certificates due to the insecure handling of the "SecureFlashCertData" variable, which is incorrectly treated as trusted memory. This flaw, known as "Hydroph0bia," has a CVSS score of 7.8 and enables unauthorized execution of firmware certified with manipulated certificates. Manufacturers are urged to provide firmware updates to address these vulnerabilities, as inconsistent support for locking UEFI variables raises security concerns.

Winsage

June 10, 2025

Windows 10 KB5060533 cumulative update released with 7 changes, fixes

Microsoft has released the KB5060533 cumulative update for Windows 10 22H2 and 21H2, which includes security patches addressing seven zero-day vulnerabilities. The update reintroduces seconds to the time display in the Calendar flyout, enhances the Rich Calendar feature, and adds descriptive text for the Weather button. It fixes rendering issues with GB18030 characters and resolves a problem with the Windows Account Sync Consent system in the European Economic Area. The update also addresses a known issue causing Hyper-V virtual machines to freeze or restart unexpectedly. A current issue involves blurry NOTO fonts at 96 DPI in Chromium-based browsers, with a workaround of adjusting display scaling to 125% or 150%. After installation, Windows 10 22H2 will be upgraded to build 19045.5965 and Windows 10 21H2 to build 19044.5965. Users can manually download the update from the Microsoft Update Catalog.

Winsage

June 9, 2025

Microsoft: Remedy for security vulnerability due to deleted “inetpub” folder

A recent Microsoft security update has created a new folder named "inetpub" on Windows systems, which is essential for system security. If users delete this folder, it can lead to significant vulnerabilities. Microsoft has released a Powershell script, Set-InetpubFolderAcl.ps1, to restore the "inetpub" folder and set the correct permissions. Systems that installed the April security update (KB5055528) must take immediate action if the "inetpub" directory is missing. The script also updates access rights for the "DeviceHealthAttestation" directory, if it exists. Administrative rights are required to run the script. This issue was highlighted by IT security researcher Kevin Beaumont, who noted that deleting the "inetpub" folder could disrupt the installation of future security updates.

Winsage

June 6, 2025

Microsoft Issues Critical Windows Update—Do Not Delete This

Users may face a significant vulnerability related to a Windows update from April 2025, particularly concerning the "inetpub" folder, which is essential for the security of Windows 11 systems. Microsoft clarified that this folder, linked to Internet Information Services (IIS) and necessary for hosting capabilities, should not be deleted. If users have removed the folder, they must restore it to address the security patch for CVE-2025-21204, as its absence can lead to risks such as privilege escalation and unauthorized access. Microsoft has provided a PowerShell script to restore the folder without enabling IIS, and users are advised to follow specific commands to execute the fix. However, many users may not take action, leaving their systems vulnerable.

Winsage

May 25, 2025

Hands-On Windows 141: Windows 10 End of Life

Windows 10 is approaching its end-of-life in October 2025, prompting users to consider options for maintaining system security and updates.

Winsage

May 17, 2025

Windows 11 Home vs Pro for Gaming: Which One Should You Choose?

Upgrading from Windows 11 Home to Windows 11 Pro does not yield significant benefits in gaming performance, compatibility, or features for most gamers. Both editions provide identical gaming performance, supporting the same core gaming technologies such as DirectStorage, Auto HDR, and Game Mode. Windows 11 Home supports up to 128 GB of RAM and one CPU socket with 64 cores, while Windows 11 Pro supports up to 2 TB of RAM and two CPU sockets with 128 cores. Pro includes additional features like BitLocker encryption, Remote Desktop hosting, Hyper-V virtualization, and Group Policy management, which are not typically utilized by gamers. The price of Windows 11 Home is lower than that of Pro, making it a more cost-effective choice for gaming. Both editions meet the hardware requirements for modern gaming, and compatibility with major games and platforms is consistent across both versions.

Winsage

May 17, 2025

Why Windows 10 PCs are locking up and crashing after May update

Microsoft will end update support for Windows 10 in October 2025, but new patches are still being released. The latest cumulative update, KB5058379, has caused issues for users, especially those with devices from Dell, Lenovo, and HP. Microsoft is aware of the problems and has not yet deployed a fix as of May 16, but has provided a temporary workaround. For users affected by the BitLocker bug, Microsoft Support recommends the following steps to regain access: 1. Disable Secure Boot in BIOS/Firmware settings. 2. If issues persist, disable all virtualization technologies in BIOS/Firmware settings. 3. Check the Microsoft Defender System Guard Firmware Protection Status via Registry Editor or GUI method. 4. If firmware protection settings are restricted by Group Policy, disable them using Group Policy Editor or Registry Editor. A system restart is required for these changes to take effect, and these workarounds should only be temporary until a patched update is released. Disabling certain BIOS settings may compromise system security.

Winsage

May 14, 2025

Patch Tuesday for May: Five zero day vulnerabilities CISOs should focus on

A vulnerability identified as CVE-2025-30397 can be exploited when Microsoft Edge is in “Internet Explorer” mode, which is typically not the default setting but may be necessary for certain users. Another vulnerability, CVE-2025-29831, can only be exploited during a restart of the Remote Desktop Protocol (RDP) service. SAP has released 18 Security Notes to address various vulnerabilities, including critical authorization issues, remote code execution, information disclosure, and cross-site scripting.

Tech Optimizer

April 29, 2025

Intego Mac Internet Security

PCs were introduced before Apple’s Macintosh, leading to the emergence of PC viruses and the establishment of antivirus companies, with Macintosh protection being less prioritized. Intego focused on Macintosh security from the start, offering Intego Mac Internet Security, which includes a firewall that manages network permissions and defends against external attacks. Intego has been effective against Mac malware, achieving a 99.1% malware detection score in independent lab tests, although it lacks phishing protection, a feature offered by competitors Norton 360 Deluxe and Bitdefender Antivirus Plus. Intego's pricing is competitive, with a standard annual fee of .99 for a single license and .99 for three licenses. A five-device subscription costs .99, while the Mac Premium Bundle starts at .99 annually and includes additional features. A 14-day free trial is available, and free alternatives like Avast and AVG are also on the market. Intego supports older macOS versions back to Mavericks (10.9), but the latest version requires High Sierra (10.13) or later. The installation process for Intego is straightforward, requiring a restart and granting necessary permissions. The main interface includes components for updates, firewall, and antivirus, with user-friendly access to scanning options. Intego has received certification from AV-Comparatives and detected 100% of Windows malware samples in tests. Its quick scan takes about two and a half minutes, while a full system scan takes seven minutes. Intego's Safe Browsing feature checks existing browser protections but lacks a dedicated antiphishing solution. The NetBarrier firewall allows users to classify their network and manage traffic permissions effectively, although it may be complex for some users.