system security Archives

Winsage

April 24, 2025

Windows 11’s mysterious ‘inetpub’ folder might be more dangerous than we thought

Windows 11 users have been warned about a potential vulnerability associated with the inetpub folder, introduced in the April 2025 security update. Security researcher Kevin Beaumont raised concerns that hackers could exploit this folder to disable essential security updates by creating "junction points" within the system's directory. This could lead to installation errors or force a rollback to previous system states due to a denial of service (DoS) vulnerability in the Windows servicing stack. Microsoft stated that the inetpub folder is part of a security patch (CVE-2025-21204) and advised against deleting it, claiming that removal would not impact system performance.

Winsage

April 15, 2025

Releasing Windows 10 Build 19045.5794 to the Release Preview Channel

Windows 10 22H2 Build 19045.5794 (KB5055612) is now available in the Release Preview Channel for Insiders. Key features include a fix for the GPU paravirtualization check in Windows Subsystem for Linux 2 (WSL2), which was previously case-sensitive, and updates to the Windows Kernel Vulnerable Driver Blocklist to include drivers with security vulnerabilities exploited in Bring Your Own Vulnerable Driver (BYOVD) attacks.

Winsage

April 14, 2025

Don’t delete that mysterious ‘inetpub’ Windows folder, says Microsoft, as it’s supposedly important for system security

An empty folder named "inetpub" appeared among system files after the Windows 11 April 2025 Update. Microsoft advises users not to delete this folder, as it is linked to a critical security update (KB5055523) that enhances protection against vulnerabilities, specifically CVE-2025-21204. The folder's specific role in security has not been clarified by Microsoft. Users who deleted the folder can restore it by enabling Internet Information Services through the Control Panel.

Winsage

April 14, 2025

Windows warning: Don’t delete that weird ‘inetpub’ folder. Already did? Here’s your fix

Windows 10 and Windows 11 users who installed the April Patch Tuesday updates may find a new folder named inetpub on their system drive. This folder is associated with Microsoft’s Internet Information Services (IIS) and is important for addressing the CVE-2025-21204 vulnerability, which involves improper handling of symbolic links. Microsoft advises users not to delete the inetpub folder, as it plays a crucial role in system security. If the folder has been deleted, it can be restored by enabling IIS through the Control Panel. Enabling IIS will recreate the folder and ensure it retains the necessary protective measures.

Winsage

April 14, 2025

Microsoft warns that anyone who deleted mysterious folder that appeared after latest Windows 11 update must take action to put it back

Windows 11 24H2 users have reported the appearance of an empty folder named ‘inetpub’ on their system drives following the April 2025 cumulative update. Microsoft has confirmed that this folder is intentionally created as part of a security enhancement, associated with Internet Information Services (IIS), and should not be deleted, as doing so could compromise a critical security fix. If the folder has been deleted, users can restore it by navigating to Control Panel, selecting Programs > Programs and Features, and enabling ‘Internet Information Services’.

Tech Optimizer

April 10, 2025

6 overlooked security practices I implemented at home and I regret not using sooner

- Safeguarding technology is crucial in the digital age due to potential threats from various devices. - Two-factor authentication (2FA) enhances online account security by requiring a second code sent to a phone, email, or authentication app. - Biometric verification methods and hardware authentication devices like YubiKeys can further enhance security. - Backup codes should be printed when setting up 2FA, and passkeys offer a passwordless solution for securing accounts. - Ransomware can lock users out of data until a ransom is paid, and Windows 10 and 11 have a feature called Controlled Folder Access (CFA) to protect essential folders. - Windows Security provides baseline protection for PCs, and users should regularly check for updates and conduct manual scans. - Microsoft's PC Manager utility enhances system security by offering features for storage and app management alongside virus scanning. - Securing web browsers is vital, with unique settings available in browsers like Microsoft Edge, Firefox, and Chrome to improve privacy and security. - Regularly clearing browsing history and keeping browsers updated helps mitigate risks from malware and phishing attacks. - Securing Wi-Fi routers involves changing the default admin password and SSID, using strong encryption like WPA3, and regularly updating firmware. - Custom firmware like DD-WRT or OpenWrt can enhance router security and functionality.

Winsage

April 2, 2025

Microsoft adds hotpatching support to Windows 11 Enterprise

Microsoft has made hotpatch updates available for business customers using Windows 11 Enterprise 24H2 on x64 systems, allowing seamless installation of security updates without device reboots. Hotpatching modifies in-memory code of active processes to deploy updates without interrupting user activities. Devices under a hotpatch-enabled quality update policy will receive updates quarterly, with no restarts required for eight months of the year. A Microsoft subscription is necessary to activate hotpatching, and devices must meet specific prerequisites, including an x64 CPU and enabled Virtualization-based Security. Hotpatch updates can be managed through Microsoft Intune, and devices on Windows 10 and versions 23H2 and lower will continue to receive standard updates. Microsoft initially introduced hotpatch support for Windows Server Azure Edition in February 2022 and has expanded testing to include Windows 11 24H2.

Winsage

March 12, 2025

Critical Windows Warning As 6 Zero-Day Attacks Confirmed—Update Now

In March, Microsoft confirmed six zero-day vulnerabilities in its Patch Tuesday security announcement, marking an increase from five reported in January and February combined. The March update includes a total of 57 Common Vulnerabilities and Exposures (CVEs), with all six zero-days classified as critical. These vulnerabilities can be addressed with a single cumulative update, requiring no additional configuration steps post-patch. The zero-days affect critical components such as the Microsoft Management Console, NTFS, Fast FAT, and the Win32 Kernel Subsystem. The specific vulnerabilities are: 1. CVE-2025-26633: Security feature bypass in the Microsoft Management Console, requiring social engineering to exploit. 2. CVE-2024-24993: Heap-based buffer overflow in Windows NTFS, allowing unauthorized code execution through a specially crafted virtual hard disk. 3. CVE-2025-24991: Information disclosure vulnerability affecting Windows 10 to 11 and Server 2008 to 2025, deemed critical. 4. CVE-2025-24985: Vulnerability in the Windows fast FAT file system driver, posing a risk of remote code execution via a specially crafted virtual hard disk. 5. CVE-2025-24983: Elevation of privilege vulnerability in the Windows Win32 kernel subsystem, potentially granting unauthorized access to sensitive data. 6. CVE-2025-24984: Another information disclosure vulnerability in Windows NTFS, also affecting the same range of Windows editions and considered critical.

Winsage

March 11, 2025

: Microsoft fixes Windows 11 File Explorer’s more annoying issues for Patch Tuesday

Windows 11 users can find relief from bugs in File Explorer with the KB5053598 update, released as part of Microsoft's Patch Tuesday. This update addresses issues such as mislabeling of hard drives as solid-state drives, color mismatches in the Start menu, improved loading times for folders with many media files, a non-responsive address bar, and enhanced context menu support for cloud files. The update also introduces new features like the ability to share files from the taskbar jump list, hover information for Windows Spotlight background images, and improved navigation functions for the Narrator. Additionally, it includes fixes for Hyper-V, Daylight Saving Time updates for Paraguay, and Remote Desktop display issues. Older versions of Windows receive standard security fixes without significant changes.

Winsage

February 27, 2025

Windows 11 pirates have a new and unlikely ally

Microsoft Copilot has begun sharing a method to activate Windows 11 without a legitimate license, a process that has been circulating since 2022. Users have successfully reproduced this activation method by executing a script provided by Copilot. However, Copilot includes a warning about the risks associated with using such scripts, which may violate Microsoft's terms of service and lead to legal repercussions. The risks highlighted include potential legal issues, security risks from malware, system instability, lack of official support, inability to receive updates, and ethical concerns regarding software piracy.