system updates Archives

Winsage

December 28, 2024

Windows 11 Bug Won’t Let You Install Any New Security Updates; Here’s How To Fix It

Microsoft has alerted Windows 11 users to a bug that may hinder system updates, specifically affecting the downloading of future security updates during the installation of Windows 11 version 24H2 when using external media devices like CDs or USB flash drives. This issue is particularly relevant for professional users and tech enthusiasts. However, it does not impact users installing the October 2024 or November 2024 security updates through Windows Update or the Microsoft Update Catalog. The bug is limited to security updates released between October 8 and November 12, with a more recent version rolled out on December 10. Microsoft is working on a solution and recommends that affected users install Windows 11 version 24H2 alongside the December 2024 monthly security update as a temporary workaround. Additionally, Microsoft has identified other potential issues, such as some games using Auto HDR becoming unresponsive and difficulties launching Microsoft Outlook with Google Workspace Sync enabled. Microsoft is aware of these issues and is pursuing solutions.

Winsage

December 27, 2024

Sophos report reveals growing misuse of trusted Windows tools

Sophos has reported a 51% increase in the exploitation of "living off the land" binaries (LOLBins) since 2021, with an 83% rise over the past three years. In an analysis of nearly 200 incident response cases in the first half of 2024, 187 distinct Microsoft LOLBins were identified, with remote desktop protocol (RDP) being the most targeted, appearing in 89% of incidents. Compromised credentials are the leading cause of cyberattacks, responsible for 39% of incidents, despite a decrease from 56% in 2023. The LockBit ransomware group remains the most prevalent threat, accounting for 21% of infections. Additionally, 21% of compromised Active Directory servers were found to be operating beyond Microsoft’s mainstream support, making them more vulnerable. Sophos emphasizes the importance of proactive monitoring and regular system updates to mitigate these risks.

Winsage

December 21, 2024

Windows 11 Vulnerability Lets Attackers Execute Code to Gain Access

Microsoft has addressed a significant security vulnerability in Windows 11 (version 23H2), identified as CVE-2024-30085, which allowed local attackers to gain SYSTEM-level privileges. The flaw was discovered by security researcher Alex Birnberg during the TyphoonPWN 2024 competition, where he demonstrated the vulnerability, earning third place. The issue lies in the Cloud Files Mini Filter Driver (cldflt.sys), which fails to properly validate user-supplied data during the parsing of reparse points, allowing attackers to overwrite memory and execute code with elevated privileges. To exploit this vulnerability, an attacker must first run low-privileged code on the system. Microsoft has released a patch for this vulnerability, and users are advised to update their systems to ensure security.

Tech Optimizer

December 20, 2024

Norton’s making it easy to stay secure this Christmas with up to AU$160 off its award-winning antivirus suites

Norton has reduced the first-year price of its Norton 360 suites by up to AU0 during the holiday season, offering discounts on both one-year and two-year subscriptions. Norton 360 provides comprehensive protection against online threats, including features like cloud backups, dark web monitoring, and VPN access. The Norton 360 Deluxe suite includes a VPN, parental controls, a powerful firewall, and customer support. The discounts are temporary and will return to standard pricing after the holiday season.

AppWizard

December 17, 2024

Android 15 QPR2 Beta 2 is here with our first look at the working Linux Terminal app

Google has released Android 15 QPR2 Beta 2 for testers in the Android Beta Program, which includes bug fixes and new features. The update is available for devices such as Pixel 6, Pixel 7, Pixel 8, Pixel 9, Pixel Fold, and Pixel Tablet, with a build number of BP11.241121.010. Notable bug fixes include resolving access issues in developer settings, fixing connectivity problems with glucose sensors, addressing call placement delays, enabling charging optimization settings, correcting null pointer issues, improving responsiveness on the Pixel Fold, enhancing audio transitions, and resolving Bluetooth connection failures. The Linux Terminal app is now functional, allowing users to run Linux instances, and features like notification cooldowns have been introduced. Users can provide feedback through the Android Beta Feedback app or the official subreddit.

Winsage

December 15, 2024

Dangerous New Windows Drive-By Security Alert—What You Need To Know

Cloak ransomware, emerging in 2022, has quickly become a significant threat in the cyber landscape, with a new variant raising concerns due to its advanced capabilities. The group uses initial access brokers and social engineering techniques, including phishing and malicious advertising, to gain network access. The ransomware employs a drive-by download method, disguising itself as legitimate system updates. Cloak may have connections to the Good Day ransomware group and utilizes a variant derived from leaked Babuk ransomware source code. Once delivered, it employs sophisticated mechanisms for extraction and privilege escalation, terminating security processes and modifying system settings to hinder recovery. The encryption process uses Curve25519 and SHA512 algorithms, and it exhibits advanced evasion techniques. Cloak ensures payload persistence by altering Windows registry entries and restricting user actions, disrupting essential system utilities and leading to operational downtime. Its extortion tactics include disguising ransom notes as desktop wallpapers and employing intermittent encryption to maximize damage. The ransomware deletes shadow copies and backups, complicating recovery efforts. Cloak also utilizes a data leak site to publish or sell stolen data if ransom demands are not met, claiming a ransom payment success rate of 91% to 96%. Windows users are advised to implement comprehensive security measures to reduce the risk of attacks.

AppWizard

December 13, 2024

Only 3 of the top 150 Android apps can detect reverse engineering tool Frida — here’s why that’s bad

A recent examination by the Norwegian cybersecurity firm Promon found that 144 out of the top 150 Android applications are vulnerable to manipulation using the Frida dynamic instrumentation toolkit. Only three of the tested apps could detect Frida and limit their functionality. This indicates that approximately 97% of popular Android applications are susceptible to exploitation. The analysis highlights a significant security gap, prompting calls for enhanced detection mechanisms in apps handling sensitive data. The specific apps tested have over 550 million daily users and an average of 206 million monthly users as of November 2024. Users are advised to keep their devices updated, install reputable antivirus applications, and consider using Google Play Protect for additional security.

Winsage

December 7, 2024

Dodgy Windows 11 update? Microsoft suggests you use the ‘Fix problems using Windows Update’ option

Microsoft has introduced a feature called "Fix problems using Windows Update" for Windows 11, which allows users to resolve issues stemming from previous updates by performing an in-place reinstallation of the operating system. This tool preserves all apps, documents, and settings during the reinstallation process. Users can access this feature by navigating to Settings, then System, selecting Recovery, and clicking on Reinstall now under the Fix problems using Windows Update section. However, this tool is not a universal solution and may not be available on all systems.

AppWizard

December 5, 2024

Native PDF support is coming to Chrome for Android, and you can try it now

Google Chrome for Android will soon support native PDF file opening without third-party applications, allowing users to search and annotate PDFs directly in the browser and save them to Google Drive. This feature was discovered by Chrome expert Leopeva64 in February and has been confirmed to be operational on devices like the OnePlus Open running Android 14. The PDF viewer in Chrome is minimalistic but effective, with navigation and search capabilities. Users can annotate PDFs using a toolbar that includes options for pens and highlighters. This functionality is supported by the Jetpack PDF support library, which is included in Android 15 but also available for older versions through Google Play System Updates. Users need to enable specific flags to access this feature, which is available in Chrome 132 or later, currently in Beta.

AppWizard

December 4, 2024

U.S. officials urge Americans to use encrypted apps amid cyberattack

A significant cyberattack, dubbed Salt Typhoon, has targeted major U.S. telecommunications firms, including AT&T and Verizon, leading officials to recommend the use of encrypted messaging applications for secure communications. Chinese hackers reportedly infiltrated these companies to surveil customers, particularly focusing on call records and live phone calls, including those related to political figures. The FBI has not provided a timeline for when telecommunications systems will be free of unauthorized access and has decided not to notify individuals whose metadata was compromised. The breach has raised concerns about the security of compliance systems used by telecom companies. End-to-end encrypted applications like Signal and WhatsApp are advocated for, while the FBI's stance on encryption remains complex, having historically opposed full encryption that prevents law enforcement access. Senator Ron Wyden criticized the reliance on compliance systems, arguing they leave sensitive information vulnerable to breaches.