We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

update policies

Patch Tuesday fixes an exploited bug, but not for Windows 10
Winsage
April 9, 2025

Patch Tuesday fixes an exploited bug, but not for Windows 10

Microsoft's Patch Tuesday updates addressed over 120 vulnerabilities, including one actively exploited flaw (CVE-2025-29824) and 11 critical issues. CVE-2025-29824 is an elevation of privilege vulnerability in the Windows Common Log File System Driver, targeted by the group Storm-2460 to deploy ransomware called PipeMagic, affecting victims in the US, Spain, Venezuela, and Saudi Arabia. This vulnerability has a CVSS score of 7.8 and allows attackers to escalate privileges due to a use-after-free flaw. Patches for Windows Server and Windows 11 have been released, but Windows 10 users are still awaiting a fix, with Microsoft promising updates soon. Among the critical vulnerabilities addressed, all allow for remote code execution (RCE). Notable vulnerabilities include: - CVE-2025-26670: LDAP Client RCE, Critical, CVSS 8.1 - CVE-2025-27752: Microsoft Excel RCE, Critical, CVSS 7.8 - CVE-2025-29791: Microsoft Excel RCE, Critical, CVSS 7.8 - CVE-2025-27745: Microsoft Office RCE, Critical, CVSS 7.8 - CVE-2025-27748: Microsoft Office RCE, Critical, CVSS 7.8 - CVE-2025-27749: Microsoft Office RCE, Critical, CVSS 7.8 - CVE-2025-27491: Windows Hyper-V RCE, Critical, CVSS 7.1 - CVE-2025-26663: Windows LDAP RCE, Critical, CVSS 8.1 - CVE-2025-27480: Windows RDP RCE, Critical, CVSS 8.1 - CVE-2025-27482: Windows RDP RCE, Critical, CVSS 8.1 - CVE-2025-26686: Windows TCP/IP RCE, Critical, CVSS 7.5 - CVE-2025-29809: Windows Kerberos Security Feature Bypass, Important, CVSS 7.1 Dustin Childs from ZDI noted that CVE-2025-29809 requires additional measures beyond standard patching. CVE-2025-26663 and CVE-2025-26670 are considered wormable, necessitating prompt updates, especially for networks exposing LDAP services. Adobe released over 50 fixes for vulnerabilities in products like Cold Fusion, After Effects, and Photoshop, with some issues in Cold Fusion classified as critical. AMD updated advisories regarding GPU access and various Ryzen AI software vulnerabilities.
Windows 11 quick machine recovery: Restoring devices with boot issues
Winsage
March 31, 2025

Windows 11 quick machine recovery: Restoring devices with boot issues

Microsoft has launched a quick machine recovery feature in its Windows operating system to help IT administrators remotely execute fixes on machines that cannot boot, particularly during widespread outages. This feature allows devices to automatically enter Windows Recovery Environment (WinRE) and connect with Microsoft’s recovery services for tailored remediations delivered via Windows Update. IT administrators can enable or disable this feature remotely and configure settings such as scanning intervals and restart timeouts. Currently, quick machine recovery is in testing and available to users in the Windows Insider Program, with plans for future accessibility to IT administrators managing Windows 11 Pro and Enterprise devices.
A New Microsoft Tool Automatically Detects, Diagnoses, and Resolves Boot Issues in Windows
Winsage
March 31, 2025

A New Microsoft Tool Automatically Detects, Diagnoses, and Resolves Boot Issues in Windows

Microsoft has introduced a tool called "Quick Machine Recovery" to address boot failures in Windows devices. This feature automatically detects, diagnoses, and resolves critical system issues that prevent devices from starting correctly. It is currently available in the Windows Insider Preview Beta Channel for Windows 11, version 24H2. Quick Machine Recovery aims to reduce downtime by automating the diagnostic and remediation processes, allowing IT administrators to deploy targeted fixes directly to affected devices through the Windows Recovery Environment (Windows RE). Key capabilities include automated remediation based on real-time crash data, admin customization options, and a test mode for simulating recovery processes. The recovery process begins when a device enters Windows RE due to a boot failure, utilizing a network connection to communicate with Microsoft’s recovery services. Future updates are expected to enhance networking configuration support. The feature is enabled by default for Windows 11 Home users, while IT administrators for Pro and Enterprise devices can customize its deployment.
How to optimize Windows Update for Business policies
Winsage
March 27, 2025

How to optimize Windows Update for Business policies

The transition to cloud-native endpoint management is changing Windows device management, particularly regarding Windows Update. IT administrators are increasingly relying on Windows Update services for security patches and features. Microsoft has introduced Windows Update for Business to give IT administrators better control over update policies through Group Policy or Mobile Device Management (MDM). Effective management requires understanding which policies to implement for specific desktops. The best approach for managing monthly updates is through servicing rings, which group Windows devices and assign specific update cadences and policies. This method allows controlled rollouts of updates, enabling administrators to prioritize stability and minimize disruption by testing updates on pilot groups before wider deployment. Windows Update for Business manages three update channels: the General Availability Channel for immediate feature updates, the Long-Term Servicing Channel (LTSC) for stability-focused devices, and the Windows Insider Program for testing updates. Administrators can control these channels using specific Group Policy Object (GPO) settings. Two primary update release types are managed: quality updates, which are released monthly and can be deferred for up to 30 days, and feature updates, which are annual and can be deferred for up to 365 days. Administrators can pause the deployment of updates temporarily for up to 35 days. Driver updates are also managed through Windows Update, with options to include or exclude them in monthly quality updates. Optional updates, available monthly, can be controlled using specific GPO and MDM settings.
Breach Roundup: Microsoft Tries Again With Windows Recall
Winsage
November 29, 2024

Breach Roundup: Microsoft Tries Again With Windows Recall

Microsoft has unveiled a preview of its Windows Recall feature, designed to capture screenshots of active windows using on-device AI and store them in an SQLite database. The feature will be opt-in and requires users to enable BitLocker full-disk encryption, activate Secure Boot, and enroll in Windows Hello. Recall aims to avoid capturing sensitive information and allows users to delete snapshots or exclude specific applications. Microsoft has implemented safeguards to protect against brute-force attacks, and the data collected remains encrypted locally. The preview is currently available to participants in the Windows Insider Program for Developers. The U.S. Federal Trade Commission (FTC) reported that nearly 90% of smart device manufacturers lack clear update policies, with 161 out of 184 products reviewed not disclosing software update durations. This lack of transparency may violate the Magnuson-Moss Warranty Act and the FTC Act. Ping Li, a Florida IT professional, was sentenced to four years in prison for acting as an agent for China's Ministry of State Security, providing sensitive information since at least 2012. He pleaded guilty and was fined ,000. Operation "Serengeti" led to the arrest of over 1,000 individuals suspected of cybercrime across 19 African countries, resulting in nearly million in financial losses and the confiscation of around million in stolen funds. The U.S. Department of Justice indicted nine individuals linked to a multi-state money laundering scheme associated with internet fraud, allegedly laundering over million since 2016. NVIDIA released a critical firmware update to address a high-severity vulnerability (CVE-2024-0130) that could allow attackers to steal data and compromise systems. Cybersecurity firm McAfee discovered "spyloan" Android apps on the Google Play Store that aim to steal users' personal data, targeting users in Mexico, Colombia, and Indonesia. An international law enforcement operation dismantled a pirate streaming network serving over 22 million users and generating approximately million monthly, resulting in 102 arrests. Nicholas Michael Kloster, a 31-year-old from Kansas City, was indicted for allegedly hacking into computer networks to promote his cybersecurity services, facing multiple charges with a potential 15-year prison sentence. HDFC Life Insurance in India is investigating a potential data breach involving the sharing of certain data fields with malicious intent.
Microsoft shares policy after upgrade debacle around Windows Server 2025
Winsage
November 11, 2024

Microsoft shares policy after upgrade debacle around Windows Server 2025

Microsoft clarified its update policies after an unintended push of Windows Server 2025 to systems running Windows Server 2019 and 2022. The upgrade was intended to be optional, but some third-party products may have triggered automatic updates. This issue is linked to a common update known as KB5044284, which was misclassified by certain patch management systems, leading to unexpected upgrades. A system administrator from Heimdal Security raised concerns about the misclassification, while Heimdal attributed the issue to Microsoft. However, some users argued that the fault lay with Heimdal. Microsoft did not assign a KB number to Windows Server 2025, identified by build 26100.1742. The incident has raised concerns among system administrators about the risks of unscheduled upgrades, which can disrupt services and create licensing issues. Windows Server 2025 has encountered several significant problems, including installation text errors, startup issues in iSCSI environments, and compatibility problems with high-thread CPUs.
Search