user permissions Archives

Winsage

December 2, 2025

Microsoft Warns About New Experimental Feature in Windows – Jordan News | Latest News from Jordan, MENA

Microsoft has alerted Windows 11 users about a new experimental AI feature called the “Proxy Server,” introduced in build 26220.7262, which can be manually activated in the “AI Components” section. Users receive a cautionary message regarding the feature's experimental nature and potential impacts on device performance, including inaccuracies and unexpected behavior. The underlying language model is still in development, leading to risks of inaccuracies due to incomplete training data. Experts have raised concerns about vulnerabilities to cyber threats, with reports of cybercriminals exploring ways to exploit the AI features. The “Proxy Server” has default read and write permissions to critical user directories, raising security concerns. Microsoft plans to enhance security measures with more granular permission controls and advises that the feature should only be enabled by users aware of the associated risks.

Winsage

November 18, 2025

Microsoft’s vision of “AI-native” Windows is becoming real, update introduces agents that pilfer through your files — Latest Windows 11 Insider build includes experimental AI agents toggle that can perform tasks for you in the background

A senior Microsoft executive announced the evolution of Windows into an agentic operating system with AI features, which has been met with skepticism on social media. The Windows Insider Blog introduced AI agents in Windows 11 Insider Build 26220.7262, featuring an "Experimental agentic features" toggle that allows the creation of an "Agent Workspace," an isolated desktop environment. Currently, Agent Workspaces are non-functional and serve only as a toggle option. The AI agents are designed to handle routine tasks locally on users' machines, inspired by applications like ChatGPT and Copilot Actions. The Agent Workspace operates separately from standard directories, ensuring actions are logged for security. AI agents are disabled by default, requiring administrator privileges to enable, and can be granted read/write access to specific folders based on user permissions. The introduction of Agent Workspaces creates a new user account for the AI agent, maintaining administrative control and distinct permissions. However, the functionality is limited, leading to user frustration over unaddressed issues in the operating system.

AppWizard

November 13, 2025

Google’s new AI shopping features arrive just in time for a hassle-free holiday season

Google has launched Gemini tools to enhance holiday shopping with AI assistance, enabling real-time inventory checks and agentic checkout. Users can engage with AI to receive tailored product results, including images, pricing, reviews, and inventory status. The AI can locate products in stock at nearby stores and contact retailers on behalf of users. Additionally, the agentic checkout feature allows users to track specific items and receive notifications for price drops, facilitating purchases directly through Google Pay. These features are currently available in the U.S. as of November 13, with plans for future expansion.

Tech Optimizer

November 7, 2025

Herodotus Android Banking Malware Takes Full Control Of Device Evading Antivirus

A banking trojan named Herodotus targets Android users globally, operating as Malware-as-a-Service and disguising itself as a legitimate app to lure users into downloading an APK from unofficial sources. Once installed, it gains critical system permissions to perform banking operations on behalf of the user. The malware is primarily distributed through SMS phishing campaigns that lead victims to fraudulent download pages. Herodotus employs overlay attacks to steal credentials and hijack sessions, posing a significant threat to financial security. It uses advanced evasion tactics, including random delays and realistic typing patterns, to avoid detection by traditional antivirus solutions. The trojan captures screen content and keystrokes, allowing real-time monitoring of user activity. Detection is complicated as Herodotus circumvents defenses by installing from unknown sources and executing harmful actions only after obtaining user permissions. Effective defense requires recognizing multiple indicators of compromise, such as suspicious SMS links and behavioral anomalies, which traditional antivirus protection often overlooks.

AppWizard

September 2, 2025

Android Droppers Evolve from Banking Trojans to Spyware Threats

Android droppers, originally designed to deploy banking Trojans, are now being repurposed to deliver simpler payloads like SMS stealers and spyware. There has been a notable increase in dropper campaigns, especially in Asia, shifting focus from financial malware to broader data exfiltration and surveillance. These droppers often masquerade as legitimate applications, gaining user permissions to install secondary malware that can read SMS messages, which is critical for hijacking two-factor authentication. Google is enhancing Android security with mandatory developer verifications by 2026, but droppers like SecuriDropper can evade detection through dropper-as-a-service models. Campaigns such as LunaSpy exploit messaging apps to deliver spyware disguised as antivirus software, increasing infection rates. Over 200 banking and cryptocurrency applications are potentially at risk due to these threats. To mitigate these risks, enterprises are encouraged to implement multi-layered defenses and proactive monitoring of app behaviors. The adaptive nature of droppers poses ongoing challenges for mobile security.

Winsage

August 29, 2025

You don’t need to wait for SteamOS to ditch Windows: I’ve been running Linux for the past 2 months and the revolution is already here

Many users are seeking alternatives to Microsoft due to the upselling of Office 365 and the prevalence of AI features in Windows, with Linux emerging as a popular option. Bazzite is a user-friendly Linux distribution designed for gamers, offering a choice between a KDE variant with a Windows-like interface and a GNOME variant similar to macOS. It aims to replicate the SteamOS experience and has shown commendable performance for gaming, allowing many titles from the Steam library to run smoothly, including System Shock 2 remaster, Pillars of Eternity, The Witcher 3, Hunt: Showdown, Baldur's Gate 3, and Stonks-9800. However, online multiplayer games with strict anti-cheat systems, like Fortnite and Valorant, may not perform well on Linux. HDR support can be inconsistent, but Linux generally manages multi-monitor setups better than Windows.

Winsage

August 22, 2025

Linux Fu: Windows Virtualization The Hard(ware) Way

The Linux community faces challenges when certain applications are only available on Windows, despite solutions like Wine and virtual machines. A new approach using hardware instead of virtualization has emerged. The author received a Surface Laptop 2 that was non-functional until the keyboard was removed, revealing it was operational. While transitioning Windows installations from VirtualBox to KVM, the author discovered WinApps, a script that allows Windows applications to run on a Linux desktop via a virtual machine. However, this setup caused performance issues due to constant disk activity. The author experimented with connecting WinApps to a physical Windows machine on the network, successfully running Windows software directly on their desktop. The setup required executing an installation script on the Windows machine and making registry changes to enable RDP applications. Minor hurdles included compatibility issues with a dual-monitor setup and user permission bugs. Ultimately, Microsoft Word ran smoothly on the author's KDE desktop, demonstrating the potential for utilizing older computers for occasional tasks.

AppWizard

August 8, 2025

Which Home Security System Has the Best Android App?

Smartphones have become essential tools for home security, with Android users seeking high-quality apps that offer speed, intuitive interfaces, control, stability, and customizability. Key features of top home security apps include quick loading times, user-friendly designs, easy system control, and the ability to operate without crashes. SimpliSafe is highlighted as the best overall home security app for Android due to its speed, user-friendly layout, and compatibility with Google Assistant. ADT+ is noted as a solid runner-up with strong video capabilities but a steeper learning curve. Vivint offers a premium experience with a polished design but comes with high costs. Other notable apps include Abode, which is flexible and affordable, Wyze, known for its simplicity and affordability, and Ring, which integrates well with Android and Alexa but raises privacy concerns.

Winsage

May 21, 2025

New Windows Server 2025 Attack Compromises Any Active Directory User

A significant security flaw, named BadSuccessor, has been discovered in Windows Server 2025, posing a serious risk to Active Directory users. This privilege escalation vulnerability allows attackers to compromise any user in Active Directory and is alarmingly easy to exploit, requiring only basic permissions on any organizational unit. Currently, no patch is available for this vulnerability. In 91% of environments examined, users outside the domain admins group had the necessary permissions to execute the attack. The exploit leverages the delegated Managed Service Account (dMSA) feature, enabling attackers to take control of any principal within the domain. Microsoft has rated the vulnerability as moderate severity and plans to address it in a future update, noting that elevated user permissions are required for successful exploitation. Organizations are advised to identify and eliminate unnecessary permissions to mitigate potential threats.

Winsage

April 25, 2025

Microsoft’s Patch for Symlink Vulnerability Introduces New Windows Denial-of-Service Flaw

In early April 2025, Microsoft addressed a security vulnerability (CVE-2025-21204) related to symbolic links in the Windows servicing stack, specifically affecting the c:inetpub directory used by Internet Information Services (IIS). The updates created the c:inetpub folder with appropriate permissions to mitigate risks. However, this fix introduced a new denial-of-service (DoS) vulnerability, allowing non-administrative users to create junction points on the c: drive, disrupting the Windows Update mechanism. A command such as "mklink /j c:inetpub c:windowssystem32notepad.exe" could be used to exploit this flaw, preventing systems from receiving future security patches. As of April 25, Microsoft had not released a patch or acknowledged the issue, leaving systems vulnerable and emphasizing the need for monitoring user permissions and manually removing suspicious symlinks.