Visual Studio Archives

Winsage

February 12, 2025

Microsoft Patch Tuesday February 2025 – 61 Vulnerabilities Fixed, 3 Actively Exploited in the Wild

Microsoft's February Patch Tuesday update addresses 61 vulnerabilities, including 25 critical Remote Code Execution (RCE) vulnerabilities. Three of these are zero-days, actively exploited before the update: 1. CVE-2023-24932: Secure Boot security feature bypass requiring physical access or administrative rights. 2. CVE-2025-21391: Windows Storage elevation of privilege vulnerability that could lead to data deletion. 3. CVE-2025-21418: Vulnerability in Windows Ancillary Function Driver for WinSock allowing privilege escalation. Critical vulnerabilities include: - CVE-2025-21376: Windows LDAP RCE vulnerability. - CVE-2025-21379: RCE vulnerability in DHCP Client Service. - CVE-2025-21381: RCE vulnerability in Microsoft Excel. The update also addresses additional vulnerabilities related to remote code execution, elevation of privilege, denial of service, security feature bypass, spoofing, and information disclosure across various Microsoft products. Microsoft advises immediate application of the updates to mitigate risks.

Winsage

February 12, 2025

Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE’s Fixed

Microsoft released its February 2025 Patch Tuesday security updates, addressing over 61 vulnerabilities across its products. The updates include: - 25 Remote Code Execution vulnerabilities - 14 Elevation of Privilege vulnerabilities - 6 Denial of Service vulnerabilities - 4 Security Feature Bypass vulnerabilities - 2 Spoofing vulnerabilities - 1 Information Disclosure vulnerability Notable critical vulnerabilities include: - CVE-2025-21376: Remote code execution risk via LDAP protocol. - CVE-2025-21379: Flaw in DHCP client service allowing system compromise via crafted network packets. - CVE-2025-21381, CVE-2025-21386, CVE-2025-21387: Multiple vulnerabilities in Microsoft Excel enabling code execution through specially crafted files. - CVE-2025-21406, CVE-2025-21407: Vulnerabilities in Windows Telephony Service allowing remote code execution. Two vulnerabilities confirmed as actively exploited: - CVE-2023-24932: Bypass of Secure Boot protections. - CVE-2025-21391: Elevated privileges on affected systems. - CVE-2025-21418: Gain SYSTEM privileges through exploitation. Other notable fixes include vulnerabilities in Visual Studio and Microsoft Office that could lead to remote code execution. Users can apply updates via Windows Update, Microsoft Update Catalog, or WSUS. Microsoft emphasizes the urgency of these updates due to the active exploitation of certain vulnerabilities.

Winsage

February 11, 2025

Zero Day Initiative — The February 2025 Security Update Review

Adobe released seven bulletins in February 2025, addressing 45 CVEs across products such as InDesign, Commerce, Substance 3D Stager, InCopy, Illustrator, Substance 3D Designer, and Photoshop Elements. The updates include: - InDesign: Seven bugs fixed, four rated Critical. - Illustrator: Three critical bugs allowing arbitrary code execution when opening malicious files. - Substance 3D Stager: One DoS bug fixed. - InCopy: One critical-rated code execution vulnerability patched. - Substance 3D Designer: One critical-rated code execution vulnerability patched. - Photoshop Elements: One important-rated privilege escalation vulnerability addressed. None of the patched vulnerabilities were publicly known or under active attack at the time of release. Microsoft released patches for 57 new CVEs affecting Windows, Office, Azure, Visual Studio, and Remote Desktop Services, totaling 67 CVEs including third-party submissions. The severity ratings are: - 3 rated Critical - 53 rated Important - 1 rated Moderate Two vulnerabilities are publicly known, and two are under active attack. Notable vulnerabilities include: - CVE-2025-21391: Windows Storage Elevation of Privilege Vulnerability allowing file deletion and privilege escalation. - CVE-2025-21418: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability requiring authenticated user interaction. - CVE-2025-21376: Windows LDAP Remote Code Execution Vulnerability allowing unauthenticated remote code execution. - CVE-2025-21387: Microsoft Excel Remote Code Execution Vulnerability exploitable through the Preview Pane requiring user interaction.

Winsage

February 4, 2025

5 reasons you should use PowerShell even if you don’t use Windows

PowerShell is a command-line interface that operates across Windows, Linux, and macOS, designed for automation and system management. It utilizes the Common Language Runtime (CLR) from the .NET framework, allowing it to function on any OS with CLR support. PowerShell automates repetitive tasks, enhancing productivity in file management, data processing, and system administration. It provides a familiar interface for system administrators managing mixed environments, facilitating effective cross-platform network management. PowerShell is compatible with Microsoft services like Azure, AWS, VMware, Exchange, and Active Directory, and can execute certain Linux commands natively. Since becoming open-source under the MIT license, it has encouraged community contributions and adaptation for modern IT environments. PowerShell differs from Windows PowerShell by offering cross-platform functionality and regular updates, making it a versatile tool for managing systems and services across various operating systems.

Winsage

December 27, 2024

Mythbusters: Windows IoT Enterprise LTSC for Arm

Advantech's infographic addresses myths about Microsoft Windows IoT Enterprise LTSC for Arm, distinguishing it from Windows Home or Professional editions. Myths about the operating system include: 1. Windows on Arm consumes significant power and resources, leading to poor performance. 2. The image size of Windows on Arm is greater than or equal to that of Windows on x86. 3. Desktop mode is unavailable on Windows on Arm. 4. Windows on Arm is a stripped-down version of Windows. 5. Arm architecture may face limitations with complex tasks. 6. All Windows devices are power-hungry, and switching to Arm offers no improvement. Key facts include: - Windows IoT Enterprise LTSC typically occupies about 6GB of storage, with a minimum requirement of 16GB. - Desktop mode is available on Windows on Arm. - Windows on Arm retains core functionalities, though some hardware drivers may have compatibility issues. - Arm processors are generally more efficient than x86 counterparts. Myths regarding applications and workload include: 7. Windows on Arm exclusively supports Arm64 applications. 8. Multimedia applications perform poorly on Windows on Arm devices. 9. Windows Copilot can be extended to all versions of Windows running on Arm. Key facts include: - An emulation system allows x86 applications to run on Arm hardware. - Multimedia performance depends on hardware acceleration, which is supported by major SoC manufacturers. - Cloud-based services like Windows Copilot operate effectively on Windows IoT Enterprise LTSC for Arm, but on-device Copilot+ requires specific hardware capabilities. Myths about licensing and development include: 10. The Windows license fee for x86 is expensive, and the fee for Windows on Arm is similarly high. 11. Windows on Arm has limited support for certain Windows frameworks. 12. Development and debugging on Windows for Arm architecture present challenges requiring extended transition periods. Key facts include: - Windows IoT Enterprise LTSC is priced between 0 and 0, offering a decade of security updates. - Transitioning from x86 to Arm for application development is streamlined, with common programming languages and frameworks remaining compatible. Tools like Visual Studio facilitate the development process.

Winsage

December 26, 2024

Hands on: Microsoft made it easier to run AI models on Windows 11 locally

Copilot+ PCs are the first personal computers to run Small Language Models (SLM) directly on-device, allowing for quicker interactions without relying on the cloud. Microsoft has introduced the AI Dev Gallery, which offers over 25 samples for developers to integrate on-device AI features into applications on Windows 10 and 11. The gallery requires building the project in Visual Studio, needing at least 20GB of storage and a multi-core CPU. A GPU with 8GB VRAM is recommended for heavier models but not mandatory for lighter applications. The app has two operational modes: Sample and Models. Testing models for image generation typically requires around 5GB of bandwidth, while a smaller image upscaling model under 100MB was successfully tested, completing the process in under 30 seconds with peak RAM usage of 1GB. The resulting image resolution was 9272x4900, but clarity issues were noted, especially with text. The application lacks features for previewing images in larger formats or downloading outputs directly. A model named Detect Human Pose was able to identify positions within images, including desktop screenshots. Substantial storage and robust CPUs are necessary for effective model accommodation, and the practicality of downloading large models for niche use cases is questioned.

Winsage

December 23, 2024

Microsoft Windows IoT for Client Systems: A Historical Journey and Today’s Latest Innovations

Microsoft's Windows Embedded and Windows IoT products began in 1999 with Windows NT Embedded, codenamed Impala. Windows XP Embedded, known as Mantis, expanded toolkit capabilities with tools like Target Designer and Component Designer. Windows Embedded POSReady 2009 catered to the point-of-sale sector, maintaining a consistent kernel across consumer and embedded versions. Windows CE supported mobile devices with various architectures and reached its end of support in 2023. Windows Embedded 7 Standard and Windows 7 for Embedded Systems required special licensing agreements. Windows Embedded Standard 8 did not succeed in the industrial market, while Windows 10 IoT Enterprise, launched in 2015, introduced LTSB/LTSC options with a decade of security updates. A tiered licensing structure was introduced for Windows 10 IoT Enterprise, accommodating different CPU performances. The Base license allowed Windows 10 IoT Enterprise on industrial Arm devices, specifically the NXP i.MX8 family. Windows 11 21H2 established the General Availability Channel for IoT, with Windows 11 IoT Enterprise 2024 LTSC set to debut in May 2024. Windows 11 IoT Enterprise LTSC supports Arm Qualcomm CPUs and introduces features like USB 4.0 and Wi-Fi 6/7 support, along with a commitment to 10 years of security updates. Windows 10 IoT Enterprise 2021 LTSC will remain supported until 2031.

Winsage

December 18, 2024

PowerToys just fixed the one flaw stopping me from using one of the app’s best features

Microsoft's PowerToys version 0.87.0 includes several updates: - Workspaces now supports Progressive Web Applications (PWAs). - Advanced Paste introduces "Advanced AI" for clipboard transformations. - A feature in Workspaces allows users to move existing windows. - Mouse Jump has new customization settings for pop-ups. - New+ is now compatible with Windows 10. - Quick Accent enables selection of character sets in the UI. - Improvements in Awake, File Explorer add-ons, Keyboard Manager, Monaco Preview, Peek, PowerToys Run, Screen Ruler, and Settings have been made. - The Workspaces editor position is saved for consistent reopening, and issues related to application positioning and crashes have been resolved. - Documentation has been updated, and development has upgraded to .NET 9.

Tech Optimizer

November 22, 2024

Visualizing PostgreSQL Data With Angular To Analyze What Passengers Find Rude to Do During a Flight

The Angular framework has recently been updated, prompting the author to refresh their skills by developing a data visualization dashboard. The project utilized a dataset from the article "41 Percent of Fliers Say It’s Rude To Recline Your Airplane Seat." The development stack included Angular for the front-end framework, PostgreSQL for database management, and Flexmonster for data visualization. The project setup involved creating an Angular application using Angular CLI, establishing a PostgreSQL database on ElephantSQL, and integrating Flexmonster's API for visualizations. The PostgreSQL database was populated with data from a CSV file, and DBeaver was used for database management. Flexmonster was installed and configured in the Angular project, and a connection was established between Flexmonster and the PostgreSQL database using the Flexmonster Data Server. The project was launched using npm start, resulting in a functional pivot table for data analysis. The completed project is available on GitHub.

Winsage

November 15, 2024

November delivers a heap of Microsoft patches for admins

Microsoft released updates addressing 89 CVE-listed security vulnerabilities, including two actively exploited flaws: CVE-2024-49039 (Windows Task Scheduler, CVSS 8.8) allowing privilege escalation, and CVE-2024-43451 (NTLM spoofing, CVSS 6.5) enabling account impersonation. Other critical vulnerabilities include CVE-2024-43602 (Azure CycleCloud, CVSS 9.9) allowing remote code execution, CVE-2024-43498 (.NET and Visual Studio, CVSS 9.8) exploitable via malicious requests, and CVE-2024-43639 (Windows Kerberos, CVSS 9.8) leading to remote code execution. CISA added the Windows Task Scheduler and NTLMv2 vulnerabilities to its Known Exploited Vulnerabilities Catalog and reported an increase in zero-day exploitations in 2023 compared to 2022. Citrix, Intel, AMD, and Adobe also released patches for various vulnerabilities.