vulnerabilities Archives

TrendTechie

May 17, 2025

Сроки взлома DOOM: The Dark Ages — когда игра появится на торрентах

DOOM: The Dark Ages, a prequel to DOOM (2016) and DOOM Eternal, is set to release on May 15. In Russia, the game will not be available for official purchase, with prices ranging from 6,000 to 10,000 rubles, leading some to consider waiting for pirated versions. The game uses Denuvo DRM, complicating hacking efforts. Historical data shows that hacking timelines for Denuvo-protected games vary, making it difficult to predict when DOOM: The Dark Ages will appear on torrent sites. Factors influencing hacking speed include the game's popularity, the complexity of Denuvo, technical features of the game, hacker activity, and potential updates. Three scenarios for when the game might be hacked are: optimistic (7–14 days post-release), realistic (1-3 months), and pessimistic (6–12 months). The realistic scenario is deemed most likely due to the game's popularity.

Winsage

May 16, 2025

Microsoft Update Fails—New Download Breaks Windows

Users are experiencing BitLocker Recovery screens and Blue Screens of Death (BSOD) after installing the Windows 10 update KB5058379. This mandatory update addresses significant security vulnerabilities, but Microsoft claims to be unaware of any new issues. Some users have found that disabling Intel TXT can help complete the installation. Reports include a user experiencing consistent BSODs after the update and another who resolved boot issues by changing BIOS settings. The end of support for Windows 10 is approaching on October 14, but Microsoft 365 applications will still receive security updates afterward. Windows 11 users are not affected by these issues.

Winsage

May 16, 2025

Windows 10 KB5058379 update triggering BitLocker Recovery after install

The Windows 10 KB5058379 cumulative update, released on May 13, 2025, has caused unexpected BitLocker recovery prompts for some users after installation and reboot. Reports indicate that affected devices, including those from Lenovo, Dell, and HP, automatically boot into the Windows Recovery Environment and display the BitLocker recovery screen. Users have experienced various issues, such as needing BitLocker keys to start up or devices refusing to start. A workaround involves disabling Intel Trusted Execution Technology (TXT) in the BIOS. Microsoft has not publicly acknowledged the issue but support representatives are aware and working on a resolution. Microsoft has provided steps to resolve the issue, including disabling Secure Boot and virtualization technologies, checking Microsoft Defender System Guard Firmware Protection status, and disabling firmware protection via Group Policy or Registry Editor.

AppWizard

May 15, 2025

Valve refutes reports of massive Steam hack

Valve addressed concerns about alleged breaches of user data, refuting claims of a significant hack involving Steam account information. The company clarified that reports of leaked two-factor authentication text messages do not indicate any compromise of its internal systems. The source of the leak is under investigation, and it involved older text messages containing one-time codes valid for 15 minutes, without linking phone numbers to Steam accounts or exposing sensitive information like passwords or payment details. Valve emphasized that old text messages cannot compromise account security and that attempts to change account details via SMS will trigger additional confirmation steps. Allegations from Underdark.ai about a dataset containing over 89 million Steam user records are questioned due to the low asking price for the data.

Winsage

May 15, 2025

Microsoft Copilot+ Recall: who should disable it, and how

Microsoft's Recall feature for Copilot+ PCs was initially announced a year ago but delayed due to privacy concerns raised by cybersecurity experts. The updated version was released in April 2025 for Windows Insider Preview builds and rolled out more broadly in May. Key updates include requiring user permission for activation, encrypting database files with hardware-based Trusted Platform Module (TPM), and implementing a filter to prevent saving sensitive information. Recall is enabled on a per-user basis, can be uninstalled, does not require a Microsoft account, and processes data locally. However, it still has vulnerabilities, such as allowing access with a regular Windows PIN after initial biometric authentication and failing to consistently filter sensitive data. Recall can log interactions during calls and capture self-destructing messages, posing privacy risks. It can impact performance and battery life, especially during gaming. Users handling sensitive data or frequently using video conferencing may want to disable or remove Recall. Instructions for disabling or removing Recall are provided, along with precautions for those who choose to use it.

Winsage

May 15, 2025

The latest Windows 10 update is reportedly causing havoc on some people’s PCs

Users are experiencing challenges following the deployment of Windows 10 update KB5058379, including unexpected requests for a BitLocker recovery key and Blue Screen of Death (BSOD) errors. The BitLocker issue has a low occurrence rate of 2-5%, with reports indicating that only 15 out of 600 devices in some organizations were affected. Adjusting certain BIOS settings may help mitigate BSOD errors. Delaying or rolling back the update could expose systems to vulnerabilities, as it addresses critical zero-day exploits. Many issues arise from the update not completing its installation effectively, and users have reported resolutions once the update is fully realized. Users are advised to contact Microsoft for assistance and consider alternatives like Linux distributions as the October end-of-support date for Windows 10 approaches.

Winsage

May 15, 2025

Windows 10 is dying, hardware is pricey, and Citrix says VDI will save you

Citrix is promoting its virtualization platforms to address rising hardware costs and upcoming U.S. tariffs effective April 2025. Vice President Philipp Benkler suggested that organizations could extend the lifespan of existing hardware by using eLux, an operating system acquired from Unicon. As businesses face the end-of-life for Windows 10 and the transition to Windows 11, Citrix advocates for deploying centrally managed remote desktops from existing endpoints through its virtual desktop infrastructure (VDI) platform. However, VDI implementation can face challenges such as "boot storms," which may lead to performance issues. Citrix recommends its NetScaler platform to manage these challenges without requiring additional hardware. While Citrix's approach aims to mitigate tariff-related costs, the company has increased its licensing prices, necessitating careful evaluation by organizations considering VDI. Security concerns also arise with NetScaler, as it is often targeted by cybercriminals, potentially introducing vulnerabilities. The effectiveness of Citrix's solution depends on each organization's IT landscape, budget, and ability to manage technical complexities.

AppWizard

May 15, 2025

New malware infects Android devices — full list of apps to delete immediately

Cybersecurity experts have identified a new threat to Android users called Kaleidoscope malware, which has infiltrated various popular applications not available on the Google Play Store. This malware operates in the background, collecting personal information, displaying intrusive ads, and potentially allowing more harmful malware to enter. Users are advised to check their device settings for suspicious apps, uninstall them, restart their devices, and review app permissions, especially for those requesting access to sensitive features. Experts recommend downloading apps only from trusted sources, being cautious about permissions, and regularly updating systems to address security vulnerabilities. Google has identified 62 dangerous vulnerabilities in Android devices, with two being particularly threatening, and users are urged to update their devices promptly.

Winsage

May 15, 2025

Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network

Microsoft's May 2025 Patch Tuesday addressed 72 vulnerabilities in Windows Remote Desktop services, including two critical vulnerabilities, CVE-2025-29966 and CVE-2025-29967, which are heap-based buffer overflow issues. These flaws allow unauthorized attackers to execute arbitrary code over a network, posing significant risks. The vulnerabilities have been rated as "Critical" and classified under CWE-122. They affect various versions of Windows operating systems utilizing Remote Desktop services. Although there have been no reported active exploitations, experts warn of the potential dangers, urging users to apply patches immediately. The update also addressed five actively exploited zero-day vulnerabilities in other Windows components. Patches are available through Windows Update, WSUS, and the Microsoft Update Catalog.

Winsage

May 15, 2025

Windows Remote Desktop Gateway Vulnerability Let Attackers Trigger Dos Condition

The Microsoft Security Response Center (MSRC) has released critical security updates to address a significant vulnerability in the Windows Remote Desktop Gateway service, identified as CVE-2025-26677, which allows unauthorized attackers to cause denial of service (DoS) conditions. This vulnerability is rated as "High" severity with a CVSS score of 7.5 and affects multiple versions of Windows Server, including 2016, 2019, 2022, and 2025. Microsoft has provided security updates (KB5058383, KB5058392, KB5058385, and KB5058411) to rectify the issue. Additionally, another vulnerability, CVE-2025-29831, has been identified that could enable remote code execution (RCE) through a Use After Free weakness, also rated with a CVSS score of 7.5. This vulnerability requires user interaction, specifically an admin user to stop or restart the service, and affects Windows Server versions 2008 R2, 2012/R2, 2016, 2019, 2022, and 2025. Organizations are advised to prioritize patching both vulnerabilities and to review network configurations to limit exposure of Remote Desktop Gateway services. The vulnerabilities were discovered by security researchers from Kunlun Lab.