vulnerability Archives

Winsage

May 3, 2026

You shouldn’t delay your Windows 11 updates, experts reveal

Experts advise against postponing Windows updates, as Microsoft has introduced features allowing users to control when updates occur. Users can pause updates for up to 35 days indefinitely, but delaying updates can lead to security vulnerabilities. Microsoft releases several types of updates: security updates, feature updates, quality updates, driver updates, optional updates, out-of-band updates, and zero-day updates. Zero-day updates are critical and should be installed immediately to avoid exploitation. Recent reports indicate that critical OS patching for Windows 10 and 11 is lagging by an average of 256 days, increasing the risk of cyber incidents.

Winsage

May 1, 2026

Windows shell spoofing vulnerability puts sensitive data at risk

Erik Avakian, a technical counselor at Info-Tech Research Group, discussed the patching deadlines set by the Cybersecurity and Infrastructure Security Agency (CISA) under Binding Operational Directive (BOD) 22-01, which requires U.S. federal agencies to address vulnerabilities within 14 to 21 days. CISA can expedite patching to as little as three days for high-risk exploits. The vulnerability CVE-2026-32202, rated 4.3 on the Common Vulnerability Scoring System (CVSS), was actively exploited but did not qualify for an urgent patch cycle, resulting in a 14-day deadline. Avakian noted the debate over whether this timeframe is sufficient, suggesting that Microsoft’s rating and other factors influenced the decision not to escalate to an emergency directive requiring a 48 to 72-hour response.

AppWizard

May 1, 2026

This new deep-sea roguelike turns mining into a survival horror grind

Yogscast Games is releasing a roguelike game titled The Subminer, set in the icy depths of Enceladus, one of Saturn's moons. Players control a prototype bio-droid tasked with scavenging resources and escaping dangers in a procedurally generated underwater environment divided into three depth levels. Upon death, players return with upgrades for further attempts. The game features a submarine for navigation and support, while players can also dive into tighter spaces as a diver, facing increased vulnerability. The Subminer is developed by Tech Turtles and is set to launch on Steam in 2026. Players can wishlist the game for notifications upon release.

Tech Optimizer

April 30, 2026

A year of Bitdefender Plus antivirus protection is now 50% off

Bitdefender is currently offering a 50% discount on its individual plans, making the most affordable option available for a year at a promotional price. Bitdefender Antivirus Plus protects up to three devices and includes access to a VPN with 200 MB of secure traffic per day on each device. It is compatible with Windows, macOS, Android, and iOS, and features automatic malware detection for viruses, Trojans, ransomware, and rootkits, along with on-demand vulnerability scans. Higher-tier plans like Bitdefender Total Security support five devices and include additional features such as a password manager, unlimited VPN traffic, ad blocking, anti-tracking, and enhanced email protection.

Winsage

April 30, 2026

Windows AI Recall is pushing data destruction upstream

The introduction of Copilot+ PCs has created new complexities in IT asset disposition (ITAD), as these devices may contain a comprehensive, time-stamped archive of user activity, which was not present on corporate laptops two years ago. Microsoft's Recall feature captures user activity screenshots and stores them securely, but recent research by Alexander Hagenah suggests that the safeguards may be ineffective, as his tool can extract sensitive data without breaking encryption. Microsoft defends the security of Recall, stating that observed access patterns align with intended protections. This situation presents challenges for ITAD operators, as pre-collection now constitutes a data-destruction event, requiring devices to be powered down or purged before leaving the client’s environment. Certificates of sanitization must evolve to address the specific destruction of Recall snapshot stores, and conversations with clients should differentiate between managed and unmanaged fleets regarding Recall settings. The presence of Recall shifts some data-destruction responsibilities upstream to clients, complicating traditional ITAD value propositions.

BetaBeacon

April 30, 2026

Forget the Steam Machine: This hack will let you play Steam games on PS5

The ps5-linux project allows users to transform their PlayStation 5 into a Linux PC, enabling them to run Steam games and emulators using the console's powerful hardware. The project exploits a patched hypervisor vulnerability in the system and is currently only compatible with the original PS5 model running on 3.xx or 4.xx firmware.

Winsage

April 30, 2026

CISA, Microsoft warn of active exploitation of Windows Shell vulnerability (CVE-2026-32202)

Attackers are exploiting CVE-2026-32202, a zero-click vulnerability in Windows Shell, allowing authentication of victims' systems without user interaction. This vulnerability stems from an incomplete patch for CVE-2026-21510 and has been used by the APT28 group with weaponized LNK files to bypass Windows security. Although Microsoft addressed these vulnerabilities in February 2026, the risk remains as opening a folder with a malicious LNK file can still connect victims' machines to the attacker's server, initiating an NTLM authentication handshake that exposes the victim’s Net-NTLMv2 hash. This affects various versions of Windows 10, 11, and Windows Server. Microsoft released a patch for CVE-2026-32202 on April 14, 2026, but did not label it as actively exploited until more than two weeks later, leaving security teams unaware of its urgency. Organizations are advised to apply the patch and consider blocking outbound SMB traffic to mitigate risks.

Winsage

April 28, 2026

‘Unlimited Attack Vectors’—All Windows Versions At Risk From New Flaw

Microsoft is facing a significant security vulnerability in its Windows operating system known as PhantomRPC, which allows for privilege escalation. Cybersecurity experts have expressed concern over the company's delayed response in issuing a patch for this flaw. The vulnerability resides within the Windows Remote Procedure Call (RPC) architecture and enables processes with impersonation privileges to elevate their permissions to SYSTEM level. Researcher Haidar Kabibo identified five distinct paths for exploitation, which require user interaction, coercion, or compromise of background services. Despite disclosing the vulnerability to Microsoft in September 2025, the company categorized it as moderately severe and did not issue a patch or a Common Vulnerabilities and Exposures (CVE) listing. Microsoft stated that the technique requires an already-compromised machine and emphasized the importance of following security best practices. Experts have criticized Microsoft's lack of action, arguing that it is operationally negligent and places the burden of risk management on users. In the absence of a patch, security professionals recommend focusing on access control and environmental hygiene to mitigate the risks associated with the vulnerability.

Winsage

April 28, 2026

Incomplete Windows Patch Creates New Zero-Click Attack Risk

A new vulnerability in Microsoft Windows, designated as CVE-2026-32202, has been discovered due to an incomplete security patch for a previous flaw (CVE-2026-21510). This new vulnerability allows attackers to execute zero-click attacks by processing specially crafted shortcut files, enabling automatic authentication requests without user interaction. The vulnerabilities are linked to another flaw (CVE-2026-21513) in Microsoft’s MSHTML framework, and cybercriminals, specifically the APT28 group, have exploited these issues in attacks against Ukraine and the European Union. Microsoft has released a fix for the new vulnerability in its April 2026 security updates.

Tech Optimizer

April 27, 2026

Bitdefender Total Security review: Tried and tested by an antivirus expert

Modern antivirus solutions have integrated various tools into a single interface, with Bitdefender exemplifying this trend. It features a dashboard for system scans, recommendations, and account management. The “Protection” section includes antivirus settings, online threat defense, and firewall options. Users can enable an anti-spam service for email applications like Outlook and Thunderbird. The privacy tab offers an anti-tracker browser plugin and a limited free VPN. Additional privacy features include video and audio protection to manage webcam and microphone access, and Safepay for secure online banking. Bitdefender also provides a desktop widget for protection status, secure file shredding, and remote device management options. In terms of performance, Bitdefender operates efficiently, using less than 100MB of RAM for its main interface, but can spike during full system scans. It successfully detected a trojan during a scan of a linked Google Drive account. Bitdefender effectively identified all test files in antivirus testing and enhances browser security by intervening when users ignore warnings. The application is easy to install, with a compact file size, and offers a Quick Scan feature that allows users to scan only applications after a thorough initial scan.