NewApp Digest
search bot

Windows security

Microsoft fixes Remote Desktop issues caused by Windows updates
Winsage
March 28, 2025

Microsoft fixes Remote Desktop issues caused by Windows updates

Microsoft has addressed an issue affecting Remote Desktop Protocol (RDP) and Remote Desktop Services (RDS) connections for users connecting from Windows 11 24H2 to RDS hosts on earlier versions of Windows Server 2016, which arose after installing Windows updates since January 2025. Users reported disconnections after 65 seconds when establishing UDP connections. Affected users were advised to install the KB5053656 preview update to resolve the issue, which will be generally available with next month's cumulative updates. Additionally, Microsoft is working on fixing another issue causing Remote Desktop freezes on Windows Server 2025 and is investigating connection errors related to data restoration on Windows 11 24H2 systems. A bug causing USB printers to print random text has also been resolved.
Remote desktop problems? Guess what? It’s probably because of another flaky update for Windows
Winsage
March 27, 2025

Remote desktop problems? Guess what? It’s probably because of another flaky update for Windows

Microsoft is using its Known Issue Rollback (KIR) strategy to address unexpected disconnections in Remote Desktop sessions linked to the January 2025 Windows preview update and exacerbated by the March 2025 Windows security update. Users may experience RDP sessions disconnecting after 65 seconds when establishing UDP-based connections from Windows 11, version 24H2 devices to RDS deployments on Windows Server 2016 or earlier. While KIR will assist Home and Pro users, system administrators may need to adjust Group Policy to effectively mitigate the issue.
Optional Windows 11 update fixes USB printers spitting out nonsense
Winsage
March 27, 2025

Optional Windows 11 update fixes USB printers spitting out nonsense

Microsoft released the KB5053657 update on Tuesday to address an issue in Windows 11 where certain USB printers were printing random text. This update is applicable only to Windows 11 23H2 and 22H2 versions, while users of Windows 11 24H2 do not have an equivalent update yet. The USB printer issue originated from a problematic update released in January 2025, which affected multiple patches. Microsoft clarified that the update fixes issues with USB connected dual-mode printers that might output incorrect text. Additionally, complications from the January update for Windows 11 24H2 have caused Remote Desktop Protocol (RDP) disconnections. Microsoft is implementing a Known Issue Rollback to revert the problematic changes, with a permanent solution expected in a future update for Windows 11 24H2.
Windows 11 KB5053656 update released with 38 changes and fixes
Winsage
March 27, 2025

Windows 11 KB5053656 update released with 38 changes and fixes

Microsoft has released the KB5053656 preview cumulative update for Windows 11 24H2, featuring 38 enhancements, including real-time translation capabilities for Copilot+ PCs with AMD and Intel processors. This update addresses authentication issues and blue-screen errors, and is classified as an "optional non-security preview update." It introduces live captions and real-time translation support for over 44 languages, enhances Windows Search with improved capabilities, and fixes issues related to the MsiCloseHandle API and boot menu entries. The update also phases out the Location History feature and acknowledges known issues affecting Citrix components and Roblox on Windows Arm devices. Users can install the update via Windows Update or manually from the Microsoft Update Catalog. The update upgrades systems to build 26100.3624. Windows 11 24H2 is broadly deployed and accessible to all users.
Microsoft: Recent Windows updates cause Remote Desktop issues
Winsage
March 26, 2025

Microsoft: Recent Windows updates cause Remote Desktop issues

Microsoft has informed users about issues with Remote Desktop and Remote Desktop Services (RDS) connections after recent Windows updates since January 2025. Users may experience unexpected disconnections during Remote Desktop Protocol (RDP) sessions following the January preview update (KB5050094) and the March 2025 security update (KB5053598). Specifically, users connecting from Windows 11 24H2 PCs to RDS hosts on Windows Server 2016 or earlier may be disconnected after about 65 seconds. Microsoft has introduced a solution through its Known Issue Rollback (KIR) feature, requiring administrators to install and configure the Windows 11 24H2 and Windows Server 2025 KB5053598 250314_20401 KIR group policy. A restart of affected devices is necessary to apply the new settings. A permanent fix will be included in a future Windows update.
Cybercriminals Exploit CheckPoint Driver Flaws in Malicious Campaign
Tech Optimizer
March 21, 2025

Cybercriminals Exploit CheckPoint Driver Flaws in Malicious Campaign

A report by Nima Bagheri reveals that CheckPoint’s ZoneAlarm antivirus software is being exploited by threat actors using a method called Bring Your Own Vulnerable Driver (BYOVD). This attack targets vulnerabilities in the vsdatant.sys driver, which operates with high-level kernel privileges, allowing attackers to bypass Windows security measures. Specifically, version 14.1.32.0 of vsdatant.sys, released in 2016, contains vulnerabilities that enable attackers to circumvent the Windows Memory Integrity feature, gaining access to sensitive information and establishing persistent connections to compromised systems. Bagheri advises users to update to the latest version of vsdatant.sys, which is not vulnerable. CheckPoint confirmed that the outdated driver is no longer in use and that users running the latest versions of ZoneAlarm or Harmony Endpoint are not affected.
China, Russia, North Korea Hackers Exploit Windows Security Flaw
Winsage
March 20, 2025

China, Russia, North Korea Hackers Exploit Windows Security Flaw

Almost a dozen state-sponsored threat groups from nations including China, Russia, Iran, and North Korea are exploiting a security vulnerability in Microsoft Windows, identified as ZDI-CAN-25373, to conduct espionage and gather sensitive information. This vulnerability affects how Windows handles .lnk files, allowing attackers to execute hidden malicious commands. Since 2017, these groups have targeted government, military, and critical infrastructure organizations globally, with 11 state-sponsored groups identified, primarily focusing on espionage (70%) and financial motives (20%). North Korea accounts for 45.5% of the exploitation, with Iran and Russia at 18.2% each, and China at 18.1%. The United States has experienced the most attacks (343 incidents), followed by Canada (39), Russia (25), and South Korea (23). Despite being notified, Microsoft does not plan to issue a patch for this vulnerability, categorizing it as "low severity."
silver Android smartphone
Winsage
March 20, 2025

Windows 11 File Explorer is about to get a speed boost

Microsoft has released Windows 11 Build 27818 for users in the Canary Channel, enhancing File Explorer's performance for extracting zip files. The update includes general improvements and fixes, such as displaying additional details about Pluton TPM chips in the Windows Security app. The suggested actions feature for copying phone numbers or future dates is being deprecated. A critical fix addresses a d3d9.dll crash affecting application launches. Other improvements include enhanced performance for unzipping files, fixes for File Explorer Home loading issues, taskbar app window preview corrections, resolution of a ctmon.exe crash impacting typing, fixes for Settings launch errors, graphics performance improvements, resolution of Visual Studio Code installation issues with Admin Protection, and fixes for Remote Desktop freezing issues. Additionally, a fix addresses application opening failures related to a virtual machine component error.
Don't want Copilot on Windows? Install the official update
Winsage
March 18, 2025

Don’t want Copilot on Windows? Install the official update

A recent Windows 11 update, KB5053598 (OS build 26100.3476), released as a security fix, has unintentionally removed the Copilot AI app from some PCs. Microsoft acknowledged this issue and suggested users can reinstall the app from the Microsoft Store. The update does not affect the 365 Copilot app. IT administrators should be aware that the update may conflict with Citrix Session Recording Agent (SRA) version 2411, potentially hindering the installation of January 2025's security updates. The update primarily impacts organizations using the newer SRA version, while home users are not expected to face similar issues. Additionally, the update prevents Roblox from being downloaded and played from the Windows Store on Windows on Arm devices, although it can still be accessed via the developer's website.
Hate Copilot? Microsoft just released a Windows update that erroneously deletes the AI assistant
Winsage
March 16, 2025

Hate Copilot? Microsoft just released a Windows update that erroneously deletes the AI assistant

The KB5053598 update for Windows 11 has unintentionally resulted in the removal of the Copilot app for some users. Microsoft has acknowledged this issue, stating that the app is "unintentionally uninstalled" and unpinned from the taskbar. Affected users can reinstall the app from the Microsoft Store and manually pin it to the taskbar. This issue has not been observed with the Microsoft 365 Copilot app. Microsoft is working on a resolution for this problem.
Search