We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

Windows system

Unofficial Windows reinstaller app locks you out of your Windows 11 PC until you pay
Winsage
July 10, 2025

Unofficial Windows reinstaller app locks you out of your Windows 11 PC until you pay

Windows 11 version 25H2 may allow users to uninstall Microsoft apps, addressing concerns about pre-installed software. However, recent tests suggest that the impact of such bloat on performance is minimal, leading some users to reconsider the need for a cleaner system. A concerning trend involves an unofficial app called "Windows Reinstall Master," which charges users 98 RMB for reinstallation services while locking them out of their operating system. This app resembles ransomware and often installs unwanted software, counteracting users' intentions to reset their systems. The situation is exacerbated by Microsoft's upcoming end of support for Windows 10, prompting users to seek help from unreliable sources, increasing the risk of scams.
Microsoft fixes known issue that breaks Windows 11 updates
Winsage
June 24, 2025

Microsoft fixes known issue that breaks Windows 11 updates

Microsoft is releasing a configuration update, KB5062324, to fix Windows Update failures on certain Windows 11 systems running version 24H2 that have not installed the May Windows non-security preview update or later. This update addresses an issue causing the Windows update scan to stop responding, with a permanent solution available in the May update (KB5058499) and later versions. Users can install KB5062324 by enabling 'Get the latest updates as soon as they're available' in Settings > Windows Update, followed by a system restart and checking for updates. The update is being rolled out gradually, so users may need to try multiple times to receive it. Recently, Microsoft also addressed a bug related to feature updates and acknowledged issues with unintended upgrades to Windows Server 2025 on certain devices. The company aims to unify the updating process for all software on PCs through a new orchestration platform.
Microsoft to remove legacy drivers from Windows Update for security boost
Winsage
June 20, 2025

Microsoft to remove legacy drivers from Windows Update for security boost

Microsoft is removing legacy drivers from the Windows Update catalog to enhance security and compatibility within its Windows ecosystem. The initiative aims to provide users with the most optimal drivers for various hardware devices. The cleanup process will begin with expiring drivers that have newer replacements, making them unavailable for any Windows system. Partners can republish removed drivers if they present a valid business rationale. Microsoft plans to expand the cleanup to include additional categories that may pose security risks. The company is also implementing changes to pre-production driver signing and has introduced new security defaults for Windows 365 Cloud PCs and updated security protocols for Microsoft 365 tenants.
silver Android smartphone
Winsage
June 18, 2025

XDSpy Threat Actors Leverages Windows LNKs Zero-Day Vulnerability to Attack Windows System Users

A cyber espionage campaign attributed to the XDSpy threat actor has been discovered, exploiting a zero-day vulnerability in Windows shortcut files identified as “ZDI-CAN-25373.” This vulnerability allows attackers to conceal executed commands within specially crafted shortcut files. XDSpy has primarily targeted government entities in Eastern Europe and Russia since its activities became known in 2020. Researchers from HarfangLab found malicious LNK files exploiting this vulnerability in mid-March, revealing issues with how Windows parses LNK files. The infection begins with a ZIP archive containing a malicious LNK file, which triggers a complex Windows shell command to execute malicious components while displaying a decoy document. This command extracts and executes a first-stage malware called “ETDownloader,” which establishes persistence and downloads a second-stage payload known as “XDigo.” The XDigo implant, written in Go, collects sensitive information and employs encryption for data exfiltration. This campaign represents an evolution in XDSpy's tactics, combining zero-day exploitation with advanced multi-stage payloads.
XDSpy Threat Actors Exploit Windows LNK Zero-Day Vulnerability to Target Windows System Users
Winsage
June 18, 2025

XDSpy Threat Actors Exploit Windows LNK Zero-Day Vulnerability to Target Windows System Users

The XDSpy threat actor is exploiting a Windows LNK zero-day vulnerability (ZDI-CAN-25373) to target governmental entities in Eastern Europe and Russia since March 2025. This campaign involves a multi-stage infection chain deploying the XDigo implant, developed in Go. Attackers use spearphishing emails with ZIP archives containing crafted LNK files that exploit the vulnerability. Upon execution, these files sideload a malicious C# .NET DLL named ETDownloader, which establishes persistence and retrieves the XDigo payload from specific domains. XDigo is a data collection implant capable of file scanning, clipboard capture, and screenshot acquisition, communicating with command-and-control servers. The campaign targets Belarusian governmental entities and employs advanced tactics, including anti-analysis checks and encryption for data exfiltration. Indicators of compromise include specific SHA-256 hashes for ZIP archives, LNK files, the ETDownloader, and XDigo malware, along with associated distribution and command-and-control domains.
Update Windows Now — Microsoft Confirms System Takeover Danger
Winsage
June 16, 2025

Update Windows Now — Microsoft Confirms System Takeover Danger

CVE-2025-33073 is a Windows authentication relay attack vulnerability with a CVSS score of 8.8, indicating high severity. It allows attackers to gain SYSTEM privileges on affected systems. Currently, there is no evidence of active exploitation, but the public disclosure raises concerns. Exploitation involves executing a malicious script that makes the victim's machine connect to the attacker's system using SMB. Security researchers have described it as an authenticated remote command execution on machines that do not enforce SMB signing. Microsoft has released a fix as part of the June Patch Tuesday security updates to address this vulnerability.
Best Windows apps this week
Winsage
June 6, 2025

Best Windows apps this week

Microsoft has made significant updates for users in the European Union and European Economic Area, including the ability to uninstall the Microsoft Store while still receiving app updates, a reduction in notifications related to Edge, and increased control over web searches in Windows. This week features discounts on various applications, with some offers extending beyond a single week. Notable new or improved Windows apps include: - Fences 6.0: An updated desktop management tool that allows users to organize programs and links into customizable groups with new tab support. - Start Everywhere: An application launcher that complements the Windows Start Menu, enabling users to launch applications from any screen corner using mouse clicks, hotkeys, or active corners. - VeraCrypt 1.26: An open-source encryption software that allows users to encrypt their entire system, individual hard drives, or specific partitions, with new protective measures against screen recordings and captures.
New Malware Compromise Microsoft Windows Without PE Header
Winsage
May 31, 2025

New Malware Compromise Microsoft Windows Without PE Header

A new strain of malware has been operating undetected on Windows systems for several weeks, utilizing advanced evasion techniques that corrupt its Portable Executable (PE) headers to avoid detection. Security researchers discovered this malware embedded in the memory of a compromised system during an investigation, using a 33GB memory dump that revealed its presence in a dllhost.exe process with process ID 8200. The malware, classified as a Remote Access Trojan (RAT) by Fortinet, employs batch scripts and PowerShell commands for its attack and has capabilities for screenshot capture, remote server functionality, and system service manipulation. Its command and control infrastructure uses encrypted communications, complicating detection efforts. The malware's distinctive feature is the deliberate corruption of DOS and PE headers, which hinders reverse engineering and complicates the reconstruction of the executable from memory dumps. Researchers had to manually locate the malware’s entry point and resolve complex import tables for it to function in a controlled environment.
Microsoft Warns Windows Users—Emergency Update Within Days
Winsage
May 31, 2025

Microsoft Warns Windows Users—Emergency Update Within Days

Microsoft is addressing issues with the May 13, 2025 Windows security update (KB5058405) that is failing to install on some Windows 11, version 22H2 and 23H2 devices. An out-of-band update is planned to be released shortly. A recovery error message indicating that “your PC/Device needs to be repaired” may appear, with the root cause identified as an ACPI.sys driver problem, potentially showing the error code: 0xc0000098. Most reports of this update failure have come from virtual environments, affecting enterprise users more than home users. Earlier in May, a similar emergency update was issued for Windows 10 users experiencing a BitLocker Recovery screen during the installation of a security update.
Windows 11's May security update is crashing PCs with code 0xc0000098
Winsage
May 30, 2025

Windows 11’s May security update is crashing PCs with code 0xc0000098

Microsoft rolled out update KB5058405 for Windows 11 23H2 to address critical security vulnerabilities, but users are reporting significant issues, including boot failures with error code 0xc0000098. This problem affects both Windows 11 23H2 and 22H2, primarily in virtual environments like Azure Virtual Machines and on-premises virtual machines hosted on Citrix or Hyper-V. Home users with Windows Home or Pro editions are less likely to experience this issue. The error indicates a missing or corrupted ACPI.sys file, which is essential for managing hardware resources and power states. Microsoft is currently investigating the issue and has not yet provided a resolution.
Search