Windows systems Archives

Winsage

May 31, 2025

New Malware Compromise Microsoft Windows Without PE Header

A new strain of malware has been operating undetected on Windows systems for several weeks, utilizing advanced evasion techniques that corrupt its Portable Executable (PE) headers to avoid detection. Security researchers discovered this malware embedded in the memory of a compromised system during an investigation, using a 33GB memory dump that revealed its presence in a dllhost.exe process with process ID 8200. The malware, classified as a Remote Access Trojan (RAT) by Fortinet, employs batch scripts and PowerShell commands for its attack and has capabilities for screenshot capture, remote server functionality, and system service manipulation. Its command and control infrastructure uses encrypted communications, complicating detection efforts. The malware's distinctive feature is the deliberate corruption of DOS and PE headers, which hinders reverse engineering and complicates the reconstruction of the executable from memory dumps. Researchers had to manually locate the malware’s entry point and resolve complex import tables for it to function in a controlled environment.

Tech Optimizer

May 31, 2025

Devious new ClickFix malware variant targets macOS, Android, and iOS using browser-based redirections

ClickFix attacks have evolved from targeting Windows systems to also affecting macOS, iOS, and Android devices. The new version starts with a compromised website where cybercriminals inject JavaScript code that redirects users to a fake URL shortener. This action leads to a download page serving malware. On macOS, the attack executes a malicious shell script via a terminal command, while on Android and iOS, it can occur without user interaction, allowing malware to be downloaded simply by visiting the compromised site. The malware is packaged in a .TAR archive and has been flagged by multiple antivirus programs.

BetaBeacon

May 29, 2025

You Can Play Classic Pinball from Windows on Android for Free

The classic Pinball game is now available for free for Android users, thanks to Kyle Sylvestre who ported it there.

Winsage

May 29, 2025

Upgrading to Windows 11 just got easier – Microsoft introduces a new business backup tool

Windows has introduced a new backup tool for organizations, currently in limited public preview, designed to assist in backing up Windows settings during the resetting or reimaging of user devices. This tool supports both Windows 10 and Windows 11, facilitating smoother migration to Windows 11. It was announced at Microsoft Ignite in 2024 and aims to reduce migration overhead and user disruption. Organizations must operate Microsoft Entra joined Windows systems, have an active Microsoft Intune test tenant, and possess Microsoft Intune service administrator permissions to participate in the preview. Additionally, Microsoft offers an Extended Security Updates (ESU) program for businesses unable to upgrade to Windows 11 before Windows 10's end of support on October 14, 2025. Microsoft has also introduced a feature for developers that allows software to seek updates via Windows Update for a more unified app update experience.

Tech Optimizer

May 28, 2025

Watch out – that antivirus website could be a fake, and infecting your PC with malware

Researchers have discovered a fraudulent website, "bitdefender-download[.]com," posing as Bitdefender antivirus, which is used to distribute the VenomRAT Remote Access Trojan. The site, hosted on an Amazon S3 bucket, tricks users into downloading harmful software through an executable file named "StoreInstaller.exe," which is linked to VenomRAT and contains code from post-exploitation frameworks SilentTrinity and StormKitty stealer. VenomRAT allows cybercriminals to gain unauthorized control over Windows systems, steal sensitive information, log keystrokes, access webcams, and execute commands remotely. The primary goal of this campaign is to steal cryptocurrency by compromising credentials and crypto wallets. The investigation also found connections to other fraudulent operations impersonating banks and IT services, including the Armenian IDBank and the Royal Bank of Canada.

Winsage

May 28, 2025

Microsoft wants Windows to update all software on your PC

Microsoft has introduced an update orchestration platform to improve the Windows Update infrastructure, streamlining the updating process for applications, drivers, and system components. Developers and IT teams can onboard updates using Windows Runtime (WinRT) APIs or PowerShell commands and can join the private preview by contacting unifiedorchestrator@service.microsoft.com. The platform includes an update scan tool that manages downloads and installations based on user activity, power status, and network conditions, while also handling restart requirements and notification deadlines. It is currently in private preview for developers creating apps or management tools for updates, supporting applications packaged as MSIX, APPX, or Win32 installers. The platform offers a consistent notification experience and centralized app update history within the Settings app, and it works alongside Microsoft's Winget package manager and third-party tools like Chocolatey and Scoop.

Winsage

May 27, 2025

These are the end dates for Windows 10 and Windows 11

Windows 10 support will cease for most users on October 14, 2025. Windows 10 version 22H2 will also reach its end-of-life on this date. Windows 10 version 21H2 has already reached its end-of-life as of June 11, 2024. Microsoft offers Extended Security Updates (ESU) for organizations transitioning to Windows 11, with individual consumers able to secure up to one additional year of support and organizations up to three years at increasing costs. The Microsoft Volume Licensing Program starts at per device in the first year, escalating to 0 in the second year and 0 in the third year. Windows 10 IoT Enterprise LTSC 2021 will remain supported until January 13, 2032. Windows 11 22H2 is supported until October 8, 2024, Windows 11 23H2 until November 11, 2025, and Windows 11 24H2 until October 13, 2026. Extended Security Updates for Windows 11 could extend support until 2029. Windows 11 24H2 Enterprise offers support until October 12, 2027, while IoT Enterprise LTSC 2024 has updates until October 10, 2034. The support timelines indicate a need for quicker transitions to new Windows systems.

Winsage

May 24, 2025

Best Windows apps this week

Microsoft has open-sourced the Windows Subsystem for Linux to improve Linux integration within the Windows environment. This week, there are various discounts on new applications and games available on the Microsoft Store. Notable new or improved applications include: - Edit: An open-source application from Microsoft, currently available as a standalone tool, designed for 64-bit Windows users with basic functionality and support for multiple file operations. - Everything: A search application that outperforms Windows Search, with the latest version enhancing defenses against DLL hijacking. - Fixyfier: A lightweight utility that provides access to essential repair features for troubleshooting and optimizing Windows systems.

Winsage

May 19, 2025

Latest patch puts some Windows 10 machines in recovery loops

Many users are experiencing issues with Windows 10 versions 22H2 and Windows 10 Enterprise LTSC 2021, particularly those with Intel Trusted Execution Technology (TXT) on tenth-generation or later Intel processors with vPro support. Users who have BitLocker enabled and installed the KB5058379 patch released on May 13 may need their BitLocker recovery keys due to a bug causing lsass.exe to terminate unexpectedly, leading to an Automatic Repair cycle or a reboot loop. Microsoft has acknowledged the issue and is working on an Out-of-band update. Meanwhile, workarounds, such as disabling TXT, pose security risks. Microsoft also announced significant layoffs affecting thousands of employees.

Tech Optimizer

May 18, 2025

Do I need antivirus software for Windows 11?

Windows 11 accounts for nearly 44% of global desktop users as of April 2025, making it a prime target for cybercriminals, with 83% of malware in 2020 aimed at Windows systems. Microsoft Defender, which comes pre-installed with Windows 11, offers commendable malware protection, basic ransomware protection, a SmartScreen feature for anti-phishing, and a firewall that monitors network traffic. While it provides a solid foundation for security, additional third-party antivirus software can enhance protection, offering more comprehensive features such as superior parental controls, integrated VPN services, and identity theft protection.