zero-day flaws Archives

Winsage

December 9, 2025

Microsoft releases Windows 10 KB5071546 extended security update

Microsoft has released the KB5071546 extended security update, addressing 57 security vulnerabilities, including three critical zero-day flaws. This update is intended for Windows 10 Enterprise LTSC users and those in the ESU program. Users can install it by navigating to Settings, selecting Windows Update, and performing a manual 'Check for Updates'. The update will automatically install and prompt for a restart. After installation, Windows 10 will be upgraded to build 19045.6691, and Windows 10 Enterprise LTSC 2021 will move to build 19044.6691. The update focuses on security enhancements and bug fixes, including a remote code execution vulnerability in PowerShell (CVE-2025-54100). PowerShell 5.1 will now issue a warning when using the "Invoke-WebRequest" command to alert users about potential script execution risks. Users are advised to use the -UseBasicParsing command line argument to prevent embedded scripts from executing. Microsoft has confirmed there are no known issues with this update.

AppWizard

September 6, 2025

AI Uncovers 100+ Zero-Day Vulnerabilities in Android Apps

A team of researchers has developed an automated system using AI to identify vulnerabilities in Android applications, successfully detecting over 100 zero-day flaws in production apps. This system automates traditional vulnerability detection tasks, utilizing machine learning to analyze app behaviors, permissions, and data flows. The AI's ability to uncover critical issues, such as insecure data storage and improper API implementations, highlights the limitations of current app security protocols. While the technology shows promise, it faces challenges such as the potential for imprecise bug reports and ethical considerations regarding vulnerability ownership and disclosure methods. Experts predict that automated systems like this will become integral to app development workflows by 2025, enhancing the security of mobile applications.

Winsage

March 18, 2025

Microsoft Just Uninstalled Copilot From Your PC

Microsoft's Patch Tuesday update addressed 57 security vulnerabilities, including seven critical zero-day flaws, and is recommended for all Windows users. Users who installed updates KB5053598 for Windows 11 or KB5053606 for Windows 10 may find that Copilot has been unpinned from the taskbar and uninstalled. Microsoft stated that this issue does not affect the Microsoft 365 Copilot app. The company is working on a new update to restore access to Copilot, but users can reinstall it from the Microsoft Store. Some users are looking for ways to disable Copilot, and tools are available for its removal.

Winsage

February 13, 2025

Don’t ignore Microsoft’s February Patch Tuesday – it’s a big one for all Windows 11 users

Microsoft's February Patch Tuesday updates, released on February 11, include KB5051987 for Windows 11 24H2 and KB5051989 for Windows 11 23H2. The updates introduce enhancements to the Taskbar and File Explorer, including improved previews and animations for Taskbar icons, a new icon in the System Tray for Windows Studio Effects, and a new simplified Chinese font named Simsun-ExtG. A feature allowing certain applications to automatically restart after signing back in has also been added. File Explorer now includes a "New Folder" command in the context menu and can restore previously open tabs at logon. The updates fix various bugs, including issues with Auto HDR in games, playback interruptions for USB audio devices, and problems with USB audio drivers. They also address issues from the January 2025 security update, such as USB camera recognition and slower shutdown processes with connected controllers. On the security side, the update resolves 56 vulnerabilities, three of which are critical. Notable vulnerabilities include CVE-2025-21391 (file deletion), CVE-2025-21418 (remote code execution), CVE-2025-21377 (authentication spoofing), and CVE-2025-21376 (malicious code execution). The updates are set to install automatically, but users can check for updates manually through Windows Update.

Winsage

February 11, 2025

Windows 11 update fixes two actively exploited vulnerabilities, among others.

The latest Windows 11 update, released on February 11, 2025, addresses two critical zero-day vulnerabilities that allow malicious actors to delete files and gain unrestricted system-level access. Users are encouraged to implement the update promptly for security. The update also introduces an improved taskbar preview feature for better multitasking and a new system tray icon for applications supporting Windows Studio Effects, particularly on devices with a neural processing unit.

Winsage

November 13, 2024

Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws

On November 2024 Patch Tuesday, Microsoft addressed 91 vulnerabilities, including four critical zero-day flaws, two of which are actively exploited. The vulnerabilities are categorized as follows: 26 Elevation of Privilege, 2 Security Feature Bypass, 52 Remote Code Execution, 1 Information Disclosure, 4 Denial of Service, and 3 Spoofing. The two actively exploited vulnerabilities are: 1. CVE-2024-43451 - NTLM Hash Disclosure Spoofing Vulnerability, which allows remote attackers to expose NTLM hashes with minimal user interaction. 2. CVE-2024-49039 - Windows Task Scheduler Elevation of Privilege Vulnerability, enabling an attacker to execute a specially crafted application that elevates privileges. Three additional vulnerabilities were publicly disclosed but not exploited: 1. CVE-2024-49040 - Microsoft Exchange Server Spoofing Vulnerability. 2. CVE-2024-49019 - Active Directory Certificate Services Elevation of Privilege Vulnerability. Other companies, including Adobe, Cisco, Citrix, Dell, D-Link, Google, Ivanti, SAP, Schneider Electric, and Siemens, also released updates addressing various vulnerabilities in November 2024.

Winsage

August 14, 2024

Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days

Microsoft released an update on August 14, 2024, addressing 90 security vulnerabilities, including 10 zero-day flaws, with six actively exploited. Nine vulnerabilities are classified as Critical, 80 as Important, and one as Moderate. The six actively exploited zero-days include: - CVE-2024-38189 (CVSS score: 8.8) - Microsoft Project Remote Code Execution Vulnerability - CVE-2024-38178 (CVSS score: 7.5) - Windows Scripting Engine Memory Corruption Vulnerability - CVE-2024-38193 (CVSS score: 7.8) - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability - CVE-2024-38106 (CVSS score: 7.0) - Windows Kernel Elevation of Privilege Vulnerability - CVE-2024-38107 (CVSS score: 7.8) - Windows Power Dependency Coordinator Elevation of Privilege Vulnerability - CVE-2024-38213 (CVSS score: 6.5) - Windows Mark of the Web Security Feature Bypass Vulnerability CVE-2024-38213 allows attackers to bypass SmartScreen protections by persuading users to open malicious files. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added these vulnerabilities to its Known Exploited Vulnerabilities catalog, requiring federal agencies to implement fixes by September 3, 2024. Four publicly known vulnerabilities include: - CVE-2024-38200 (CVSS score: 7.5) - Microsoft Office Spoofing Vulnerability - CVE-2024-38199 (CVSS score: 9.8) - Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability - CVE-2024-21302 (CVSS score: 6.7) - Windows Secure Kernel Mode Elevation of Privilege Vulnerability - CVE-2024-38202 (CVSS score: 7.3) - Windows Update Stack Elevation of Privilege Vulnerability CVE-2024-38198 (CVSS score: 7.8) is a privilege escalation flaw in the Print Spooler component. Microsoft has not yet provided updates for CVE-2024-38202 and CVE-2024-21302. Additionally, a denial-of-service flaw in the Common Log File System driver (CVE-2024-6768, CVSS score: 6.8) could lead to system crashes. A Microsoft spokesperson stated that the DoS issue does not require immediate servicing but will be considered for future updates. Other vendors have also released security updates addressing multiple vulnerabilities.