We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

August Patch Tuesday: Authentication hole in Windows Server 2025 now has a fix

August 13, 2025

The recent discovery of a second hole in AI systems has sparked a wave of interest and concern among cybersecurity experts. As one analyst noted, “It’ll be interesting to see what details are released on this, but it is command injection, which should be taken seriously.” This highlights the ongoing challenges that organizations face as they navigate the complexities of emerging AI technologies.

Understanding AI Vulnerabilities

With multiple AI-related vulnerabilities surfacing this month, including those associated with GitHub Copilot and Azure OpenAI, the urgency for organizations to reassess their AI strategies has never been clearer. “This month is a great reminder that AI technologies are still new and we’re still figuring them out,” the analyst remarked. It is crucial for organizations to grasp not only how they are utilizing AI but also the specific services they employ and their responses to potential vulnerabilities and security issues.

  • Data residency
  • Data retention
  • Data ownership

These factors often dominate discussions, yet it is equally important to inquire about the security measures in place and the overall security policies of these AI service providers. “This is a good reminder that if you aren’t doing that, it is time to start,” he emphasized.

Risk Assessment and Management

In light of these developments, Chief Security Officers (CSOs) are urged to reevaluate how they measure and respond to risks. Reguly pointed out that vulnerabilities are often categorized based on severity, with some designated as Critical according to CVSS scores, yet rated as Important by Microsoft. This discrepancy raises questions about the reliability of severity ratings and the potential impact of vulnerabilities that may not currently be exploited but could pose significant threats if they were.

“Are you considering future risk or current risk? Whose severity do you trust?” Reguly challenged organizations to reflect on their risk assessment methodologies. He advocates for the establishment of an internal framework to determine and measure risk effectively. “Today is a great day to start developing one,” he concluded, urging companies to take proactive steps in safeguarding their AI systems.

Winsage
August Patch Tuesday: Authentication hole in Windows Server 2025 now has a fix