windows
Microsoft adds hotpatching support to Windows 11 Enterprise
Microsoft has announced that hotpatch updates are now available for business customers using Windows 11 Enterprise 24H2 on x64 (AMD/Intel) systems, starting today. On devices where hotpatching is available, Windows allows users to install OS security updates by downloading and installing them in the background without rebooting the device. To do that, it deploys the […]
Cisco warns of CSLU backdoor admin account used in attacks
Cisco has warned admins to patch a critical Cisco Smart Licensing Utility (CSLU) vulnerability, which exposes a built-in backdoor admin account now used in attacks. CSLU is a Windows app for managing licenses and linked products on-premises without connecting them to Cisco’s cloud-based Smart Software Manager solution. Cisco patched this security flaw (CVE-2024-20439) in September, describing it […]
North Korean hackers adopt ClickFix attacks to target crypto firms
The notorious North Korean Lazarus hacking group has reportedly adopted ‘ClickFix’ tactics to deploy malware targeting job seekers in the cryptocurrency industry, particularly centralized finance (CeFi). This development, reported by Sekoia, is seen as an evolution of the threat actor’s ‘Contagious Interview’ campaign that similarly targets job seekers in the AI and cryptocurrency space. ClickFix […]
Microsoft fixes printing issues caused by January Windows updates
Microsoft has fixed a known issue causing some USB printers to start printing random text after installing Windows updates released since late January 2025. The bug has been addressed in the March 2025 KB5053643 and KB5053657 non-security preview updates for Windows 10 (version 22H2) and Windows 11 (versions 22H2 and 23H2). This fix will also roll out to users […]
Microsoft fixes Remote Desktop issues caused by Windows updates
Microsoft has fixed a known issue that caused problems with Remote Desktop and RDS connections after installing Windows updates released since January 2025. As the company explained when it acknowledged the issues on Monday, affected users experience RDP disconnections after 65 seconds when establishing UDP connections from Windows 11 24H2 to RDS hosts on systems […]
Microsoft: New Windows scheduled task will launch Office apps faster
In May, Microsoft plans to roll out a new Windows scheduled task that launches automatically to help Microsoft Office apps load faster. The company says the “Startup Boost” task will launch in the background on logon, with the roll-out to start in mid-May and worldwide general availability to be reached by late May 2025. On systems […]
Mozilla warns Windows users of critical Firefox sandbox escape flaw
Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser’s sandbox on Windows systems. Tracked as CVE-2025-2857, this flaw is described as an “incorrect handle could lead to sandbox escapes” and was reported by Mozilla developer Andrew McCreight. The vulnerability impacts the latest Firefox standard and extended […]
Windows 11 update breaks Veeam recovery, causes connection errors
Microsoft and Veeam are investigating a known issue that triggers connection errors on Windows 11 24H2 systems when restoring from Veeam Recovery Media. These recovery problems affect users trying to restore data from media created on devices running Windows 11 24H2 (build 26100.3194) or higher. While the root cause behind the issue is unknown, Veeam says that the […]
Broadcom warns of authentication bypass in VMware Windows Tools
Broadcom released security updates today to fix a high-severity authentication bypass vulnerability in VMware Tools for Windows. VMware Tools is a suite of drivers and utilities designed to improve performance, graphics, and overall system integration for guest operating systems running in VMware virtual machines. The vulnerability (CVE-2025-22230) is caused by an improper access control weakness […]
New Windows zero-day leaks NTLM hashes, gets unofficial patch
Free unofficial patches are available for a new Windows zero-day vulnerability that can let remote attackers steal NTLM credentials by tricking targets into viewing malicious files in Windows Explorer. NTLM has been widely exploited in NTLM relay attacks (where threat actors force vulnerable network devices to authenticate to attacker-controlled servers) and pass-the-hash attacks (where they exploit vulnerabilities to steal […]