windows
Windows kernel bug now exploited in attacks to gain SYSTEM privileges
CISA has warned U.S. federal agencies to secure their systems against ongoing attacks targeting a high-severity Windows kernel vulnerability. Tracked as CVE-2024-35250, this security flaw is due to an untrusted pointer dereference weakness that allows local attackers to gain SYSTEM privileges in low-complexity attacks that don’t require user interaction. While Microsoft didn’t share more details in a security […]
Microsoft lifts Windows 11 24H2 block on PCs with USB scanners
Microsoft has lifted a compatibility block preventing Windows 11 24H2 upgrades after fixing a bug causing USB connection issues to some scanners. The company confirmed the issue two weeks ago following widespread user reports that started coming in on Reddit, Microsoft’s own community website, and other online platforms, saying the connection problems are caused by affected devices not switching from eSCL […]
Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws
Today is Microsoft’s December 2024 Patch Tuesday, which includes security updates for 71 flaws, including one actively exploited zero-day vulnerability. This Patch Tuesday fixed sixteen critical vulnerabilities, all of which are remote code execution flaws. The number of bugs in each vulnerability category is listed below: This count does not include two Edge flaws that were […]
Windows 11 KB5048667 & KB5048685 cumulative updates released
Microsoft has released the Windows 11 KB5048667 and KB5048685 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. Both KB5048667 and KB5048685 are mandatory cumulative updates as they contain the December 2024 Patch Tuesday security updates for vulnerabilities discovered in previous months. Windows 11 users can install today’s update by going to Start > Settings > Windows Update and clicking on ‘Check for Updates.’ You can […]
Outdated Google Workspace Sync blocks Windows 11 24H2 upgrades
Microsoft now blocks the Windows 11 24H2 update on computers with outdated Google Workspace Sync installs because they’re causing Outlook launch issues. Google Workspace Sync for Microsoft Outlook (GWSMO) enables users to manage their Google Workspace emails, calendar events, contacts, notes, and tasks directly in Outlook. Users will see “Cannot Start Microsoft Outlook. Cannot Open […]
New Windows zero-day exposes NTLM credentials, gets unofficial patch
A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. The flaw was discovered by the 0patch team, a platform that provides unofficial support for end-of-life Windows versions, and was reported to Microsoft. However, no official fix has been […]
Microsoft says having a TPM is “non-negotiable” for Windows 11
Microsoft made it abundantly clear this week that Windows 10 users won’t be able to upgrade to Windows 11 unless their systems come with TPM 2.0 support, stating it’s a “non-negotiable” requirement. TPM 2.0 (Trusted Platform Module 2.0) is a dedicated processor on modern computers that provides hardware-based security functions and serves as a trusted […]
Mozilla really wants you to set Firefox as default Windows browser
Google undoubtedly dominates the desktop browser market, while Microsoft Edge has shown notable growth in recent times. However, Firefox continues to face challenges in attracting new users. In an effort to turn the tide, Mozilla is testing a fresh approach that could persuade more people to switch their default browser on Windows during the installation […]
New Windows Server 2012 zero-day gets free, unofficial patches
Free unofficial security patches have been released through the 0patch platform to address a zero-day vulnerability introduced over two years ago in the Windows Mark of the Web (MotW) security mechanism. Windows automatically adds Mark of the Web (MotW) flags to all documents and executables downloaded from untrusted sources. These MotW labels inform the Windows […]
Microsoft confirms game audio issues on Windows 11 24H2 PCs
Microsoft has confirmed a new issue affecting Windows 24H2 systems and causing game audio to unexpectedly increase to full volume when using USB DAC sound systems. As the company explained in a support document published on Tuesday, this known issue occurs on Windows 24H2 gaming systems where affected gamers use a Creative Sound BlasterX G6 USB digital audio […]