Tag: windows
-
Microsoft users warned over privilege elevation flaw
An elevation of privilege vulnerability in Windows Kernel tops the list of issues to address in the latest monthly Patch Tuesday update. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634166/Microsoft-users-warned-over-privilege-elevation-flaw
-
Windows 11 now supports 3rd-party apps for native passkey management
Microsoft announced that passwordless authentication is now easier on Windows 11 through native support for third-party passkey managers, the first ones supported being 1Password and Bitwarden. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-now-supports-3rd-party-apps-for-native-passkey-management/
-
Patchday: Windows Server-Updates (11. November 2025)
Zum 11. November 2025 (zweiter Dienstag im Monat, Patchday bei Microsoft) wurden verschiedene kumulative Updates für die unterstützten Versionen von Windows Server freigegeben. Nachfolgend habe ich die bereitgestellten Updates samt einigen Details für diese Windows Server-Versionen (von Windows Server 2012 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/12/patchday-windows-server-updates-11-november-2025/
-
Patchday: Windows 10/11 Updates (11. November 2025)
Am 11. November 2025 (zweiter Dienstag im Monat, Patchday bei Microsoft) hat Microsoft kumulative Updates für die noch unterstützten Client-Betriebssystem-Versionen von Windows 10 (mit ESU-Lizenz) und Windows 11 veröffentlicht. Hier einige Details zu diesen Updates, die Schwachstellen sowie Probleme beheben … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/12/patchday-windows-10-11-updates-11-november-2025/
-
Microsoft Security Update Summary (11. November 2025)
Microsoft hat am 11. November 2025 Sicherheitsupdates für Windows-Clients und -Server, für Office sowie für weitere Produkte veröffentlicht. Die Sicherheitsupdates beseitigen 63 Schwachstellen (CVEs), fünf kritisch, eine davon wurde als 0-day klassifiziert und wird ausgenutzt. Nachfolgend findet sich … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/11/microsoft-security-update-summary-11-november-2025/
-
Windows 11 23H2 Home and Pro reach end of support
Microsoft has reminded customers today that systems running Home and Pro editions of Windows 11 23H2 have stopped receiving security updates. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-windows-11-23h2-home-and-pro-reach-end-of-support/
-
Emergency Windows 10 update fixes ESU enrollment bug
Microsoft has released an emergency out-of-band update to address a known issue preventing Windows 10 users from enrolling in the Extended Security Updates (ESU) program. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-emergency-windows-10-update-fixes-esu-enrollment-bug/
-
Microsoft Patch Tuesday for November 2025 Fix for 0-day and Other 62 Vulnerabilities
Microsoft has released its November 2025 Patch Tuesday update, addressing 63 security vulnerabilities across its software lineup. The update includes a critical fix for a zero-day vulnerability in the Windows Kernel that is confirmed to be actively exploited in the wild. The most critical patch in this month’s release is for CVE-2025-62215, an Elevation of…
-
Critical Zoom Vulnerability Exposes Windows Users to Attacks
A new Zoom Workplace flaw (CVE-2025-64740) lets attackers escalate privileges on Windows. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/critical-zoom-vulnerability-exposes-windows-users-to-attacks/
-
Microsoft releases KB5068781, The first Windows 10 extended security update
Microsoft has released the KB5068781 update, the first Windows 10 extended security update since the operating system reached end of support last month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-kb5068781-the-first-windows-10-extended-security-update/
-
Critical Zoom Vulnerability Exposes Windows Users to Attacks
A new Zoom Workplace flaw (CVE-2025-64740) lets attackers escalate privileges on Windows. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/critical-zoom-vulnerability-exposes-windows-users-to-attacks/
-
Windows 11 KB5068861 & KB5068865 cumulative updates released
Microsoft has released Windows 11 KB5068861 and KB5068865 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11-kb5068861-and-kb5068865-cumulative-updates-released/
-
Microsoft releases KB5068781, The first Windows 10 extended security update
Microsoft has released the KB5068781 update, the first Windows 10 extended security update since the operating system reached end of support last month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-kb5068781-the-first-windows-10-extended-security-update/
-
Windows 11 26H1 is coming … for new processors only
It’s OK to look: New Canary channel build supports specific silicon while 26H2 remains the main 2026 update First seen on theregister.com Jump to article: www.theregister.com/2025/11/10/microsoft_breaks_new_ground_with/
-
Windows 11 26H1 is coming … for new processors only
It’s OK to look: New Canary channel build supports specific silicon while 26H2 remains the main 2026 update First seen on theregister.com Jump to article: www.theregister.com/2025/11/10/microsoft_breaks_new_ground_with/
-
Zoom Workplace for Windows Flaw Allows Local Privilege Escalation
A security vulnerability has been discovered in Zoom Workplace’s VDI Client for Windows that could allow attackers to escalate their privileges on affected systems. The flaw, tracked as CVE-2025-64740 and assigned bulletin ZSB-25042, has been rated as High severity with a CVSS score of 7.5. Attribute Details CVE ID CVE-2025-64740 Bulletin ID ZSB-25042 Product Zoom Workplace VDI…
-
Zoom Workplace for Windows Flaw Allows Local Privilege Escalation
A security vulnerability has been discovered in Zoom Workplace’s VDI Client for Windows that could allow attackers to escalate their privileges on affected systems. The flaw, tracked as CVE-2025-64740 and assigned bulletin ZSB-25042, has been rated as High severity with a CVSS score of 7.5. Attribute Details CVE ID CVE-2025-64740 Bulletin ID ZSB-25042 Product Zoom Workplace VDI…
-
North Korea-linked Konni APT used Google Find Hub to erase data and spy on defectors
North Korea-linked APT Konni posed as counselors to steal data and wipe Android phones via Google Find Hub in Sept 2025. Genians Security Center researchers warn that the North Korea-linked Konni APT group (aka Kimsuky, Earth Imp, TA406, Thallium, Vedalia, and Velvet Chollima) posed as counselors to hack Android and Windows, stealing data and wiping phones…
-
New VanHelsing Ransomware-as-a-Service Hits Windows, Linux, BSD, ARM and ESXi
A sophisticated new ransomware operation dubbed VanHelsing has emerged as a rapidly expanding threat in the cybercriminal landscape. First observed on March 7, 2025, this operation functions as a Ransomware-as-a-Service (RaaS) platform, licensing its destructive capabilities to affiliated threat actors and demonstrating alarming speed in scaling attacks across diverse infrastructure platforms. VanHelsing operates under a…
-
New VanHelsing Ransomware-as-a-Service Hits Windows, Linux, BSD, ARM and ESXi
A sophisticated new ransomware operation dubbed VanHelsing has emerged as a rapidly expanding threat in the cybercriminal landscape. First observed on March 7, 2025, this operation functions as a Ransomware-as-a-Service (RaaS) platform, licensing its destructive capabilities to affiliated threat actors and demonstrating alarming speed in scaling attacks across diverse infrastructure platforms. VanHelsing operates under a…
-
Konni Hackers Turn Google’s Find Hub into a Remote Data-Wiping Weapon
The North Korea-affiliated threat actor known as Konni (aka Earth Imp, Opal Sleet, Osmium, TA406, and Vedalia) has been attributed to a new set of attacks targeting both Android and Windows devices for data theft and remote control.”Attackers impersonated psychological counselors and North Korean human rights activists, distributing malware disguised as stress-relief programs,” the Genians…
-
NoID Privacy macht aus Windows wieder ein Betriebssystem
Das kostenlose Open Source-Projekt NoID Privacy sorgt dauerhaft dafür, dass Windows nicht mehr mit den Servern des Herstellers kommuniziert. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/noid-privacy-macht-aus-windows-wieder-ein-betriebssystem-322750.html
-
NoID Privacy macht aus Windows wieder ein Betriebssystem
Das kostenlose Open Source-Projekt NoID Privacy sorgt dauerhaft dafür, dass Windows nicht mehr mit den Servern des Herstellers kommuniziert. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/noid-privacy-macht-aus-windows-wieder-ein-betriebssystem-322750.html
-
Elastic Defend for Windows Vulnerability Allows Threat Actors to Gain Elevated Access
Elastic has released a security advisory addressing a significant vulnerability in Elastic Defend that could allow attackers to escalate their privileges on Windows systems. The vulnerability, tracked as CVE-2025-37735, stems from improper preservation of file permissions in the Defend service and poses a serious risk to organizations relying on this endpoint protection platform. Field Details…
-
How to use the new Windows 11 Start menu, now rolling out
The Windows Start menu is getting its first major redesign since 2021 and will be rolled out to everyone with the November 11 Patch Tuesday update. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/how-to-use-the-new-windows-11-start-menu-now-rolling-out/
-
Still on Windows 10? Enroll in free ESU before next week’s Patch Tuesday
With the first Patch Tuesday following Windows 10’s end of support approaching next week, users who continue to run the operating system should enroll in the Extended Security Updates (ESU) program to remain protected against newly discovered security vulnerabilities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/still-on-windows-10-enroll-in-free-extended-security-updates/
-
Schutz auf Kernel-Ebene zur Verteidigung vor Infostealern, die auf sensible Daten abzielen
Keeper Security Forcefield ist branchenweit erster Schutz vor speicherbasierten Angriffen auf Windows-Endpunkten. Keeper Security, ein Cybersecurity-Anbieter für Zero-Trust- und Zero-Knowledge- Privileged-Access-Management-Software (PAM) zum Schutz von Passwörtern, Passkeys, privilegierten Konten, Geheimnissen und Remote-Verbindungen, kündigt Keeper Forcefield an den ersten Schutz seiner Art gegen speicherbasierte Angriffe auf Windows-Geräten. Forcefield ist ein Endpoint-Sicherheitsprodukt auf Kernel-Ebene, das… First seen…
-
‘Windows sucks,’ former Microsoft engineer says, explains how to fix it
Respecting users choices and offering a hardcore mode among key suggestions. First seen on theregister.com Jump to article: www.theregister.com/2025/11/07/does_windows_really_suck_that/
-
Microsoft testing faster Quick Machine Recovery in Windows 11
Microsoft is testing a faster version of Quick Machine Recovery (QMR) and updated Smart App Control (SAC), allowing users to toggle it without requiring a Windows clean install. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-testing-faster-quick-machine-recovery-in-windows-11/