Latest news with #PatchTuesday
Forbes
11-06-2025
- Forbes
Microsoft Issues Windows 10 And 11 Update As Attacks Already Underway
Microsoft issues security update as Windows attacks begin. Users of the Windows operating system, be that Windows 10, Windows 11 or any of the Windows Server variants, are used to reading Microsoft cyberattack warnings. Some warnings, however, are more critical than others. Whenever a Windows zero-day exploit is involved, then you really need to start paying close attention. These are the vulnerabilities that have not only been found by threat actors, but also exploited and are under attack already by the time that the vendor, in this case Microsoft, becomes aware of them. Microsoft, and by extension you, are then playing catch-up to get protected against the cyberattacks in question. Here's what you need to know about CVE-2025-33053 and what you need to do right now. Don't wait, update Windows right now. The June 10 Patch Tuesday security rollout has brought with it a few unwelcome surprises, as is often the case. None more so than CVE-2025-33053, which is not only a zero-day, in that it is already known to have been exploited by threat actors, but is also being leveraged widely by cyberattacks, and that's very worrying indeed for all Windows users. A Microsoft executive summary describes the threat from CVE-2025-33053 as 'external control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.' Or, in other words, a remote code execution vulnerability that can do some very bad things indeed. Tenable Research Special Operations has analyzed the threat, and Satnam Narang, the senior staff research engineer at Tenable, said that it has been confirmed in a Check Point Research report, a known threat group, Stealth Falcon, has 'launched a social engineering campaign to convince targets to open a malicious .url file, which would then exploit this vulnerability, giving them the ability to execute code.' That's problematical, as Narang explained, 'it is rare to hear of a zero-day reported during Patch Tuesday as being leveraged widely. We typically expect these types of zero-days to be used sparingly, with an intention to remain undetected for as long as possible.' All the more reason to get your systems updated as soon as possible. The attackers are not waiting, and neither should you. 'The advisory also has attack complexity as low,' Adam Barnett, lead software engineer at Rapid7, said, 'which means that exploitation does not require preparation of the target environment in any way that is beyond the attacker's control.' Indeed, exploitation just requires a user to click on a malicious link, oh what a surprise. 'It's not clear how an asset would be immediately vulnerable if the service isn't running,' Barnett concluded, adding 'but all versions of Windows receive a patch.' You know what to do, go and do it know.
Yahoo
09-06-2025
- Yahoo
Windows 11 May update: A controversial AI feature makes a quiet comeback
When you buy through links on our articles, Future and its syndication partners may earn a commission. For the second Tuesday of May 2025, Microsoft released updates for Windows 11 22H2, 23H2, and, of course, 24H2. The latter is getting all of the most exciting updates, which Microsoft is likely hoping will entice you to make the jump to it. While the second Tuesday of the month isn't all that special for most companies, it marks Microsoft's Patch Tuesday. As the name implies, Patch Tuesday is when the tech giant rolls out new patches for its software to fix bugs and address security vulnerabilities. These patches also usually bring the previous month's preview updates, which were limited to certain insider or optional channels, to the general public. Though Microsoft has a bit of a habit of downplaying what's actually exciting in these updates in its release notes and chooses to focus on the security fixes instead, this one seems to pack quite a punch, particularly for those using a Copilot+ PC. See also: Best AI laptops in 2025 The KB5055627 patch heavily focuses on the AI-powered features The 24H2 update, delivered through the KB5058411 patch, includes all the improvements from the KB5055627 patch that Microsoft released as a Preview build on April 25, 2025. The KB5055627 patch heavily focuses on the AI-powered features Microsoft has been quietly refining for a while now, including one that turned into one of the biggest controversies of 2024: Recall. The feature is finally making a comeback… after it was, well, recalled (pun fully intended) last year due to a widespread privacy backlash. Features: Display: 16-inch 2.5K (2560 x 1600) 300-nit 120Hz WVA/IPS display, CPU: Intel Core Ultra 9 185H, RAM: 16GB LPDDR5X, GPU: Intel Arc Graphics, Storage: 512GB SSD, Ports: 2 x USB-A 3.2, HDMI 2.1, 3.5mm audio jack, Thunderbolt 4.0 (USB-C)View Deal Critically, Recall is also now an opt-in experience Recall, announced at Microsoft's 2024 Build event, is designed to help you 'recall' something by capturing snapshots of what you're doing on your PC every few seconds. For example, imagine you decided to watch a few Instagram Reels on your PC during your lunch break and came across a hilarious meme you wanted to share with your best friend. Before you can send it or save it, Instagram randomly refreshes, and that meme is lost forever. With the Recall feature, you could type something like 'funny cat meme from Instagram,' and it would harness the AI capabilities of Copilot+ PCs to 'retrieve both text and visual matches for your search.' Microsoft also added more privacy controls to avoid controversy this time around, like the option to pick which apps and websites Recall can snapshot. You'll also be able to pause or turn off the feature at any time. Critically, Recall is also now an opt-in experience, and Windows will ask for your permission before saving snapshots. You must also enroll in Windows Hello to 'confirm your presence so only you can access your screenshots.' Copilot+ PC users will also finally be able to use Click To Do, which can analyze what's on your screen and perform tasks like finding an app that can best do the job for you. You can use this feature by hitting the Windows key and clicking with the mouse, or the Windows key and the Q key. Microsoft demonstrates how this feature could be useful by giving an example of using Click To Do to select an image. The feature might display different options you can take, like using the Photos app to erase an object from the image or using Paint to remove the background. Improved Windows Search is also finally landing on Copilot+ PCs, allowing you to search for something with a description rather than the exact terminology. For instance, if you want to change the theme of your PC, instead of typing in random words you think might match the setting name, a description like 'change my theme' should suffice. Other than the Settings app, Improved Windows Search will also work in File Explorer, Windows Search in the taskbar, and even the Photos app. The May 2025 Windows 11 update also includes a new Speech Recap feature in Windows's built-in screen reader, Narrator, which can track what the Narrator said while providing you with a live transcription. The update also makes it easier to control or access your phone from your PC by placing Phone Link right in the Start menu. The security updates, compared to the new features, are relatively limited, so you don't need to rush to update to protect your PC. There are also no known issues in the April 2025 update, though, like every Windows update, bugs can surface as users begin to install it and start reporting their experiences. That may not be the last concession for Windows 10 holdouts. This update arrives just ahead of Microsoft Build 2025, which will be held from May 19 to 22 in Seattle, Washington. Now that Microsoft has finally rolled out all of the features announced at Build 2024, we can expect a new collection to debut with a heavy focus on AI again. We'll also be keeping an eye out for any additional details on end-of-support plans for Windows 10, as Microsoft recently walked back the end of Microsoft 365 support for Windows 10 users. That may not be the last concession for Windows 10 holdouts. Life with Microsoft Recall: I spent weeks testing Windows 11's most controversial feature Microsoft's next 50 years are all about making AI feel useful Best AI PC in 2025: My 6 top AI laptops tested and reviewed
Daily Record
16-05-2025
- Daily Record
Windows 10 and Windows 11 critical update as users urged 'not to ignore'
Microsoft Windows has released a critical update, with users being urged to check immediately if their PC and laptop are up to date. Those who are operating their PC or laptops on Windows 10 or Windows 11 have been urged to check their settings immediately. It comes as Microsoft launch a major update which people are being cautioned not to ignore. As part of the platforms Patch Tuesday programme, the latest upgrade from the Redmond firm fixes a total of 72 flaws within its popular operating systems. Not worrying enough? Six of these bugs have been deemed 'critical' and given a 'zero-day' rating. To break it down for users further, 'zero-day' essentially means hackers are aware of the gremlins and are actively exploiting them in the wild. This is why Microsoft has rushed so quickly to fix the problems in a bid to keep people safe, as reported by the Express. The bugs include Privilege Vulnerabilities, Bypass Vulnerabilities and Spoofing Vulnerabilities, with it now being vital that you check your PC or laptop is running the very latest version of Windows 10 or Windows 11 without delay. Explaining more, the security team at Action1 said: "Attackers exploiting these vulnerabilities can escalate privileges to system level, granting them full control to run arbitrary code, install malware, modify data or disable security protections. "With low complexity and minimal privileges needed, these flaws pose a serious risk, especially given the confirmed in-the-wild." How do I check my system is updated? To check if your PC or laptop is up to date, you can head to settings, navigate to update and security, then Windows update, and select 'Check for updates'. This new patch offers a glimpse into why Windows 10 users should consider switching to Windows 11. From October, free updates like the one released this week will no longer be available, and that will put Windows 10 users at much higher risk of issues and cyber attacks. "Starting Oct. 14, 2025, Windows 10 will no longer receive security updates," explained Yusuf Mehdi, Executive Vice President, Consumer Chief Marketing Officer. "As security threats evolve and adapt, so must our operating systems and hardware. Because of this, we designed Windows 11 to be the most secure version of Windows ever — by default and design — to help you stay ahead of those risks."
Yahoo
15-05-2025
- Yahoo
Microsoft Rolls Out May 2025 Windows 11 and 10 Updates With New AI Tools, Security Fixes
Microsoft has released the May 2025 Patch Tuesday updates for all supported versions of Windows 11 and Windows 10. The KB5058411 update for Windows 11 version 24H2 is to have new AI-powered options, including Recall and Click to Do, on Copilot+ PCs. The update also adds a new AI-powered search experience, which is now available on both Intel and AMD-powered Copilot+ models. Microsoft says that Recall and Click to Do will reach users gradually through its controlled feature rollout technology, as reported by Thurrott. For those still using Windows 11 version 23H2, the KB5058405 patch brings new options such as Speech recap for Narrator, a Phone Link sidebar in the Start menu, and curated views in File Explorer Home. These updates are also present in the KB5058411 update for version 24H2. The Phone Link sidebar in the Start menu lets users access phone calls, messages, and photos and share content between devices. Developers now have the option to create widgets for the Widgets board and Lock screen using web-based content, and the Lock screen weather widget is adding new customization options for users in the EU. File Explorer is to have curated views in Home, better support for text scaling, and improved performance with ZIP files. For Windows 10 version 22H2, the KB5058379 patch mainly fixes security issues, with miscellaneous improvements to internal Windows functions, and updates the blocklist of drivers with known security vulnerabilities that have been used in Bring Your Own Vulnerable Driver attacks. This update does not bring new user-facing options, as Windows 10 is nearing the end of its support period—but could Linux be a decent alternative?
Forbes
15-05-2025
- Forbes
Windows Is Under Attack, Microsoft Confirms — Act Now, CISA Warns
Update, May 15, 2025: This story, originally published May 14, has been updated with a new warning from the Cybersecurity and Infrastructure Security Agency along with additional information regarding further confirmed Microsoft Windows vulnerabilities that are not known to be under active exploitation but need to be patched as soon as possible anyway. It's that time of the month again, when Patch Tuesday is quickly followed by Exploit Wednesday. The former is the monthly rollout of Microsoft's responses to newly discovered vulnerabilities in its services and products, and the latter is when hackers, cybercriminals and state-sponsored actors look to act upon these security disclosures before individuals and organizations have had the opportunity to update their systems. Unfortunately, Exploit Wednesday seems to have preceded Patch Tuesday this month, with Microsoft confirming multiple zero-day vulnerabilities that are known to be under attack before any fix was made available. Make no mistake, with security experts rating the risk prioritization of these exploits as critical, Windows users need to act fast. It is not uncommon, sadly, for Windows users to find themselves faced with zero-day vulnerabilities that are being exploited by attackers in the wild. In March, for example, six zero-day attacks were confirmed, while there were three such active Windows exploits reported in January. The latest Microsoft Patch Tuesday security rollout has now dropped, and it doesn't make for very comforting reading at all. So, let's dive straight into the multiple zero-day exploits impacting Windows users, starting with that has got the security professionals very concerned indeed. This memory corruption vulnerability sits within the Windows scripting engine, and a successful exploit can allow an attacker to execute code over the network. Not only does CVE-2025-30397 affect all versions of the Windows operating system, but it is also confirmed by Microsoft as being exploited in the wild. 'Microsoft's severity is rated as important and has CVSS 3.1 of 7.8,' Chris Goettl, vice president of security product management at Ivanti, pointed out, adding that 'risk-based prioritization warrants treating this vulnerability as critical.' While the official CVE severity-rating scores tend to provide a decent baseline for vulnerability appraisal, in the real world, things are not always that clear-cut. CVE-2025-30397 has a base score of 7.5, and Microsoft says that the attack complexity rating is high. So, what's the issue? 'The advisory FAQ for CVE-2025-30397 explains that successful exploitation requires an attacker to first prepare the target so that it uses Edge in Internet Explorer Mode,' Adam Barnett, lead software engineer at Rapid7 explains, 'and then causes the user to click a malicious link; there is no mention of a requirement for the user to actively reload the page in Internet Explorer Mode, so we must assume that exploitation requires only that the 'Allow sites to be reloaded in Internet Explorer' option is enabled.' Barnett warned that as the users most likely to still require this kind of Internet Explorer compatibility are enterprise organizations, and the concept of migration is likely 'buried several layers deep in a dusty backlog,' in Barnett's experience, then the pre-requisite conditions are already conveniently in place on the target asset and 'attack complexity is suddenly nice and low.' The remaining under-attack zero-day vulnerabilities are: CVE-2025-32709: an elevation of privilege vulnerability in the Windows ancillary function driver for WinSock that enables an attacker to gain admin privileges locally and impacts Windows Server 12 and later OS versions. Once again. Goettl warned that 'risk-based prioritization warrants treating this vulnerability as critical.' CVE-2025-32701 and CVE-2025-32706 are a pair of zero-day vulnerabilities in the Windows Common Log File Driver System, and could enable a successful local attacker to gain system privileges. Impacting all versions of Windows, these types of security flaws are being closely monitored for detection by the Microsoft Threat Intelligence Center. 'Since Microsoft is aware of exploitation in the wild,' Barnett said, 'we know that someone else got there first, and there's no reason to suspect that threat actors will stop looking for ways to abuse CLFS any time soon.' And finally, we come to another elevation of privilege zero-day vulnerability already being exploited by attackers, CVE-2025-30400, which impacts the Windows desktop window manager and affects Windows 10, Server 2016, and later OS versions. Barnett pointed out that this is great proof that such elevation of privileges vulnerabilities will never go out of fashion, what with Exploit Wednesday marking the one-year anniversary of CVE-2024-30051, which also hit the desktop windows manager. The U.S. Cybersecurity and Infrastructure Security Agency has now joined the chorus of experts warning that these Windows zero-day vulnerabilities need to be addressed as a matter of urgency. A newly published alert has confirmed that CISA has added all five of the Windows zero-days to Known Exploited Vulnerabilities catalog, and that brings not only more than a little gravitas to the security warnings, but an obligation for certain federal agencies to apply the Microsoft patches to fix them no later than June 3rd, 2025. Of course, that is by the by for most readers, but it doesn't mean the CISA alert is meaningless. Indeed, the self-styled America's Cyber Defence Agency has strongly urged 'all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of catalog vulnerabilities as part of their vulnerability management practice." Although it makes sense to highlight the five zero-day vulnerabilities that Microsoft has confirmed are already being exploited in the wild, leaving unpatched Windows users open to attack, this security rollout also includes fixes for another 65 vulnerabilities that cannot be ignored. Mike Walters, co-founder of Action1, has mentioned two Microsoft Office vulnerabilities, for example. CVE-2025-30386 is a remote code execution flaw, and RCE is something that will make any security-aware reader shiver. The shivering is dulled a little by the fact that it is, somewhat oddly, classified as using a local attack vector. 'This vulnerability is considered remote code execution,' Walters explained, 'as it can be triggered by delivering a malicious document. If the affected user has administrative privileges, an attacker could gain full control of the system.' All users, from the enterprise to consumers are at risk, Walters said, adding that the 'ability to trigger exploitation via the Preview Pane further elevates the risk, as users may not even need to open the attachment explicitly.' The second Microsoft Office vulnerability of note, CVE-2025-30377, is another RCE and similar to the first in that it can be used to execute arbitrary code. 'While the attack scenarios are comparable,' Walters said, 'this vulnerability is considered less likely to be exploited due to additional conditions or complexities in developing a reliable exploit.' As both can result in full system compromise, neither should be underestimated, and patches should be applied as soon as possible. The advice, therefore, is simple. Act now, and ensure that you update your Windows systems with the latest security patches as a matter of some urgency.
