July 25, 2024 at 02:41PM Microsoft has released the optional KB5040527 preview cumulative update for Windows 11 23H2 and 22H2, addressing issues with Windows Backup, upgrade failures, and Windows Defender Application Control. Users can install the update via Windows Update or from the Microsoft Update Catalog. This release comes with additional fixes and improvements and … Read more
July 23, 2024 at 05:52PM Microsoft released the July 2024 preview update for Windows 10, version 22H2 (KB5040525), offering fixes for issues such as Windows Defender Application Control causing app crashes and system memory exhaustion. This optional cumulative update aims to enhance the user experience by allowing administrators to test changes before the mandatory Patch … Read more
June 26, 2024 at 10:36AM The June 2024 optional Windows 10 update, KB5039299, for version 22H2 is now available, with nine bug fixes and changes. Not adding new features, it improves system resuming from hibernate, MSIX package functionality, mobile device management, Direct Composition issues, and more. Also, known issues still being addressed, including problems changing … Read more
March 14, 2024 at 02:23AM DarkGate malware exploits a fixed Windows Defender SmartScreen flaw to install fake software, overcoming security checks. This flaw, tracked as CVE-2024-21412, allows attackers to execute files automatically. Trend Micro reports that DarkGate operators are using this vulnerability to enhance infection rates. The campaign involves a multi-step infection chain and employs … Read more
March 13, 2024 at 05:26PM The DarkGate malware exploits Windows Defender SmartScreen vulnerability, allowing attackers to automatically install fake software. Microsoft fixed the flaw in mid-February, but DarkGate operators are still using it to infect targeted systems. The attack involves malicious emails with PDF attachments, using open redirects to bypass security checks. Once executed, the … Read more
January 12, 2024 at 07:00PM Criminals exploit Windows Defender SmartScreen bypass vulnerability to spread Phemedrone Stealer malware, targeting sensitive data on PCs. The flaw CVE-2023-36025 was patched by Microsoft in November, but a proof-of-concept exploit has been created. The malware targets various browsers, applications, and cryptocurrency wallets, and uses obfuscation techniques to evade detection. Update … Read more
January 12, 2024 at 02:38AM This blog summarizes the exploitation of CVE-2023-36025 by the Phemedrone Stealer campaign, which targets web browsers, cryptocurrency wallets, and messaging apps. The malware bypasses Windows Defender SmartScreen, allowing threat actors to execute malicious scripts. Despite Microsoft’s patch, the vulnerability continues to be exploited, posing a risk to organizations. Advanced security … Read more
November 22, 2023 at 02:45PM A proof of concept exploit has been developed for a critical zero-day vulnerability in Windows SmartScreen technology that allows attackers to bypass Windows Defender SmartScreen checks without triggering alerts. The exploit requires a user to click on a maliciously crafted Internet shortcut or link. The vulnerability affects Windows 10, Windows … Read more
November 21, 2023 at 04:32PM A proof-of-concept exploit (PoC) has been released for a critical zero-day vulnerability in Windows SmartScreen. The vulnerability, identified as CVE-2023-36025, allows attackers to bypass Windows Defender SmartScreen checks without triggering alerts. The exploit involves tricking users into clicking on a malicious internet shortcut or link. The vulnerability affects various Windows … Read more