Applocker
The latest Applocker coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft Draws a Line in the Agentic AI Sand: Copilot Studio Gets a Lite and Full Experience
Microsoft has officially split its Copilot Studio into two distinct tiers, a move that signals a deliberate shift from a one-size-fits-all agent builder toward a persona-driven platform designed to...
Microsoft Issues Urgent Fix for Windows Defender Firewall Type-Confusion EoP (CVE-2025-54104)
Microsoft has confirmed a critical elevation-of-privilege vulnerability in the Windows Defender Firewall Service (MpsSvc) that could enable an attacker with local access to escalate to SYSTEM-level...
Microsoft Patches Excel Code Execution Flaw CVE-2025-54904, but Mac LTSC Still Exposed
Administrators scrambling to lock down Microsoft Excel against a newly disclosed code execution vulnerability have hit a snag: the security updates for Office LTSC for Mac 2021 and 2024 are not yet...
CVE-2025-54902: Excel Out-of-Bounds Read Flaw Could Let Attackers Seize PCs—Mac Updates Still Missing
Microsoft has released a security update for a critical out-of-bounds read vulnerability in Excel that could allow remote code execution—but the patch is not yet available for Mac users. Tracked as...
Microsoft Urges Immediate Patching for Windows Kernel Privilege-Escalation Flaw CVE-2025-54110
Microsoft has released a security update to patch a high-severity vulnerability in the Windows kernel, tracked as CVE-2025-54110, that allows a local attacker to escalate privileges to SYSTEM level....
GE Vernova Issues Urgent Patch for CIMPLICITY DLL Hijacking Flaw Rated CVSS 7.0
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory detailing a dangerous privilege escalation vulnerability in GE Vernova’s CIMPLICITY HMI/SCADA platform....
New Open-Source AppLockerGen Tool Promises Easier XML Policy Editing — But Beware the Pitfalls
Windows administrators and security engineers struggling with the arcane XML syntax of AppLocker policies have a new ally: AppLockerGen, an open-source Streamlit-based graphical editor that promises...
PC Manager’s 7.8 CVSS Flaw Exposed: How Symlinks Give Attackers SYSTEM Rights
A vulnerability tracked as CVE-2025-29975 in Microsoft PC Manager hands local attackers a direct path to full SYSTEM control. With a CVSS 3.1 score of 7.8 (high) and a low attack complexity, the bug...
Rockwell FactoryTalk ViewPoint Flaw Lets Attackers Hijack MSI Repairs for SYSTEM Access
A critical privilege escalation vulnerability in Rockwell Automation’s FactoryTalk ViewPoint HMI thin-client software allows a low-privileged local attacker to gain SYSTEM-level control of...
Rockwell Patch Plugs SYSTEM Takeover Hole in FactoryTalk ViewPoint via MSI Repair Hijack
A high-severity local privilege-escalation vulnerability in Rockwell Automation’s FactoryTalk ViewPoint HMI software can hand an attacker full SYSTEM control of a Windows machine by exploiting a...
Siemens Flags CVSS 8.5 DLL Hijacking in Web Installer, Urges Immediate Mitigation for ICS Products
Siemens has confirmed a severe vulnerability in its Web Installer used by the Online Software Delivery (OSD) mechanism, allowing attackers to hijack the installation process and execute arbitrary...
Critical Windows AFD.sys Kernel Flaw (CVE-2025-53718) Exposes Systems to Local Privilege Escalation
Microsoft has issued a high-priority security advisory for a use-after-free vulnerability in the Windows Ancillary Function Driver for WinSock (AFD.sys). Tracked as CVE-2025-53718, the flaw allows a...