Cve 2024 28757
The latest Cve 2024 28757 coverage — news, analysis, and updates from the WindowsNews.AI desk.
Last Call for Windows Server 2012 R2 Security Patches: Deadline Is October 13, 2026
Microsoft will end Extended Security Updates for Windows Server 2012 and 2012 R2 on October 13, 2026, with no further extensions. IT teams must now inventory their entire server estate, categorize each workload for retirement, rebuilding on a supported OS, migration to Azure, or temporary containment, and verify that existing ESU coverage is actually delivering patches. This article provides a practical playbook for auditing, planning, and executing the migration before the final deadline.
Across Protocol Restarts Solana Deposits After July 17 Attack; Relayer Absorbed Hit, Users Protected
Across Protocol resumed Solana deposits on July 18 after an attacker tricked a relayer into paying out on a failed transaction. The protocol's intent-based architecture ensured no user funds were lost, with the relayer (operated by Risk Labs) absorbing the financial hit. The incident echoes an April vulnerability disclosure about Solana's event model and raises broader lessons for developers and IT professionals about verifying off-chain signals.
Windows 11 24H2's Protected Print Mode: Why Your Printers Might Vanish and How to Prepare
Microsoft's Windows 11 24H2 beta introduces Protected Print Mode, a security feature that automatically uninstalls any printer relying on third-party drivers. The move aims to eliminate print spooler vulnerabilities by forcing a modern, driverless printing stack, but it can disrupt enterprise workflows that depend on legacy software for finishing, scanning, and accounting. IT teams must audit their print queues now, test thoroughly, and prepare for manual recovery because disabling the mode doesn't restore removed printers automatically.
Secure Boot 2026: Why You Must Check UEFICA2023Status Right Now (and How to Do It)
The June 2026 Secure Boot certificate deadline is here, but your Windows PC likely still boots even without the 2023 trust. However, missing the UEFICA2023Status “Updated” flag means it won’t get future boot protections. This article explains exactly how to check your status in 10 seconds and provides IT admins with a complete, queue-based remediation roadmap for the entire enterprise fleet.
Chrome 150 Update Seals Three Critical Use-After-Free Bugs — Time to Restart Your Browser
Google’s Chrome Stable channel update to version 150.0.7871.128/.129 fixes seven security flaws, including three Critical use-after-free bugs in CameraCapture, GPU, and Network components. No active exploitation has been confirmed, but the high-severity vulnerabilities demand immediate browser restarts to close the window before attackers can reverse-engineer the patches. Home users should manually install and restart Chrome, while enterprise administrators must track version compliance and force restarts across their fleets.
Motorola Edge 70 Max Update Policy: The Fine Print That Still Isn't Fixed
Motorola's July 17 clarification that the Edge 70 Max gets 'up to 3 OS upgrades and 5 years of security updates' does not resolve contradictory fine print on its own websites or an EU database listing showing 7 years. The conditional phrasing leaves buyers guessing about actual support, especially at the phone's premium price, complicating long-term use with Windows PCs and enterprise management.
Android 17 Slashes Unlock Attempts to 20 — Why Your Windows Logins Just Got Safer
Android 17 slashes the lifetime lock screen guess limit from 1,800 to just 20 tries, with escalating delays reaching into years. The change, backed by hardware enforcement and duplicate guess detection on some devices, drastically reduces the risk of brute-force attacks on lost or stolen Pixels. For Windows users who rely on a Pixel for Microsoft authentication, this is a quiet but critical security upgrade.
Windows Sandbox Can Run Suspicious Files Offline – Here’s How to Set It Up
Windows Sandbox has quietly gained powerful configuration controls, including a no-network mode that makes it the safest way to test suspicious files without third-party virtualization. This guide explains what changed in Windows 11 24H2, how to enable the feature, and how to create a .wsb configuration file that blocks internet access and maps folders as read-only—so you can inspect downloads with zero risk to your real system.
KB5121767 Targets Intel Driver Flaw That Blocked Dell Windows 11 Updates
Microsoft released emergency out-of-band update KB5121767 to fix a Dell-specific Intel driver conflict that caused overheating, shutdowns, and blocked July 14 security patches. The update restores normal updates and includes all prior fixes; IT admins should test and deploy it only on affected Dell hardware.
Why Windows 11's Preview Pane Went Blank After October 2025—and How to Fix It Without Sacrificing Security
A Windows security update in October 2025 intentionally blocked File Explorer’s preview pane for downloaded files to prevent a credential theft vulnerability. This analysis explains why the change happened, how it impacts daily work, and walks through safe methods to restore previews for trusted files without weakening security.
WSUS Sync Delays Disrupt July’s Patch Tuesday: What Windows Admins Must Do Now
A server-side metadata backlog at Microsoft is causing WSUS synchronization delays and timeouts, impacting nearly all supported Windows versions. IT teams are unable to pull the latest July Patch Tuesday updates into their on-premises servers, stalling approval and deployment workflows. Microsoft is actively working on a fix, but until the upstream repairs are complete, administrators should avoid invasive local changes and wait to re-sync their catalogs.
Microsoft’s Mammoth July Patch Tuesday: 570 Flaws, 3 Zero-Days, and an Urgent Call to Update Windows
Microsoft's July 2026 Patch Tuesday release addresses an unprecedented 570 vulnerabilities, including three publicly disclosed zero-days, and continues a Secure Boot certificate renewal. Home users should install the cumulative updates immediately, while IT admins must test for compatibility issues with OLE Automation and third-party TDI transports. Support deadlines for Windows 11 24H2 Home/Pro and Windows 10 LTSB 2016 in October add urgency to planning. The week also brought a cleaner Windows Search preview and a high-profile Microsoft account recovery story that underscores the need for MFA and backups.
Microsoft postpones Azure Synapse firewall retirement to 2027 — but the clock is ticking
Microsoft has postponed the retirement of Azure Synapse Analytics' trusted-services firewall exception from August 2026 to June 2027, with a new workspace-level security setting arriving by March 2027. The move gives administrators an extra 22 months to transition away from the legacy bypass, but workspaces created without a Managed VNet still face a rebuild-or-adapt decision. Early inventory and planning are critical to avoid another last-minute crisis.