Live
Portuguese Restaurant Kiosk Borked by Windows Code-Signing Check on WinRestKioskWPF.exe·MSFT +0.1%Rufus 4.15 Final Release Fixes ARM64 Boot Crashes and Adds RISC-V 64 Support·NVDA +3.0%Azure Security Researcher Matthew Jensen Earns MVR Status After Exposing Entra ID Vulnerabilities in Zero Day Quest·GOOGL +1.2%HP Deploys OpenAI's Agentic AI to Revolutionize Windows Fleet Governance·AMZN +2.9%OpenAI Slashes AI Inference Costs by Over 50% with New Software Breakthrough·MSFT +0.1%Nordic IT Leader Tieto Earns Microsoft Copilot Specialization, Strengthening Enterprise AI Credentials·NVDA +3.0%wolfSSL Warns of AES-GCM Streaming Flaw CVE-2026-55967 That Bypasses Authentication Past 64 GiB·GOOGL +1.2%CallTower Locks Down Microsoft’s Advanced Specialization for Teams Calling, Cementing Its Enterprise Voice Dominance·AMZN +2.9%Portuguese Restaurant Kiosk Borked by Windows Code-Signing Check on WinRestKioskWPF.exe·MSFT +0.1%Rufus 4.15 Final Release Fixes ARM64 Boot Crashes and Adds RISC-V 64 Support·NVDA +3.0%Azure Security Researcher Matthew Jensen Earns MVR Status After Exposing Entra ID Vulnerabilities in Zero Day Quest·GOOGL +1.2%HP Deploys OpenAI's Agentic AI to Revolutionize Windows Fleet Governance·AMZN +2.9%OpenAI Slashes AI Inference Costs by Over 50% with New Software Breakthrough·MSFT +0.1%Nordic IT Leader Tieto Earns Microsoft Copilot Specialization, Strengthening Enterprise AI Credentials·NVDA +3.0%wolfSSL Warns of AES-GCM Streaming Flaw CVE-2026-55967 That Bypasses Authentication Past 64 GiB·GOOGL +1.2%CallTower Locks Down Microsoft’s Advanced Specialization for Teams Calling, Cementing Its Enterprise Voice Dominance·AMZN +2.9%

Cve 2024 41985

The latest Cve 2024 41985 coverage — news, analysis, and updates from the WindowsNews.AI desk.

13 stories in view AI assisted desk updated 9:45 AM
Latest Most Read Breaking
Sort
Windows 10 · S Mode

Why Windows 10 S Was Never Really About Chromebooks — It Was Microsoft’s 3 Billion Device Moon Shot

Microsoft’s Windows 10 S and Surface Laptop launch in 2017 was publicly targeted at education, but internally it aimed to jumpstart the stalled push to 3 billion Windows 10 devices. The locked-down OS reduced malware and management overhead, while the premium clamshell set a design standard that OEMs chased, but app compatibility gaps and pricing misalignment limited mass adoption. The strategy evolved into S Mode and influenced the laptop market long after the initial fanfare faded.

Security

Microsoft Releases Defender Package 1.447.236.0 to Close Critical First-Boot Protection Gap in Windows Install Images

Microsoft's latest Defender package (version 1.447.236.0) updates Windows installation images with current antimalware components, closing the gap that leaves new deployments vulnerable. The Lumma stealer takedown, which infected nearly 400,000 systems, underscores the urgency of pre-loading defenses. Administrators should automate image servicing to ensure every new device starts protected.

Security Desk·1m ago ·5 min
Security

Microsoft Retires 'Turn Off' Option for Store Updates, Enforces Temporary Pauses

Microsoft has removed the permanent 'Turn Off' toggle for automatic app updates in the Microsoft Store, replacing it with a pause feature that auto-resumes after 1 to 5 weeks. The shift prioritizes security and reduces fragmentation but frustrates power users and those on metered connections. Administrators can still override the behavior via Group Policy or registry, while consumers must rely on workarounds like metered network settings.

Security Desk·1m ago ·5 min
Security

$329.5B OT Cyber Losses Possible as Ransomware Hits Critical Infrastructure: Dragos-Marsh Report

New financial modeling from Dragos and Marsh McLennan reveals that an extreme OT cyber incident could cost up to $329.5 billion, while a Fortinet survey finds 73% of organizations suffered OT intrusions. Critical vulnerabilities in Erlang/OTP, NetScaler, and OPC UA are being actively exploited, and the article outlines a 90-day tactical roadmap to reduce exposure.

Security Desk·3m ago ·5 min
Advertisement
Windows 10 End Of Life · Consumer Esu

Microsoft Draws a Hard Line: Windows 10's Final Security Patch Drops October 14, Consumer ESU Offers One-Year Reprieve

Microsoft will deliver its final regular security update for Windows 10 on October 14, 2025. Users who can’t upgrade to Windows 11 must enroll in the new Consumer Extended Security Updates (ESU) program—available for free with a Microsoft account, via Rewards points, or for a $30 one-time fee—to receive critical patches through October 13, 2026. The article details enrollment steps, the impact of hardware requirements, and the security risks of doing nothing.

SE Security Desk·3m ago
Cisco · Cve-2025-20265

Cisco Rushes Patch for Critical 10.0 Bug Exposing Firewall Managers to Pre-Auth Shell Attacks

Cisco has patched a critical 10.0-severity pre-authentication remote command injection flaw (CVE-2025-20265) in its Secure Firewall Management Center. The bug allows unauthenticated attackers to execute arbitrary shell commands on appliances using RADIUS for management. Organizations must quickly patch or implement mitigations to protect centralized security infrastructure.

SE Security Desk·3m ago
Flyoobe · Flyby11

Flyoobe 1.2 Delivers Windows 11 Bypass and OOBE Tweaks, But Experts Warn of Security Pitfalls

Flyoobe 1.2 combines the Flyby11 Windows 11 installer bypass with a customizable OOBE experience, enabling upgrades on unsupported hardware and streamlined first-run setups. While the tool extends the life of older PCs and simplifies deployment for enthusiasts, it compromises crucial security features like TPM 2.0 and Secure Boot, introduces update uncertainty, and raises driver and licensing concerns. Users are advised to approach with rigorous testing, backups, and a clear understanding of the removed safeguards.

SE Security Desk·5m ago
Powershell · Powershell 2.0

PowerShell 2.0 Removal from Windows 11 24H2 Kicks Off in August 2025 – Here’s Your Migration Playbook

Microsoft will remove the legacy PowerShell 2.0 engine from Windows 11 24H2 in August 2025 and from Windows Server 2025 in September 2025, closing a security gap exploited by attackers and prompting administrators to migrate legacy scripts and installers to PowerShell 5.1 or 7.x. The change, long expected after its 2017 deprecation, is part of a broader effort to simplify the OS and improve security. A phased migration playbook is provided to help organizations inventory, test, and remediate any remaining dependencies.

SE Security Desk·6m ago
Windows 11 · Windows Defender

Defender’s Limits Exposed: A Practical Guide to Windows 11 Security Layers

Windows 11's built-in security provides a strong baseline, but stubborn Trojan infections that Microsoft Defender can't remove highlight critical gaps. This article explores where native protections fall short—from social engineering to firmware flaws—and outlines a practical, layered defense model that combines identity hardening, EDR, patch management, and user training to truly protect modern systems.

SE Security Desk·6m ago
California Lawsuit · Windows 10 End Of Life

Suit: Microsoft Must Extend Free Windows 10 Security Updates Until Only 10% Remain

A California lawsuit seeks to force Microsoft to extend free Windows 10 security updates until the OS's market share drops to roughly 10%, challenging the October 14, 2025 end‑of‑support plan. The case raises debates around consumer rights, e‑waste from incompatible hardware, and the company's push toward Windows 11 and AI services. While the legal hurdles are high, the suit has already sparked wider calls for lifecycle transparency and sustainable device policies.

SE Security Desk·6m ago
PowerShell 2.0 Removal · Windows 11 24H2

PowerShell 2.0 Engine Finally Stripped from Windows 11 24H2, Server 2025 in August

Microsoft will eliminate the PowerShell 2.0 engine from Windows 11 24H2 in August 2025 and Windows Server 2025 in September. The change, documented in KB 5065506, closes a downgrade attack vector and forces legacy automation to modernize. Administrators should inventory scripts, test workloads, and coordinate vendor updates immediately.

SE Security Desk·7m ago
CVE-2025-8879 · Chrome Security Update

Chrome 139 Fixes High-Severity libaom AV1 Heap Overflow; Edge Patch to Follow

Google has patched a high-severity heap buffer overflow in the libaom AV1 codec, tracked as CVE-2025-8879, with Chrome 139.0.7258.127/.128. The vulnerability could allow remote code execution via malicious web content, and while no in‑the‑wild exploits have been reported yet, all users should update Chrome immediately. Microsoft Edge and other Chromium‑based browsers are expected to follow with their own patches, and administrators should prioritize deployment across their fleets.

SE Security Desk·8m ago
CVE-2025-8882 · Chrome Update

Google Chrome 139.0.7258.127 Plugs Aura Use-After-Free (CVE-2025-8882) and Other High-Severity Bugs

Google Chrome 139.0.7258.127 patches a use-after-free vulnerability in the Aura UI component (CVE-2025-8882) along with four other high-severity flaws. Exploitation requires user interaction but could lead to heap corruption and potential code execution. Immediate updates are critical for Chrome, Edge, and all Chromium-based browsers.

SE Security Desk·8m ago