Cve 2025 49762
The latest Cve 2025 49762 coverage — news, analysis, and updates from the WindowsNews.AI desk.
New Outlook for Windows Takes Major Step Toward Classic Parity with Offline Attachments, Ctrl+F, and More
Microsoft's new Outlook for Windows now lets users open classic file attachments offline, use Ctrl+F to search within messages, add multiple recipients to replies, and manage shared mailboxes more easily. The offline attachment feature syncs documents locally but excludes OneDrive and SharePoint links, and IT administrators must enable it via OWAMailboxPolicy settings while considering data security risks. The updates, rolling out through September 2025, narrow the feature gap with Outlook Classic significantly.
Windows 10's Final Days: Extended Security Updates, TPM 2.0, and a One-Year Bridge to Windows 11
Microsoft ends Windows 10 security updates on October 14, 2025. A consumer Extended Security Updates program offers a paid or free one-year bridge, while upgrading to Windows 11 remains the recommended long-term solution. Users who cannot upgrade can choose alternative OSes or hardened isolation, but all paths require immediate planning to avoid increased security risks.
Chrome Canary Auto-Revokes Clipboard Access from Dormant Sites
Chrome Canary’s Safety Check now automatically revokes clipboard permissions from sites you haven’t visited in a while, protecting sensitive data like passwords and financial details. A one-click “Allow again” button makes restoration simple, but IT admins must test for workflow disruptions with password managers and internal apps. This shift toward time-bounded permissions marks a significant privacy upgrade for Windows users.
XChat’s Encryption Promise Crumbles: GPS-Tagged Photos and Server Keys Put Users at Risk
X's new encrypted chat feature, XChat, fails to strip EXIF metadata from images, potentially exposing GPS coordinates and timestamps. Combined with server-held encryption keys and lack of perfect forward secrecy, security experts warn the platform falls short of true end-to-end encryption. Users are advised to avoid XChat for sensitive conversations until these issues are addressed.
Get a Free Year of Windows 10 Security Updates After October 2025 by Syncing Your Microsoft Account
Microsoft will end free security updates for Windows 10 on October 14, 2025, but consumers can get an extra year of patches for free by syncing their PC settings to a Microsoft account. Eligible devices can upgrade to Windows 11 at no cost, while non‑eligible hardware must consider ESU, a new PC, or switching to Linux. Early planning—backups, compatibility checks, and ESU enrollment—is essential to avoid a last‑minute security crisis.
Trojanized ScreenConnect Installers Deliver AsyncRAT and PureHVNC in Escalating RMM Abuse Campaigns
Since March 2025, threat actors have sharply increased abuse of ConnectWise ScreenConnect by weaponizing trojanized installers and ClickOnce runners to deploy AsyncRAT, PureHVNC, and custom PowerShell RATs. These phishing-driven campaigns exploit the trust placed in signed RMM binaries, using advanced techniques like Authenticode stuffing and process hollowing to establish persistent access while evading signature-based detection. Security teams must adopt behavioral detection, application whitelisting, and zero-trust remote access policies to counter this growing threat.
Windows 10's October 2025 Deadline: How to Upgrade, Stay Safe, and Explore Alternatives
Windows 10 support ends October 14, 2025, leaving PCs vulnerable without security updates. This guide covers backup strategies, hardware compatibility checks, and step-by-step upgrade paths to Windows 11—whether a standard in-place upgrade or a clean install. Alternatives like Extended Security Updates (ESU), switching to Linux, or buying a new PC are also detailed for users who cannot immediately move to Windows 11.
Microsoft Offers Free Windows 10 Security Extension Through Rewards and OneDrive Backup Before Oct 14 Deadline
Microsoft’s Windows 10 support ends October 14, 2025. Consumers can get one year of Extended Security Updates for free via OneDrive backup or Microsoft Rewards points, or pay $30 for up to 10 devices. The program delivers only critical and important patches, requires a Microsoft account, and should be used as a temporary bridge to Windows 11 or new hardware.
Chrome's 'Managed' Warning Explained: From Security Suites to Malware, Here's How to Investigate
Google Chrome's 'managed by your organization' banner often confuses home users but is usually caused by legitimate software. This article explains how to inspect active policies via chrome://policy, remove unwanted configurations, and determine whether the alert indicates a security threat. With clear steps for Windows and macOS, users can quickly diagnose and resolve the issue.
Mozilla Pushes Firefox 115 ESR End-of-Life to March 2026, Giving Windows 7 and 8.1 Users Another Lifeline
Mozilla has once again extended Firefox 115 ESR support for Windows 7, 8, 8.1, and older macOS through March 2026, with a re-evaluation in February 2026. The security-only patches make Firefox the last mainstream browser actively protecting these legacy systems, but Mozilla warns users to plan upgrades to supported OSes before the deadline.
Microsoft’s October 14 Deadline Forces Windows 10 Users to Choose: Upgrade, Pay, or Risk Security
Microsoft ends Windows 10 support on October 14, 2025, ceasing all security updates. Users must upgrade to Windows 11 if eligible, enroll in the one-year $30 consumer ESU program, or switch to alternatives like Linux or ChromeOS Flex. A practical migration checklist and analysis of environmental and ethical concerns provide a comprehensive guide for navigating the hard deadline.
Microsoft’s August Patch Breaks WSUS, Triggers NVMe Vanishing Act and Hardens Installer Security
Microsoft's KB5063878 for Windows 11 24H2 broke WSUS/SCCM deployments with error 0x80240069, triggered a Known Issue Rollback, and hardened Windows Installer against CVE-2025-50173, causing UAC prompts. Simultaneously, community testers reproduced NVMe SSD failures under sustained writes, notably on Phison-based drives, though both Phison and Microsoft telemetry found no systemic link, pointing to multi-factor firmware edge cases. The article provides verified details, vendor statements, technical analysis, and practical mitigations for all users.
Microsoft’s $30 Windows 10 Extension Triggers Backlash as Enterprise Costs Could Soar to $7.3 Billion
Microsoft’s Windows 10 support ends October 14, 2025. A new Extended Security Updates program offers consumers a one-year lifeline for $30 (or free via Microsoft account linkage), while enterprises face per-device fees that double each year. The plan draws criticism over privacy, e-waste, and forced upgrades, but analysts project it could earn Microsoft billions.