Security Patch
The latest Security Patch coverage — news, analysis, and updates from the WindowsNews.AI desk.
Azure Virtual Desktop flaw CVE-2025-21416 grants privilege escalation via network, patch now.
Overview of CVE-2025-21416 A critical security vulnerability, identified as CVE-2025-21416, has been disclosed in Azure Virtual Desktop (AVD), Microsoft's cloud-based remote desktop service. This...
CISA adds three actively exploited critical CVEs to KEV catalog, urges immediate patching.
The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding three critical vulnerabilities that are actively being...
Windows 11's inetpub Folder: A Double-Edged Sword of Security and Vulnerability Post-April 2025 Update
Introduction In the April 2025 cumulative update for Windows 11 (notably KB5055523), Microsoft introduced an unexpected change that has captivated and concerned users, IT administrators, and security...
Unveiling the Role of the inetpub Folder in Windows 11 24H2 Update: A Critical Security Enhancement
Understanding the Mystery of the inetpub Folder in Windows 11 24H2 Update The Windows 11 24H2 update rolled out in April 2025 introduced an unexpected change that caught many users and IT...
CVE-2025-24054: Exploitation of Windows NTLM Hash Leak Vulnerability Highlights Urgent Need for Patch Management
Overview In March 2025, Microsoft addressed a critical security vulnerability, CVE-2025-24054, within its Windows operating system. This flaw, involving the NT LAN Manager (NTLM) authentication...
Understanding Microsoft's April 2025 Windows 11 Update: The 'inetpub' Folder and Its Crucial Security Role
Introduction In April 2025, Microsoft released a cumulative update for Windows 11 24H2, identified as KB5055523, which introduced an unexpected yet significant change: the creation of an empty...
Microsoft’s April 2025 Windows 11 update creates empty inetpub folder to block CVE-2025-21204 symlink attacks, but introduces new DoS risks.
Introduction Microsoft’s April 2025 cumulative update for Windows 11 introduced a subtle yet critical change that drew significant attention: the automatic creation of an empty "inetpub" folder at...
KB5055523 Ends RDP Freeze Nightmare on Windows Server 2025 and 11 24H2
Overview Microsoft has addressed a critical issue affecting Remote Desktop Protocol (RDP) sessions on Windows Server 2025 and Windows 11 24H2. Users experienced session freezes shortly after...
Windows April 2025 Update Exposes Critical IIS Vulnerability (CVE-2025-21204)
The April 2025 update for Windows 10 and 11 systems has unexpectedly surfaced dormant IIS components, thrusting the typically hidden inetpub directory into the spotlight and exposing attack vectors...
Windows Server 2025 DCs load wrong firewall profile after reboot, Microsoft offers workaround
Overview Microsoft's latest server operating system, Windows Server 2025, has encountered a significant issue affecting domain controllers (DCs). After a system restart, these servers may fail to...
Exploitation of Windows NTLM Vulnerability CVE-2025-24054 in Widespread Cyberattacks
Overview In March 2025, Microsoft released a security update addressing a critical vulnerability in the Windows NT LAN Manager (NTLM) authentication protocol, identified as CVE-2025-24054. Despite...