Wdac
The latest Wdac coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft's 2026 Kernel Trust Change: Ending Legacy Cross-Signed Driver Support in Windows
Microsoft is preparing to implement one of the most significant Windows kernel trust changes in years, scheduled for April 2026. This security hardening measure will block legacy cross-signed drivers...
Windows 11 Copilot Removal: Why Group Policy Falls Short and AppLocker Wins
Microsoft's recent introduction of Group Policy options for managing Windows Copilot has sparked significant discussion among IT administrators and enterprise users. While these new controls...
Windows 11's Smart App Control Gets Outsmarted: Researchers Uncover Multiple Bypass Techniques
Security researchers have documented real-world attacks that slip past Windows 11’s Smart App Control, exposing cracks in Microsoft’s cloud-powered application gatekeeper. The findings, published...
Silent Copilot Push: Microsoft’s 365 AI App Auto-Installs on Windows, But You Can Block It
Microsoft plans to quietly push the Microsoft 365 Copilot app onto Windows devices starting in the fall of 2025—a move that will affect millions of business and consumer machines, but one that...
CVE-2025-53136: Windows 11 Update Leaks Kernel Pointers, Defeating KASLR
Microsoft's attempt to seal a kernel security hole has backfired. A patch originally shipped in October 2024 to fix CVE-2024-43511 inadvertently created a new vulnerability—tracked as...
BitLocker Kernel Flaw CVE-2025-54912 Lets Attackers Escalate to SYSTEM, Microsoft Urges Patching
Microsoft has confirmed a critical use-after-free vulnerability in the Windows BitLocker stack, tracked as CVE-2025-54912, that could allow an authorized local attacker to gain SYSTEM privileges on...
Microsoft Issues Urgent Fix for Windows Defender Firewall Type-Confusion EoP (CVE-2025-54104)
Microsoft has confirmed a critical elevation-of-privilege vulnerability in the Windows Defender Firewall Service (MpsSvc) that could enable an attacker with local access to escalate to SYSTEM-level...
Microsoft Urges Immediate Patching for Windows Kernel Privilege-Escalation Flaw CVE-2025-54110
Microsoft has released a security update to patch a high-severity vulnerability in the Windows kernel, tracked as CVE-2025-54110, that allows a local attacker to escalate privileges to SYSTEM level....
Silver Fox APT Weaponizes Microsoft-Signed Driver to Kill EDR, Drop ValleyRAT
A new in-the-wild campaign by the Silver Fox APT is rubbing salt into the persistent wound of Windows driver security: attackers are using a Microsoft-signed but functionally vulnerable kernel driver...
New Open-Source AppLockerGen Tool Promises Easier XML Policy Editing — But Beware the Pitfalls
Windows administrators and security engineers struggling with the arcane XML syntax of AppLocker policies have a new ally: AppLockerGen, an open-source Streamlit-based graphical editor that promises...
Elon Musk's Macrohard Plans to Simulate Microsoft Using Autonomous AI Agents
Elon Musk announced on August 22, 2025, that he is launching a “purely AI software company” named Macrohard—a cheeky but calculated move targeting Microsoft directly. The announcement, made on...
PC Manager’s 7.8 CVSS Flaw Exposed: How Symlinks Give Attackers SYSTEM Rights
A vulnerability tracked as CVE-2025-29975 in Microsoft PC Manager hands local attackers a direct path to full SYSTEM control. With a CVSS 3.1 score of 7.8 (high) and a low attack complexity, the bug...