#windows-updates

#windows-updates

The first is Neural Execs, a known prompt injection attack that uses 'gibberish' inputs to trick the AI into executing arbitrary, attacker-defined tasks. These inputs act as universal triggers that do not need to be remade for different payloads.

"I *really* don't think i486 class hardware is relevant any more," Torvalds said in 2022, noting that while some people may still operate 486 systems they aren't relevant from a kernel development standpoint. "At some point, people have them as museum pieces. They might as well run museum kernels."

Microsoft PC Manager, which first appeared in beta form in 2022, and is now available for free to anyone who wants to give it a try. Microsoft promises it "effortlessly enhances PC performance with just one click," and will "keep your PC running smoothly." In other words, it's intended to clean up some of the clutter and baggage that your PC may have accumulated over the years.

But are things getting worse? According to Register readers, and the company's own release health dashboard, the answer has to be yes. It isn't just you. The frequency of emergency out-of-band releases for the company's operating systems has been rapidly increasing to the point where, for every Patch Tuesday update, there'll likely be at least one out-of-band patch to fix whatever got broken.

This month, over half (55%) of all Patch Tuesday CVEs were privilege escalation bugs, and of those, six were rated exploitation more likely across Windows Graphics Component, Windows Accessibility Infrastructure, Windows Kernel, Windows SMB Server, and Winlogon. We know these bugs are typically used by threat actors as part of post-compromise activity, once they get onto systems through other means (social engineering, exploitation of another vulnerability).

Users just need to click a malicious link or shortcut file, and the attacker's code runs without any warning prompts. Microsoft's security teams, along with Google Threat Intelligence Group and an anonymous researcher, caught this one. "Bypassing Windows Shell and SmartScreen protections significantly increases the success rate of malware delivery and phishing campaigns," said Mike Walters, president and co-founder of Action1, in an email to TechRepublic. "Because Windows Shell is a core component used by nearly all users, the attack surface is broad and difficult to fully restrict without patching."

The issue focuses on how Windows handles these directories for specific user sessions. Because the kernel creates a DOS device object directory on demand, rather than at login, it cannot check whether the user is an admin during the creation process. Unlike UAC, Administrator Protection uses a hidden shadow admin account whose token handle can be returned by the system when calling the NtQueryInformationToken API function.