Microsoft Issues Windows 10 And 11 Update As Attacks Already Underway
Microsoft issues security update as Windows attacks begin.
Users of the Windows operating system, be that Windows 10, Windows 11 or any of the Windows Server variants, are used to reading Microsoft cyberattack warnings. Some warnings, however, are more critical than others. Whenever a Windows zero-day exploit is involved, then you really need to start paying close attention. These are the vulnerabilities that have not only been found by threat actors, but also exploited and are under attack already by the time that the vendor, in this case Microsoft, becomes aware of them. Microsoft, and by extension you, are then playing catch-up to get protected against the cyberattacks in question. Here's what you need to know about CVE-2025-33053 and what you need to do right now. Don't wait, update Windows right now.
The June 10 Patch Tuesday security rollout has brought with it a few unwelcome surprises, as is often the case. None more so than CVE-2025-33053, which is not only a zero-day, in that it is already known to have been exploited by threat actors, but is also being leveraged widely by cyberattacks, and that's very worrying indeed for all Windows users.
A Microsoft executive summary describes the threat from CVE-2025-33053 as 'external control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.' Or, in other words, a remote code execution vulnerability that can do some very bad things indeed.
Tenable Research Special Operations has analyzed the threat, and Satnam Narang, the senior staff research engineer at Tenable, said that it has been confirmed in a Check Point Research report, a known threat group, Stealth Falcon, has 'launched a social engineering campaign to convince targets to open a malicious .url file, which would then exploit this vulnerability, giving them the ability to execute code.' That's problematical, as Narang explained, 'it is rare to hear of a zero-day reported during Patch Tuesday as being leveraged widely. We typically expect these types of zero-days to be used sparingly, with an intention to remain undetected for as long as possible.' All the more reason to get your systems updated as soon as possible. The attackers are not waiting, and neither should you.
'The advisory also has attack complexity as low,' Adam Barnett, lead software engineer at Rapid7, said, 'which means that exploitation does not require preparation of the target environment in any way that is beyond the attacker's control.' Indeed, exploitation just requires a user to click on a malicious link, oh what a surprise. 'It's not clear how an asset would be immediately vulnerable if the service isn't running,' Barnett concluded, adding 'but all versions of Windows receive a patch.' You know what to do, go and do it know.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Android Authority
17 minutes ago
- Android Authority
Google Pixel 10 may fail to live up to our MagSafe dreams, after all
Rita El Khoury / Android Authority TL;DR Google is preparing a range of 'Pixelsnap' accessories for the Pixel 10 that support wireless charging. Despite Qi2 support, the phone may require the use of a case to add the magnets needed for alignment. In addition to Google's own accessories, look for a range of similar Made by Google solutions from third parties. What is so hard about giving Android users what they want? When it comes to wirelessly charging our phones, we're not asking for that much: just some proper MagSafe-style Qi2 charging with integrated magnets. And with our discovery earlier this week of Google's work towards a new line of 'Pixelsnap' accessories, we were getting cautiously optimistic that the Pixel 10 series might just be the phones to do it, supporting Qi2 magnetic attachment right out of the box. Sadly, that dream may already be over, as a new report emerges to dash our hopes. A frustratingly recurring motif for wireless charging on Android phones has been the absence of magnets required for securely attaching Qi2 chargers with perfect alignment when it comes to phones themselves. Instead, manufacturers like Samsung have required users to pick up a case for their phone with these magnets, and while that works in a pinch, it's far less convenient than having that support baked-in. Following our publication of Google's Pixelsnap plans, Android Headlines shares its own report that attempts to confirm Google's development of a series of Qi2 accessories. But the site also adds one important detail: Google will put magnets in its cases. If true, that strongly implies that the phones themselves would not have magnets of their own. And while that wouldn't be at all surprising, given the sorry state of Android Qi2 support, it's nonetheless disappointing. Beyond that frustrating development, Android Headlines reports some new information on some more of Google's Pixel 10 accessory strategy. In addition to Pixelsnap accessories, we'll be seeing the regular assortment of 'Made for Google' options from third parties, with many also supporting Qi2 and seeing sales through the Google Store. The site claims Google's Pixelsnap Charger will look much like Apple's own MagSafe Charger, and that the Pixelsnap Charger with Stand will resemble the old Pixel Stand 2. So far, though, we've yet to see imagery of either. Finally, Google's reportedly working on a new dual-port USB-C charger with 45W output support. Whether or not any Pixel 10 phones will actually support charging that fast remains to be seen. Got a tip? Talk to us! Email our staff at Email our staff at news@ . You can stay anonymous or get credit for the info, it's your choice.
The Verge
22 minutes ago
- The Verge
Apple will let you play video in CarPlay with iOS 26
Apple's days of blocking you from watching video through CarPlay appear to be coming to an end. The upcoming iOS26 update will allow people to project video from their phones onto the center display of their vehicle through AirPlay. This will enable users to 'watch their favorite videos from iPhone right on their CarPlay display when they aren't driving,' Apple says. The new capability, which was first noticed by MacRumors, falls under the 'video in the car' category on Apple's developer site, alongside 'Automaker apps' and 'car keys.' The company invites automakers and developers who are 'interested in supporting CarPlay, CarPlay Ultra, AirPlay video, or car keys in your vehicle system' to join its MFi Program. Apple says that automakers will need to add support for CarPlay with AirPlay video, so it won't be available to everyone right away. Most automakers are a little risk-averse when approaching new tech that has the potential to be a distraction from driving, so they're likely pushing for assurances that videos can only be played while the vehicle is parked. They're also wary about handing over too much control of their screens to Apple, which is why Aston Martin is the only automaker that has come out in support of the company's new CarPlay Ultra. Apple says that automakers will need to add support for CarPlay with AirPlay video, so it won't be available to everyone right away. A spokesperson for Apple didn't immediately respond to questions about automaker support or hardware requirements. A lot of vehicles, especially EVs, already offer some version of video streaming or gaming capability while parked. Some automakers, especially those with Google's built-in Android-based operating systems, have started adding native YouTube apps to their infotainment displays. Tesla has a Theater mode that supports Netflix, Hulu, YouTube, and other services. Other car manufacturers with passenger or seatback screens support various video streaming services.
CNET
30 minutes ago
- CNET
Amazon Deals of the Day: Fix Your Spotty Wi-Fi With Half Off a TP-Link Wi-Fi 6 Extender
Amazon sells a wide array of products, with new ones arriving daily. The retail giant has everything from home essentials to tech gear and wellness items. As much as it loves adding new products, Amazon also loves cutting prices. But deciding which deals are worth grabbing (and which aren't) is a full-time job -- our job, specifically. That's why we scope out the top deals for you. Today, we spotted the TP-Link AX1800 Wi-Fi extender for an insane 50% off, bringing it to a new low price. We also found the Anker USB-C to HDMI adapter for a nice 33% off. And finally amp up your summer movie nights with the Roku Ultra 2024, now 20% off. Having slow or spotty Wi-Fi at home can be a real pain, especially for those of us who work or study from home. And even if you don't, most of out lives are online these days, making a strong connection practically essential. If you're finding some areas of your house to have less-than ideal connection, a Wi-Fi extender is a must. This can help strengthen the signal throughout your home and TP-Link makes some of the best ones. The TP-Link AX1800 Wi-Fi 6 extender covers up to 1,500 square feet and can handle up to 30 devices. It's pretty speedy, with a data transfer rate of just about 2Gbps and it's super easy to set up using the app so you can be up and running in no time. Plus, it's compatible with just about every device out there, including new AX phones, laptops and other devices. Normally retailing for $100, you can get one for half off bringing it down to just $50. TP-Link disclaimer: Note that while CNET does feature TP-Link models on our best Wi-Fi routers list, the US government is considering a ban on these routers. We will monitor this story closely to determine if we need to reevaluate those choices. Our evaluation of the hardware itself has not changed, but out of an abundance of caution to our readers urge you to consider the risk of a potential future ban before you buy. But if your budget and needs fit with this option and you're still interested in this offer, the 50% off deal is likely worth the risk for some shoppers. If you like streaming things from your laptop to your TV, monitor or other display, you know the importance of having a solid adapter. Anker's USB-C to HDMI adapter falls into this category. It's made with a lightweight aluminium casing that helps with heat dissipation so it doesn't overheat. It's also made with reinforced braided nylon so it won't break when you're twisting and pulling it. This adapater also streams in 4K so you get the best quality picture. It works with any device that has a USB-C port and HDMI port. All you have to do is plug it in and play. It usually runs for $18 but you can pick one up today for over 30% off bringing the price to $12. Plus, it's only a dollar more than the record-low price we saw around five years ago. To really boost up your streaming game, take a look at the Roku Ultra 2024 streaming player. Roku makes some of our favorite streaming devices. The Roku Ultra is on the high end of Roku's lineup, streaming 30% faster than other Roku devices. It has all the features you're likely to want including 4K streaming, Bluetooth, Wi-Fi 6, HDR with Dolby Vision, Dolby Atmos and even a rechargeable Roku Voice Remote Pro. The remote has quick launch buttons for your favorite apps like Netflix, Prime Video and more. It also has a backlight so you can see the buttons even at night. My favorite feature is the lost remote finder. You can use the Roku app or simply say "Hey Roku, find my remote." Long gone are the days of tearing the house up to find the remote. This streaming player is normally $100 but this 20% discount drops that price to $80. With so many deals on Amazon, deciding which ones are worth your money can be difficult. But CNET's combed through what the world's largest online retailer has to offer and gathered the best deals for you to peruse.
