Microsoft Issues Windows 10 And 11 Update As Attacks Already Underway
Microsoft issues security update as Windows attacks begin.
Users of the Windows operating system, be that Windows 10, Windows 11 or any of the Windows Server variants, are used to reading Microsoft cyberattack warnings. Some warnings, however, are more critical than others. Whenever a Windows zero-day exploit is involved, then you really need to start paying close attention. These are the vulnerabilities that have not only been found by threat actors, but also exploited and are under attack already by the time that the vendor, in this case Microsoft, becomes aware of them. Microsoft, and by extension you, are then playing catch-up to get protected against the cyberattacks in question. Here's what you need to know about CVE-2025-33053 and what you need to do right now. Don't wait, update Windows right now.
The June 10 Patch Tuesday security rollout has brought with it a few unwelcome surprises, as is often the case. None more so than CVE-2025-33053, which is not only a zero-day, in that it is already known to have been exploited by threat actors, but is also being leveraged widely by cyberattacks, and that's very worrying indeed for all Windows users.
A Microsoft executive summary describes the threat from CVE-2025-33053 as 'external control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.' Or, in other words, a remote code execution vulnerability that can do some very bad things indeed.
Tenable Research Special Operations has analyzed the threat, and Satnam Narang, the senior staff research engineer at Tenable, said that it has been confirmed in a Check Point Research report, a known threat group, Stealth Falcon, has 'launched a social engineering campaign to convince targets to open a malicious .url file, which would then exploit this vulnerability, giving them the ability to execute code.' That's problematical, as Narang explained, 'it is rare to hear of a zero-day reported during Patch Tuesday as being leveraged widely. We typically expect these types of zero-days to be used sparingly, with an intention to remain undetected for as long as possible.' All the more reason to get your systems updated as soon as possible. The attackers are not waiting, and neither should you.
'The advisory also has attack complexity as low,' Adam Barnett, lead software engineer at Rapid7, said, 'which means that exploitation does not require preparation of the target environment in any way that is beyond the attacker's control.' Indeed, exploitation just requires a user to click on a malicious link, oh what a surprise. 'It's not clear how an asset would be immediately vulnerable if the service isn't running,' Barnett concluded, adding 'but all versions of Windows receive a patch.' You know what to do, go and do it know.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
18 minutes ago
- Yahoo
These Are The Stocks You Should Watch in July
Stocks soared to record highs in June, boosted by optimism about possible trade deals, easing geopolitical tensions, and hope that the Federal Reserve could resume cutting interest rates in the coming months. In July, market participants will first be watching President Trump's "One Big Beautiful Bill," which legislators aim to pass this week. Investors' attention will then turn to second-quarter corporate results, which start rolling in mid-month. Wall Street will be looking for signs of the impact that tariffs are having on profit margins and consumer demand. Below, we look at stocks that are worth watching this month. Microsoft (MSFT) is expected to report quarterly earnings late in the month, and the results, if they're anything like last quarter's, could make the software giant the world's first $4 trillion company. Microsoft in April reported cloud computing revenue increased by 21% in the first three months of the year, helping to drive better-than-expected results on the top and bottom lines. Shares jumped nearly 8% the next day, and the stock has climbed steadily to a series of record highs ever since. The results helped to revive an AI trade that, because of tariff-driven anxiety, was struggling to regain its footing after the DeepSeek shock in January. The AI rally of the last two months has lifted tech stocks to record highs and set earnings expectations high for giants like Microsoft. Microsoft shares rose 8% in June, putting the stock up 18% since the start of the year. Tesla (TSLA) is slated to report second-quarter deliveries on July 2, and investors will be watching to see if the numbers have stabilized now that CEO Elon Musk has put some distance between himself and his controversial work with President Trump. Tesla sales slumped across the globe earlier this year amid a consumer backlash to Musk's work with the White House's cost-cutting task force, the Department of Government Efficiency, and his support for far-right parties in Europe. Deliveries continued to decline in several key European markets in May, suggesting the carmaker's reputational troubles could linger. Granted, car deliveries may matter less to Wall Street than they did as recently as last year. That's because Musk has—at least rhetorically—pinned Tesla's future on its nascent self-driving software and the robotaxi service he envisages it powering. Tesla soft-launched its robotaxi service in Austin, Texas, late last month. The rollout wasn't without its hiccups—federal regulators reportedly contacted the company after videos circulated online showing its cars driving erratically. Still, Musk called the launch a success, and intends to ramp the service within Austin and expand to other metro areas before the end of the year. Analysts are likely to query Musk about the timeline of a wider robotaxi launch during the company's second-quarter earnings call, likely to take place closer to the end of the month. Tesla shares fell 8.3% last month, pushing their year-to-date decline to 21%. Advanced Micro Devices (AMD) is expected to report quarterly results late in the month, and expectations could be elevated after the stock's big run-up in June. AMD shares rose 28% last month, their best since May 2023. AMD hosted its Advancing AI event where the chipmaker unveiled a new graphics processing unit to compete with Nvidia's (NVDA) Blackwell chips, and said it would launch a 'Helios' rack-scale system to take on Nvidia's Vera Rubin series starting in 2026. Analysts were impressed by the event. Piper Sandler raised its price target on the stock, saying 'Helios' would be 'pivotal' for AMD's growth. Bank of America noted that Nvidia remained the AI chip leader, but that AMD had proven it was cementing its spot as 'the next-best AI vendor.' The stock could take a hit this month from the announcement of semiconductor tariffs, which President Trump ordered the Commerce Department to investigate in April. Section 232 tariff investigations usually take 270 days, but Trump has reportedly requested a speedier review, and his penchant for 90-day timelines—see tariff pauses—could mean the end of that investigation lands in July. After AMD's June rally, shares are up more than 17% since the start of the year. The 'One Big Beautiful Bill' making its way through Congress contains provisions that are likely to deal a major blow to solar and other renewable energy companies. The Senate version that was being considered on Monday would phase out tax credits for wind and solar projects by 2027, a less severe provision than the House bill passed in May, which repeals the credits for any project that hasn't broken ground within 60 days of the law's enactment. The two bills will need to be reconciled before being sent to President Trump's desk, which he's said he wants done this week. The Senate bill contained the slightest of silver linings for companies like First Solar (FSLR) that manufacture their products in the U.S. It levies new taxes on imported renewables equipment, and an additional penalty for projects that use equipment from China, one of the world's largest manufacturers of clean energy technology. The renewable provisions in the final bill are likely to be in flux right up to the July 4th deadline, but wind and solar investors will be hoping for some mercy from lawmakers. Ford (F) is expected to report quarterly results late in the month, and investors will be looking to its guidance to judge how big a toll tariffs are likely to take on corporate earnings this year. The carmaker suspended its full-year guidance, citing the unpredictable tariff outlook, when it reported first-quarter earnings in May. The company estimated it would take a $2.5 billion hit from the tariffs, but that it could offset about $1 billion of those costs. The tariff picture has become slightly clearer in recent months. Imported vehicles and autoparts are subject to a 25% tariff, except for those that comply with the U.S.-Mexico-Canada Agreement negotiated during the first Trump presidency. Those levies went into effect in the second quarter, and the true cost of those tariffs should be evident in both Ford's results and financial projections. Ford shares rose 4.5% in June, putting the stock up nearly 10% since the start of the year. Read the original article on Investopedia Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
21 minutes ago
- Yahoo
Cato Networks raises $359m Series G funding at $4.8bn valuation
Cato Networks, a secure access service edge (SASE) solutions provider, has raised $359m in a Series G funding round, elevating its valuation to more than $4.8bn. The round was led by new investors such as Vitruvian Partners and ION Crossover Partners, along with existing investors including Lightspeed Venture Partners, Acrew Capital, and Adams Street Partners. This latest investment brings Cato Networks' total funding to more than $1bn. Vitruvian Partners said: 'Cato has spent the past decade building and optimising the next generation of cybersecurity, and we are proud to partner with them as they continue to raise the bar for AI-driven security and networking. 'The company's visionary leadership, best-in-class growth and retention rates, and relentless focus on innovation and customer experience are what led us to invest in Cato. 'We look forward to supporting Cato's next phase of growth as they expand their market reach and transform how enterprises connect and secure their digital businesses and use of AI.' Tel Aviv, Israel-based Cato Networks delivers enterprise-grade security and networking through a single, cloud-native platform. Unlike traditional infrastructure, which is often seen as costly and fragmented, Cato's SASE Cloud Platform is designed to be self-maintaining and autonomously scalable. With the new funds, Cato Networks plans to expand its capabilities and increase its total addressable market. The company aims to advance AI security, allowing enterprises to adopt AI securely and efficiently. Additionally, Cato intends to accelerate platform innovation by investing in research and development across various areas, including DEM, LAN Security, IoT/OT Security, SD-WAN, SSE, XDR, and ZTNA. Cato Networks also plans to expand its global reach by growing its partner ecosystem and customer-facing teams to meet increasing global demand. Cato Networks co-founder and CEO Shlomo Kramer said: 'With more than 3,500 enterprise customers, consistent hyper-growth, and repetitive and scalable wins against all leading competitors, Cato is a proven and mature business to invest in. 'Our true SASE platform and decade of AI innovation differentiates Cato from legacy vendors that favour a portfolio of point solutions. Customers and partners understand the difference and select Cato to benefit from proven security, operational efficiency, and business agility.' "Cato Networks raises $359m Series G funding at $4.8bn valuation " was originally created and published by Verdict, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.
Wall Street Journal
22 minutes ago
- Wall Street Journal
Stocks to Watch Tuesday: Tesla, Robinhood, Wolfspeed
↘️ Tesla (TSLA): President Trump said overnight the government could look at the funding given to Elon Musk's companies, after Musk once again criticized his "big, beautiful bill." Tesla shares fell almost 5% in premarket trading. ↘️ Renault (FR:RNO): The French carmaker will book a non-cash loss of around $11 billion due to changes in how it accounts for its stake in Japan's Nissan (JP:7201). Renault shares fell as much as 2%. ↗️ Robinhood (HOOD): The brokerage is launching new cryptocurrency services designed to make it a hub for digital assets. Shares gained around 3% ahead of the opening bell, after jumping roughly 13% Monday.
