AnonymousMedia.org

Category: Uncategorized

  • Microsoft Patch Tuesday, November 2025 Edition – Krebs on Security

    Microsoft Patch Tuesday, November 2025 Edition – Krebs on Security


    Microsoft this week pushed security updates to fix more than 60 vulnerabilities in its Windows operating systems and supported software, including at least one zero-day bug that is already being exploited. Microsoft also fixed a glitch that prevented some Windows 10 users from taking advantage of an extra year of security updates, which is nice because the zero-day flaw and other critical weaknesses affect all versions of Windows, including Windows 10.

    Affected products this month include the Windows OS, Office, SharePoint, SQL Server, Visual Studio, GitHub Copilot, and Azure Monitor Agent. The zero-day threat concerns a memory corruption bug deep in the Windows innards called CVE-2025-62215. Despite the flaw’s zero-day status, Microsoft has assigned it an “important” rating rather than critical, because exploiting it requires an attacker to already have access to the target’s device.

    “These types of vulnerabilities are often exploited as part of a more complex attack chain,” said Johannes Ullrich, dean of research for the SANS Technology Institute. “However, exploiting this specific vulnerability is likely to be relatively straightforward, given the existence of prior similar vulnerabilities.”

    Ben McCarthy, lead cybersecurity engineer at Immersive, called attention to CVE-2025-60274, a critical weakness in a core Windows graphic component (GDI+) that is used by a massive number of applications, including Microsoft Office, web servers processing images, and countless third-party applications.

    “The patch for this should be an organization’s highest priority,” McCarthy said. “While Microsoft assesses this as ‘Exploitation Less Likely,’ a 9.8-rated flaw in a ubiquitous library like GDI+ is a critical risk.”

    Microsoft patched a critical bug in OfficeCVE-2025-62199 — that can lead to remote code execution on a Windows system. Alex Vovk, CEO and co-founder of Action1, said this Office flaw is a high priority because it is low complexity, needs no privileges, and can be exploited just by viewing a booby-trapped message in the Preview Pane.

    Many of the more concerning bugs addressed by Microsoft this month affect Windows 10, an operating system that Microsoft officially ceased supporting with patches last month. As that deadline rolled around, however, Microsoft began offering Windows 10 users an extra year of free updates, so long as they register their PC to an active Microsoft account.

    Judging from the comments on last month’s Patch Tuesday post, that registration worked for a lot of Windows 10 users, but some readers reported the option for an extra year of updates was never offered. Nick Carroll, cyber incident response manager at Nightwing, notes that Microsoft has recently released an out-of-band update to address issues when trying to enroll in the Windows 10 Consumer Extended Security Update program.

    “If you plan to participate in the program, make sure you update and install KB5071959 to address the enrollment issues,” Carroll said. “After that is installed, users should be able to install other updates such as today’s KB5068781 which is the latest update to Windows 10.”

    Chris Goettl at Ivanti notes that in addition to Microsoft updates today, third-party updates from Adobe and Mozilla have already been released. Also, an update for Google Chrome is expected soon, which means Edge will also be in need of its own update.

    The SANS Internet Storm Center has a clickable breakdown of each individual fix from Microsoft, indexed by severity and CVSS score. Enterprise Windows admins involved in testing patches before rolling them out should keep an eye on askwoody.com, which often has the skinny on any updates gone awry.

    As always, please don’t neglect to back up your data (if not your entire system) at regular intervals, and feel free to sound off in the comments if you experience problems installing any of these fixes.

    [Author’s note: This post was intended to appear on the homepage on Tuesday, Nov. 11. I’m still not sure how it happened, but somehow this story failed to publish that day. My apologies for the oversight.]



    Source link

  • German court jails man for drugging, raping and filming wife for years

    German court jails man for drugging, raping and filming wife for years


    Getty Images The defendant Fernando P. is escorted by a justice officer at the regional court to hear the verdict in the case where he is accused of drugging and raping his wife in Aachen, western Germany, December 19, 2025.Getty Images

    Fernando P being escorted into the regional court in Aachen, western Germany

    A court in the German city of Aachen has sentenced a man to eight-and-a-half years in prison for repeatedly drugging and raping his wife, filming the acts and then posting them online.

    The man, named only as Fernando P in line with German privacy laws, was found guilty of aggravated rape, grievous bodily harm and violation of personal privacy.

    The court found the 61-year-old, who is originally from Spain, guilty of sedating and raping his wife at their home for a period of several years from 2018 to 2024.

    A spokesperson for the court, Katharina Effert, said the man also filmed the abuse and shared it online.

    “He uploaded videos of these acts to chat groups and internet platforms, making them available to other users,” she said.

    Much of the trial was held behind closed doors to protect the identity of his wife.

    Her lawyer, Nicole Servaty, told journalists that she “really had a voice in this proceeding”, adding: “She was able to testify, to express her feelings and everything that has burdened her.”

    She said the ruling could not make up for what happened. “But it might help a bit to cope with things and process them.”

    The verdict is still subject to appeal.

    Getty Images The defendant Fernando P. sits in the regional court awaiting his verdict in the case where he is accused of drugging and raping his wife in Aachen, western Germany, December 19, 2025.Getty Images

    Fernando P was seen with his hoodie obscuring his face as he awaited the verdict in court

    German media say the case bears similarities to the high-profile case in France last year concerning Dominique Pelicot.

    He was found guilty of secretly drugging his wife, Gisèle, and inviting scores of men to rape her while she was unconscious for years.

    Gisèle’s decision to waive her anonymity and hold a public trial turned her into a feminist icon, celebrated for her powerful testimony and courage.

    Germany’s Federal Criminal Police Office, the BKA, says that the victims of sedation and subsequent sexual abuse are “almost exclusively women”.

    It says such crimes “usually take place by exploiting a relationship of trust” in marriage, partnerships, families or among close acquaintances.



    Source link

  • US justice department to release thousands of Epstein files later, top official says

    US justice department to release thousands of Epstein files later, top official says


    Watch: “It’s finally happening” – Trump supporters on the potential release of the Epstein files

    The US justice department will begin releasing long-awaited files related to Jeffrey Epstein as mandated by a new law, though not all documents would be made public on Friday, a top official says.

    Deputy Attorney General Todd Blanche said the department expects to publish “several hundred thousand pages” initially, followed by more over the coming weeks.

    The Friday deadline was mandated by a bill that got near-unanimous support in Congress, and was later signed into law by US President Donald Trump after he reversed his earlier opposition to the release.

    The files relate to investigations into the disgraced late sex offender, but it is likely that much of the content will be heavily redacted.

    “We are looking at every single piece of paper that we are going to produce making sure every victim – their name, their identity, their story, to the extent that it needs to be protected – is completely protected,” Blanche told Fox & Friends.

    He said that the justice department will release more material in the coming weeks.

    “So, today, several hundred thousand, and then over the next couple of weeks, I expect several hundred thousand more,” Blanche said.

    “There’s a lot of eyes looking at these, so we want to make sure that when we do produce the materials that we’re producing, we’re protecting every single victim.”

    Under the Epstein Files Transparency Act, the DOJ was given until 19 December to release the files.

    The bill specifically mentions that the government must release all unclassified records, documents, communications and investigative materials in the DOJ’s possession that relate to the investigation and prosecution of Epstein.

    Leading up to their release, Democrats in the House of Representatives have been publishing batches of documents and photos from Epstein’s estate without context.

    Lawmakers say they have been sorting through a trove of 20,000 documents and 95,000 photos from the estate.

    Democratic Congressman Robert Garcia said in a press release that most of the documents arrived without context, and they have been working to redact potential victims.

    The documents and images have featured several high-profile figures, including Trump, former US President Bill Clinton, Microsoft co-founder Bill Gates, and Andrew Mountbatten-Windsor.

    Appearing in the photos or documents is not evidence of any wrongdoing, and many of the pictured men have said they were never involved in Epstein’s illegal activity.



    Source link