Security and Windows TCO

posted by Roy Schestowitz on Mar 26, 2025

• LWN ☛ Security updates for Tuesday

  Security updates have been issued by Debian (ruby-rack), Fedora (chromium, golang-github-openprinting-ipp-usb, OpenIPMI, and python-jinja2), Mageia (kernel, kernel-linus, and wpa_supplicant, hostapd), Red Hat (fence-agents, kernel, kernel-rt, libxml2, libxslt, and pcs), SUSE (cadvisor, docker, freetype2, nodejs-electron, php8, rsync, u-boot, warewulf4, webkit2gtk3, and zvbi), and Ubuntu (elfutils, python3.5, python3.8, ruby-rack, smartdns, and zvbi).

• OpenSSF (Linux Foundation) ☛ OpenSSF Newsletter – March 2025 [Ed: It is not about "the Open Source Security community" but proprietary software vendors that put back doors in things]

  Welcome to the March 2025 edition of the OpenSSF Newsletter! Here’s a roundup of the latest developments, key events, and upcoming opportunities in the Open Source Security community.

• OpenSSF (Linux Foundation) ☛ What’s in the SOSS? Podcast #25 – S2E02 Empowering Security: Yesenia Yser on Open Source, AI, and Personal Branding

• Security Week ☛ Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky

  The vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks targeting organizations in Russia.

• Open Source For U ☛ 5 Network Security Threats (And How To Combat Them)

  New cyber attack techniques and scary headlines with companies being hacked emerge almost daily, putting IT teams in constant reactive mode.

• Security Week ☛ Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots

  DrayTek routers around the world are rebooting and the vendor’s statement suggests that it may involve the exploitation of a vulnerability.

• The Straits Times ☛ KLIA operations not affected after Malaysian airport hit by cyber attack

  PM Anwar said funds will be allocated to beef up Malaysia's cyber-security systems.

• SANS ☛ X-Wiki Search Vulnerability exploit attempts (CVE-2024-3721), (Tue, Mar 25th)

  Creating a secure Wiki is hard. The purpose of a wiki is to allow "random" users to edit web pages. A good Wiki provides users with great flexibility, but with great flexibility comes an even "greater" attack surface. File uploads and markup (or markdown) are all well-known security issues affecting various Wikis in the past.

• Federal News Network ☛ Striking the balance between information sharing and security

  That balancing act requires a complex response, especially when designing networks and systems for collaboration.

• Security Week ☛ Numotion Data Breach Impacts Nearly 500,000 People

  Email-related data breach suffered by wheelchair and other mobility equipment provider Numotion affects almost 500,000 individuals. 

• Security Week ☛ Chinese APT Weaver Ant Targeting Telecom Providers in Asia

  Weaver Ant, a cyberespionage-focused APT operating out of China, is targeting telecom providers for persistent access.

• SANS ☛ Leveraging CNNs and Entropy-Based Feature Selection to Identify Potential Malware Artifacts of Interest, (Wed, Mar 26th)

• Windows TCO / Windows Bot Nets

  • Security Week ☛ VMware Patches Authentication Bypass Flaw in backdoored Windows Tools Suite

    The authentication bypass vulnerability, tagged as CVE-2025-22230, carries a CVSS severity score of 7.8/10.

  • Mozilla ☛ Hacks.Mozilla.Org: Improving Firefox Stability in the Enterprise by Reducing DLL Injection [Ed: If people use Windows, that's a problem for stability already]

    Beginning in version 138, Firefox will offer an alternative to DLL injection for Data Loss Prevention (DLP) deployments in enterprise environments.