Microsoft warns of bluescreen crashes caused by April updates

Microsoft warns of bluescreen crashes caused by April updates

Category: <h2 class="cBlue inline m-r-10">Arti<span class="cOrange">cles</span></h2>

Microsoft warns of bluescreen crashes caused by April updates

Information: Microsoft Windows is a group of graphical operating system (GUI) products developed and distributed by Microsoft. It serves as the main software that manages computer hardware and other software resources, enabling users to interact with and operate their computers. Windows offers a graphical user interface consisting of windows, icons, menus, and a pointer (mouse), making computer usage easier to learn. Windows has various editions and versions designed for different user groups, such as general users, organizations, businesses (small and large), and servers. Windows 11 (released in 2021) is the latest version of Windows, featuring significant performance improvements

Incident: Microsoft confirms that what was found in the latest Windows reports in March 2025, regarding a flaw in the latest Windows 11 24H2 update causing the Blue Screen of Death (BSOD) with the error code "SECURE_KERNEL_ERROR," is indeed happening. This affects the three most recent builds: KB5055523, KB5053656, and KB5053598. While Microsoft initially did not acknowledge the complaints, as the issue seemed to vary, an increasing number of users are now reporting blue screens after the Windows update on April 11, 2025. Microsoft is currently addressing the problem using Known Issue Rollback (KIR). If you are running Windows 11 24H2 on a personal or unmanaged device, the rollback should take effect automatically via Windows Update, although it may take up to 24 hours to initiate. Rebooting can help your system receive the fix faster, according to Microsoft.

Recommendation: Until a fix is rolled out through Windows Update, Microsoft resolved this issue via Known Issue Rollback (KIR), a feature that reverses buggy non-security updates delivered via Windows Update.

 

The important things is Security systems. We must concern and monitor as usual.
For more information please contact
Email :sales@inetms.co.th
065 149 2822 (Ms.Suphatson )
063 204 4534 (Ms.Atsamaphorn)
065 929 6330 (Ms.Kansinee)
0613879439 (Ms.Sirilak)
0922576902 (Ms.Narusorn)

 

References

-https://www.windowslatest.com/2025/04/16/windows-11-24h2-crashes-with-bsods-after-april-8-update-microsoft-rushes-out-fix/#:~:text=Microsoft%20finally%20confirmed%20what%20Windows%20Latest%20reported%20in,the%20last%20three%20releases%3A%20KB5055523%2C%20KB5053656%2C%20and%20KB5053598

-https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-blue-screen-crashes-caused-by-april-updates/

-Microsoft Has a Fix for Windows’ Latest Blue Screen Problem | Lifehacker

Weekly Interesting CVE

NO.

CVE Name

Published Date

Last Update

Device/Appplication/OS Target

Attack Type

CVSS
Severity Rating

Detail

Solution

Reference
1

CVE-2024-50053

7/11/2024

3/4/2025

Zohocorp

Cross-Site Scripting (XSS)

6.3

A stored cross-site scripting (XSS) vulnerability allowed authenticated technicians to upload a malicious HTML file during task creation. The payload would be executed when other technicians or administrators (or SDAdmins) interact with the file.

We resolved this issue by encoding data during client-side rendering to prevent the script from being executed.

https://www.manageengine.com/products/service-desk/CVE-2024-50053.html
2

CVE-2024-2469

20/3/2024

10/4/2025

GitHub

remote code execution

8

An attacker with an Administrator role in GitHub Enterprise Server could gain SSH root access via remote code execution. This vulnerability affected GitHub Enterprise Server version 3.8.0

above and was fixed in version 3.8.17, 3.9.12, 3.10.9, 3.11.7 and 3.12.1.

 
3

CVE-2024-51461

28/10/2024

11/4/2025

IBM Wincollect

Denial of Service - DoS

4.3

IBM QRadar WinCollect Agent 10.0 through 10.1.13 could allow a remote attacker to cause a denial of service by interrupting an HTTP request that could consume memory resources.

upgrade your WinCollect version, see the WinCollect 10.1.14

https://www.ibm.com/support/pages/security-bulletin-ibm-qradar-wincollect-agent-vulnerable-denial-service-cve-2024-51461


 
 4

CVE-2024-32340

17/4/2024

11/4/2025

Wondercms

cross-site scripting (XSS)

9.6

A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the WEBSITE TITLE parameter under the Menu module.

Update version

https://app.opencve.io/cve/CVE-2024-32340 
5

CVE-2022-48194

30/12/2022

10/4/2025

TP-Link

Denial of Service (DoS)

8.8

TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) by uploading a crafted firmware update because the signature check is inadequate.

Update version

https://nvd.nist.gov/vuln/detail/CVE-2022-48194

No

Campaign Name

Detection Date

Attack

Type

  

Description

  

Mitigation/Remediation
1

China-linked APT Mustang Panda upgrades tools in its arsenal​

17/04/2025​

Phishing, Malware 

A China state-sponsored hacking group known as Mustang Panda (also referred to as Camaro Dragon, RedDelta, and Bronze President) has upgraded and expanded its attack toolkit in 2025, targeting organizations across Europe, Asia, and Australia, according to Security Affairs. New Tools in UseMQsTTang: A newly developed backdoor that uses the MQTT protocol for communication with command-and-control (C2) servers, making it more evasive and difficult to detect. (Source: Security Affairs)ToneShell (New Version): An improved backdoor with modifications in the FakeTLS protocol and how the client identifier is generated. (Source: The Hacker News)StarProxy: A tool designed for lateral movement within internal networks, allowing attackers to expand their reach inside the victim’s environment. (Source: SC Media)PAKLOG and CorKLOG: Two new keyloggers that use encryption and data-hiding techniques to steal keystrokes and clipboard data. (Source: Zscaler)SplatCloak: A driver designed to evade detection by endpoint protection systems (EDR) by disabling alerts related to Windows Defender and Kaspersky. (Source: Zscaler)Attack TargetsMustang Panda is targeting government entities, policy and research groups, and NGOs in several countries, including Taiwan, Myanmar, Mongolia, and Hong Kong. The group often uses malicious documents disguised as legitimate international reports—such as EU publications on the Ukraine war—to trick victims into opening infected files.​
  • Update systems and software: Regularly check for and install the latest security patches.​
  • Restrict internal network access: Minimize lateral movement by limiting access between systems.​
  • Back up critical data regularly: Store backups separately from the main system to ensure recovery.​
  • Train employees: Educate staff on recognizing phishing emails and avoiding unknown attachments.​

Ref: https://securityaffairs.com/176662/apt/china-linked-apt-mustang-panda-upgrades-tools-in-its-arsenal.html

29 April 2025

Viewed 90 time

Engine by shopup.com