security meets culture
Gmail is Removing 'Check Mail from Other Accounts'
What Happens if I Don't Update to Windows 11?
Google Vows to Stop Scam E-Z Pass and USPS Texts Plaguing Americans
By Ashley Belanger for Ars Technica
"Phishing for dummies" kits make it easier to scam millions, Google alleged.
"Phishing for dummies" kits make it easier to scam millions, Google alleged.
Credit: RomanBabakin | iStock Editorial / Getty Images Plus
Google is suing to stop phishing attacks that target millions globally, including campaigns that fake toll notices, offer bogus e-commerce deals, and impersonate financial institutions.
In a complaint filed Wednesday, the tech giant accused "a cybercriminal group in China" of selling "phishing for dummies" kits. The kits help unsavvy fraudsters easily "execute a large-scale phishing campaign," tricking hordes of unsuspecting people into "disclosing sensitive information like passwords, credit card numbers, or banking information, often by impersonating well-known brands, government agencies, or even people the victim knows."
These branded "Lighthouse" kits offer 2 versions of software, depending on whether bad actors want to launch SMS and e-commerce scams. "Members may subscribe to weekly, monthly, seasonal, annual, or permanent licenses," Google alleged. Kits include "hundreds of templates for fake websites, domain set-up tools for those fake websites, and other features designed to dupe victims into believing they are entering sensitive information on a legitimate website."
Google's filing said the scams often begin with a text claiming that a toll fee is overdue or a small fee must be paid to redeliver a package. Other times they appear as ads-- sometimes even Google ads, until Google detected and suspended accounts-- luring victims by mimicking popular brands. Anyone who clicks will be redirected to a website to input sensitive information; the sites often claim to accept payments from trusted wallets like Google Pay.
From there, a vast criminal network operating through YouTube and Telegram channels works to gather the information, with each scammer playing a specific role in a wide-reaching scheme that Google noted has tricked more than a million people in 121 countries so far. Draining wallets and sometimes even bank accounts, the Lighthouse schemes have resulted in losses of "over a billion dollars," a Google press release said, citing a Department of Homeland Security estimate.
Google is seeking an injunction to end the scams, noting that Google customers are among "millions of innocent victims," as is Google, which dedicates "substantial" resources to detecting phishing. The tech company is also upset that Lighthouse website templates abuse the Google trademark to dupe users into thinking that it's safe to enter credentials, noting that "at least 116 templates feature a Google logo-- YouTube, Gmail, Google, or Google Play-- on the sign-in screen."
"The Lighthouse Enterprise preys on the public trust in Google," the tech company alleged. Google hopes to recover damages if a court agrees that the criminal activity harmed the company's reputation and earnings.
Scams 'disproportionately' target Americans
"The scale of Lighthouse phishing attacks is staggering," Google's complaint said, alleging that the Lighthouse enterprise's scheme "disproportionately targets US victims" by relying on trusted institutions like USPS or known brands like E-Z Pass.
"Millions of Americans" have been targeted, while the total damage remains unknown, Google alleged. From July 2023 to October 2024, "between 12.7 million and 115 million credit cards may have been compromised in the United States alone," the filing said.
According to Google, once scammers obtain a victim's credit card information, they often load stolen cards into Google Wallet. They then take advantage of "tap-to-pay" functionality by either buying gift cards in bulk in person or acquiring tap-to-pay machines and making payments "directly to themselves." Scammers can also profit from pump-and-dump schemes, "pre-purchasing shares of a particular stock, and then using compromised brokerage accounts to purchase large volumes of the stock, inflating the price before they liquidate their original holdings," Google alleged.
Blocking scammers is a challenge, Google said, alleging that Lighthouse can quickly "notify users when a phishing domain has been flagged as suspicious" by a browser like Chrome. Scammers use Google's own transparency reporting against the company, the complaint said, "automatically" querying "transparencyreport.google.com every 15 minutes to determine whether Google has flagged a phishing domain as malicious." This gives scammers time to switch domains and "avoid detection," Google alleged.
Even robust security measures don't stop the scams, Google claimed, as Lighthouse is designed to dupe users into providing multi-factor authentication (MFA) codes.
"Both versions of the Lighthouse software also allow threat actors to create fictitious" MFA pages, Google alleged, "further deceiving targets into believing they are interacting with legitimate entities."
By relying on fake MFA pages, scammers can trick users into sharing security codes by monitoring the text fields on scam websites and adding the credit card info the victim just input to a Google Wallet at the moment that the victim expects "the code is being received in response to the victim's purchase authorization," Google said.
Cracking down on the broad enterprise will be tough, Google anticipates, with its complaint only referencing online aliases and naming a range of John Doe plaintiffs. But identities of all actors in the enterprise-- including software developers, data brokers, spammers, thieves, and administrators—must be uncovered to stop the criminal gang from continuing to provide so-called phishing-as-a-service.
'Who is fishing? Looking for a partner'
The Lighthouse enterprise today mainly coordinates attacks on several Telegram channels, Google alleged, since the tech giant suspended a YouTube channel associated with the criminal activity.
On Telegram, members of the criminal network can "purchase the software, learn how to create various phishing attacks, and, upon purchase, meet the other members of the Enterprise," Google claimed.
One Telegram channel has over 2,500 members, Google's filing said. On that channel, members can connect with others who have certain specialties, with users making requests like "Who can send a few US live baits?" or "Who is fishing? Looking for a partner." Others seek help selling stolen credentials, like one user who posted, "selling pure handmade wealthy accounts with Zel[le] activation, telegraphic transfer accounts, Apple CASH ID, those who understand, come."
Google monitors Telegram and has spent "hundreds of hours investigating and remediating" Lighthouse scams, the complaint said, and the tech giant now expects that a lawsuit could finally stop the well-known schemes from spreading. Otherwise, Google and countless others will continue suffering "irreparable harm," the complaint said.
Damages are not specified in the complaint, which accused the Lighthouse enterprise of committing wire fraud and violating the Racketeer Influenced and Corrupt Organizations Act, the Lanham Act, and the Computer Fraud and Abuse Act, among other allegations.
If Google wins, the phishing scams may finally slow, ending the days of Americans squinting at their phones to figure out if they ordered a package or forgot to pay a toll.
"Google's historic lawsuit marks the first time a company has taken action to curb these scams and dismantle this criminal enterprise," Google said, vowing to "disrupt the criminal enterprise behind this scheme and stop its spread."
In a complaint filed Wednesday, the tech giant accused "a cybercriminal group in China" of selling "phishing for dummies" kits. The kits help unsavvy fraudsters easily "execute a large-scale phishing campaign," tricking hordes of unsuspecting people into "disclosing sensitive information like passwords, credit card numbers, or banking information, often by impersonating well-known brands, government agencies, or even people the victim knows."
These branded "Lighthouse" kits offer 2 versions of software, depending on whether bad actors want to launch SMS and e-commerce scams. "Members may subscribe to weekly, monthly, seasonal, annual, or permanent licenses," Google alleged. Kits include "hundreds of templates for fake websites, domain set-up tools for those fake websites, and other features designed to dupe victims into believing they are entering sensitive information on a legitimate website."
Google's filing said the scams often begin with a text claiming that a toll fee is overdue or a small fee must be paid to redeliver a package. Other times they appear as ads-- sometimes even Google ads, until Google detected and suspended accounts-- luring victims by mimicking popular brands. Anyone who clicks will be redirected to a website to input sensitive information; the sites often claim to accept payments from trusted wallets like Google Pay.
From there, a vast criminal network operating through YouTube and Telegram channels works to gather the information, with each scammer playing a specific role in a wide-reaching scheme that Google noted has tricked more than a million people in 121 countries so far. Draining wallets and sometimes even bank accounts, the Lighthouse schemes have resulted in losses of "over a billion dollars," a Google press release said, citing a Department of Homeland Security estimate.
Google is seeking an injunction to end the scams, noting that Google customers are among "millions of innocent victims," as is Google, which dedicates "substantial" resources to detecting phishing. The tech company is also upset that Lighthouse website templates abuse the Google trademark to dupe users into thinking that it's safe to enter credentials, noting that "at least 116 templates feature a Google logo-- YouTube, Gmail, Google, or Google Play-- on the sign-in screen."
"The Lighthouse Enterprise preys on the public trust in Google," the tech company alleged. Google hopes to recover damages if a court agrees that the criminal activity harmed the company's reputation and earnings.
Scams 'disproportionately' target Americans
"The scale of Lighthouse phishing attacks is staggering," Google's complaint said, alleging that the Lighthouse enterprise's scheme "disproportionately targets US victims" by relying on trusted institutions like USPS or known brands like E-Z Pass.
"Millions of Americans" have been targeted, while the total damage remains unknown, Google alleged. From July 2023 to October 2024, "between 12.7 million and 115 million credit cards may have been compromised in the United States alone," the filing said.
According to Google, once scammers obtain a victim's credit card information, they often load stolen cards into Google Wallet. They then take advantage of "tap-to-pay" functionality by either buying gift cards in bulk in person or acquiring tap-to-pay machines and making payments "directly to themselves." Scammers can also profit from pump-and-dump schemes, "pre-purchasing shares of a particular stock, and then using compromised brokerage accounts to purchase large volumes of the stock, inflating the price before they liquidate their original holdings," Google alleged.
Blocking scammers is a challenge, Google said, alleging that Lighthouse can quickly "notify users when a phishing domain has been flagged as suspicious" by a browser like Chrome. Scammers use Google's own transparency reporting against the company, the complaint said, "automatically" querying "transparencyreport.google.com every 15 minutes to determine whether Google has flagged a phishing domain as malicious." This gives scammers time to switch domains and "avoid detection," Google alleged.
Even robust security measures don't stop the scams, Google claimed, as Lighthouse is designed to dupe users into providing multi-factor authentication (MFA) codes.
"Both versions of the Lighthouse software also allow threat actors to create fictitious" MFA pages, Google alleged, "further deceiving targets into believing they are interacting with legitimate entities."
By relying on fake MFA pages, scammers can trick users into sharing security codes by monitoring the text fields on scam websites and adding the credit card info the victim just input to a Google Wallet at the moment that the victim expects "the code is being received in response to the victim's purchase authorization," Google said.
Cracking down on the broad enterprise will be tough, Google anticipates, with its complaint only referencing online aliases and naming a range of John Doe plaintiffs. But identities of all actors in the enterprise-- including software developers, data brokers, spammers, thieves, and administrators—must be uncovered to stop the criminal gang from continuing to provide so-called phishing-as-a-service.
'Who is fishing? Looking for a partner'
The Lighthouse enterprise today mainly coordinates attacks on several Telegram channels, Google alleged, since the tech giant suspended a YouTube channel associated with the criminal activity.
On Telegram, members of the criminal network can "purchase the software, learn how to create various phishing attacks, and, upon purchase, meet the other members of the Enterprise," Google claimed.
One Telegram channel has over 2,500 members, Google's filing said. On that channel, members can connect with others who have certain specialties, with users making requests like "Who can send a few US live baits?" or "Who is fishing? Looking for a partner." Others seek help selling stolen credentials, like one user who posted, "selling pure handmade wealthy accounts with Zel[le] activation, telegraphic transfer accounts, Apple CASH ID, those who understand, come."
Google monitors Telegram and has spent "hundreds of hours investigating and remediating" Lighthouse scams, the complaint said, and the tech giant now expects that a lawsuit could finally stop the well-known schemes from spreading. Otherwise, Google and countless others will continue suffering "irreparable harm," the complaint said.
Damages are not specified in the complaint, which accused the Lighthouse enterprise of committing wire fraud and violating the Racketeer Influenced and Corrupt Organizations Act, the Lanham Act, and the Computer Fraud and Abuse Act, among other allegations.
If Google wins, the phishing scams may finally slow, ending the days of Americans squinting at their phones to figure out if they ordered a package or forgot to pay a toll.
"Google's historic lawsuit marks the first time a company has taken action to curb these scams and dismantle this criminal enterprise," Google said, vowing to "disrupt the criminal enterprise behind this scheme and stop its spread."
Microsoft Fixes Bug Causing False Windows 10 End-of-Support Alerts
By Sergiu Gatlan for bleepingcomputer
bleepingcomputer
Microsoft has resolved a bug causing incorrect Windows 10 end-of-support warnings on systems with active security coverage or still under active support after installing the October 2025 updates.
The known issue was confirmed last week, following widespread user reports of messages warning in the Windows Update Settings page that "Your version of Windows has reached the end of support" since last month's Patch Tuesday.
However, this is a cosmetic issue because all affected devices, including those with an active ESU license, continue to receive security updates.
The bug impacts devices running Windows 10 22H2-- Pro, Education, or Enterprise editions-- enrolled in the Extended Security Updates program-- with activated ESU product keys-- and Windows 10 Enterprise LTSC 2021 and Windows 10 IoT Enterprise LTSC 2021-- which are still under support until January 2032 and January 2029.
Although Microsoft deployed a cloud configuration update to automatically correct the erroneous message, it noted that some affected PCs might not receive it if they are not connected to the internet, have disabled OneSettings downloads through Group Policy, have restrictive firewall settings, or are otherwise blocked from receiving dynamic updates.
The known issue was confirmed last week, following widespread user reports of messages warning in the Windows Update Settings page that "Your version of Windows has reached the end of support" since last month's Patch Tuesday.
However, this is a cosmetic issue because all affected devices, including those with an active ESU license, continue to receive security updates.
The bug impacts devices running Windows 10 22H2-- Pro, Education, or Enterprise editions-- enrolled in the Extended Security Updates program-- with activated ESU product keys-- and Windows 10 Enterprise LTSC 2021 and Windows 10 IoT Enterprise LTSC 2021-- which are still under support until January 2032 and January 2029.
Although Microsoft deployed a cloud configuration update to automatically correct the erroneous message, it noted that some affected PCs might not receive it if they are not connected to the internet, have disabled OneSettings downloads through Group Policy, have restrictive firewall settings, or are otherwise blocked from receiving dynamic updates.
Windows 10 end-of-support alert (dual_cast)
On Tuesday, Redmond released the first Windows 10 extended security update-- KB5068781-- to address the bug for all customers enrolled in the Extended Security Updates (ESU) program.
"This issue was resolved by Windows updates released on November 11, 2025-- KB5068781-- and updates released after that date," Microsoft said. "We recommend you install the latest update for your device as it contains important improvements and issue resolutions, including this one."
IT admins who can't immediately deploy the KB5068781 cumulative update can also remove the incorrect "end of support" messages on enterprise-managed devices by installing this Known Issue Rollback (KIR) group policy.
Windows 10 reached the end of support on October 14, 2025, and will no longer receive patches for newly discovered bugs and security vulnerabilities.
This Tuesday, before releasing the first Windows 10 extended security update since the OS reached its end of support, Microsoft also issued an emergency out-of-band update to address a bug that prevented some systems from enrolling in the ESU program.
On Tuesday, Redmond released the first Windows 10 extended security update-- KB5068781-- to address the bug for all customers enrolled in the Extended Security Updates (ESU) program.
"This issue was resolved by Windows updates released on November 11, 2025-- KB5068781-- and updates released after that date," Microsoft said. "We recommend you install the latest update for your device as it contains important improvements and issue resolutions, including this one."
IT admins who can't immediately deploy the KB5068781 cumulative update can also remove the incorrect "end of support" messages on enterprise-managed devices by installing this Known Issue Rollback (KIR) group policy.
Windows 10 reached the end of support on October 14, 2025, and will no longer receive patches for newly discovered bugs and security vulnerabilities.
This Tuesday, before releasing the first Windows 10 extended security update since the OS reached its end of support, Microsoft also issued an emergency out-of-band update to address a bug that prevented some systems from enrolling in the ESU program.
Microsoft Fixes Windows Task Manager Bug Affecting Performance
By Sergiu Gatlan for bleepingcomputer
bleepingcomputer
Microsoft has resolved a known issue preventing users from quitting the Windows 11 Task Manager after installing the optional Windows 11 KB5067036 update.
The bug was acknowledged last week after widespread user reports that the Task Manager continued to run in the background even after the app was quit, causing performance issues such as stuttering and CPU hangs.
Although having a few Task Manager processes running in the background usually doesn't cause issues, this issue can easily become serious when many instances run unnoticed, since it "can cause noticeable slowdowns in other applications," according to Microsoft.
"After installing Windows Updates released on or after October 28, 2025-- KB5067036-- you might encounter an issue where closing Task Manager using the Close (X) button does not fully terminate the process," Microsoft noted when it confirmed the bug.
"When you reopen Task Manager, the previous instance continues running in the background even though no window is visible. This results in multiple lingering instances of taskmgr.exe, consuming system resources and potentially degrading device performance."
The bug was acknowledged last week after widespread user reports that the Task Manager continued to run in the background even after the app was quit, causing performance issues such as stuttering and CPU hangs.
Although having a few Task Manager processes running in the background usually doesn't cause issues, this issue can easily become serious when many instances run unnoticed, since it "can cause noticeable slowdowns in other applications," according to Microsoft.
"After installing Windows Updates released on or after October 28, 2025-- KB5067036-- you might encounter an issue where closing Task Manager using the Close (X) button does not fully terminate the process," Microsoft noted when it confirmed the bug.
"When you reopen Task Manager, the previous instance continues running in the background even though no window is visible. This results in multiple lingering instances of taskmgr.exe, consuming system resources and potentially degrading device performance."
Background Task Manager processes (BleepingComputer)
Microsoft has now resolved the bug in the KB5068861 November Windows security update and advises customers to install it, as it also comes with fixes for other issues.
Users who have installed last month's KB5067036 preview update but can't immediately deploy this month's cumulative updates can also temporarily work around this known issue by manually quitting the background processes.
Those familiar with the Command Prompt can also quit all of them simultaneously by following these steps:
In October, Microsoft resolved 0x800F081F update errors affecting Windows 11 24H2 systems since January and fixed the Windows 11 Media Creation Tool (MCT).
Last week, Microsoft also acknowledged that an emergency security update, which patches an actively exploited Windows Server Update Service (WSUS) vulnerability, has broken hotpatching on some Windows Server 2025 systems.</p>
More recently, it confirmed a known issue that causes some Windows 11 and Windows 10 systems to boot into BitLocker recovery after installing the October 2025 Windows security updates.
Microsoft has now resolved the bug in the KB5068861 November Windows security update and advises customers to install it, as it also comes with fixes for other issues.
Users who have installed last month's KB5067036 preview update but can't immediately deploy this month's cumulative updates can also temporarily work around this known issue by manually quitting the background processes.
Those familiar with the Command Prompt can also quit all of them simultaneously by following these steps:
- Select Start or press the Windows key.
- Type cmd or Command Prompt in the search box.
- Select Command Prompt from the results.
- To run as administrator: Right-click Command Prompt and select Run as administrator.
- In the Command Prompt window, type the following command and press Enter: taskkill.exe /im taskmgr.exe /f
In October, Microsoft resolved 0x800F081F update errors affecting Windows 11 24H2 systems since January and fixed the Windows 11 Media Creation Tool (MCT).
Last week, Microsoft also acknowledged that an emergency security update, which patches an actively exploited Windows Server Update Service (WSUS) vulnerability, has broken hotpatching on some Windows Server 2025 systems.</p>
More recently, it confirmed a known issue that causes some Windows 11 and Windows 10 systems to boot into BitLocker recovery after installing the October 2025 Windows security updates.
Microsoft November 2025 Patch Tuesday Fixes 1 Zero-Day, 63 Flaws
By Lawrence Abrams for bleepingcomputer
bleepingcomputer
Today is Microsoft's November 2025 Patch Tuesday, which includes security updates for 63 flaws, including 1 actively exploited zero-day vulnerability.
This Patch Tuesday also addresses 4 "Critical" vulnerabilities, 2 of which are remote code execution vulnerabilities, 1 is an elevation of privileges, and the fourth is an information disclosure flaw.
The number of bugs in each vulnerability category is listed below:
When BleepingComputer reports on the Patch Tuesday security updates, we only count those released today by Microsoft. Therefore, the number of flaws does not include Microsoft Edge and Mariner vulnerabilities fixed earlier this month.
Today is also the first extended security update (ESU) for Windows 10, so if you are still utilizing the unsupported operating system, it is strongly advised that you upgrade to Windows 11 or enroll in the ESU program.
For those who are having issues enrolling in the program, Microsoft released an out-of-band update today to fix an bug that prevents enrollments.
To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5066835 and KB5066793 updates.
If you're facing delays, blind spots, or prioritization issues with Patch Tuesday updates, join our December 2 webinar with Action1 to learn how modern patch management helps you patch faster and reduce risk.
1 actively exploited zero-day
This month's Patch Tuesday fixes one actively exploited zero-day flaw in the Windows Kernel.
Microsoft classifies a zero-day flaw as publicly disclosed or actively exploited while no official fix is available.
The exploited zero-days is:
CVE-2025-62215 - Windows Kernel Elevation of Privilege Vulnerability
Microsoft has patched a Windows Kernel flaw that was exploited to gain SYSTEM privilges on Windows devices.
"Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally," explains Microsoft.
Microsoft says that the flaw requires an attackers to win a race condition, upon which they receive SYSTEM privileges.
Microsoft has attributed the flaw to Microsoft Threat Intelligence Center (MSTIC) & Microsoft Security Response Center (MSRC) but has not shared how the flaw was exploited.
Recent updates from other companies
Other vendors who released updates or advisories in November 2025 include:
The November 2025 Patch Tuesday Security Updates
Below is the complete list of resolved vulnerabilities in the November 2025 Patch Tuesday updates.
To access the full description of each vulnerability and the systems it affects, you can view the full report here.
This Patch Tuesday also addresses 4 "Critical" vulnerabilities, 2 of which are remote code execution vulnerabilities, 1 is an elevation of privileges, and the fourth is an information disclosure flaw.
The number of bugs in each vulnerability category is listed below:
- 29 Elevation of Privilege Vulnerabilities
- 2 Security Feature Bypass Vulnerabilities
- 16 Remote Code Execution Vulnerabilities
- 11 Information Disclosure Vulnerabilities
- 3 Denial of Service Vulnerabilities
- 2 Spoofing Vulnerabilities
When BleepingComputer reports on the Patch Tuesday security updates, we only count those released today by Microsoft. Therefore, the number of flaws does not include Microsoft Edge and Mariner vulnerabilities fixed earlier this month.
Today is also the first extended security update (ESU) for Windows 10, so if you are still utilizing the unsupported operating system, it is strongly advised that you upgrade to Windows 11 or enroll in the ESU program.
For those who are having issues enrolling in the program, Microsoft released an out-of-band update today to fix an bug that prevents enrollments.
To learn more about the non-security updates released today, you can review our dedicated articles on the Windows 11 KB5066835 and KB5066793 updates.
If you're facing delays, blind spots, or prioritization issues with Patch Tuesday updates, join our December 2 webinar with Action1 to learn how modern patch management helps you patch faster and reduce risk.
1 actively exploited zero-day
This month's Patch Tuesday fixes one actively exploited zero-day flaw in the Windows Kernel.
Microsoft classifies a zero-day flaw as publicly disclosed or actively exploited while no official fix is available.
The exploited zero-days is:
CVE-2025-62215 - Windows Kernel Elevation of Privilege Vulnerability
Microsoft has patched a Windows Kernel flaw that was exploited to gain SYSTEM privilges on Windows devices.
"Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally," explains Microsoft.
Microsoft says that the flaw requires an attackers to win a race condition, upon which they receive SYSTEM privileges.
Microsoft has attributed the flaw to Microsoft Threat Intelligence Center (MSTIC) & Microsoft Security Response Center (MSRC) but has not shared how the flaw was exploited.
Recent updates from other companies
Other vendors who released updates or advisories in November 2025 include:
- Adobe released security updates for InDesign, InCopy, PhotoShop, Illustrator, Substance 3D, Pass, and Adobe Format.
- Cisco released patches for multiple products, including Cisco ASA, Unified Contact Center, and Identity services. Cisco also warned this month that a new attack was discovered exploiting older flaws.
- expr-eval developers released patches<to fix a critical RCE in the JavaScript library.
- Fortinet released a security update for a medium-severity elevation of privileges flaw in FortiOS.
- Google has released the Android's November security bulletin with fixes for 2 vulnerabilities.
- Ivanti released security patches as part of its November 2025 Patch Tuesday updates.
- runC security updates fix flaws allowing attackers to escape Docker and Kubernetes containers.
- QNAP released security updates for 7 zero-day vulnerabilities exploited to hack network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 hacking contest.
- SAP released the November security updates for multiple products, including a fix for a 10/10 harcoded credentials flaw in SQL Anywhere Monitor.
- Samsung released its November security updates with fixes for 25 flaws.
The November 2025 Patch Tuesday Security Updates
Below is the complete list of resolved vulnerabilities in the November 2025 Patch Tuesday updates.
To access the full description of each vulnerability and the systems it affects, you can view the full report here.
Microsoft: Windows 11 23H2 Home and Pro Reach End of Support
By Sergiu Gatlan for bleepingcomputer
bleepingcomputer
Microsoft has reminded customers today that systems running Home and Pro editions of Windows 11 23H2 have stopped receiving security updates.
Today's announcement follows 3 previous alerts, when Microsoft asked users to upgrade their devices to the latest available Windows 11 release: the first in August, the second in September, and the last in October.
However, as the company explains on its Windows release health dashboard, Enterprise, Education, and IoT Enterprise editions of Windows 11 23H2 are still under mainstream support for another year, until November 2026.
"Today, November 11, 2025, Windows 11, version 23H2-- Home and Pro editions-- has reached end of servicing. The November 2025 monthly security update is the last update available for these editions," Microsoft said in a Tuesday message center update.
"Devices running these editions will no longer receive monthly security and preview updates containing protections from the latest security threats."
Users are now advised to upgrade to Windows 11 25H2-- also known as the Windows 11 2025 Update-- which became generally available in September 2025 as an enablement package (eKB) and will reach end of support for consumers in October 2027.
Windows 11 25H2 is now available to all eligible Windows 11 devices for customers who have enabled the Get the latest updates as soon as they're available setting.
On an eligible Windows 10 or Windows 11 device, you can check if the update is available by clicking Check for updates in the Settings > Windows Update section. If the device is ready to update, you'll see the option to Download and install Windows 11, version 25H2.
Devices running Windows 11 Home and Pro editions not managed by an IT department will receive the Windows 11 25H2 update automatically; however, they'll still be able to postpone the update or choose the time to restart.
You can find more information about Windows 11 servicing dates on the Windows Lifecycle FAQ page or using the Lifecycle Policy search tool. Microsoft also provides a list of products that will be retired or reach the end of support this year.
Today's announcement follows 3 previous alerts, when Microsoft asked users to upgrade their devices to the latest available Windows 11 release: the first in August, the second in September, and the last in October.
However, as the company explains on its Windows release health dashboard, Enterprise, Education, and IoT Enterprise editions of Windows 11 23H2 are still under mainstream support for another year, until November 2026.
"Today, November 11, 2025, Windows 11, version 23H2-- Home and Pro editions-- has reached end of servicing. The November 2025 monthly security update is the last update available for these editions," Microsoft said in a Tuesday message center update.
"Devices running these editions will no longer receive monthly security and preview updates containing protections from the latest security threats."
Users are now advised to upgrade to Windows 11 25H2-- also known as the Windows 11 2025 Update-- which became generally available in September 2025 as an enablement package (eKB) and will reach end of support for consumers in October 2027.
Windows 11 25H2 is now available to all eligible Windows 11 devices for customers who have enabled the Get the latest updates as soon as they're available setting.
On an eligible Windows 10 or Windows 11 device, you can check if the update is available by clicking Check for updates in the Settings > Windows Update section. If the device is ready to update, you'll see the option to Download and install Windows 11, version 25H2.
Devices running Windows 11 Home and Pro editions not managed by an IT department will receive the Windows 11 25H2 update automatically; however, they'll still be able to postpone the update or choose the time to restart.
You can find more information about Windows 11 servicing dates on the Windows Lifecycle FAQ page or using the Lifecycle Policy search tool. Microsoft also provides a list of products that will be retired or reach the end of support this year.
What are Those Numbers Labeled MD5, SHA, Etc.,
Listed with Downloads?
What is a TF Card and How Does it Differ from a microSD Card?
By Gavin Phillips for Make Use Of
Credit: Gavin Phillips / MakeUseOf
Here is a fact-based summary of the story contents:
I have been lucky enough not to need to buy a new memory card for quite some time. I bought a 128GB Samsung microSD card a few years ago, and it's lasted me and my now aging Nikon D5600 well.
Until I did the unthinkable, and a momentary spasm saw me drop the microSD card straight down a crack in my floorboards. Thankfully, I'd recently backed up the contents of the card, so I'm not having to set about lifting the floorboards to find it again, but it does mean I need a new microSD card.
Now, microSD cards are relatively simple to buy, and you can find them on almost any online shopping site. But while doing so, I also encountered another term: TF card.
At first glance, microSD and TF cards look and sound the same - so what's the actual difference between the two?
Find the difference between a microSD and a TF card - Spoiler: they're the same
I have been lucky enough not to need to buy a new memory card for quite some time. I bought a 128GB Samsung microSD card a few years ago, and it's lasted me and my now aging Nikon D5600 well.
Until I did the unthinkable, and a momentary spasm saw me drop the microSD card straight down a crack in my floorboards. Thankfully, I'd recently backed up the contents of the card, so I'm not having to set about lifting the floorboards to find it again, but it does mean I need a new microSD card.
Now, microSD cards are relatively simple to buy, and you can find them on almost any online shopping site. But while doing so, I also encountered another term: TF card.
At first glance, microSD and TF cards look and sound the same - so what's the actual difference between the two?
Find the difference between a microSD and a TF card - Spoiler: they're the same
Credit: agustin.photo / Shutterstock
So, here's the thing: a microSD card and a TF card are basically exactly the same. You can use both interchangeably. For instance, if you happen to have a TF card lying around, but your smartphone only supports microSD cards, you can use your TF card. It will work seamlessly because it supports the same standard-- no specific TF card slot exists.
In addition, a search for TF cards on consumer tech marketplaces like Amazon will display results for microSD cards. Still, there are common mistakes to avoid when buying a microSD card online.
To standardize these flash memory cards, the SD Association adopted the TF card as a microSD card in 2004. microSD cards are TF cards under a different name, which means you can expand your storage with any of the fastest microSD cards.
microSD cards are great, but have you heard about UFS cards? - Faster speeds, but uses a different interface
UFS cards are a much more recent development in memory card technology. First launched in 2011, Universal Flash Storage (UFS) cards offer higher performance and faster data transfers than SD/microSD cards, making them a great option for those with higher data transfer demands. They're particularly useful for mobile devices and cameras, offering higher read and write rates.
The only real downside to UFS is that it requires a different interface. You can't just buy a UFS card for your microSD device; it won't work. Thankfully, some high-end tech supports UFS. For example, most Samsung devices launched since 2020 have a UFS slot, while some OnePlus smartphone models can accommodate a UFS card. You'll have to check whether a given device supports the faster UFS card standard before making your purchase.
You need to check before you buy - The stats and specs are a confusing muddle
These days, you'll probably want a microSD card. However, make sure to check the memory card slot before making a purchase. You can't assume that every memory card slot is the same or will support the memory card you want to buy. Furthermore, if you have older tech, it's more likely to take a full-sized SD card. Of course, you may also consider getting a microSD card with an SD adapter to use it with both your smartphone and other gadgets. Because microSD cards and TF cards support the same standard interface, they can work in place of SD cards through an SD card adapter.
But you also need to consider the whole range of specs when it comes to microSD cards.
However, there is still more to it. Not all of these formats are compatible with one another, further muddying the waters.
In short: newer cards don't work in older devices, but older cards usually work in newer devices.
Finally, you should also check the microSD card speed ratings, because they specifically detail your data transfer rates.
Similar to the other microSD card specs, this system has been updated multiple times over the years. The difference becomes most notable for high-capacity data transfers, such as capturing footage and transferring large files.
Don't fall for the marketing
When it comes to memory cards, don't let the marketing terms confuse you. TF cards and microSD cards are the same, use the same slot, and have the same specs. So if you see any online shopping site suggesting anything different, I'd suggest you close the tab and head somewhere more reputable.
The Downfall of ExpressVPN - what it teaches us about privacy
Command Prompt? Power Shell? Terminal? What's the Difference?
- Which Do I Want?
AT&T Falsely Promised 'Everyone' a Free iPhone, Ad-Industry Board Rules
By Jon Brodkin for Ars Technica
AT&T store in New York City on November 18, 2024. Credit: Getty Images | wdstock
AT&T has been told to stop running ads that falsely promise all customers a free iPhone. The rebuke came from the advertising industry's official watchdog just a week after AT&T sued the organization over a different advertising dispute.
BBB National Programs' National Advertising Review Board (NARB) "has recommended that AT&T Services, Inc. modify its advertising to avoid conveying a false message regarding eligibility for an iPhone device offer," the group, which runs the ad industry's self-regulatory system, said today.
Verizon initiated the case by challenging AT&T's "Learn how everyone gets iPhone 16 Pro on us" claim. BBB National Programs' National Advertising Division (NAD) ruled in favor of Verizon in September 2025. AT&T appealed but lost the challenge in the NARB decision announced today.
"The NARB panel agreed with NAD's conclusion that the challenged advertising, on its face, conveys a false message that everyone 'gets' a free phone and does not clarify the message by disclosing a material limitation to the offer of a free cell phone in a clear and conspicuous manner," the group said.
In reality, the offer was only for AT&T customers on certain plans, excluding customers with low-cost plans. "The panel recommended AT&T modify its advertising to avoid conveying the message that everyone is eligible for AT&T's free cell phone offer, or to clearly and conspicuously disclose that subscribers to value plans are not eligible or otherwise make clear the extent of plan eligibility," the NARB announcement said.
The NAD's September decision said "the term 'everyone' means every person, without exception," and helpfully cited the Merriam-Webster definition of "everyone."
AT&T sued board after it demanded ads be halted
The ruling isn't a very timely one given that AT&T started making the iPhone 16 offer over a year ago, and the iPhone 17 is now available. But it could cause AT&T to use different wording in future ads. In an advertiser's statement published with the ruling, AT&T said it "supports NARB's self-regulatory process and will comply with NARB's decision."
AT&T sued BBB National Programs last week after the group demanded that AT&T stop using its rulings for advertising and promotional purposes. The conflict stems from an ad campaign in which AT&T portrayed itself as a paragon of honesty while calling T-Mobile "the master of breaking promises."
AT&T's lawsuit criticized the NAD for its slow decision process, saying that it allowed T-Mobile to air deceptive advertisements without meaningful consequences. AT&T apparently benefited in a similar manner given that the NARB ruling came over a year after the iPhone 16 release.
Companies that participate in the self-regulatory process agree to rules including a prohibition on using NAD and NARB decisions for "advertising and/or promotional purposes." The NAD said that AT&T violated the rules "by issuing a video advertisement and press release that use the NAD process and its findings for promotional purposes."
The AT&T press release said the NAD "asked T-Mobile to correct their marketing claims 16 times over the last 4 years," and an AT&T commercial featuring Luke Wilson said T-Mobile has faced more challenges for deceptive ads from competitors than all other telecom providers in that time. AT&T's lawsuit defending the ad campaign said the company didn't violate the rule because it didn't cite any specific decisions and asked the court for a declaration that "NAD has no legal basis to enforce its demand for censorship."
AT&T claimed ad was literally true
AT&T and T-Mobile both have a history of misleading advertisements, and the latest NARB decision adds to AT&T's ledger. The ad on AT&T's website stated, "Learn how everyone gets iPhone 16 Pro on us when you trade in your old iPhone in any condition."
"Focusing on the words 'everyone gets,' Verizon argued to NAD that the challenged advertising communicated an explicit message-- that all AT&T subscribers are eligible for the trade-in offer-- which it asserts was literally false because only subscribers to 'qualifying' AT&T plans are eligible. Verizon also argued that the advertisement communicated a comparable misleading message that all AT&T customers were eligible for the trade-in," the NARB decision said.
While AT&T disclosed the offer limits, Verizon argued that the disclosure was not clear and conspicuous. Verizon said-- and the NAD agreed-- that the phrase "everyone gets" suggests everyone will get a free phone, not that everyone "can get" a free phone if they subscribe to AT&T's more expensive plans.
AT&T claimed the ad was literally true because it did not say that everyone "will" get the free phone. "Rather, according to the advertiser, the challenged language communicates that all customers, current or new, can qualify for the offer and urges customers to 'learn' the details about the trade-in opportunity," the NARB said.
AT&T argued that the word "learn" makes it clear there are limits on the offer. The NAD disagreed, saying that the "learn how" phrase "precedes the word 'everyone,' suggesting everyone is eligible to receive a phone, not that everyone can learn how to get a phone."
AT&T also submitted the results of a customer survey, arguing that it proved customers seeing the ad understood the offer's limitations. The NAD decided that the survey was methodologically unsound, while the NARB said that both AT&T and Verizon offered "plausible" interpretations of the results.
Panel: Buyers of low-cost plans likely duped
After hearing AT&T's and Verizon's arguments, the NARB panel decided "that the challenged advertising, on its face, conveys a false message and further does not clarify the message by disclosing a material limitation to the offer of a free cell phone in a clear and conspicuous manner."
The panel also said it is concerned that the consumers most interested in AT&T's cheaper plans, which don't come with the free phone, would be the most susceptible to being motivated by the free offer.
In addition to saying it "will comply with NARB's decision," AT&T said in its statement that "we appreciate NARB's acknowledgment that the consumer survey in this matter plausibly supports the conclusion that the challenged advertising is truthful and not misleading. While we respectfully disagree with NARB's recommendation that the advertising be modified, we will take that recommendation into account in the future."
In another case decision in September, the NAD recommended that AT&T modify or discontinue claims related to an "AT&T Guarantee" that didn't have clear disclosures about the amount of time it takes AT&T to fix network outages and how long an outage must last before the guarantee takes effect. AT&T said it would comply with the ruling.
In August 2024, AT&T was rebuked for an ad that falsely claimed the carrier was already offering cellular coverage from space. It has also gotten in trouble for advertising 4G LTE service as "5GE" and making misleading promises of unlimited data.
BBB National Programs' National Advertising Review Board (NARB) "has recommended that AT&T Services, Inc. modify its advertising to avoid conveying a false message regarding eligibility for an iPhone device offer," the group, which runs the ad industry's self-regulatory system, said today.
Verizon initiated the case by challenging AT&T's "Learn how everyone gets iPhone 16 Pro on us" claim. BBB National Programs' National Advertising Division (NAD) ruled in favor of Verizon in September 2025. AT&T appealed but lost the challenge in the NARB decision announced today.
"The NARB panel agreed with NAD's conclusion that the challenged advertising, on its face, conveys a false message that everyone 'gets' a free phone and does not clarify the message by disclosing a material limitation to the offer of a free cell phone in a clear and conspicuous manner," the group said.
In reality, the offer was only for AT&T customers on certain plans, excluding customers with low-cost plans. "The panel recommended AT&T modify its advertising to avoid conveying the message that everyone is eligible for AT&T's free cell phone offer, or to clearly and conspicuously disclose that subscribers to value plans are not eligible or otherwise make clear the extent of plan eligibility," the NARB announcement said.
The NAD's September decision said "the term 'everyone' means every person, without exception," and helpfully cited the Merriam-Webster definition of "everyone."
AT&T sued board after it demanded ads be halted
The ruling isn't a very timely one given that AT&T started making the iPhone 16 offer over a year ago, and the iPhone 17 is now available. But it could cause AT&T to use different wording in future ads. In an advertiser's statement published with the ruling, AT&T said it "supports NARB's self-regulatory process and will comply with NARB's decision."
AT&T sued BBB National Programs last week after the group demanded that AT&T stop using its rulings for advertising and promotional purposes. The conflict stems from an ad campaign in which AT&T portrayed itself as a paragon of honesty while calling T-Mobile "the master of breaking promises."
AT&T's lawsuit criticized the NAD for its slow decision process, saying that it allowed T-Mobile to air deceptive advertisements without meaningful consequences. AT&T apparently benefited in a similar manner given that the NARB ruling came over a year after the iPhone 16 release.
Companies that participate in the self-regulatory process agree to rules including a prohibition on using NAD and NARB decisions for "advertising and/or promotional purposes." The NAD said that AT&T violated the rules "by issuing a video advertisement and press release that use the NAD process and its findings for promotional purposes."
The AT&T press release said the NAD "asked T-Mobile to correct their marketing claims 16 times over the last 4 years," and an AT&T commercial featuring Luke Wilson said T-Mobile has faced more challenges for deceptive ads from competitors than all other telecom providers in that time. AT&T's lawsuit defending the ad campaign said the company didn't violate the rule because it didn't cite any specific decisions and asked the court for a declaration that "NAD has no legal basis to enforce its demand for censorship."
AT&T claimed ad was literally true
AT&T and T-Mobile both have a history of misleading advertisements, and the latest NARB decision adds to AT&T's ledger. The ad on AT&T's website stated, "Learn how everyone gets iPhone 16 Pro on us when you trade in your old iPhone in any condition."
"Focusing on the words 'everyone gets,' Verizon argued to NAD that the challenged advertising communicated an explicit message-- that all AT&T subscribers are eligible for the trade-in offer-- which it asserts was literally false because only subscribers to 'qualifying' AT&T plans are eligible. Verizon also argued that the advertisement communicated a comparable misleading message that all AT&T customers were eligible for the trade-in," the NARB decision said.
While AT&T disclosed the offer limits, Verizon argued that the disclosure was not clear and conspicuous. Verizon said-- and the NAD agreed-- that the phrase "everyone gets" suggests everyone will get a free phone, not that everyone "can get" a free phone if they subscribe to AT&T's more expensive plans.
AT&T claimed the ad was literally true because it did not say that everyone "will" get the free phone. "Rather, according to the advertiser, the challenged language communicates that all customers, current or new, can qualify for the offer and urges customers to 'learn' the details about the trade-in opportunity," the NARB said.
AT&T argued that the word "learn" makes it clear there are limits on the offer. The NAD disagreed, saying that the "learn how" phrase "precedes the word 'everyone,' suggesting everyone is eligible to receive a phone, not that everyone can learn how to get a phone."
AT&T also submitted the results of a customer survey, arguing that it proved customers seeing the ad understood the offer's limitations. The NAD decided that the survey was methodologically unsound, while the NARB said that both AT&T and Verizon offered "plausible" interpretations of the results.
Panel: Buyers of low-cost plans likely duped
After hearing AT&T's and Verizon's arguments, the NARB panel decided "that the challenged advertising, on its face, conveys a false message and further does not clarify the message by disclosing a material limitation to the offer of a free cell phone in a clear and conspicuous manner."
The panel also said it is concerned that the consumers most interested in AT&T's cheaper plans, which don't come with the free phone, would be the most susceptible to being motivated by the free offer.
In addition to saying it "will comply with NARB's decision," AT&T said in its statement that "we appreciate NARB's acknowledgment that the consumer survey in this matter plausibly supports the conclusion that the challenged advertising is truthful and not misleading. While we respectfully disagree with NARB's recommendation that the advertising be modified, we will take that recommendation into account in the future."
In another case decision in September, the NAD recommended that AT&T modify or discontinue claims related to an "AT&T Guarantee" that didn't have clear disclosures about the amount of time it takes AT&T to fix network outages and how long an outage must last before the guarantee takes effect. AT&T said it would comply with the ruling.
In August 2024, AT&T was rebuked for an ad that falsely claimed the carrier was already offering cellular coverage from space. It has also gotten in trouble for advertising 4G LTE service as "5GE" and making misleading promises of unlimited data.
Google Issues Emergency Chrome Update to Fix Critical RCE Flaw
By Divya for GB Hackers
GB Hackers
Google has released an emergency security update for Chrome across all platforms, rolling out version 142.0.7444.134 and 142.0.7444.135 to address five critical and medium-severity vulnerabilities.
The update addresses urgent security concerns identified in the browser's WebGPU implementation and other core components that could expose users to remote code execution attacks.
The emergency release came on November 5, 2025, and will gradually roll out across Windows, Mac, and Linux systems over the coming days and weeks.
Users are strongly encouraged to update their browsers immediately to protect against potential exploitation.
Google has indicated that access to detailed bug information will remain restricted until a majority of users have installed the security patches, a standard practice designed to prevent widespread attacks during the update rollout phase.
Critical WebGPU Vulnerability Takes Priority
The most severe vulnerability addressed in this update is CVE-2025-12725, classified as a high-severity out-of-bounds write flaw in Chrome's WebGPU implementation.
The update addresses urgent security concerns identified in the browser's WebGPU implementation and other core components that could expose users to remote code execution attacks.
The emergency release came on November 5, 2025, and will gradually roll out across Windows, Mac, and Linux systems over the coming days and weeks.
Users are strongly encouraged to update their browsers immediately to protect against potential exploitation.
Google has indicated that access to detailed bug information will remain restricted until a majority of users have installed the security patches, a standard practice designed to prevent widespread attacks during the update rollout phase.
Critical WebGPU Vulnerability Takes Priority
The most severe vulnerability addressed in this update is CVE-2025-12725, classified as a high-severity out-of-bounds write flaw in Chrome's WebGPU implementation.
This graphics processing vulnerability was initially reported on September 9, 2025, but remained undisclosed during development and testing.
Out-of-bounds write vulnerabilities are particularly dangerous because they allow attackers to write data beyond intended memory boundaries, potentially enabling remote code execution when exploited adequately through malicious web content.
The second major vulnerability, CVE-2025-12726, involves an improper implementation in the Views component and is also rated high severity.
This was reported on September 25, 2025, and similarly represents a significant threat to browser security.
The Views system handles user interface rendering and window management, making vulnerabilities in this layer particularly dangerous from an attack surface perspective.
Chrome's V8 JavaScript engine also required attention in this update with CVE-2025-12727, another high-severity vulnerability involving inappropriate implementation.
The V8 engine executes all JavaScript code in the browser, making any vulnerability here a critical concern for users visiting malicious websites. This vulnerability was discovered on October 23, 2025, by security researcher 303f06e3.
Two additional medium-severity vulnerabilities affecting Chrome's Omnibox search and navigation bar were also patched.
CVE-2025-12728 and CVE-2025-12729 both involve inappropriate implementations in the Omnibox component, reported by researchers Hafiizh and Khalil Zhani, respectively.
Although classified as medium severity rather than critical, these vulnerabilities still pose significant security risks and warrant inclusion in the emergency update.
The desktop update reaches Windows users via versions 142.0.7444.134 and 142.0.7444.135, Mac users through 142.0.7444.134, and Linux users with the same version number.
Android users will receive identical security fixes through the same version update process via Google Play over the coming days.
iOS users previously received Chrome Stable version 142.0.7444.128 on November 4, which aligns with the security improvements outlined in this desktop release.
Google's security team used multiple advanced detection technologies to identify and prevent these vulnerabilities from reaching users sooner, including AddressSanitizer, MemorySanitizer, and fuzzing.
The company continues working with external security researchers to maintain browser security throughout development cycles, and users can report new vulnerabilities through Chrome's official bug reporting system to support ongoing protective efforts.
Microsoft: October Windows Updates Trigger BitLocker Recovery
By Sergiu Gatlan for bleepingcomputer
bleepingcomputer
Microsoft has warned that some systems may boot into BitLocker recovery after installing the October 2025 Windows security updates.
BitLocker is a Windows security feature that encrypts storage drives to block data theft attempts. Windows computers typically enter BitLocker recovery mode after hardware changes or Trusted Platform Module (TPM) updates to regain access to protected drives.
According to a service alert seen by BleepingComputer, Microsoft stated that the bug primarily impacts Intel devices with support for Connected Standby-- now known as Modern Standby-- which enables the PC to remain connected to the network while in low-power mode.
"After installing Windows Updates released on or after October 14, 2025-- the Originating KBs listed above-- some devices might encounter issues during restart or startup," Microsoft said.
"Affected devices might boot into the BitLocker recovery screen, requiring users to enter the recovery key once. After the key is entered and the device restarts, it will boot normally without any further BitLocker prompts."
The list of platforms affected by this known issue includes Windows 11 24H2 and 25H2, and Windows 10 22H2.
BitLocker is a Windows security feature that encrypts storage drives to block data theft attempts. Windows computers typically enter BitLocker recovery mode after hardware changes or Trusted Platform Module (TPM) updates to regain access to protected drives.
According to a service alert seen by BleepingComputer, Microsoft stated that the bug primarily impacts Intel devices with support for Connected Standby-- now known as Modern Standby-- which enables the PC to remain connected to the network while in low-power mode.
"After installing Windows Updates released on or after October 14, 2025-- the Originating KBs listed above-- some devices might encounter issues during restart or startup," Microsoft said.
"Affected devices might boot into the BitLocker recovery screen, requiring users to enter the recovery key once. After the key is entered and the device restarts, it will boot normally without any further BitLocker prompts."
The list of platforms affected by this known issue includes Windows 11 24H2 and 25H2, and Windows 10 22H2.
BitLocker recovery screen (Microsoft)
Microsoft added that IT administrators can mitigate this issue with the help of a group policy delivered via Known Issue Rollback (KIR). However, affected customers must contact Microsoft Support for business for more details.
The company also released emergency updates in May to address a similar issue, days after confirming that the May Windows 10 security updates were triggering BitLocker recovery following widespread user reports.
Last year, in August, Microsoft had to address another known issue that caused BitLocker recovery prompts on Windows 10, Windows 11, and Windows Server devices after installing the July 2024 Windows security updates.
In August 2022, Windows systems were hit by an almost identical bug, which caused devices to unexpectedly display a BitLocker recovery screen after installing the KB5012170 security update.
© vocalbits.com