Not all Windows security updates are created equal, and experts warn that these ones will hack rather than protect your computer.
Updated November 27 with another Windows update warning, along with threat intelligence from the Acronis Threat Research Unit regarding the use of fake Windows security updates to exploit ClickFix attacks, as well as the original Huntress report, as detailed previously.
in attacks. The good news is that Microsoft issues security updates for all users, even those of the now unsupported Windows 10 operating system, if you knowas well as solve them. The even worse news is that hackers have been employing fake Windows security updates as part of aClickFix is a type of social engineering technique that tricks users into running malicious commands on their own machines, typically using fake fixes or I-am-not-a-robot prompts. These types of attacks have surged over the past year, with both government-sponsored spies and cybercriminal gangs deploying this technique to deliver malware. The irony being that Microsoft itself hasthat ClickFix is the most often used method of gaining initial access, “accounting for 47 percent of attacks” observed in Microsoft Defender notifications.The November 24 report has revealed a new wave of ClickFix attacks, this time using what can only be described as extremely realistic and believable Windows Security Update screens to deploy credential-stealing malware. “A notable discovery during analysis was the campaign's use of steganography to conceal the final malware stages within an image,” Huntress security analysts Ben Folland and Anna Pham, said. “Rather than simply appending malicious data to a file, the malicious code is encoded directly within the pixel data of PNG images, relying on specific colour channels to reconstruct and decrypt the payload in memory.”what they are calling a “novel JackFix attack” that combines a realistic “full-screen Windows Update of Critical Windows Security Updates,” with a number of screen hijacking techniques. The psychological tricks employed by the attackers are in plain view, with the use of fake porn sites to spring the ClickFix Windows Update trap. “The adult theme, and possible connection to shady websites,”Eliad Kimhy from the Acronis TRU said, “adds to the victim’s psychological pressure, making victims more likely to comply with sudden security update installation instructions.” The campaign, Kimhy warned, obfuscates the commands used to facilitate the attack as well as the payload itself and, by so doing, it circumvents current ClickFix prevention and detection methods, making it all the more dangerous.Just when you thought it might be safe to go back into the Windows security update water, there’s more unsettling news. That said, keeping the Jaws analogy going, this time it’s less of a Great White shark and more of an angry dolphin. By which I mean that its bite is nothing to be feared, even though it seems quite scary at first. The issue is that, following the application of any Windows 11 updates after the September 2025 preview release, some users have been reporting that they are being requested to enter a PIN when signing in if they use a security key. While this could easily be misinterpreted as a negative security issue, another Windows update that has gone wrong, it’s actually quite the opposite. If the relying party or identity provider requests user verification during the authentication process using a Fast IDentity Online 2 key, then the PIN number input pops up, and that’s a good thing. How so? Because, as Microsoft has nowThe changes started rolling out to Windows 11 devices, on a gradual basis, according to Microsoft, after the installation of the KB5065789 update on September 29. “The rollout was completed on Windows 11 clients after installing the Windows security update, November 11, 2025, KB5068861 , or later updates,” Microsoft has confirmed. The support for such PIN setup in the authentication flow was added to be consistent across both registration and authentication flows, but Microsoft has also provided a get-out for those admins who do not want user verification, and so do not want users to create or enter a PIN for their security keys: Set "userVerification" to "discouraged" in PublicKeyCredentialRequestOptions. All Windows users are advised to be on the alert for the latest ClickFix attacks. Mitigation is actually rather simple, and as with all the previous campaigns, it relies on understanding that a genuine Windows security update, just like the fake CAPTCHA screens employed before, will never, ever, require the user to cut and paste commands into the Windows run prompt from a web page. It just doesn’t happen. Stay safe out there, and heed this advice.
Microsoft Windows Windows Security Update Windows Security Alert Windows Security Update Hack Windows Hack Clickfix Clickfix Attack Windows Clickfix Attack Fake Windows Update
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Saks Fifth Avenue Illuminates New York With Festive Holiday Windows and Dazzling Light ShowThe Rockettes performed as part of the festivities.
Read more »
Do Not Download These Windows Security Updates, Experts WarnNot all Windows security updates are created equal, and experts warn that these ones will hack rather than protect your computer.
Read more »
How to download 4K and 8K YouTube videosWe'll run you through the simple process of downloading a YouTube video using the 4K Video Downloader Plus app.
Read more »
Do Not Download These Windows Security Updates, Experts WarnNot all Windows security updates are created equal, and experts warn that these ones will hack rather than protect your computer.
Read more »
Do Not Download These Windows Security Updates, Experts WarnNot all Windows security updates are created equal, and experts warn that these ones will hack rather than protect your computer.
Read more »
Windows 11 Adoption Lagging: Millions Still on Windows 10, Despite End-of-SupportThe transition to Windows 11 is slower than Windows 10's adoption. Dell estimates 500 million PCs can upgrade but haven't, and another 500 million can't. Microsoft's hardware requirements and the continued popularity of Windows 10 are factors. Despite claims of nearly a billion users, the data lacks specifics. This situation presents both challenges and opportunities for the PC market.
Read more »