VulnHub

Avast has rolled out two new security features aimed at detecting scams involving deepfake technology. The Avast Scam Guardian and Scam Guardian Pro are now available for mobile devices, while the Avast Deepfake Guard is launched for Windows PCs. This AI-driven tool is designed to analyze and identify harmful audio that could be embedded within video content. The goal is to enhance protection for users against various scam tactics that can occur through text messages, phone calls, and video platforms. These updates are particularly relevant as the rise of deepfakes poses a growing risk to online security, making it essential for users to have reliable tools to safeguard against such threats.

Microsoft is looking into issues with some Windows 11 devices that are failing to boot after users installed the January 2026 Patch Tuesday security updates. Affected users are encountering 'UNMOUNTABLE_BOOT_VOLUME' errors, which prevent their systems from starting up properly. This situation could disrupt the workflow of many individuals and organizations that rely on Windows 11 for daily operations. Microsoft has not yet provided a specific fix or workaround for the problem, leaving users uncertain about how to resolve the issue. The investigation is ongoing as the company seeks to identify the root cause of the boot failures and implement a solution.

In a recent incident, the FBI accessed the BitLocker recovery keys of Windows laptops after Microsoft shared these keys as part of a legal request. This situation raises significant concerns about user privacy and data security, as it reveals how easily law enforcement can obtain sensitive information stored on personal devices. Affected users include anyone using Windows laptops that utilize BitLocker encryption for data protection. The implications are serious; users may feel their encrypted data is not as secure as previously thought, prompting a reevaluation of reliance on built-in security features. This incident serves as a reminder that while encryption is a valuable tool, it does not guarantee absolute privacy when legal authorities are involved.

Microsoft has issued a temporary workaround for users experiencing freezes in Outlook after applying the latest Windows security updates. This issue has affected many customers who rely on Outlook for their email and daily tasks, causing disruptions and frustration. The freezes appear to be linked to the recent updates, prompting Microsoft to step in with a solution while they work on a permanent fix. Users are advised to implement the provided workaround to mitigate the impact on their productivity. This situation serves as a reminder of how software updates, while important for security, can sometimes lead to unexpected problems.

Microsoft has rolled out emergency updates for Windows 10, Windows 11, and Windows Server to address issues that arose from the January Patch Tuesday updates. These out-of-band updates specifically target problems related to system shutdowns and Cloud PC functionality. Users of these operating systems may experience disruptions due to these bugs, which could impact productivity and system reliability. It's crucial for users to apply these updates promptly to ensure their systems operate smoothly and to mitigate any potential security risks that may arise from unresolved bugs.

The January Patch Tuesday updates for Windows include important changes to Secure Boot, which safeguards computers against bootkit malware. Secure Boot is a security feature that ensures only trusted software is loaded during the startup process. The updates address expiring certificates that could compromise this protection if not renewed. Users and IT administrators are urged to install these patches promptly to mitigate the risk of bootkit attacks, which can allow malicious software to take control of a system before the operating system loads. Keeping Secure Boot updated is crucial for maintaining the integrity and security of Windows PCs.

A recent extended security update for Windows 11 inadvertently caused issues with Message Queuing (MSMQ), a feature important for enterprise background task management. This glitch could disrupt services for businesses that rely on MSMQ for their operations, potentially affecting data processing and communication between applications. Users of Windows 10 are now receiving an out-of-band update aimed at addressing these MSMQ problems. It is crucial for enterprises to apply this update promptly to ensure their systems remain stable and functional. Failure to do so could lead to significant operational delays and inefficiencies.

JumpCloud has identified a vulnerability in its Remote Assist feature for Windows that could allow attackers to escalate privileges locally or launch denial-of-service attacks on managed endpoints. This flaw affects systems running the JumpCloud Windows Agent, posing a risk to organizations that rely on this software for remote management. If exploited, the vulnerability could give unauthorized users elevated access to sensitive system functions, potentially leading to further malicious actions. Users and administrators of JumpCloud services should be aware of this issue and take steps to secure their systems. It's crucial for organizations to stay informed about such vulnerabilities to protect their data and infrastructure.

A serious vulnerability identified as CVE-2025-34352 affects the JumpCloud Remote Assist for Windows agent, allowing local users to gain full SYSTEM privileges on company devices. Discovered by XM Cyber, this flaw poses a significant risk to organizations using the software, as it could enable unauthorized access and control over sensitive company systems. Businesses are strongly urged to update their JumpCloud software to version 0.317.0 or later to mitigate this high-severity security issue. Failure to address this vulnerability could lead to severe operational disruptions and data breaches. Immediate action is crucial to ensure the safety and integrity of company devices and networks.