Critical Security Updates: Windows, CISA, & WhatsApp | Ep. 44
▼ Summary
– Microsoft released emergency patches for Windows 11, 10, and Server after updates caused apps to hang when accessing cloud storage like OneDrive.
– The patches also address issues with Outlook setups where PST files stored on OneDrive could cause the program to hang or mishandle mail.
– A CISA acting director uploaded official contracting documents into the public version of ChatGPT, triggering security alerts, despite a general DHS block on the tool.
– WhatsApp introduced optional “strict account settings” to block files from unknown senders and silence unknown calls, aimed at protecting vulnerable users like journalists.
– Similar security protections to WhatsApp’s new features have already been implemented by Apple for iOS and Google for Android.
Staying ahead of the latest security developments is crucial for IT professionals and everyday users alike. This week brings significant updates from major platforms, including emergency patches from Microsoft, a concerning incident involving a top cybersecurity official, and new protective features for a popular messaging app. These stories highlight the ongoing challenges in maintaining digital security across both enterprise and personal environments.
Microsoft has released its second set of emergency, out-of-band updates for Windows in just one week. This urgent action follows user reports that applications became unresponsive or generated errors when interacting with cloud storage services like OneDrive and Dropbox after installing the January 13th patches. The newly issued cumulative updates are designed to resolve these critical performance issues. They are available for Windows 11 and 10, as well as Windows Server 2019, 2022, and 2025. Separately, Microsoft also identified a problem with Outlook configurations where PST files stored on OneDrive could cause the program to hang or improperly handle email, a concern addressed in these latest releases.
In a separate security matter, a report reveals that the acting director of the Cybersecurity and Infrastructure Security Agency (CISA) uploaded official government contracting documents into the public version of OpenAI’s ChatGPT. This activity occurred despite the tool being blocked for most Department of Homeland Security (DHS) employees; the director reportedly had a short-term, approved exception. Cybersecurity monitoring systems detected the uploads in early August, triggering multiple alerts within the first week. While DHS initiated an internal review of the incident, the findings and any resulting actions have not yet been made public, raising questions about data handling protocols for sensitive information.
Meanwhile, WhatsApp has introduced new optional “strict account settings” to help users defend against hacking attempts and intrusive monitoring. These features, which users must manually enable, are designed to block files and attachments from unknown senders, disable link previews, and silence calls from contacts not saved in the user’s address book. The update is particularly focused on safeguarding vulnerable individuals, including activists and journalists, who are frequent targets of digital surveillance and phishing scams. This move aligns with similar protective measures already implemented by Apple and Google within their respective iOS and Android operating systems.
(Source: COMPUTERWORLD)
