Windows Archives

Winsage

June 26, 2026

Microsoft extends extended updates for Windows 10 in the most muted way imaginable

Microsoft has extended its offer of extended security updates for consumer users of Windows 10 until October 12, 2027, following the official end of support for the operating system on October 14, 2025. Users can acquire an extra year of patches for a modest fee, while business users have the option for an additional three years of support until 2028. Approximately 30 percent of HP's customers and 26 percent of all Windows users are still operating on Windows 10, which translates to hundreds of millions of PCs globally. The minimum requirements for running Windows 11 include a Trusted Platform Module (TPM) 2.0, 4GB of RAM, and 64GB of storage.

Winsage

June 26, 2026

Microsoft adds another year to Windows 10 extended update program

Windows 11 introduced new hardware requirements, including specific CPU technologies and a Trusted Platform Module (TPM), leading to criticism from users and concerns as 2026 approaches. An AI-driven shortage of storage and memory has increased upgrade costs, complicating the transition to newer operating systems. Approximately 26 percent of PCs are still running Windows 10, while Windows 11 has a 72 percent market share. Windows 10 will remain up to date for at least another year. Users can join the Extended Security Updates (ESU) program for continued support, with enrollment available through the Windows Update menu. The ESU program allows coverage for up to 10 devices for personal use and will be available until 2028, with the possibility of updates continuing beyond that timeframe.

Winsage

June 26, 2026

Microsoft extends free Windows 10 security updates for consumers

Microsoft has extended its free Windows 10 Extended Security Updates (ESU) program for consumers to provide essential security updates until October 12, 2027. This extension allows users more time to transition to Windows 11, as Windows 10 will no longer receive support after October 14, 2025. The initial expiration date for the free ESU program was October 12, 2026. Consumers can access these updates by backing up their Windows settings, redeeming 1,000 Microsoft reward points, and for users in the European Economic Area, logging into Windows 10 with a Microsoft account. An ESU license can be used on up to 10 devices linked to the same Microsoft account, but the program is not available for systems managed through Active Directory or Mobile Device Management, though devices registered with Microsoft Entra are eligible.

Winsage

June 26, 2026

Your Windows 10 PC just quietly got another year of free support

Microsoft has extended the security updates for Windows 10 users by an additional year, with the new end date for the Extended Security Updates (ESU) program set for October 12, 2027. This extension applies automatically to existing ESU enrollees, and new users can sign up until the deadline. The change was confirmed by a Microsoft spokesperson in an editor's note added to a blog post. The extension does not apply to corporate Windows deployments, which require costly ESU subscriptions that extend support until October 2028.

Winsage

June 25, 2026

Windows 10 quietly gets one more year of support and updates

Microsoft has extended the support timeline for Windows 10 by initiating the Extended Security Updates (ESU) program, which provides an additional year of essential security updates until October 12, 2027. Users can enroll in the ESU program until it ends, and those already enrolled will have their coverage automatically continue through that date. The ESU program, previously a paid feature for businesses, is now available to regular consumers at no additional cost.

Winsage

June 25, 2026

Microsoft quietly extends free Windows 10 ESU support to October 2027

Microsoft has extended the free coverage of its Windows 10 Extended Security Updates (ESU) program for consumers by an additional year, now lasting until October 12, 2027. This change was noted in updates to Microsoft's ESU documentation and a blog post. Previously, Windows 10 was set to reach its end of support on October 14, 2025, with initial ESU coverage expiring on October 12, 2026. Consumers can access the extended security updates through various methods, including payment, backing up settings to a Microsoft account, redeeming Microsoft reward points, or for users in the European Economic Area, by logging in with a Microsoft account. Each ESU license can be used on up to 10 devices linked to the same account, and the program is only for personal devices, not those managed through Active Directory or MDM.

Winsage

June 25, 2026

Microsoft Quietly Extends Windows 10 ESU For One More Year

Microsoft is expected to extend the Windows 10 Extended Security Updates (ESU) program by an additional year, with the new end date set for October 12, 2027, instead of the previously stated October 2026. This change is reflected on the Microsoft website, which confirms the new timeline.

Winsage

June 25, 2026

Microsoft quietly extends Windows 10’s extra security updates program for free: Users can now stay on Windows 10 until October 2027 securely

Microsoft has extended the timeline for Windows 10's extended support updates program to October 2027, from the original end date of October 2026. Users must log in with a Microsoft account to be eligible for the updates.

Winsage

June 25, 2026

This free app puts Microsoft to shame by bringing widgets to the Windows 11 taskbar

WidBar is a beta application for Windows 11 that allows users to integrate widgets into the taskbar, currently offering two widgets: "Now Playing" and "System Metrics." Users can drag and drop these widgets into a live preview of their taskbar and place them across multiple monitors. The native Widgets Panel in Windows 11 has 56 widgets but lacks a dedicated Now Playing widget, as media controls are only available in the Action Center. WidBar is gaining attention for its potential to enhance user experience and is being discussed in the tech community on platforms like Reddit.

Winsage

June 25, 2026

Introduction to COM usage by Windows threats

Component Object Model (COM) is a technology in Windows that enables object activation, inter-process communication, and automation across different programming languages. Malware exploits COM interfaces for activities such as lateral movement, execution, downloading, exfiltration, persistence, evasion, system discovery, and automation of Windows and Office functionalities. Reverse engineering COM-heavy binaries involves navigating GUIDs and indirect vtable calls to understand malware mechanics. Research at the AVAR 2025 conference and CARO 2026 workshop discusses methodologies for analyzing COM binaries and case studies of malware families that utilize COM. COM is an application binary interface (ABI) model that allows software components to be reused and enables interaction between different programming languages through interfaces defined at the binary level. Distributed COM (DCOM) allows clients to activate COM objects on remote systems. COM classes are identified by unique class identifiers (CLSIDs), and interfaces by interface identifiers (IIDs). The Windows registry stores COM registration data, with classes and interfaces located under specific keys. Malware often acts as a COM client, utilizing the COM runtime to instantiate classes and request interfaces. ProgIDs provide human-readable registry entries for COM classes. The CoCreateInstance function helps create class objects by resolving CLSID registrations. All COM interfaces derive from IUnknown, which manages object lifetimes and interface querying. COM has its own security model, and identifying classes and interfaces used by malware is crucial for threat researchers. Tools like ComView and OleView.NET assist in inspecting COM registrations. The analysis workflow includes identifying activation API calls, extracting CLSID and IID values, consulting registry definitions, and mapping vtable calls. Qakbot, a banking trojan, exemplifies the use of COM in malware, with its architecture enabling malicious activities like credential theft. Dynamic analysis tools can log COM-related calls in real-time to trace execution flow. Notable malware families that utilize COM include Gh0stRAT, which uses Task Scheduler COM interfaces, and the Attor platform, which employs BITS for file transfers. WarmCookie demonstrates the use of COM for persistence through Task Scheduler. Understanding COM's role in malware is essential for cybersecurity professionals.