0patch Archives

Winsage

May 3, 2025

Here’s why Windows 7 took so long to boot with solid color backgrounds in 2009

Some users of Windows 7 experienced a 30-second boot delay when using solid color desktop backgrounds shortly after its launch in October 2009. This issue arose because Windows waited for system components, including desktop icons and the background, to report readiness. If any element was absent, the operating system paused for up to 30 seconds. The problem was also linked to group policies that hid desktop icons. Microsoft addressed the glitch by November 2009. As of recent data, Windows 7's market share has decreased to 2.5 percent, and Microsoft has ceased support for the operating system.

Winsage

April 29, 2025

New Windows 7 And Windows Server 2008 Security Updates Confirmed

Microsoft has introduced a no-reboot patching feature for Windows 11 and announced hotpatching costs for Windows Server 2025. Windows 7 and Windows Server 2008 R2 have reached their end-of-support status and lack official security patches. However, users of these legacy systems can utilize a micro patching service called 0patch, which delivers micro patches to address specific vulnerabilities without requiring system reboots. On April 29, 2023, Mitja Kolsek, CEO of ACROS Security, announced that support for Windows 7 and Windows Server 2008 R2 would be extended until January 2027 due to high demand. These micro patches are currently the only available security updates for these legacy versions.

Winsage

April 14, 2025

No Reboot Security Updates Come To Windows 11 — But There’s A Catch

Microsoft has introduced a "hotpatching" feature for Windows 11 that allows security updates to be installed in the background without requiring a reboot. This feature is currently limited to Windows 11 Enterprise, version 24H2, for x64 devices with AMD or Intel CPUs, and requires Microsoft Intune for deployment. The 0patch micro-patching service offers an alternative for users outside the enterprise, providing fixes directly in memory and free zero-day micro patches.

Winsage

April 14, 2025

Windows 10 PC can’t be upgraded? You have 5 options and 6 months to take action

The official end-of-support date for Windows 10 is October 14, 2025, after which all editions will cease to receive technical support and security updates. Users can choose to continue using Windows 10 without updates, buy a new PC or rent a virtual PC, switch to a Linux distribution or ChromeOS Flex, pay Microsoft for Extended Security Updates (ESUs), or upgrade incompatible hardware to Windows 11 through specific methods. Microsoft will offer ESUs for Windows 10 at a cost, with reduced rates for educational institutions and higher prices for business customers. Users can bypass compatibility restrictions to upgrade to Windows 11 by making registry edits and using tools like Rufus for clean installations.

Winsage

March 28, 2025

Windows Users at Risk: New Zero-Day Exploit Steals Passwords Without Interaction

A newly uncovered zero-day vulnerability in Windows allows hackers to steal NTLM credentials simply by previewing a malicious file, affecting multiple Windows versions, including Windows 7 and Windows 11 v24H2. Microsoft has not yet issued a patch for this vulnerability, leaving millions of users exposed. The flaw was reported by security researcher Mitja Kolsek from ACROS Security, who noted that stolen credentials could lead to unauthorized access to networks. ACROS Security has created a temporary micro-patch available through its 0patch platform, which users are encouraged to implement. Additionally, a separate zero-day vulnerability identified in Google Chrome and other Chromium-based browsers allows attackers to bypass sandbox protection with a click on a malicious link, primarily targeting media organizations and government agencies in Russia. Users are advised to install the 0patch fix, avoid interacting with unfamiliar files, and update their browsers to protect against these threats.

Winsage

March 26, 2025

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials

A critical vulnerability affecting various Windows operating systems, including Windows 7, Server 2008 R2, Windows 11 v24H2, and Server 2025, allows attackers to capture NTLM authentication credentials through interactions with malicious files in Windows Explorer. Exploitation can occur when users open shared folders, insert USB drives with malicious files, or view downloaded files. The vulnerability is similar to a previously patched flaw (CVE-2025-21377) but has not been fully documented. Security researchers have developed micropatches available for free until Microsoft releases a permanent fix. These micropatches support a wide range of Windows versions, including legacy and currently supported systems. The micropatches have been automatically distributed to affected systems with the 0patch Agent installed.

Winsage

March 26, 2025

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials

A critical vulnerability affects all Windows operating systems from Windows 7 to Windows 11 v24H2 and Server 2025, allowing attackers to capture NTLM authentication credentials through malicious files viewed in Windows Explorer. Exploitation can occur when users open shared folders, insert USB drives with malicious files, or view previously downloaded files. The vulnerability is similar to a previously patched flaw (CVE-2025-21377) but has not been publicly documented. Security researchers have developed micropatches through 0patch to temporarily mitigate the issue, which will be available at no cost until Microsoft releases a permanent solution. The micropatches support various Windows versions, including legacy and currently supported systems, and can be automatically deployed without requiring system reboots.

Winsage

March 26, 2025

Windows Passwords At Risk As New 0-Day Confirmed—Act Now

Windows users are facing multiple zero-day vulnerabilities affecting various operating system versions, including Windows 7, Server 2008 R2, and Windows 11 v24H2, with no official patch available from Microsoft. A new vulnerability allows attackers to obtain NTLM credentials by having a user view a malicious file in Windows Explorer. This vulnerability is distinct from a previously reported incident and remains undisclosed until Microsoft issues a patch. NTLM vulnerabilities can enable credential theft, and while not classified as critical, they have been exploited in real-world attacks. Users may need to wait for the next Patch Tuesday for an official fix, but can utilize a micro-patch solution from ACROS Security's 0patch to address the vulnerability temporarily.

Winsage

March 26, 2025

0patch releases yet another free fix for yet another 0day vulnerability in Windows that Microsoft has not addressed

0patch has released micropatches for a critical SCF File NTLM hash disclosure vulnerability affecting all Windows versions from Windows 7 to Windows 11 and Windows Server editions from 2008 to 2025. This vulnerability allows attackers to obtain users' NTLM credentials by having them view a malicious file in Windows Explorer. 0patch operates on a subscription model and provides security fixes for unsupported Windows versions, as well as complimentary patches for unaddressed vulnerabilities. Specific details about the vulnerability are currently withheld, pending an official fix from Microsoft.

Winsage

March 26, 2025

New Windows Zero-Day Vulnerability Exposes NTLM Credentials – Unofficial Patch Now Available

A zero-day vulnerability has been identified in the Windows operating system, affecting versions from Windows 7 and Server 2008 R2 to Windows 11 v24H2 and Server 2025. This vulnerability allows attackers to obtain NTLM credentials by tricking users into opening malicious files in Windows Explorer. Microsoft has been notified, and while there is no official CVE number yet, an unofficial patch is available through 0patch. The flaw is similar to previous vulnerabilities related to NTLM hash disclosures but has not been widely discussed. To exploit it, attackers need network access to the victim's system or a way to relay stolen credentials. 0patch has created micropatches for all affected Windows versions, which are available for free until Microsoft provides an official fix. This is the fourth zero-day vulnerability reported by 0patch recently, with previous vulnerabilities including those in Windows Theme files and the Mark of the Web issue on Server 2012. 0patch also offers patches for NTLM-related vulnerabilities that Microsoft has classified as “wont fix.” Users can create a free account with 0patch for automatic protection against these vulnerabilities. Micropatches are available for various Windows versions, including both legacy and currently supported systems, and will remain free until an official Microsoft fix is released.