administrators Archives

Winsage

March 3, 2026

PoC Exploit Released for Windows Error Reporting ALPC Privilege Escalation

A critical local privilege escalation vulnerability, tracked as CVE-2026-20817, affects Microsoft Windows through the Windows Error Reporting (WER) service. This flaw allows authenticated users with low-level privileges to execute arbitrary code with full SYSTEM privileges. The vulnerability resides in the SvcElevatedLaunch method (0x0D) and fails to validate user permissions, enabling attackers to launch WerFault.exe with malicious command-line parameters from a shared memory block. The exploit affects all versions of Windows 10 and Windows 11 prior to January 2026, as well as Windows Server 2019 and 2022. Microsoft addressed this vulnerability in the January 2026 Security Update. Organizations are advised to apply security patches and monitor for unusual WerFault.exe processes.

Winsage

March 2, 2026

Windows 11 tops market share as 10 faces extended farewell

Recent data from Statcounter indicates that Windows 11 has a market share of 72.57 percent, while Windows 10 holds 26.45 percent. Microsoft claims that Windows 11 has surpassed one billion users. Statcounter's data is collected from over 1.5 million websites and may be subject to revision. Microsoft will discontinue support for many versions of Windows 10 in October 2025, leading some organizations to consider Extended Security Updates (ESU), which can incur additional costs. Windows Server 2016 has a 20.3 percent share among monitored servers, and Windows 10 2016 LTSB accounts for 0.5 percent of Windows devices, making up 19.8 percent within the LTSC/LTSB category. The higher usage of LTSC/LTSB is attributed to special-purpose devices in consumer and retail sectors, which face stricter upgrade protocols.

Winsage

March 1, 2026

Windows Package Manager 1.28.190 is final

Microsoft has launched WinGet 1.28.190, aligning its version number with App Installer to resolve discrepancies. The previous version 1.12.470 has been replaced by this update. Key changes include consistent directory separators for portable packages, compatibility of the –suppress-initial-details option with winget configure test, corrections to the experimental “font” property, and the introduction of the experimental sourceEdit feature, which allows users to set a source for package management. The update signifies a consolidation of versioning and enhances clarity for users and administrators.

Winsage

February 28, 2026

Microsoft testing Windows 11 batch file security improvements

Microsoft has released new Windows 11 Insider Preview builds that enhance security and performance for batch files and CMD scripts. IT administrators can now activate a secure processing mode by adding the LockBatchFilesInUse registry value, which prevents modifications to batch files while they are running. This update also requires signature validation only once per batch file, improving performance. Additionally, the Shared Audio feature has been refined, allowing users to share audio across multiple devices with individual volume sliders and a new taskbar indicator. The feature now supports more Bluetooth LE Audio accessories, including Samsung Galaxy Buds 4, Sony WF-1000XM6, and Xbox Wireless Headset. These updates are available for Windows Insiders in the Beta and Dev channels with specific preview builds installed.

Winsage

February 28, 2026

Announcing Windows 11 Insider Preview Build 28020.1673 (Canary Channel)

Windows 11 Insider Preview Build 28020.1673 has been released to the Canary Channel. Key updates include: - Emoji 16.0 release with new emojis available in the emoji panel. - Introduction of a sign-in restore experience for Windows Backup for Organizations, reinstating user settings and Microsoft Store apps. - Quick Machine Recovery (QMR) is now automatically enabled for enterprise-managed Windows Professional devices. - A built-in network speed test accessible from the taskbar for measuring network performance. - Enhanced account menu in the Start menu directing users to Microsoft account benefits. - Pan and tilt controls for supported cameras available in the Settings app. - Widget Settings have been updated to a full-page experience. - Search function in the taskbar now displays group headers with the number of results and allows previewing results. - Support for Remote Server Administration Tools (RSAT) on Windows 11 Arm64 devices. - Improvements to dark mode in File Explorer and fixes for unexpected window behavior. - Reliability improvements in Settings for Bluetooth & Devices options. - Enhanced reliability for sending larger files via nearby sharing. Features are gradually rolled out, and a clean installation is required to exit the Canary Channel.

Winsage

February 27, 2026

Announcing Windows 11 Insider Preview Build 26220.7934 (Beta Channel)

Windows 11 Insider Preview Build 26220.7934 (KB5077242) has been released to the Beta Channel. Key updates include: - Enhanced security and performance for batch files with a new secure mode that ensures batch files remain unchanged during execution, improving performance and security. - Shared audio feature now includes individual volume sliders for each listener and a taskbar indicator for ongoing audio sharing sessions. - A new command for Narrator users allows reading the status bar contents in applications like Word and Excel. - The rollout of improved taskbar animations has been temporarily paused. - Reliability improvements for removing Windows Update files and windows.old files. - Enhanced typing reliability with the ADLaM keyboard. - The Paint app has introduced a freeform rotate feature for shapes, text, and selections. Insiders can access these updates through Settings > Windows Update, and features may be gradually rolled out using Controlled Feature Rollout technology. A desktop watermark is displayed for Windows Insider pre-release builds.

Winsage

February 27, 2026

Announcing Windows 11 Insider Preview Build 26300.7939 (Dev Channel)

Windows 11 Insider Preview Build 26300.7939 (KB 5077243) has been released to the Dev Channel, introducing new features and improvements. Key updates include enhanced security and performance for batch files through a new secure mode, individual volume sliders for shared audio between Bluetooth LE Audio devices, a new Narrator command to read status bar contents in applications, improved reliability for removing Windows Update files, and enhanced typing reliability with the ADLaM keyboard. The rollout of improved taskbar animations has been temporarily paused. Updates are gradually being rolled out to Insiders who have opted in through Settings > Windows Update.

Winsage

February 27, 2026

Windows Server finally gets ReFS boot support

Microsoft has introduced boot support for the Resilient File System (ReFS) in Windows Server, allowing insiders to boot the server operating system directly from a ReFS volume. This feature has been made available in the latest Windows Server Insider Preview build after a fourteen-year wait since ReFS was launched in 2012. ReFS can detect corruption early and address issues online, eliminating the need for chkdsk, and supports volumes up to 35 petabytes. It also includes block cloning and sparse provisioning technologies for efficient file management. To use ReFS boot, organizations must install the latest Windows Server vNext Insider Preview with a minimum build number of 29531.1000.260206-1841, format the system partition as ReFS, and ensure UEFI firmware is used.

Winsage

February 27, 2026

Microsoft expands Windows restore to more enterprise devices

Microsoft has introduced a feature that allows enterprise users to restore personal settings and Microsoft Store applications from a previous Windows 11 device during their first login on a new or reimaged device using a Microsoft Entra ID account. This feature is part of Windows Backup for Organizations, which streamlines the migration process to Windows 11. The restore capability has been expanded to support hybrid-managed environments, multi-user device configurations, and Windows 365 Cloud PCs. Users will receive a prompt during the first login to either restore from a previous device's backup or set up the device as new, but those who bypass this step will not receive another prompt. IT administrators can manage this feature through Microsoft Intune or Group Policy. The feature will be available for devices with Windows updates released on February 24, 2026, and later. Windows Backup for Organizations was first announced in November 2024, reached public preview in May 2025, and became generally available in August.

Winsage

February 25, 2026

Microsoft gives Windows laggards the ‘gift of time’ wrapped in licensing fees

Microsoft is offering up to three years of Extended Security Updates (ESU) for older Windows installations, with the expectation of compensation. Most major versions of Windows 10 will reach end of support by 2025, while Windows 10 Enterprise 2016 LTSB and Windows IoT Enterprise LTSB 2016 will end support on October 13, 2026, and Windows Server 2016 will conclude support on January 12, 2027. Microsoft recommends upgrading to Windows Server 2025 for Windows Server 2016 users. The pricing for ESU for Windows 10 2016 LTSB starts at a specified amount per device for the first year, with expected increases in subsequent years. Customers using Intune or Windows Autopatch may receive a reduced rate. There is no official pricing for Windows Server 2016 ESU, creating uncertainty for administrators. Historically, Microsoft has charged a premium for extended support, with previous ESU costs for Windows Server 2012 being 100 percent of the full license price for the first year. The final cost of ESU will depend on each organization’s licensing agreement.