administrators Archives

Winsage

June 19, 2026

Microsoft finally admits its default Windows 11 25H2, 24H2 action broke key legacy component

Microsoft released Patch Tuesday updates for Windows 11, specifically KB5094126 and KB5093998, along with dynamic updates KB5094149, KB5095971, and KB5094156. Two issues have been acknowledged: malfunctioning Office applications and complications with the Recycle Bin. In July 2025, Microsoft changed the default settings of Windows 11 to JScript9Legacy in versions 24H2 and later, continuing with version 25H2 in October 2025. This change aimed to enhance security by addressing vulnerabilities related to legacy scripting, particularly cross-site scripting (XSS). A support article details a compatibility issue arising from the transition from jscript9.dll to jscript9legacy.dll, which affects how JScript manages execution context. Functions and definitions established by one script are no longer accessible to subsequent scripts, leading to failures in legacy applications. To address this, Microsoft released the KB5077241 update, which requires manual activation of persistent JScript execution context through a Registry setting. The steps to implement this solution involve creating a feature control registry key and configuring a DWORD value for specific processes or all processes.

Winsage

June 18, 2026

Microsoft fixes Windows Server 2016 security update failures

Microsoft resolved an installation issue affecting the June 2026 security updates (KB5094122) on Windows Server 2016 systems that had not previously installed the KB5087537 update, which was a prerequisite. Users had encountered 0x80070002 or FILENOTFOUND errors. Microsoft acknowledged the problem and confirmed that affected devices should no longer experience installation failures for the June 2026 update. Additionally, Microsoft fixed a similar issue with the May 2026 Windows 11 security update (KB5089549) that resulted in 0x800f0922 errors due to insufficient space on the EFI System Partition. They also warned users about potential installation issues with error codes 0x80073712 or 0x800f0993 on devices upgraded to Windows 11 24H2 or 25H2. Furthermore, Microsoft addressed a boot issue for Windows Server 2025 devices after the April 2026 update and a bug affecting installation failures for updates since May 2025 using the Windows Update Standalone Installer (WUSA). Lastly, they are investigating a separate issue preventing third-party applications from launching essential Office programs after the June 2026 updates.

Winsage

June 16, 2026

A Brief History Of Unix Commands On Windows: CoreUtils (Again)

The interaction between Unix/Linux and Windows has historically been marked by significant differences in their architectures and philosophies. Unix uses a fork() function for process management, while Windows employs CreateProcess(), complicating the implementation of Unix-like tools on Windows. Early solutions to bridge this gap included the MKS Toolkit, which provided Unix-like commands for Windows, and UWIN from AT&T Bell Labs, which aimed to create a Unix interface layer on Windows. Cygwin offered a compatibility DLL to run Unix software on Windows, but required rebuilding from source. Microsoft's initiatives included POSIX, Interix, and later Services for UNIX. The introduction of the Windows Subsystem for Linux (WSL) allowed users to run a Linux userland directly on Windows, with WSL 2 incorporating a real Linux kernel. Recently, Microsoft released Coreutils for Windows, providing native builds of Unix-style tools to enhance cross-platform consistency.

Winsage

June 16, 2026

Microsoft Teams will auto-detect when you’re at the office via Wi-Fi, roll out confirmed, but you can opt-out

Microsoft is rolling out a feature called "Workplace check-in" that allows organizations to track employee presence in the office through Wi-Fi connectivity, integrated with Microsoft Teams and configured via Microsoft Places. This feature, first noted in September 2025, will not be enabled by default. It logs an employee's location when they connect to the company’s Wi-Fi, such as when they arrive at the office. The rollout was delayed due to privacy concerns, but Microsoft is moving forward, ensuring users can control their participation. The feature does not provide real-time tracking like mapping services but indicates presence based on Wi-Fi connection. Users must grant location access through their operating system, and if they decline, IT policies cannot override this choice. Teams’ Workplace check-in is disabled by default and can be activated by IT administrators with two options: Inform mode, which notifies users of the feature and allows opting out, and Ask mode, which requests permission to share location data. Microsoft clarifies that the feature is not intended for surveillance and does not track movements over time. Employees can choose whether their presence is visible to others while on-site. The initial rollout is tied to organizations using the Microsoft Places directory, and as organizations set up the feature, more users will likely be affected. Additionally, Microsoft is enhancing Teams with improvements for speed and a new user interface for meetings.

Winsage

June 15, 2026

New Windows Zero‑Day Flaws Target Defender and BitLocker

A cybersecurity researcher known as “Nightmare Eclipse” has revealed two zero-day exploits threatening Windows systems: RoguePlanet and GreatXML. RoguePlanet targets Microsoft Defender, allowing attackers to execute privileged actions and gain SYSTEM-level access on Windows machines. It is a local privilege escalation vulnerability that remains effective on fully updated systems. GreatXML claims to bypass BitLocker disk encryption by manipulating the Windows Recovery Environment, potentially granting access to protected files. However, its effectiveness may be overstated, as it might require administrator-level access. Microsoft advises organizations to implement security updates, treat lost or accessible devices as high-risk, enforce stricter policies, and monitor threat intelligence to mitigate exposure to these vulnerabilities.

Winsage

June 15, 2026

Microsoft released the Windows 11 Secure Boot update for all PCs, how to verify yours

Microsoft has expanded the rollout of the Secure Boot 2023 certificate update to more Windows 11 and Windows 10 devices with the June 2026 Patch Tuesday update (KB5094126). This update aims to ensure that most supported consumer PCs are classified as high confidence, meaning necessary certificates are either installed or will be applied automatically. Secure Boot is a firmware security feature that verifies the software attempting to load during the startup process, blocking unauthorized software. The certificates supporting Secure Boot, issued in 2011, are expiring in stages starting June 24, 2026, prompting Microsoft to deploy replacement certificates. Most home users do not need to take manual action as the updates will occur automatically via Windows Update. Users can check their Secure Boot certificate status in the Windows Security app. A yellow warning indicates pending compatibility data, while a red alert suggests a firmware incompatibility requiring a BIOS update. Multiple reboots during the update process are normal, and a new SecureBoot folder in Windows is for staging cryptographic files. Older PCs may experience longer update times, and some may not receive updates due to firmware issues. HP users should check for BIOS updates if encountering BitLocker recovery loops. IT administrators should monitor device classifications and manually initiate updates for devices not in the high confidence category. Devices with Secure Boot disabled cannot receive updates, leaving them vulnerable. The expiration of the Microsoft Corporation KEK CA 2011 certificate on June 24 does not immediately affect device functionality, but it limits Microsoft's ability to sign new bootkit blacklist updates.

Winsage

June 13, 2026

Windows Server is getting new network safety capabilities with DNS over HTTPS

Microsoft has introduced DNS over HTTPS (DoH) on Windows Server 2025, enhancing network security by encrypting DNS traffic for client-to-server communications. This feature, previously available only in Windows client editions, is now part of Microsoft's Zero Trust architecture. DoH routes DNS traffic through HTTPS secured with TLS certificates, preventing eavesdropping and safeguarding DNS data from tampering. It adheres to the IETF DNS over HTTPS standard (RFC 8484) and can integrate with existing infrastructure, allowing organizations to maintain unencrypted DNS traffic if needed. DoH is available for Windows Server 2025 systems updated to the latest Patch Tuesday release, and Microsoft has provided guidance on enabling this feature. However, DNS traffic exchanged between two DNS servers will not be encrypted by DoH.

Winsage

June 13, 2026

For June, Patch Tuesday means an IT scramble

A systematic approach to testing is essential following the latest updates. The process begins with installing the .NET SDK update, then building and executing representative applications to ensure existing projects compile and run without issues. For SQL Server users, the GDR update must be installed on the appropriate branch, followed by a service restart and standard transaction execution to verify stability. Backup and restore verification is also necessary, including checking the health of Always On availability groups and testing patch installation and removal. The Readiness team recommends prioritizing testing for Remote Desktop this month due to its frequent patches and high-risk classification. The focus should be on printer redirection, followed by general connectivity, RemoteApp functionality, clipboard and device redirection, gateway access, and licensing considerations. The next priority is validating NTLM authentication updates, including domain and standalone logon processes, file-share access, and application sign-in capabilities. Other updates are security-focused with no functional changes, requiring routine regression testing across networking, Hyper-V, storage, and graphics components. Office remains MSI-only, with Click-to-Run installations unaffected by these updates. The updates for .NET and SQL Server complete the landscape for developers and database administrators.

Winsage

June 13, 2026

Windows Server 2025 Adds DNS Over HTTPS for Secure DNS Traffic

Microsoft has rolled out support for DNS over HTTPS (DoH) in Windows DNS Server as part of the Windows Server 2025 update. This feature enhances the security of DNS communications through encryption and server authentication, allowing encrypted client-to-resolver traffic in on-premises DNS environments. DoH encrypts DNS queries and responses using HTTPS, protecting sensitive information from interception or alteration. It also uses digital certificates for DNS server authentication to reduce spoofing and impersonation risks. The feature is compatible with existing Windows DNS Server configurations and supports both encrypted and traditional DNS. DoH support is available on Windows Server 2025 with the June 9, 2026 update or newer. Administrators must configure a trusted TLS certificate and enable DoH in the DNS Server service to deploy this feature. Microsoft plans to extend encryption capabilities to include communication between the Windows DNS Server and upstream DNS resolvers in the future.

Winsage

June 13, 2026

Windows 11 KB5094126: Microsoft’s desktop.ini hardening causes some folder icons to disappear

Following the June 2026 update, custom folder icons and localized folder names in Windows are no longer displaying as they typically would due to intentional modifications related to security updates, specifically KB5094126 for Windows 11 versions 24H2 and 25H2. This update tightens the handling of the desktop.ini file, which is used for folder customization. Although access to the actual files remains unchanged, affected folders may revert to default icons or display original directory names instead of customized labels. Microsoft has identified certain sources as untrusted, including files downloaded from the internet and specific remote sources, which affects how desktop.ini files are processed. Users are encouraged to verify file origins, and administrators should ensure that internal sources are classified as trusted to avoid disruptions in folder presentation. The update also includes other security fixes and enhancements.