administrators Archives

Winsage

May 23, 2026

Windows 11 now lets you remove Microsoft Copilot app with Group Policy or Registry, as it tries to win back users

Recent feedback from Windows 11 users has led Microsoft to simplify the process of uninstalling Copilot due to dissatisfaction with its integration. A Group Policy option titled “Remove Microsoft Copilot app” has been introduced in the April 2026 Update, allowing users to remove Copilot via User Configuration > Administrative Templates > Windows Components > Windows AI. Users can also uninstall Copilot directly from the installed apps list or by right-clicking the icon, although it may reappear after a fresh installation due to certain updates. To uninstall Copilot and Microsoft 365 Copilot using Group Policy, the following conditions must be met: both apps must be installed, the user did not install them independently, and the Copilot app has not been used for over 28 days. This policy is supported on Pro, Enterprise, Education, and IoT Enterprise or LTSC versions of Windows 11. Windows 11 Home users can manually remove Copilot by creating a registry key at HKEYCURRENTUSERSoftwarePoliciesMicrosoftWindowsWindowsAI and setting a DWORD value named RemoveMicrosoftCopilotApp to 1. Alternatively, users can execute a PowerShell script to remove Copilot. Microsoft has not provided an uninstall option for Copilot in the Start menu.

Winsage

May 23, 2026

Windows 11 adds policy to remove Copilot app

A new preview build of Windows 11 introduces a Group Policy option titled Remove Microsoft Copilot app, located in User Configuration settings under Administrative Templates and Windows Components. This policy is conditional, applying only when both Microsoft 365 Copilot and Microsoft Copilot are present, the Copilot app has not been user-installed, and it has not been launched in the last 28 days. Alternative methods to control the Copilot app include the Intune Settings Catalog entry to turn off Copilot, a registry DWORD at HKEYLOCALMACHINESOFTWAREPoliciesMicrosoftWindowsWindowsCopilot, and AppLocker packaged-app rules. Community discussions indicate that PowerShell uninstall methods are temporary solutions due to potential reinstallation by subsequent updates.

Winsage

May 23, 2026

CVE-2026-45585: YellowKey BitLocker Bypass

BitLocker, a security feature for data protection, has a vulnerability identified as CVE-2026-45585, also known as YellowKey, which allows unauthorized access to encrypted data on Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025. This flaw does not compromise BitLocker’s encryption but affects the recovery environment supporting it. The vulnerability can be exploited locally through the Windows Recovery Environment (WinRE) by an attacker with physical access, who can trigger an unrestricted shell and access the BitLocker-protected volume. Microsoft has provided two mitigation strategies: modifying the WinRE image to remove the autofstx.exe entry and transitioning from TPM-only protection to a TPM+PIN requirement at startup. The exploit poses challenges for detection, as it occurs pre-boot and currently lacks vendor-published indicators of compromise. Organizations using BitLocker for unattended devices are particularly at risk, as the vulnerability can lead to loss of confidentiality if an attacker gains access before the legitimate user.

Tech Optimizer

May 22, 2026

AI Data Platform Modernization in Financial Services | Microsoft Azure PostgreSQL | The Microsoft Cloud Blog

Financial service institutions are increasingly exploring AI applications to alleviate operational burdens and gain a competitive edge, but face challenges with legacy data infrastructures that may not meet modern demands. The need for continuous availability and compliance is critical, as even brief downtime can have catastrophic consequences. Aging databases struggle with high-volume transactions and real-time analytics, prompting a focus on predictive maintenance and infrastructure automation. Microsoft Azure's PostgreSQL managed services, including Azure Database for PostgreSQL, address these challenges by providing flexible performance scaling and ensuring high availability. The service can trigger automatic failover within 60 to 120 seconds during outages, guaranteeing up to a 99.99% availability SLA. It supports read replicas for offloading analytics without impacting primary database performance and offers layered security controls, including encryption at rest and network isolation. Azure Database for PostgreSQL simplifies compliance with standards such as PCI DSS and SOC by enabling centralized identity and access management through Microsoft Entra ID authentication. It integrates seamlessly with the Microsoft ecosystem, allowing organizations to connect data to analytics and AI services without complex ETL processes. BNY Mellon successfully modernized its data platform by migrating to Azure Database for PostgreSQL in nine months, achieving improved resilience and allowing engineering teams to focus on innovation. The platform supports high availability, backup capabilities, and extensibility, empowering financial institutions to remain innovative in the era of AI.

Winsage

May 21, 2026

A Windows 11 bug blocks all updates since February. Here’s what to do

A segment of Windows 11 users has been unable to receive updates since February due to issues stemming from the January Preview Update, which caused download timeouts. This has resulted in missed security patches and critical updates related to Secure Boot certificates. Users may experience crashes during the update process, indicated by the error code 0x80010002. To check if affected, users can view their update history in Settings; if no updates have been installed since January and updates have not been paused, they are likely impacted. Microsoft is working on a fix linked to download timeout changes and firewall settings. A Known-Issue Rollback (KIR) can be executed to revert to a previous state before the problematic update, restoring normal functionality. This rollback is available for specific Windows 11 versions and Windows Server 2025.

Winsage

May 21, 2026

Windows 11’s new SecureBoot folder isn’t malware. Here’s what it does

Users have observed a new folder named “SecureBoot” in the Windows system folder following the installation of Windows 11's May update (KB5089549). This update may cause installation issues for some devices and introduces a directory that contains example scripts for IT professionals to manage Secure Boot certificate updates. Windows Secure Boot certificates are set to expire next month, and outdated certificates will lead to loss of support starting in June, potentially compromising Secure Boot functionality. Microsoft is distributing new certificates through Windows Update. The SecureBoot folder does not require individual users to take action, and deleting it is discouraged as it may cause complications with future Windows updates.

Winsage

May 20, 2026

Microsoft shares mitigation for YellowKey Windows zero-day

Microsoft has addressed the YellowKey vulnerability, a zero-day flaw in Windows BitLocker identified as CVE-2026-45585. This vulnerability allows unauthorized access to BitLocker-protected drives through a specific exploitation process involving 'FsTx' files. The flaw was disclosed by an anonymous researcher known as 'Nightmare Eclipse.' Microsoft has released mitigation strategies, including removing the autofstx.exe entry from the Session Manager's BootExecute REGMULTISZ value and reestablishing BitLocker trust for WinRE. Additionally, users are advised to change BitLocker settings from "TPM-only" to "TPM+PIN" mode, requiring a pre-boot PIN for drive decryption, and to enable "Require additional authentication at startup" for unencrypted devices.

Winsage

May 20, 2026

Microsoft confirms Windows 11’s May 2026 update is failing to install with error 0x800f0922 and outlines a mitigation for affected PCs

Microsoft has acknowledged installation issues with the May 2026 Security Update for Windows 11, specifically error code 0x800f0922, affecting devices on versions 24H2 and 25H2 after installing update (KB5089549) released on May 12. The failures occur during the reboot phase, often around 35 percent, primarily on devices with 10MB or less free space in the EFI System Partition (ESP). For consumer and unmanaged business devices, Microsoft has implemented a Known Issue Rollback (KIR), and restarting the computer may resolve the issue. For managed devices, network administrators must manually deploy a Group Policy workaround. Microsoft suggests modifying a Registry value to decrease reserved padding in the EFI partition as a potential fix, along with restarting the computer and checking for updates. A permanent solution is planned for a future Windows update.

Tech Optimizer

May 20, 2026

Critical PostgreSQL Flaws Enable Code Execution and SQL Injection

On May 14, 2026, PostgreSQL released critical security updates for versions 18.4, 17.10, 16.14, 15.18, and 14.23, addressing 11 Common Vulnerabilities and Exposures (CVEs) related to stack buffer overflows, SQL injection, memory disclosure, and denial-of-service vulnerabilities. The most critical vulnerability, CVE-2026-6637, has a CVSS score of 8.8 and allows remote, unprivileged database users to execute arbitrary code. Other notable vulnerabilities include CVE-2026-6473, which affects memory allocation leading to potential memory corruption, and CVE-2026-6475, which allows overwriting sensitive OS-level files. Additional vulnerabilities include SQL injection flaws and authentication issues, with various CVSS scores ranging from 3.7 to 7.5. The updates can be implemented without a database dump, and PostgreSQL 14 will reach its end-of-life on November 12, 2026.

Tech Optimizer

May 19, 2026

Critical PostgreSQL Vulnerabilities Enables Code Execution and SQL Injections

The PostgreSQL Global Development Group has released security updates for versions 18.4, 17.10, 16.14, 15.18, and 14.23, addressing 11 vulnerabilities, including critical issues related to arbitrary code execution and SQL injection flaws. All supported branches from 14 through 18 are affected by vulnerabilities, necessitating updates. Database administrators can perform in-place upgrades without needing a dump/restore. Key vulnerabilities include: - CVE-2026-6637: Stack buffer overflow in the refint module allowing arbitrary code execution. - CVE-2026-6472: Privilege bypass and arbitrary SQL execution. - CVE-2026-6473: Potential remote code execution and memory corruption. - CVE-2026-6474: Server memory information leak. - CVE-2026-6475: Arbitrary file overwrite vulnerability. - CVE-2026-6476: SQL injection with superuser execution. - CVE-2026-6477: Client-side code execution risk. - CVE-2026-6478: MD5 credential timing leak. - CVE-2026-6479: SSL/GSS denial-of-service flaw. - CVE-2026-6575: Limited memory disclosure issue. - CVE-2026-6638: SQL injection in logical replication. Organizations using PostgreSQL 14 should upgrade to version 14.23 and plan migration to a newer version before the end-of-life on November 12, 2026. The updates are urgent for deployments exposed to the internet or in multi-tenant environments.