Adobe Archives

Winsage

March 25, 2025

Windows-on-Arm woes: Amazon warns customers about Surface laptop returns

Qualcomm and Microsoft are enhancing the Windows-on-Arm ecosystem, highlighted during the Microsoft Build event in May 2024. The Surface brand laptops with Qualcomm's Snapdragon X Elite processors received positive feedback for performance and battery life. However, the Microsoft Surface Laptop (7th Edition) has been flagged by Amazon as a "frequently returned item," prompting buyers to check reviews. Customer feedback indicates that app compatibility issues are a primary reason for the returns. Intel's interim Co-CEO suggested that devices with Snapdragon chips are returned at higher rates due to unmet functionality expectations. Despite this, the market for Windows-on-Arm systems remains strong, with major manufacturers adopting Qualcomm's Snapdragon processors. Other Snapdragon-powered devices, like the Microsoft Surface Pro 11, have not faced similar return warnings. The Surface Laptop may have higher return rates due to its popularity and specific shortcomings noted in reviews, such as display quality and keyboard comfort. Microsoft also offers Intel versions of the Surface Laptop and Surface Pro, which may confuse consumers. Qualcomm and Microsoft are working with developers to improve software support for Windows-on-Arm, with notable applications like DaVinci Resolve and Adobe Photoshop now available. Challenges remain, including Qualcomm's discontinuation of its Snapdragon Developer Kit for Windows and limited native support for some applications. Users with specialized needs may prefer traditional x86 Windows versions. Qualcomm plans to unveil its second generation of Snapdragon X processors in late 2025.

Winsage

March 17, 2025

Invisible Windows Rootkit Hides Dangerous Files Using This Prefix

Obscure#Bat is a malware campaign targeting Windows users that uses obfuscated batch scripts to deploy a user-mode rootkit, which can hide its activities from standard security measures. It stores hidden scripts in the Windows Registry and can conceal files, registry entries, and running processes through application programming interface hooking. The malware can embed itself within legitimate Windows processes, making it undetectable by conventional security methods, and is capable of deleting evidence of its activity. Attackers use social engineering tactics, such as fake CAPTCHA tests and legitimate software tools, to lure victims into executing the malicious batch file. The rootkit obscures files, processes, or registry keys that begin with the “$nya-” prefix and is identified as an open-source ring-3 rootkit known as r77. It avoids kernel modifications and relies on registry and scheduled tasks for persistence, allowing it to evade detection by traditional kernel-based security tools. Windows users are advised to be cautious of social engineering tactics and to inspect batch files in a text editor before execution.

Winsage

March 12, 2025

Zero Day Initiative — The March 2025 Security Update Review

In March 2025, Adobe released seven bulletins addressing 37 Common Vulnerabilities and Exposures (CVEs) across its software products, including Acrobat Reader, Illustrator, InDesign, and Substance 3D applications. Six vulnerabilities were reported through the Zero Day Initiative program. The Acrobat Reader patch resolves multiple Critical-rated code execution vulnerabilities, while Illustrator and InDesign patches also address critical issues. The Substance 3D Sampler patch fixes seven vulnerabilities, with some classified as Critical, and the other Substance 3D applications also received updates for code execution vulnerabilities. None of the vulnerabilities were publicly known or under active attack at the time of release. Microsoft released an update addressing 56 new CVEs across its products, totaling 67 when including third-party vulnerabilities. Six are rated as Critical, and 50 as Important. Notable vulnerabilities include CVE-2025-26633, a security feature bypass in the Microsoft Management Console, and critical remote code execution vulnerabilities CVE-2025-24993 and CVE-2025-24985 linked to Windows NTFS and Fast FAT file systems. CVE-2025-24984 and CVE-2025-24991 involve information disclosure vulnerabilities, with one requiring physical access and the other needing a specially crafted VHD. Immediate attention and deployment of patches for these vulnerabilities are essential.

Winsage

March 8, 2025

Free Alternatives to Paid Windows Software

Windows operating systems often require third-party software for specialized tasks, with free alternatives available to replace paid options. 1. BleachBit is used for system cleaning as a free substitute for CCleaner Pro, effectively enhancing PC performance by removing unnecessary data without tampering with the Windows Registry. 2. Bulk Crap Uninstaller (BCUninstaller) is a free tool for uninstalling programs and bloatware, scanning for leftover files and simplifying the cleanup process with filtering options and color-coded listings. 3. Google Docs is preferred over Microsoft 365 for its user-friendly nature and free 15 GB storage per Gmail account, while LibreOffice is recommended as an alternative for standalone applications. 4. GIMP serves as a free substitute for Adobe Photoshop, offering essential graphic design tools without being resource-intensive. 5. Kdenlive is a free video editor that meets basic video editing needs and is compatible with lower-end PCs, providing a comprehensive suite of features and regular updates. 6. Audacity is used for audio editing, capable of handling both basic and professional tasks, with tools for noise elimination and vocal enhancement. 7. 7-Zip is a lightweight file compression and archiving tool that offers superior compression capabilities and password protection, operating unobtrusively in the background.

AppWizard

March 5, 2025

How to Take Photos on Android Without All the Post-Processing Junk

Smartphones now offer the ability to capture RAW photos, which retain all sensor data in an uncompressed format, ideal for editing. Google Pixel devices can capture both RAW and processed JPEG images. To enable RAW capture on Google Pixel, access the camera app, go to Settings, select the Pro tab, and toggle on the RAW/JPEG option. Editing applications like Adobe Lightroom can be used to fine-tune RAW images. ZeroCam is an app that allows users to capture photos without filtering or post-processing, focusing on simplicity with a single shutter button. It offers a trial period, after which it requires a minimal subscription fee. Camera FV-5 Lite provides manual adjustments for ISO, shutter speed, and white balance, allowing for greater control over images. It includes features like burst photo mode and automatic exposure bracketing, with some functionalities available only in the paid version. The Blackmagic Camera app is designed for videographers, offering professional controls such as an RGB histogram and image stabilization, and is compatible with recent flagship devices from brands like Samsung, Google, and OnePlus.

Winsage

March 3, 2025

How to make Microsoft Windows services work for you

Windows services are essential for the functionality of the operating system, and while many can be deactivated, caution is advised. Daemon Master is a tool that allows users to configure executables, shortcuts, or batch files as services that start automatically with Windows. To create a service with Daemon Master, users must launch the application, click “New,” assign a service name and display name, and optionally add a description. The default start type is “Automatic,” and users can specify the path to the desired EXE file. After saving, the service will appear as “stopped” and can be started by right-clicking and selecting “Start service.” Services run in the background, but users can access the program window temporarily by selecting “Start service on desktop.” Services can be managed by starting, pausing, resuming, or stopping them, and unnecessary third-party services can be disabled through the system configuration. Troubleshooting can involve restarting specific services, like the Print Spooler for printing issues. To delete a service, users must identify its name, stop it using the command prompt, and then delete it with the sc.exe tool. Tools like Autoruns can also be used for managing services. While deactivating services may not improve performance, it can reduce security vulnerabilities, and programs like Ashampoo Winoptimizer can help users assess the necessity of installed services.

Winsage

February 23, 2025

WinApps: Virtualized Windows Apps On Linux, Plus Windowing

Linux users can now run the latest version of Photoshop on Linux machines with access to a dedicated mobile GPU, thanks to innovative open-source solutions. This is achieved through the WinApps project, which integrates a virtual machine into the Linux desktop using Remote Desktop Protocol, allowing Windows applications to run alongside native Linux programs. The setup requires significant effort, particularly in recognizing the GPU, but it enables heavy-duty applications to function effectively on machines like the HP Envy 16 with an Intel i7-12700H processor and 32GB of RAM. While WinApps offers substantial benefits for users relying on Adobe Creative Cloud and Microsoft Office 365, it is best suited for casual use due to potential bugs and performance issues. The development of WinApps reflects the contributions of various open-source teams, including those at Red Hat, and suggests future enhancements may improve accessibility for users.

Winsage

February 21, 2025

Unblockable ads now litter Microsoft’s Windows Surface app

Microsoft's Surface app has transformed into a marketplace filled with advertisements, overshadowing its original purpose of device management. Users encounter promotional offers, including a 30% discount on an Xbox controller, prominently displayed at the bottom of the interface. Ads are integrated into the app, raising concerns about user consent, and persist even with ad blockers in Microsoft Edge. The app now resembles a shopping platform, which may dishearten users who expected a streamlined experience. This shift reflects a broader trend in Microsoft's ecosystem of frequent marketing pushes across platforms, potentially affecting customer satisfaction and loyalty.

Winsage

February 17, 2025

5 reasons I can’t go back to Windows after trying Linux

Linux distributions are popular in the server realm but remain a niche in the broader computing landscape dominated by Windows. The command-line interface (CLI) in Linux aids troubleshooting with detailed logs and accessible commands, unlike Windows, which often requires extensive navigation. Linux package managers, such as Yum and Nix, offer a more secure and straightforward application installation process compared to Windows tools like WinGet and Chocolatey. Linux distributions have lower performance overhead, making them suitable for older devices, while Windows 11 has high system requirements. Linux is viewed as better for privacy, avoiding intrusive advertisements and telemetry services present in Windows. The versatility of Linux allows it to cater to various computing needs, enabling users to transform installations into servers, media hubs, or NAS. Despite its advantages, Windows still excels in certain areas, such as game compatibility and access to Adobe products, which may require a Windows virtual machine for Linux users.

Winsage

February 12, 2025

Microsoft takes it easy on February’s Patch Tuesday

Microsoft released a total of 63 patches in February, including six previously released ones. Two vulnerabilities, CVE-2025-21418 (CVSS 7.8) and CVE-2025-21391 (CVSS 7.1), are actively exploited and require local access and authentication for exploitation. CVE-2025-21418 affects the Windows Ancillary Function Driver for Winsock, allowing attackers to gain SYSTEM-level privileges on Windows 10, 11, and various Windows Server versions. CVE-2025-21391 affects Windows Storage, enabling local attackers to delete files under certain conditions. Two publicly known vulnerabilities, CVE-2025-21194 (CVSS 7.1) and CVE-2025-21377 (CVSS 6.5), have not yet been exploited. CVE-2025-21194 exposes PCs to potential hypervisor and secure kernel compromises, while CVE-2025-21377 risks leaking a user's NTLMv2 hash with minimal user interaction. CVE-2025-21198, rated at CVSS 9.0, allows remote code execution in high-performance computing infrastructures, requiring network access to a targeted HPC cluster. Excel users should address five patches rated at 7.8, particularly CVE-2025-21381, which has potential for remote code execution through local attack vectors. As of February 11, administrators must configure the StrongCertificateBindingEnforcement registry key on domain controllers to avoid transitioning to Full Enforcement mode by February 2025. CVE-2025-21177 (CVSS 8.7) has been fully mitigated by Microsoft. Adobe released 45 updates, with 31 addressing vulnerabilities in Adobe Commerce, and critical patches for InDesign and Illustrator. SAP issued 21 patches affecting NetWeaver and addressing cross-site scripting issues. Fortinet released security updates for various products, including a critical authentication bypass vulnerability in FortiOS and FortiProxy (CVSS 9.6).