authorization Archives

Winsage

December 4, 2025

The first building blocks of an agentic Windows OS

Microsoft is introducing an MCP registry to Windows, enhancing security with protective wrappers and providing local agents with discovery tools. A proxy will enable connectivity for local and remote servers, ensuring robust authentication, auditing, and authorization. Enterprises can control access to the MCP using group policies and default settings, allowing unique identities for connectors. The registration process for an MCP server has been simplified with MSIX packages, making installation more accessible. Developers must have NodeJS installed to use the MCP bundle (mcpb) package, which is built using an NPM package. This approach allows developers to incorporate the MCP server into their application’s installer as an MSIX file for easy distribution and installation.

Winsage

November 30, 2025

Microsoft Issues Warning To Windows 11 Users – This AI Feature Can Install Viruses

Microsoft is transitioning to Windows 11 with the introduction of an "agentic OS," featuring experimental components called Agent Workspace, currently available to select Windows Insiders. These agentic features will be disabled by default due to potential security risks, including cross-prompt injection (XPIA) that could allow unauthorized access to user files. When activated, agent accounts can access the user profile directory, which raises concerns about data exfiltration and malware installation. The AI applications, including Copilot, will have visibility into the entire display, prompting users to consider privacy implications. Agent workspaces are designed to provide scoped authorization and runtime isolation, allowing users to manage access to files while using their devices. However, initial user reactions have been mixed, with ongoing concerns about security and functionality.

Winsage

November 26, 2025

Microsoft: Security keys may prompt for PIN after recent updates

Microsoft issued a notice to users about a new behavior related to FIDO2 security keys following Windows updates since the September 2025 preview update. This change affects devices on Windows 11 versions 24H2 or 25H2, where users may be prompted to enter a PIN during authentication. The adjustment aligns with WebAuthn specifications, which outline protocols for authentication methods, including PINs and biometrics. User verification can be categorized as discouraged, preferred, or required, with "preferred" necessitating a PIN setup if supported by the authenticator. The rollout began after the KB5065789 preview update and was completed with the November KB5068861 security update. Microsoft stated that after installing the September 29, 2025 update, users might need to create a PIN to sign in with a security key, even if it was not required during initial registration. This behavior occurs when a Relying Party or Identity Provider requests User Verification = Preferred during authentication with a FIDO2 security key lacking a PIN. Organizations can opt to adjust the user verification setting to "discouraged" if they do not want to require users to create or enter PINs. FIDO2 security keys enable passwordless authentication by requiring the physical presence of a USB, NFC, or Bluetooth token, gaining popularity as organizations seek to reduce risks associated with traditional passwords.

Winsage

November 18, 2025

Windows Is Becoming An Operating System For AI Agents

Microsoft Windows is evolving to incorporate AI agents that act autonomously, resembling digital coworkers. This shift is facilitated by the Model Context Protocol (MCP), which standardizes agent interactions with tools and data sources, ensuring secure access to system resources. Windows introduces an on-device registry of "agent connectors" for functionalities like file access and system settings, managed through an OS-level proxy that oversees identity, permissions, consent, and audit logging. The initial connectors focus on File Explorer and System Settings, defining clear capabilities and restrictions for agents. A transparent consent model allows users to manage permissions easily, promoting a user-friendly experience. The introduction of an Agent Workspace provides a dedicated environment for agents, ensuring they operate independently and with least-privileged access. Security measures include signed connectors and a standardized proxy for authentication and auditing, enabling visibility into agent actions. Windows is also expanding on-device AI processing with APIs for various functionalities, allowing agents to leverage local models securely. While Windows is not becoming an agent-first operating system, it is establishing a framework for human and agent interactions, positioning itself as a safe environment for AI operations. The foundational elements for this evolution include standard interfaces, clear permissions, isolated environments, and system-level observability.

Winsage

November 18, 2025

Microsoft’s vision of “AI-native” Windows is becoming real, update introduces agents that pilfer through your files — Latest Windows 11 Insider build includes experimental AI agents toggle that can perform tasks for you in the background

A senior Microsoft executive announced the evolution of Windows into an agentic operating system with AI features, which has been met with skepticism on social media. The Windows Insider Blog introduced AI agents in Windows 11 Insider Build 26220.7262, featuring an "Experimental agentic features" toggle that allows the creation of an "Agent Workspace," an isolated desktop environment. Currently, Agent Workspaces are non-functional and serve only as a toggle option. The AI agents are designed to handle routine tasks locally on users' machines, inspired by applications like ChatGPT and Copilot Actions. The Agent Workspace operates separately from standard directories, ensuring actions are logged for security. AI agents are disabled by default, requiring administrator privileges to enable, and can be granted read/write access to specific folders based on user permissions. The introduction of Agent Workspaces creates a new user account for the AI agent, maintaining administrative control and distinct permissions. However, the functionality is limited, leading to user frustration over unaddressed issues in the operating system.

Winsage

November 18, 2025

Microsoft just revealed how Windows 11 is evolving into an agentic OS — finally the explanation we’ve all been waiting for

Microsoft has introduced a new support document detailing the transformation of Windows 11 into an agentic operating system, emphasizing AI-native capabilities that allow the PC to autonomously manage tasks. A new experimental feature, agent workspace, will soon be available in a private developer preview for Windows Insiders. This feature enables AI to run applications in parallel with the user, designed to be lightweight and secure, with scalable memory and CPU usage. Microsoft has identified three core security pillars for agentic OS experiences: non-repudiation, confidentiality, and authorization. Additionally, essential security principles for AI agents include autonomy, activity logging, user supervision, least privilege, and defined data processing purposes. Microsoft plans to integrate these capabilities into Windows 11, with applications like Copilot Actions being among the first to utilize them, and third-party developers will also be able to create their own AI agents using the provided framework.

AppWizard

November 15, 2025

Escape From Tarkov shoots to the top of Downdetector, debuts on Steam to ‘Mixed’ reviews as players struggle to log in: ‘Best extraction shooter that you CAN’T play’

Escape From Tarkov has achieved significant success without major digital storefronts like Steam and has established the extraction shooter genre. Its Steam debut coincides with the game's 1.0 release, leading to hundreds of connection issue reports per hour on Downdetector. This has resulted in a "Mixed" rating on Steam, with players expressing frustration over technical difficulties. The developers have acknowledged these issues and are working to stabilize the servers. Players have reported being unable to create accounts due to website maintenance and have encountered various error codes. Despite these challenges, Escape From Tarkov is currently the second best-selling game on Steam, with around 19,000 concurrent players.

Winsage

November 12, 2025

Windows Kernel 0‑day Vulnerability Actively Exploited in the Wild to Escalate Privilege

Microsoft has identified a critical vulnerability, CVE-2025-62215, affecting the Windows Kernel, which is currently being exploited. This flaw, rated as Important, involves an elevation of privilege issue due to improper synchronization of shared resources, categorized under race condition (CWE-362) and double free (CWE-415). Exploitation requires high complexity and local authorization, allowing attackers to gain SYSTEM privileges for significant control over the system. The vulnerability affects various versions of Windows, including Windows 10, Windows 11 (multiple versions), and Windows Server (2019, 2022, and 2025), with patches released on November 12, 2025. Organizations are advised to prioritize swift patching and detection efforts, especially for servers and administrative workstations.

AppWizard

November 9, 2025

Stalker dev GSC Game World DMCA’d a Stalker-inspired indie off Steam⁠, and the devs are crying foul: ‘This is an abuse of power against small independent developers by a large corporation’

The indie developer of the cooperative survival horror shooter Misery announced on its Steam community hub that the game was delisted due to a DMCA strike from GSC Game World, which claimed Misery used their content without authorization. The developer, Maewing, shared an email from Valve stating the allegations and emphasized that Misery does not pose a threat to GSC's intellectual property, asserting that all content is original or legally licensed. The post also mentioned that Misery does not include any characters, plotlines, assets, or music from GSC's games. Following the DMCA claim, there was speculation about potential motivations related to the developers' alleged support for the Russian invasion of Ukraine, although this remains unverified. The Misery Discord has since implemented new moderation rules to prevent inflammatory discussions.

Winsage

November 7, 2025

How to improve Windows 11 security using Administrator Protection — shielding your PC with a switch buried in its settings

Windows 11 will introduce a security feature called Administrator Protection with the November 2025 Patch Tuesday Update. This feature requires an authorization dialog via Windows Hello for unsigned or untrusted applications seeking elevated permissions. To configure Administrator Protection using Group Policy, users must navigate to Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options, select "Admin Approval Mode with Administrator protection," and reboot the device. Alternatively, to enable it via the Registry, users should change the TypeOfAdminApprovalMode key value to 2 in HKEYLOCALMACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem and reboot. To disable the feature, users can revert the settings to their defaults.