block Archives

Winsage

March 6, 2026

Windows Server 2025 Native NVMe: Storage Stack Overhaul and Benchmark Results

On December 15, 2025, Microsoft announced native NVMe support in Windows Server 2025, marking a significant evolution in data management and access. The new architecture replaces Disk.sys with NVMeDisk.sys, allowing direct communication from the filesystem to hardware via StorMQ, eliminating latency and enhancing performance. Testing revealed increased read speeds, particularly in random 4K and 64K benchmarks, with significant reductions in average read latency and lower CPU usage during sequential operations. Write operations showed modest improvements. A registry modification is required to enable this feature, and caution is advised due to potential complications with NVMe drives when deduplication is enabled.

AppWizard

March 6, 2026

Building realistic Minecraft worlds with Open Data on AWS: How Arnis uses elevation datasets at scale

Arnis is an open-source tool that transforms real-world locations into Minecraft experiences using geospatial data from Amazon Web Services (AWS). It recently migrated to Terrain Tiles, a global elevation dataset, which has reduced data retrieval costs and improved accessibility for nearly 300,000 users. Users can select geographic regions and customize parameters to generate locations in Minecraft, with the conversion process occurring locally on their machines. The integration of elevation data was a key feature, achieved through a processing pipeline designed by contributors after consulting GIS specialists. This pipeline allows accurate terrain rendering globally, even in areas with significant elevation variations. The transition to Terrain Tiles eliminated the need for a commercial provider, simplifying the codebase and removing account-bound authentication for data access. Previously, users made around 2,000,000 elevation tile requests over three months, incurring substantial costs. Now, users benefit from free access to the Terrain Tiles dataset, enhancing the elevation feature's reliability and accessibility. The Arnis processing pipeline operates on the client’s machine without backend services or API keys, involving steps such as calculating tile coordinates, fetching terrain tiles from AWS, decoding them, applying smoothing, and voxelizing the map data. A local cache is used to minimize redundant reads, and the system defaults to flat terrain if the endpoint is temporarily unavailable. Future developments include a public Minecraft server for exploring generated worlds without downloading the application, automatic region selection for optimized data retrieval, expanded landform detection for better representations, and a terrain-only mode for custom city planning and adventure map creation.

AppWizard

March 5, 2026

Minecraft has finally revealed the name of its baby mob update, and I honestly didn’t think it could get any cuter but here we are

Minecraft's upcoming 2026 update, previously known as the "baby mob update," has been officially named the Tiny Takeover drop. The update will introduce the ability to craft name tags, unique spawn eggs for baby mobs, and a new note block called the trumpet. A specific release date has not been announced, but it may arrive in the spring.

AppWizard

March 5, 2026

Indie dev says ‘best I can do is sentient tofu’ after fans demand a male protagonist—they respond oh yeah, actually Mr Tofu works fine, thanks

A user on the Steam forums for the upcoming game Honcho expressed a preference for playing as a male character, stating that playing female characters disrupts their immersion. The indie developer, Pryjmachuk, humorously suggested a sentient block of tofu as an alternative, acknowledging the limitations of indie game development. Players will be able to embody Mr. Tofu by entering their name at the game's start. Despite the initial request for a male character, the user responded positively to the tofu option, expressing support for the developer's work. This exchange highlights the diverse preferences players have regarding character choices in gaming.

AppWizard

March 5, 2026

Pokemon Pokopia features a riff on Minecraft’s iconic Redstone system, and fans are already dreaming up the possibilities: “This is like super advanced”

Pokopia features innovative gameplay mechanics that allow for complex building tasks similar to Minecraft's Redstone system. The game's director, Takuto Edagawa, demonstrated a mechanism that activates lights, waterfalls, and neon LEDs through a motion-sensing system. This has led to comparisons with Minecraft among fans, who note the advanced level of customization in Pokopia. Additionally, a developer tour showcased a moving minecart that activated note blocks to create melodies, further emphasizing the game's Minecraft-inspired elements. Pokopia is highly anticipated, tying for the highest-rated title in the Pokémon series on Metacritic.

AppWizard

March 4, 2026

Minecraft 26.1 Snapshot 11

The shipping room is preparing for the 26.1 snapshot, which includes various refinements, technical adjustments, and bug fixes. Players may face an issue where minimizing the game in Fullscreen mode prevents it from being maximized again. Changes include aligned textures for adult and baby Rabbits, new sound variants for Pigs, head rotation for Baby Goats, and updated textures for Baby Hoglins and baby Pandas. The Master Librarian no longer offers Name Tags but now provides Red and Yellow Candles for three Emeralds each, while the Wandering Trader offers Name Tags for one Emerald. The trumpet note block sound assets have been updated, and the Data Pack version is now 100, with a Resource Pack version of 83. New features include a new block state provider and adjustments to block states for Banners and Signs. A new tag, #preventsnearbyleaf_decay, has been added, and various special model types have been introduced for items like Bells and Books. Block state rendering has been adjusted for consistency, and several bugs have been fixed, including issues with Endermen, dragon eggs, and various textures. Snapshots are available for Minecraft: Java Edition, with instructions for installation and backup provided.

Winsage

March 4, 2026

PoC Exploit Released for Microsoft Windows Error Reporting ALPC Privilege Escalation

A proof-of-concept exploit for CVE-2026-20817, a local privilege escalation vulnerability in the Windows Error Reporting (WER) service, has been released by security researcher oxfemale on GitHub. This vulnerability allows low-privileged users to gain SYSTEM-level access through crafted Advanced Local Procedure Call (ALPC) messages. The flaw is located in the WER service's SvcElevatedLaunch method, which fails to validate caller privileges before executing WerFault.exe with user-supplied command line parameters. The CVSS v3.1 base score for this vulnerability is 7.8, indicating a high severity level. It affects unpatched versions of Windows 10, Windows 11, Windows Server 2019, and Windows Server 2022 prior to the January 2026 update. Demonstrations have shown successful exploitation on Windows 11 23H2. Security teams are advised to monitor for unusual processes related to WerFault.exe, investigate missing SeTcbPrivilege in SYSTEM tokens, and review WER-related activities from low-privilege users. Immediate application of the January 2026 security patches is recommended, and a temporary workaround involves disabling the WER service.

Winsage

March 4, 2026

Windows App Development CLI Updated with .NET Project Support, More

Microsoft has released version 0.2 of its Windows App Development CLI (winapp), incorporating several new features based on community feedback. Key updates include first-class support for .NET projects, allowing integration of WinUI 3, WPF, Windows Forms, and .NET console applications. Developers can initialize projects with winapp init, which aligns them with the appropriate Windows SDK version and generates necessary folders. The update also introduces manifest placeholders for easier app packaging, integrates Microsoft Store CLI commands into winapp, and enhances the help and error messaging system for better usability. Additional improvements include new commands for external catalogs and package identity, updates to winapp pack and manifest update-assets, and a Flutter guide with a sample project for using Windows App SDK APIs.

Winsage

March 3, 2026

PoC Exploit Released for Windows Error Reporting ALPC Privilege Escalation

A critical local privilege escalation vulnerability, tracked as CVE-2026-20817, affects Microsoft Windows through the Windows Error Reporting (WER) service. This flaw allows authenticated users with low-level privileges to execute arbitrary code with full SYSTEM privileges. The vulnerability resides in the SvcElevatedLaunch method (0x0D) and fails to validate user permissions, enabling attackers to launch WerFault.exe with malicious command-line parameters from a shared memory block. The exploit affects all versions of Windows 10 and Windows 11 prior to January 2026, as well as Windows Server 2019 and 2022. Microsoft addressed this vulnerability in the January 2026 Security Update. Organizations are advised to apply security patches and monitor for unusual WerFault.exe processes.

Winsage

March 2, 2026

Fake Xeno and Roblox Utilities Used to Install Windows RAT, Microsoft Warns

Cybersecurity experts at Microsoft Threat Intelligence have identified a trend where attackers distribute counterfeit gaming tools that install a remote access trojan (RAT) on users' systems. These trojanized executables, such as Xeno.exe or RobloxPlayerBeta.exe, are shared through browsers and chat platforms. The initial executable acts as a downloader, installing a portable Java runtime environment and launching a harmful Java archive, jd-gui.jar. Attackers use built-in Windows tools to execute commands via PowerShell and exploit trusted system binaries, minimizing detection risk. The embedded PowerShell script connects to remote locations, downloads an executable as update.exe, and executes it. The malware erases evidence of the downloader and modifies Microsoft Defender settings to allow RAT components to function undetected. It establishes persistence through scheduled tasks and a startup script named world.vbs, enabling prolonged access to the compromised device. Microsoft Defender can detect the malware and its behaviors, and organizations are advised to monitor outbound traffic and block identified domains and IP addresses. Users are encouraged to scrutinize Microsoft Defender exclusions and scheduled tasks for irregularities and remain cautious about downloading tools from unofficial sources.