code Archives

Winsage

April 18, 2026

RedSun: Windows 0day when Defender becomes the attacker

A vulnerability has been discovered in Windows Defender that allows standard users to exploit a logic error in the file remediation process, enabling code execution with elevated privileges without administrative access. This flaw, identified by security researcher Chaotic Eclipse, occurs because Windows Defender does not verify if the restoration location of flagged files has been altered through a junction point. The exploit, named RedSun, takes advantage of a missing validation in the MpSvc.dll file, allowing attackers to redirect file restoration to the C:WindowsSystem32 directory. RedSun operates by chaining together four legitimate Windows features: Opportunistic Locks (OPLOCKs), Cloud Files API, Volume Shadow Copy Service (VSS), and Junction Points. The execution of the exploit involves monitoring shadow copies, triggering Defender's detection, synchronizing OPLOCKs, and ultimately writing malicious binaries to the System32 directory. The root cause is the lack of reparse point validation in the restoration process, and currently, no patch or CVE has been assigned for this vulnerability. It affects Windows 10, Windows 11, and Windows Server 2019 and later, and organizations are advised to implement behavioral detection strategies until a fix is available.

Winsage

April 18, 2026

Windows Server 2025 Update KB5082063: Error 0x80073712 due to Media Player; and Error 0x800F0983

Cumulative update KB508206, released on April 14, 2024, for Windows Server 2025, is causing installation failures for some administrators. Error code 0x800F0983 has been acknowledged by Microsoft as an issue related to the update process, while error code 0x80073712 has been linked to the legacy Windows Media Player application. Reports indicate that the installation of KB5082063 is problematic, particularly on systems configured in German, with users experiencing persistent failures despite attempts to use repair commands. The installation issues may be related to missing files associated with the Media Player language packs, affecting various language configurations.

AppWizard

April 18, 2026

Android 17 Beta 4 arrives with post-quantum cryptography and new memory limits

On April 16, Google released Android 17 Beta 4, concluding its beta phase and focusing on app compatibility and platform stability. Developers must finalize updates for Android 17 to avoid delays when the stable version is released. Key behavioral changes for apps targeting Android 17 include: - Large-screen resizability restrictions, preventing apps from opting out of maintaining orientation, resizability, and aspect ratio constraints. - Expanded restrictions on dynamic code loading, requiring native files loaded via System.load() to be read-only. - Certificate Transparency is enabled by default. - Local network access is restricted by default, with a new ACCESSLOCALNETWORK permission for persistent access. - Stricter rules on background audio interactions, including playback and volume change APIs. Android 17 introduces per-app memory limits based on device RAM to target memory leaks and anomalies, with minimal impact expected on app sessions. Developers can check for memory limit impacts via ApplicationExitInfo and utilize profiling tools in Android Studio Panda. An on-device anomaly detection service monitors resource-intensive behaviors and provides profiling artifacts. Additionally, the Android Keystore now supports ML-DSA for quantum-safe signatures, allowing developers to generate keys and create signatures within secure hardware.

Winsage

April 17, 2026

France to remove Windows from government computers in sovereignty push

France is transitioning from Windows to Linux for its government computers, announced on April 8 by the Interministerial Directorate for Digital Affairs, to reduce reliance on American technology firms. This change involves modifying the software on thousands of state computers, which is a significant task given that Windows is the most widely used operating system globally. Linux, an open-source system, allows for code modification and sharing. Experts highlight the benefits of open-source software, including transparency and collective ownership, which enhance data security and management. Other European countries, like Spain and Germany, have also adopted similar systems. The transition is expected to create jobs in the local economy as France will invest in hiring engineers instead of paying Microsoft licensing fees. However, the timeline for the rollout is uncertain, with no specifics on the number of computers involved or the duration of the project. Additionally, Microsoft has reportedly spent €7 million in 2025 on lobbying efforts related to digital regulations in the EU, which may complicate the transition.

Winsage

April 17, 2026

Hackers are abusing unpatched Windows security flaws to hack into organizations

Hackers have exploited vulnerabilities in Windows systems, specifically targeting three flaws: BlueHammer, UnDefend, and RedSun. BlueHammer has been patched by Microsoft, while UnDefend and RedSun remain unaddressed. The exploitation is linked to code published by a researcher named Chaotic Eclipse, who criticized Microsoft for their response to vulnerabilities. All three flaws affect Windows Defender, allowing hackers potential high-level access to systems. Microsoft emphasized the importance of coordinated vulnerability disclosure to protect customers and the research community. The situation underscores the ongoing struggle between cybersecurity defenders and cybercriminals.

Tech Optimizer

April 17, 2026

Millions of people use this American-made antivirus and you can get $30 off right now

PC Matic is an American cybersecurity company established in 1999, focused on preventing infections before they occur. It aims to disrupt cybercrime by enhancing the protection of everyday devices, thereby reducing the profitability of large-scale attacks. The company has protected over 100 million applications and devices, with more than 3 million customers. PC Matic offers user-friendly and affordable tools for individuals and families. Currently, they have a promotional discount of 30% off the first purchase with the code GOLOOT30, applicable to orders over .99, valid until January 1, 2027.

BetaBeacon

April 17, 2026

Google tests Play Store UI change that should help picky gamers save time

The Google Play Store is testing a redesigned Games tab that includes genre-specific shortcut bubbles like Simulation, Puzzle, and Life to streamline the user experience and make it easier for gamers to navigate and explore games.

AppWizard

April 17, 2026

Hell Let Loose: Vietnam PC playtest signups are now open

Team17 announced on April 16, 2026, that playtest signups for Hell Let Loose: Vietnam are now open for PC users. The game features six expansive maps, 50 vs 50 battles, and emphasizes teamwork and strategy. Players will have access to historically accurate weapons, vehicles, and tactical options, including US aerial units with helicopters, NVA forces with tunnel networks, and patrol boats for river navigation. A new trailer showcasing intense combat scenes was released during the Galaxies Showcase. Team17 Digital, founded in 1990, is a prominent developer and video games label, while Expression Games, established in 2022, is leading the development of the Hell Let Loose franchise.

AppWizard

April 17, 2026

Android 17 hits a major milestone as Google releases its last ‘scheduled’ beta

Google has released Android 17 beta 4, the final beta version before the anticipated mid-2026 launch. This update, with build number CP21.260330.008, is available for Pixel devices from Pixel 6 to Pixel 10 and focuses on stability rather than new features. A key addition is 'App memory limits' to manage RAM usage and improve performance, particularly for foldable phones and tablets. Developers are required to optimize apps for Android 17, ensuring compatibility with new features. The beta update is rolling out via the Android Beta Program, with stable Android 17 expected later this year. Users can sideload the update or manually flash the factory image if they haven't received it.

Tech Optimizer

April 16, 2026

Deploy Postgres and MySQL databases with PlanetScale + Workers

Cloudflare has deepened its partnership with PlanetScale to enhance the developer experience by providing Cloudflare Workers with access to Postgres and MySQL databases. Users will be able to create PlanetScale databases directly from the Cloudflare dashboard and API, with billing handled through their Cloudflare accounts. Cloudflare credits can be applied towards PlanetScale databases. The integration allows developers to link their PlanetScale accounts and create Postgres databases from the Cloudflare dashboard. Starting next month, new PlanetScale databases will be billed directly to Cloudflare accounts. The integration uses Hyperdrive for database connectivity, managing connection pools and query caching. PlanetScale offers performance and reliability, allowing developers to choose between Postgres and Vitess MySQL. Cloudflare users can deploy PlanetScale databases directly from Cloudflare, with features like query insights and usage breakdowns included. A single node on PlanetScale Postgres starts at a specified monthly rate. Developers can configure Workers to minimize latency by placing them near the primary database, with future plans to automate this process. Currently, billing for existing PlanetScale databases is processed through PlanetScale, but new databases will be billed through Cloudflare starting next month. Further enhancements and API integration are planned, with community feedback encouraged.