configurations Archives

Winsage

June 13, 2026

WhatsApp is eating 1.2GB RAM on Windows 11, even as Microsoft kills web app slop

WhatsApp for Windows, despite having a large user base of 3 billion globally and 1.6 billion on Windows, suffers from significant performance issues, including high RAM usage (400 MB before logging in and up to 1.2 GB while idling), slow message delivery, and a choppy scrolling experience. The app operates as a web wrapper using the WebView2 framework, which leads to inefficient resource consumption compared to native applications. Users across various hardware configurations report freezing, delayed messages, and instability. Microsoft’s Teams app also faces similar performance challenges due to its reliance on the same framework. There is a growing concern about the trend of developers opting for web applications over native ones, driven by a lack of trust in native frameworks. Despite Microsoft's push for native app development through WinUI, there is currently no native version of WhatsApp for Windows, while Meta has developed optimized versions for other platforms.

Winsage

June 13, 2026

Windows Server 2025 Adds DNS Over HTTPS for Secure DNS Traffic

Microsoft has rolled out support for DNS over HTTPS (DoH) in Windows DNS Server as part of the Windows Server 2025 update. This feature enhances the security of DNS communications through encryption and server authentication, allowing encrypted client-to-resolver traffic in on-premises DNS environments. DoH encrypts DNS queries and responses using HTTPS, protecting sensitive information from interception or alteration. It also uses digital certificates for DNS server authentication to reduce spoofing and impersonation risks. The feature is compatible with existing Windows DNS Server configurations and supports both encrypted and traditional DNS. DoH support is available on Windows Server 2025 with the June 9, 2026 update or newer. Administrators must configure a trusted TLS certificate and enable DoH in the DNS Server service to deploy this feature. Microsoft plans to extend encryption capabilities to include communication between the Windows DNS Server and upstream DNS resolvers in the future.

Tech Optimizer

June 13, 2026

Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE)

On June 10th, Splunk released an advisory for CVE-2026-20253, a high-severity vulnerability with a CVSS score of 9.8 that requires no authentication. The vulnerability is associated with the PostgreSQL Sidecar Service Endpoint and affects Splunk Enterprise versions 10 and above. In default installations, the service is not installed on Windows but is installed and enabled by default on AWS. The vulnerability allows unauthorized users to create and truncate arbitrary files through an API that lacks authentication controls. Additionally, it enables the execution of SQL commands via a backup and restore mechanism, potentially leading to remote code execution (RCE). A Detection Artefact Generator has been developed to help organizations assess their vulnerability to this issue.

Winsage

June 12, 2026

June’s Windows 10 patch has a BitLocker user lockout problem… again

Microsoft released a cumulative update for Windows 10, designated as KB5094127, during the latest Patch Tuesday. Some users are experiencing issues where they are prompted to enter their BitLocker recovery key after installing the update. This problem is linked to systems with an "unrecommended" BitLocker Group Policy configuration and has occurred in previous updates. Specific conditions that can lead to this issue include having BitLocker enabled on the operating system drive, a certain Group Policy setting configured, the System Information tool reporting a specific Secure Boot State, the presence of a particular certificate in the Secure Boot Signature Database, and not using the 2023-signed Windows Boot Manager. Affected users may face difficulties accessing their BitLocker recovery key, potentially leading to lockouts. Microsoft suggests that personal devices are less likely to be affected, with the issue primarily impacting enterprise setups. The company is working on a resolution and advises IT administrators to consider removing the Group Policy configuration before installing the update. Update KB5094127 is available only to Windows 10 users in the Extended Security Updates program for versions 21H2 and 22H2, addressing various bugs and security vulnerabilities.

Tech Optimizer

June 11, 2026

Avast One: Security and privacy suite under the microscope

Avast One is the flagship consumer security suite from Avast (Gen Digital), combining antivirus, firewall, VPN, and privacy utilities into a single subscription for Windows, macOS, Android, and iOS. It offers four primary areas: device security, online privacy, identity protection, and performance tools. Device security includes real-time antivirus, Web Shield, Mail Shield, and Ransomware Shield. The online privacy component features a full VPN service with bank-grade encryption and a no-logs policy. Identity protection includes data breach monitoring and, in some markets, credit monitoring. Performance tools assist with disk cleanup and system optimization. Avast One has three plan tiers: Avast One Essential (free), Avast One Individual (paid, supports multiple devices), and Avast One Family (paid, supports up to 30 devices). Pricing varies based on promotions, with Avast One Individual typically around per year and Avast One Family ranging from to 0 per year. The suite can be downloaded directly from Avast's website, with installers available for various platforms. Avast One includes automatic updates and is designed to operate lightly on modern hardware, with options to minimize system impact during scans. Customer support includes self-help documentation, community forums, and direct support for paying customers. Avast One aims to appeal to both non-technical users and power users, providing a user-friendly interface while allowing for advanced configurations. The product is positioned as a comprehensive solution for households looking to secure multiple devices with a single subscription.

Winsage

June 11, 2026

PowerToys 0.1 Arrives With Improvements to Several Utilities

Microsoft released PowerToys 0.1, featuring several enhancements: - The Shortcut Guide now appears as a side pane, detecting the active application and displaying relevant shortcuts. - The Command Palette includes an extension gallery for easy management of extensions and supports multiple monitor configurations, along with a new Battery widget. - PowerDisplay has improved startup speed, monitor identification, and settings preservation, with a new Max compatibility mode. - ZoomIt now supports a webcam overlay during recordings and allows appending multiple clips with transitions. - Transition to .NET 10 has optimized performance, reduced installation size by 15%, and improved the auto-update feature. Quick Access and Workspaces have migrated to WinUI with a refreshed UI. - Additional improvements include the Keyboard Manager using the new WinUI editor, a Refresh Connections feature in Mouse Without Borders, enhanced high DPI and multi-monitor reliability in Quick Accent, an option to disable file preview tooltips in Peek, and various calculator enhancements in PowerToys Run. PowerToys can be downloaded from the Microsoft Store, Windows Package Manager (winget), or the web.

Winsage

June 11, 2026

Microsoft fixes BitLocker recovery bug on Windows Server 2025

Microsoft has resolved an issue affecting certain Windows Server 2025 devices that were booting into BitLocker recovery mode after the April 2026 security update. This issue was linked to specific BitLocker Group Policy configurations and required users to input their BitLocker recovery key upon the first restart after the update. However, this key would only need to be entered once for subsequent restarts, provided the group policy configuration remained unchanged. The problem primarily affected enterprise systems rather than personal devices. The issue arose under specific conditions: BitLocker was enabled on the operating system drive, a particular Group Policy was set, the Secure Boot State PCR7 Binding was "Not Possible," the Windows UEFI CA 2023 certificate was present, and the device was not already using the 2023-signed Windows Boot Manager. Microsoft released fixes in the KB5094125 and KB5093998 updates to address this problem, preventing devices with incompatible group policy configurations from installing the 2023-signed Windows Boot Manager. Event ID 1032 in the System event log indicates the issue when Windows updates are installed. For IT administrators unable to deploy the latest updates, it is recommended to remove the Group Policy configuration before installing updates or to implement a Known Issue Rollback (KIR) on affected devices. Additionally, Microsoft had previously addressed similar BitLocker recovery issues in August 2024 and May 2025.

Winsage

June 10, 2026

Windows BitLocker 0-Day Vulnerability Allows Attackers to Bypass Security Feature

On June 9, 2026, Microsoft announced a vulnerability in Windows BitLocker, identified as CVE-2026-50507, which allows unauthorized attackers with physical access to bypass BitLocker Device Encryption. The flaw is categorized under CWE‑306, indicating a missing authentication check for a critical function, and has a CVSS v3.1 base score of 6.8. It affects various versions of Windows 10, Windows 11, and Windows Server from 2012 R2 to 2025. Microsoft released security updates to address the vulnerability, and it was classified as “Exploitation More Likely.” Although there is no evidence of active exploitation, proof-of-concept code exists. Organizations are advised to implement multi-factor configurations and reassess device handling and security protocols.

Winsage

June 10, 2026

Windows 11 Beta Build 26220.8575: Microsoft fixes audio, Settings, and annoying freezes

Microsoft has released Windows 11 Insider Preview Build 26220.8575 on June 8, 2026, focusing on stability rather than new features. This build introduces the ability to extend update pauses indefinitely, which is important for maintaining system integrity in test environments. It also fixes an audio malfunction affecting some users and improves the reliability of the “Settings > Apps > Installed apps” feature. Additionally, the build addresses freezing issues in core applications like Search and Notepad. The Beta channel has been restructured to provide more stability and predictability, with features no longer rolled out gradually. Overall, this build enhances update management, resolves audio issues, stabilizes app handling, and addresses freezes in essential components.

AppWizard

June 10, 2026

This hidden Gmail trick gives you virtually unlimited email IDs

In the digital age, users often consider creating new Gmail accounts to take advantage of subscription services and promotional offers. However, a simpler solution is to use Gmail aliases by adding a dot or a + sign to their existing email address. For example, variations like this.is.my.email@gmail.com or thisismyemail+ikea@gmail.com are recognized as the same address by Gmail. This method allows users to subscribe to services without creating new accounts and helps monitor the sharing of personal information. No special settings are required; users just need to modify their email before the @ symbol.