critical security updates Archives

Winsage

April 10, 2025

Microsoft’s Free Upgrade Offer For 500 Million Windows Users

Microsoft has announced that Windows 10 will reach its end-of-life date on October 14, leaving approximately 750 million users vulnerable without critical security updates unless they opt for paid support. Currently, 53% of users, or around 240 million, are still on Windows 10 and may lack the hardware for a free upgrade to Windows 11. A critical zero-day vulnerability, CVE-2025-29824, poses risks to Windows 10 users, and Microsoft has indicated that outdated versions will not receive necessary security patches. Recent updates to Windows 10 have caused issues, including the removal of certain features and bugs affecting Outlook Calendar and Office 2016 applications.

Winsage

March 24, 2025

Windows 10 Support is Ending; Here’s What You Need to Do Next

Microsoft will end support for Windows 10 on October 14, 2025. After this date, Windows 10 PCs will still function but will not receive security updates or bug fixes, leading to potential vulnerabilities and compatibility issues. Microsoft is encouraging users to upgrade to Windows 11, which currently has a market share of 38%. Users can maintain security by keeping antivirus software and browsers updated, and Google Chrome will continue to receive updates on Windows 10. Microsoft offers an Extended Security Update (ESU) program for Windows 10, providing critical updates for a fee, with the first year starting on November 11, 2025, and ending on October 13, 2026. Consumers will need to upgrade to Windows 11 by October 2026 unless further extensions are announced. There are methods to bypass Windows 11's hardware requirements, such as using tools like Rufus or Registry workarounds. Alternatives to upgrading include Chrome OS Flex and Linux Mint, both of which offer user-friendly environments for continued computing tasks.

Tech Optimizer

March 18, 2025

Use pgactive for rolling major version upgrades in Amazon RDS for PostgreSQL

pgactive enables rolling major version upgrades for Amazon RDS for PostgreSQL, allowing for a smoother transition with reduced impact on applications. Amazon RDS supports both minor and major version upgrades, with minor upgrades being backward-compatible and major upgrades introducing non-backward-compatible features. Downtime during minor upgrades can be minimized using Amazon RDS Proxy or PgBouncer. For major upgrades, a blue/green deployment option is available, which involves provisioning a new DB instance and validating the upgrade. The pgactive extension allows for active-active replication, enabling all nodes to handle read and write operations simultaneously. It includes features like conflict detection and resolution. Key benefits of using pgactive for database upgrades include multi-tenant support, minimal downtime, and seamless rollback capabilities. To perform a major version upgrade using pgactive, the process involves setting up source and target databases, configuring pgactive parameters, and verifying data replication. Specific commands are provided for creating and modifying databases, setting up user mappings, and initializing the replication group. Limitations of pgactive include handling sequences, materialized views, DDL replication, existing logical replication, and tables without primary keys. Monitoring replication lag is crucial for diagnosing potential issues, and alerts should be set up for active status and pending WAL files. In case of a rollback, the application can be pointed back to the old primary database. After the upgrade, resources should be cleaned up to avoid incurring charges.

Tech Optimizer

February 27, 2025

Upgrade strategies for Amazon Aurora PostgreSQL and Amazon RDS for PostgreSQL 12

Standard support for Amazon Aurora PostgreSQL-Compatible Edition and Amazon RDS for PostgreSQL version 12 will end on February 28, 2025. The final update for PostgreSQL 12, version 12.22, was released on November 21, 2024. PostgreSQL follows an annual major version release cycle, supporting each version for five years post-release. Upgrading to newer major versions requires careful planning and testing to ensure application compatibility. New features in higher PostgreSQL versions include performance improvements, enhanced security, and new functionalities. Aurora PostgreSQL now supports AWS Graviton4 instances, which provide up to 40% performance improvement over Graviton3 instances. Recommended upgrades include moving to PostgreSQL 16 or newer, with options for in-place upgrades, blue/green deployments, and out-of-place upgrades. Amazon RDS Extended Support allows continued operation on a major version beyond the standard support end date, available at an additional cost. Extended Support for Aurora PostgreSQL 12.x and Amazon RDS for PostgreSQL 12.x will incur charges starting March 1, 2025, and will cease upon upgrading.

Winsage

February 5, 2025

Microsoft is cracking down on unsupported Windows 11 installs

A support document on installing Windows 11 on unsupported PCs has been removed from Microsoft's website. This document previously provided a method for users to bypass the mandatory TPM 2.0 requirement by modifying registry key values, but its removal indicates a shift in Microsoft's stance against this workaround. The end of support for Windows 10 is approaching, leaving many users on older PCs vulnerable to security risks. The original support article can still be accessed via the Internet Archive’s Wayback Machine.

Winsage

February 4, 2025

Windows 11 may have just kickstarted 2025’s biggest comeback story

Windows 11 has reached a market share of 36.65% among Windows desktop users, the highest since its launch on October 5, 2021. In contrast, Windows 10 holds a 60.33% share. The increase in Windows 11 adoption is attributed to new purchases during the holiday season, with historical data showing growth from 16.97% to 18.12% between December 2022 and January 2023, and from 26.54% to 27.83% between December 2023 and January 2024. Despite fluctuations in user numbers throughout 2024, it is expected that Windows 11's market share will continue to rise, especially with the end-of-support for Windows 10 approaching on October 14. Windows 10 users will lose access to critical security updates and technical support after October 2025 unless they pay for Microsoft's Extended Security Updates. Additionally, potential increases in hardware prices may prompt users to upgrade to meet Windows 11's requirements.

Winsage

February 3, 2025

Microsoft Warns 400 Million Users—Do Not Update Windows

More than 800 million Microsoft users are facing significant changes as the company ends critical security updates this October. The user base is divided into two groups: those unwilling to update and those unable due to older PCs that do not meet Windows 11's security requirements. Microsoft recommends that users with incompatible PCs invest in new ones. While all users can opt for extended support, many may resist paying extra fees, risking loss of support. Microsoft has removed the official workaround that allowed unsupported PCs to bypass CPU and TPM requirements for upgrading to Windows 11. This change follows the release of Windows 11 24H2, indicating a discouragement of upgrades on unsupported devices. Previously, users could modify the registry to bypass these checks, but this required technical knowledge and was not endorsed for all users. Microsoft warns against installing Windows 11 on devices that do not meet minimum requirements, highlighting potential risks such as loss of support and diminished functionality.

Winsage

December 17, 2024

FBI spots HiatusRAT malware attacks targeting web cameras, DVRs

The FBI has issued a warning about HiatusRAT malware that targets vulnerable web cameras and DVRs, particularly focusing on Chinese-branded devices lacking security updates. In March 2024, HiatusRAT actors conducted a scanning campaign against Internet of Things (IoT) devices in the US, Australia, Canada, New Zealand, and the UK. They exploit known vulnerabilities, including CVE-2017-7921, CVE-2018-9995, CVE-2020-25078, CVE-2021-33044, and CVE-2021-36260, as well as weak vendor-supplied passwords. Primary targets include Hikvision and Xiongmai devices with telnet access. Attackers use tools like Ingram and Medusa to exploit devices with exposed TCP ports such as 23, 26, 554, 2323, 567, 5523, 8080, 9530, and 56575. The FBI recommends limiting the use of affected devices and isolating them from broader networks. Previous attacks linked to HiatusRAT include targeting a Defense Department server and compromising businesses through DrayTek Vigor VPN routers. Lumen, a cybersecurity firm, noted that HiatusRAT is designed to deploy additional payloads and turn compromised systems into SOCKS5 proxies. The targeting strategy aligns with broader Chinese strategic interests as highlighted in the 2023 annual threat assessment by the Office of the Director of National Intelligence.

Winsage

December 11, 2024

Microsoft will officially watermark old PCs that install Windows 11

Microsoft has adjusted its eligibility criteria for Windows 11, allowing installation on machines that do not meet the hardware specifications, despite previously tightening requirements by mandating TPM 2.0. While the company does not endorse this practice, it acknowledges that some users may want to proceed, warning that such installations will not receive critical security updates and will increase vulnerability to cyber threats. A watermark will be added to the desktop, and a notification will appear in Settings to indicate non-compliance with hardware requirements. Users can revert to Windows 10 if they encounter issues after upgrading, with a straightforward recovery process available. This change comes as Microsoft prepares to end support for Windows 10, affecting millions of machines globally in October next year.

Winsage

December 5, 2024

Microsoft kills hope old PCs will run Windows 11 as death of world’s most popular OS nears

Microsoft has announced stringent hardware requirements for Windows 11, mandating TPM 2.0, which has barred many older systems from upgrading. This decision creates a divide between modern and outdated hardware and raises concerns for Windows 10 users, as support for that operating system will end in October 2025. Windows 11 has a slower adoption rate, with Windows 10 holding a 61.8% market share compared to Windows 11's 34.9%. The transition may result in approximately 240 million PCs being discarded, raising sustainability concerns. Microsoft is expected to increase promotions for Windows 11 within the Windows 10 interface to encourage upgrades.