critical security updates Archives

Winsage

February 24, 2026

Support for Windows Server 2016 is coming to an end

Microsoft has announced the end of support for several Windows products launched in 2016, including Windows Server 2016, Windows 10 Enterprise 2016 LTSB, and Windows IoT Enterprise LTSB 2016. Windows Server 2016 has been in the extended support phase since January 2022, with security updates available until January 12, 2027. Windows 10 Enterprise 2016 LTSB and Windows IoT Enterprise LTSB 2016 will reach the end of their extended support on October 13, 2026. Microsoft offers the Extended Security Updates (ESU) program for these products, allowing critical security updates for a fee, with costs for Windows 10 Enterprise 2016 LTSB set to increase annually per device. ESU will also be available for Windows Server 2016, but pricing details are not yet released. Windows IoT Enterprise LTSB 2016 will receive extended support through hardware manufacturers, with terms and costs varying by supplier. Microsoft emphasizes that using unsupported software increases risks and that migrating to a newer version of Windows is the only long-term solution.

Winsage

February 19, 2026

Firefox is finally ending support for Windows 7, 8, and 8.1, and urges users to upgrade or switch to Linux

Mozilla has announced that "Firefox version 115 is the last supported Firefox version for users of Windows 7, Windows 8, and Windows 8.1." Support for these operating systems began phasing out in January 2023, with access to the Extended Support Release (ESR) for critical security updates available until the end of February 2023. Firefox will continue to support Windows 10 for the foreseeable future, but transitioning to Windows 11 may present challenges due to hardware requirements. Mozilla suggests considering a shift to a Linux-based operating system for users whose hardware cannot accommodate Windows 10 or higher, as most Linux distributions come with Firefox as the default browser.

Winsage

February 16, 2026

Microsoft changes how it manages MILLIONS of old printers

Microsoft has stopped distributing V3 and V4 printer drivers through Windows Update as of last month, affecting printers up to 12 years old. Support for these drivers will end in January 2026, as they were marked as deprecated in September 2023. Users with printers relying on these drivers may experience functionality issues after support ends. Printer manufacturers are now responsible for providing driver updates via their websites, but existing drivers will remain operational. Microsoft confirmed that vendor-supplied drivers can still be installed using separate packages. Most modern printers do not use V3 and V4 drivers, as they are typically over a decade old. Microsoft aims to enhance system security and streamline the printing process by phasing out outdated drivers. After July 2026, Windows will prioritize built-in printer drivers during installation, and from July 2027, manufacturers will no longer be able to submit driver updates to Windows, although Microsoft will continue to provide critical security updates for existing drivers.

Winsage

January 16, 2026

Easterly helms RSAC, Windows update problems, Police Copilot gaffe

Jen Easterly has been appointed as the new Chief Executive Officer of the RSA Conference. She is a cybersecurity expert and former Director of the Cybersecurity and Infrastructure Security Agency (CISA). Palo Alto Networks has released security updates for a vulnerability (CVE-2026-0227) with a CVSS score of 7.7 affecting its GlobalProtect Gateway and Portal, which can cause a denial-of-service condition in PAN-OS software. The January 2026 security update from Microsoft has caused connection and authentication failures in Azure Virtual Desktop and Windows 365, affecting users across various Windows versions. Microsoft is working on a resolution. The chief constable of West Midlands Police acknowledged an error by Microsoft’s Copilot AI in generating a fictional intelligence report. Microsoft has not confirmed Copilot's involvement. Britain’s National Cyber Security Centre (NCSC) has collaborated with Five Eyes partners to provide guidance on securing industrial operational technology, highlighting risks associated with remotely monitored systems. Kyowon, a South Korean conglomerate, confirmed a ransomware attack on January 10 that may have compromised customer information, affecting approximately 5.5 million members. Researchers at Varonis have identified a new attack technique called "Reprompt" that allows data exfiltration from Microsoft Copilot via a malicious link, exploiting a Parameter 2 Prompt (P2P) injection technique. Central Maine Healthcare is notifying over 145,000 patients about a data breach that compromised personal, treatment, and health insurance information, discovered on June 1.

Winsage

January 16, 2026

Windows Remote Assistance Vulnerability Allow Attacker to Bypass Security Features

Critical security updates have been released to address CVE-2026-20824, a vulnerability in Windows Remote Assistance that allows attackers to bypass the Mark of the Web (MOTW) defense system. This affects various Windows platforms, including Windows 10 and Windows Server 2025, and is rated with an Important severity level. The flaw enables unauthorized local attackers to circumvent MOTW defenses, posing risks to confidentiality. The vulnerability requires local access and user interaction for exploitation, often using social engineering tactics. Microsoft has issued security updates for 29 Windows configurations, including specific KB articles for affected versions of Windows 10, Windows 11, and Windows Server. Users are advised to apply the necessary patches, which are classified as “Required” customer actions. The vulnerability remains unexploited in the wild and was not publicly disclosed before the patches were released. Microsoft’s assessment categorizes it as “Exploitation Less Likely.”

Winsage

January 13, 2026

New Windows updates replace expiring Secure Boot certificates

Microsoft is enhancing security for Windows 11 24H2 and 25H2 users by automatically replacing expiring Secure Boot certificates on eligible devices. Secure Boot protects against malicious software by ensuring only trusted bootloaders are executed during startup. Many Secure Boot certificates are set to expire starting in June 2026, which could jeopardize secure booting capabilities if not updated. The update includes a mechanism to identify devices eligible for automatic receipt of new Secure Boot certificates. IT administrators are advised to install the new certificates to maintain Secure Boot functionality and prevent loss of security updates. Organizations can also deploy Secure Boot certificates through various methods. IT administrators should inventory their devices, verify Secure Boot status, and apply necessary firmware updates before installing Microsoft's certificate updates.

Winsage

January 1, 2026

Still relying on Windows 10? How YOU can secure free PC updates from Microsoft to stay safe this year

Microsoft has concluded support for Windows 10, with over 44% of PC users still operating on the OS. This poses potential risks for users, particularly as the end-of-support deadline approaches on October 14, 2025, when Microsoft will stop issuing free updates, increasing vulnerability to cyber threats. Microsoft has introduced the Extended Security Updates (ESU) program, offering security patches until October 13, 2026, at a cost of £22 for individual users and starting at £45 for businesses, with prices doubling in subsequent years. Users can also access ESU benefits through Microsoft Rewards Points or by performing a Windows Backup via OneDrive, which has a 5GB free limit. Research suggests that around 5 million individuals in the UK could be at risk due to continued reliance on Windows 10. The ESU program is available for users with Windows 10 devices running version 22H2.

Tech Optimizer

December 12, 2025

The digital impersonators: How cybercriminals hijack your brand to launch malvertising attacks

Brand trust is highly valued by consumers, leading cybercriminals to exploit it through malvertising, which embeds malicious code in legitimate ads. Malvertising can redirect users to phishing sites or download malware. Cybercriminals create fake ads that mimic trusted brands, targeting high-traffic moments and using real-time bidding to distribute these ads on reputable sites. The process involves setting up fake accounts, creating convincing ads, purchasing ad space, and delivering malware through exploit kits. The consequences include identity theft and financial loss for consumers, and reputational damage for brands. To protect against these threats, organizations should implement regular software updates, continuous employee training, protective tools, and consider partnering with managed service providers for enhanced security measures.

Winsage

November 26, 2025

How to make your ATMs Windows 11 ready

ATM operators are facing challenges in transitioning from Windows 10 to Windows 11 as support for Windows 10 ends. Many ATMs currently operate on various versions of Windows 10 IoT LTSC, including 2015, 2016, 2019, and 2021, each with different support lifecycles and upgrade paths. The most urgent concern is the Windows 10 IoT Enterprise LTSC/LTSB 2015, which will lose support on October 14, 2025. The readiness of ATM manufacturers for Windows 11 varies; Diebold Nixdorf and Hyosung have announced their support, while NCR Atleos has not provided public information on its plans. Effective migration to Windows 11 requires thorough planning and testing, as manual testing processes may be inefficient. Utilizing virtualization and automation can enhance testing capabilities, allowing for concurrent testing of multiple OS versions, automated regression testing, and remote access to testing environments. Advanced tools like VirtualATM can help organizations manage the upgrade process more effectively.

Winsage

November 26, 2025

Do Not Click—This Porn Site Installs Malware On Your Device

Attackers are using malicious emails with links to adult websites to exploit human curiosity and urgency, leading to the installation of harmful malware through deceptive update processes. Acronis has identified these "JackFix" attacks, which use screen hijacking techniques combined with ClickFix methods, presenting victims with fake Windows Update screens that claim to deliver critical security updates. This campaign leverages counterfeit adult websites as phishing mechanisms, increasing psychological pressure on victims to comply with prompts to install updates. The attack takes over the victim's screen and displays a convincing update interface, occurring entirely within the browser. Acronis advises users to avoid accessing adult sites through links in emails or messages and to navigate directly to these sites for safer browsing.