cybersecurity vulnerabilities Archives

Winsage

December 6, 2025

Vast Number of Windows Users Refusing to Upgrade After Microsoft’s Embrace of AI Slop

Microsoft has discontinued support for Windows 10, which still runs on approximately 1 billion PCs, with about 500 million eligible for an upgrade to Windows 11. Many users are resistant to upgrading due to dissatisfaction with the new interface, compatibility issues, intrusive advertisements, and aggressive AI integration. The potential for cybersecurity vulnerabilities increases as Windows 10 is no longer supported, and an estimated 1.6 billion pounds of electronic waste may result from this discontinuation. Microsoft is pursuing an "AI PC" vision, aiming to integrate AI features into the operating system, while acknowledging user feedback and concerns about usability.

Winsage

October 6, 2025

Windows 11 vs Windows 10

Microsoft is ending support for Windows 10, encouraging users to upgrade to Windows 11, which features improved multitasking, AI integration, and a refined interface. Windows 11 requires a Trusted Platform Module (TPM) 2.0 chip and at least an Intel 8th-generation or AMD Ryzen 2000 series processor, meaning many older PCs will not receive security updates after October 14, 2025. The new interface utilizes the Fluent Design System and Mica, which adjusts window colors based on wallpaper. Windows 11 introduces Snap Layouts and Snap Groups for better window management, and replaces Cortana with Copilot, an AI assistant that enhances user interaction. Gaming features include Auto HDR and DirectStorage for improved performance. Microsoft is making adjustments based on user feedback, such as reinstating the search bar and making Recall an opt-in feature.

Winsage

July 15, 2025

Cyber Agency—50% Of Microsoft Windows PCs ‘Vulnerable To Attack’

Microsoft has decided to extend the life of Windows 10, affecting approximately 700 million users, with around 250 million lacking the necessary hardware for Windows 11. About 50% of users are still on Windows 10, leading to concerns about cybersecurity vulnerabilities. The National Cyber Security Centre (NCSC) has warned that devices not meeting Windows 11 requirements are vulnerable to attacks and highlighted the risks of remaining on Windows 10, referencing the WannaCry ransomware attack as an example. Despite Microsoft's efforts to encourage upgrades, many users are hesitant to change, and the NCSC suggests that the inertia of users may pose the greatest threat to security.

Winsage

April 2, 2025

Microsoft’s Free Upgrade Deadline—Millions Of Windows Users Suddenly Move

Microsoft has made significant changes to Windows, including the elimination of passwords and new account access methods, while warning users about risks like data breaches and identity theft. Windows 10 users face an urgent transition as support ends in six months, with a free upgrade to Windows 11 available for eligible PCs. Recent data shows a 4% increase in Windows 10 users switching to Windows 11, with Windows 10's market share dropping to 54% and Windows 11 rising to over 40%. However, security hardware requirements may prevent some users from upgrading, potentially affecting around 240 million PCs. Users can purchase a 12-month extension for home use, while business users may incur higher fees for extended support. After the support deadline, Microsoft will stop providing updates and security fixes for Windows 10, increasing cybersecurity vulnerabilities. Transitioning to Windows 11 is crucial for users to access the latest security features.

Winsage

March 7, 2025

NHS cyber security concerns raised about move to Windows 11

Concerns are rising about cybersecurity vulnerabilities in the NHS as it transitions to Windows 11, especially since Microsoft will stop security updates for Windows 10 on October 14, 2025. Many NHS institutions are facing hardware limitations that may hinder this upgrade. The NHS's device configuration has shifted from approximately 70% desktop PCs and 30% laptops to an estimated 80% laptops, many of which are now five years old due to the pandemic-related distribution surge. This aging technology poses significant risks, as the NHS capital budget has not increased to address the need for updates. A spokesperson for NHS England confirmed a five-year deal with Microsoft for security solutions, urging organizations to transition to Windows 11 before the end of Windows 10 support. Additionally, a 2022 British Medical Association report indicated that over 13.5 million hours of doctors' time were lost annually due to inadequate IT systems, with 80% of doctors believing that improved IT infrastructure would help address backlogs.

Winsage

August 21, 2024

Microsoft will release controversial Windows Recall AI search feature to testers in October

Microsoft plans to roll out its Recall artificial intelligence search feature for Windows users, with testing starting in October. Recall allows users to search for previously viewed information through screenshots captured during their activity. The feature will be disabled by default to address security concerns regarding automatic image capturing without user consent. Recall will be available on devices that meet the requirements for Copilot+ PCs, which are designed to handle AI workloads locally. Microsoft has not specified a timeline for a broader release but aims for availability by the holiday season. The company is focusing on security, incorporating cybersecurity contributions into employee performance evaluations, and has emphasized that security remains a top priority.

Winsage

August 6, 2024

Bad apps bypass Windows alerts for six years using LNK files

Elastic Security Labs has identified techniques that malicious actors may use to bypass Windows security alerts, particularly targeting Windows SmartScreen and Smart App Control (SAC). One method, known as "LNK Stomping," exploits a flaw in how Windows handles shortcut files (.LNK) to nullify the Mark of the Web (MotW) tag, which indicates potentially dangerous files. This technique allows malware to evade detection since SmartScreen only scans files with the MotW tag. The technique involves creating LNK files with unconventional target paths, prompting Windows Explorer to correct these discrepancies and remove the MotW tag. Desimone noted that this vulnerability has been present for over six years, with samples found in VirusTotal. Other methods to bypass reputation-based protections include signing malicious applications with code-signing certificates, Reputation Hijacking, Reputation Seeding, and Reputation Tampering. These methods manipulate legitimate programs or create seemingly trustworthy binaries to exploit vulnerabilities in the system.