defect Archives

Winsage

May 15, 2026

Lilbits: A RISC-V router (crowdfunding), an E Ink color dev kit, and Windows 11 taskbar customization

Microsoft is reintroducing the option to reposition the taskbar in Windows 11, currently available only to Windows 11 Insider Preview program members using an experimental build. Additional customization options for the Start Menu are also being rolled out to Insiders. A crowdfunding initiative has launched for a WiFi router powered by a RISC-V processor and a modified version of OpenWrt, featuring a SpacemiT K1 RISC-V processor, 4GB of RAM, and 16GB of storage, priced at 9, with no delivery guarantee. M5Stack has launched a development kit with a 4-inch E Ink Spectra 6 color display, priced at , which includes a 1250 mAh battery, microSD card reader, speaker, microphone, and buttons. GEEKOM has upgraded its mini PC lineup with the A9 Max 2026 Edition, featuring a Ryzen AI 9 HX 470 chip for improved AI and CPU performance compared to the HX 370. Pine64 has warned of a defect in a batch of its PinePower V2 power supplies, which may display a 0V output under certain conditions, assuring users that the issue will be fixed in the next production batch.

Winsage

May 14, 2026

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

An anonymous cybersecurity researcher disclosed two new zero-day vulnerabilities affecting Microsoft systems: YellowKey and GreenPlasma. YellowKey is a BitLocker bypass that operates as a backdoor within the Windows Recovery Environment, impacting Windows 11 and Windows Server 2022/2025. Exploiting YellowKey involves copying specially crafted files to a USB drive, connecting it to a Windows computer, and rebooting into WinRE. The researcher expressed skepticism about Microsoft's response time to this vulnerability, noting that using TPM+PIN does not mitigate the risk. GreenPlasma is a privilege escalation vulnerability that allows an unprivileged user to obtain a shell with SYSTEM permissions through arbitrary section creation in Windows CTFMON. The proof-of-concept for this exploit is incomplete but indicates potential manipulation of trusted privileged services or drivers. Additionally, a related attack against BitLocker was detailed by French cybersecurity firm Intrinsec, which exploits a boot manager downgrade using CVE-2025-48804 to bypass encryption protections on fully patched Windows 11 systems. This method allows attackers to boot from a controlled WIM while the boot manager checks the legitimate one, executing with the decrypted BitLocker volume. Despite Microsoft releasing fixes for this defect in July 2025, a flaw in Secure Boot verification allows a vulnerable boot manager to bypass BitLocker safeguards. To mitigate these risks, enabling a BitLocker PIN at startup and migrating to a new boot manager certificate is recommended.

AppWizard

May 8, 2026

New Slay the Spire 2 update deletes its most controversial boss fight

The Doormaker has been removed from Mega Crit's Slay the Spire 2, replaced by a new boss named Aeonglass, which has unique abilities and starts with three stacks of Artifact. The game will now follow a two-week beta patch cycle instead of weekly updates to allow for more substantial changes and community feedback. The Defect class has received several buffs, including enhancements to its starter relic and damage increases for specific abilities, while the Silent class has experienced a minor nerf. New Neow relics have been introduced, and changes have been made to various enemies and their abilities. The Bestiary feature has been added, allowing players to study enemy types, and additional updates include new art, music, and bug fixes. The latest patch, version 0.105.0, is available on the beta branch for players.

Winsage

December 17, 2025

Microsoft security updates breaks MSMQ on older Win systems

Microsoft has acknowledged that Message Queuing (MSMQ) may fail on certain Windows 10 devices and older Windows Server versions after the December 2025 Security update. Reported issues include MSMQ queues becoming inactive, IIS sites generating "Insufficient resources to perform operation" errors, and applications failing to write to queues. System logs may show misleading messages about insufficient disk space or memory due to folder permissions and MSMQ's write access requirements. The root cause is linked to changes in the MSMQ security model and NTFS permissions for the C:WindowsSystem32MSMQstorage folder, which now requires write access typically restricted to administrators. This issue primarily affects Windows 10 versions 22H2 and earlier, as well as Windows Server versions 2012 to 2019, with minimal impact on Windows Home or Pro editions. Microsoft recommends contacting support for workarounds, and some users have resolved the issue by uninstalling the update, though this would remove security enhancements. The problems are confined to older operating systems often used by enterprises delaying upgrades.

AppWizard

November 18, 2025

The Best Android App Inspection Software for 2025

Finding the right Android app inspection software is essential for businesses focused on precise inspections and efficient processes. Android devices are favored for inspection operations due to their affordability, rugged design, and compatibility with inspection software, allowing inspectors to conduct assessments on-site and capture issues instantly. Key features of effective Android inspection software include customizable checklists, offline functionality, real-time data access, cloud storage, comprehensive reporting tools, and effective communication features. Various industries, such as facilities management, construction, and healthcare, benefit from mobile inspections to maintain safety and compliance. Environmental, Health, and Safety (EHS) tools are integrated into inspection software to enhance accuracy and accountability. The advantages of using Android app inspection software include improved efficiency, reduced errors, better compliance, enhanced team collaboration, increased visibility, and scalability for growing businesses. Many companies are moving away from Excel spreadsheets due to their limitations in structure, accuracy, and real-time capabilities. When choosing inspection software, businesses should consider team size, inspection types, reporting needs, customization, offline functionality, and support levels. Most providers offer free trials or demos for evaluation.

AppWizard

November 16, 2025

Roblox and Minecraft Lawsuit Says Developers ‘Weaponized’ Games To Drive Addiction and Excessive Spending

Shawna Goble has filed a lawsuit against video game companies, including Roblox and Microsoft, alleging they have "weaponized" their gaming platforms by embedding design features that promote excessive play and spending, particularly among minors. The lawsuit claims these companies use deceptive design tactics, referred to as "dark patterns," to exploit psychological vulnerabilities, leading to compulsive play and repeated microtransactions. Goble argues that these games operate more as conditioning systems than entertainment products, utilizing advanced data analytics to target players susceptible to addiction. The lawsuit includes various legal claims such as strict product liability and fraud. Additionally, the U.S. Judicial Panel on Multidistrict Litigation is set to hear arguments regarding the consolidation of federal video game addiction lawsuits, focusing on Fortnite, Roblox, and Minecraft, which are described as "gateway" games with addictive design strategies targeting children.

AppWizard

November 15, 2025

Former id Software artist argues performance and optimization is ‘as much of an art problem’ as a tech one: ‘Killzone 2 looks incredible today. FEAR looks incredible today’

Emanuel Palalic, the game director of Defect, discussed the game's optimization, highlighting that it has lenient system requirements with an RTX 2060 as the minimum specification. This contrasts with the trend of mandatory ray tracing in many contemporary titles. The game's soundtrack is described as "really exploring the extremes of distortion." Defect does not have an official release date, but players can add it to their wishlist on Steam.

AppWizard

November 10, 2025

Mick Gordon is asking ‘how heavy can we get it?’ in his first full game soundtrack since Doom Eternal: ‘I’m really exploring the extremes of distortion with this project’

Australian composer Mick Gordon is known for his distinctive future-metal sound in videogame music, particularly for his work on id Software's Wolfenstein and Doom. After parting ways with Bethesda, he has worked on various projects, including the soundtrack for Atomic Heart and recently announced his involvement in the soundtrack for the upcoming cyberpunk game Defect. The game features a sprawling metropolis and an omnipresent surveillance AI, drawing inspiration from the 2011 film Dredd. Gordon aims to integrate his musical style into Defect while experimenting with microtonal sounds and off-tempo beats. He plans to use synthesizers to create an immersive auditory experience that reflects the game's grim cityscapes. Gordon also cited the 1990 Teenage Mutant Ninja Turtles movie as an unexpected source of inspiration for capturing a nostalgic energy in his work. Players can wishlist Defect on Steam as they await its release.

Winsage

August 19, 2025

A Windows 11 update bug is breaking SSDs – here’s what you can do to prevent it

Microsoft's August update KB5063878 for Windows 11 has raised concerns among users regarding SSD storage devices, with reports indicating that certain SSDs may become undetectable by the system, potentially leading to file corruption. Initial reports suggest the issue occurs when SSDs are about 60% full after writing around 50GB of data, particularly affecting SSDs with Phison NAND controllers. Affected users have reported similar experiences on social media and Reddit, with indications that some HDDs may also be impacted. Microsoft has not confirmed any flaws associated with the update, and users are advised to consider postponing its installation. Additionally, some users faced error codes during installation, particularly via Windows Server Update Services, which Microsoft has since resolved. There are also reports of an error related to the "Microsoft Pluton Cryptographic Provider," which does not affect current functionality. Microsoft is encouraging Windows 10 users to upgrade to Windows 11 before the end of support in mid-October and has warned about the expiration of Windows Secure Boot certificates in June 2026.

Winsage

July 9, 2025

Microsoft Patch Tuesday addresses 130 vulnerabilities, none actively exploited

Microsoft addressed a total of 130 vulnerabilities in its latest Patch Tuesday initiative. A significant vulnerability in SQL Server, identified as CVE-2025-49719, has a CVSS score of 7.5 and is due to improper input validation, potentially allowing unauthorized access to sensitive data. It affects SQL Server versions from 2016 to 2022. Another critical vulnerability, CVE-2025-47981, has a CVSS score of 9.8 and allows unauthenticated remote code execution without user interaction. This vulnerability poses a high risk due to its low attack complexity and potential for lateral movement within networks. Additionally, the update includes 16 vulnerabilities affecting Microsoft Office, with four categorized as more likely to be exploited.