DHCP Archives

Winsage

February 23, 2025

The Windows Concept Journey — ICS (Internet Connection Sharing)

Internet Connection Sharing (ICS) is a feature in Windows that allows a device with internet access to share its connection with other devices on a local area network (LAN). To enable or disable ICS, users can go to the Control Panel, access "Network Connections," right-click on the LAN or Wi-Fi device, select "Properties," click on the "Sharing" tab, and toggle the checkbox for "Allow other network users to connect through this computer’s Internet connection." ICS can also be configured using PowerShell or the netsh.exe command. It provides services such as DHCP and NAT and can share various connection types, including dial-up, PPPoE, and VPN. ICS has been integrated with UPnP since Windows XP for remote discovery and control. The settings for ICS are stored in the Windows registry at "HKLMSOFTWAREPoliciesMicrosoftWindowsNetwork Connections."

Winsage

February 12, 2025

Microsoft takes it easy on February’s Patch Tuesday

Microsoft released a total of 63 patches in February, including six previously released ones. Two vulnerabilities, CVE-2025-21418 (CVSS 7.8) and CVE-2025-21391 (CVSS 7.1), are actively exploited and require local access and authentication for exploitation. CVE-2025-21418 affects the Windows Ancillary Function Driver for Winsock, allowing attackers to gain SYSTEM-level privileges on Windows 10, 11, and various Windows Server versions. CVE-2025-21391 affects Windows Storage, enabling local attackers to delete files under certain conditions. Two publicly known vulnerabilities, CVE-2025-21194 (CVSS 7.1) and CVE-2025-21377 (CVSS 6.5), have not yet been exploited. CVE-2025-21194 exposes PCs to potential hypervisor and secure kernel compromises, while CVE-2025-21377 risks leaking a user's NTLMv2 hash with minimal user interaction. CVE-2025-21198, rated at CVSS 9.0, allows remote code execution in high-performance computing infrastructures, requiring network access to a targeted HPC cluster. Excel users should address five patches rated at 7.8, particularly CVE-2025-21381, which has potential for remote code execution through local attack vectors. As of February 11, administrators must configure the StrongCertificateBindingEnforcement registry key on domain controllers to avoid transitioning to Full Enforcement mode by February 2025. CVE-2025-21177 (CVSS 8.7) has been fully mitigated by Microsoft. Adobe released 45 updates, with 31 addressing vulnerabilities in Adobe Commerce, and critical patches for InDesign and Illustrator. SAP issued 21 patches affecting NetWeaver and addressing cross-site scripting issues. Fortinet released security updates for various products, including a critical authentication bypass vulnerability in FortiOS and FortiProxy (CVSS 9.6).

Winsage

February 12, 2025

Microsoft Patch Tuesday February 2025 – 61 Vulnerabilities Fixed, 3 Actively Exploited in the Wild

Microsoft's February Patch Tuesday update addresses 61 vulnerabilities, including 25 critical Remote Code Execution (RCE) vulnerabilities. Three of these are zero-days, actively exploited before the update: 1. CVE-2023-24932: Secure Boot security feature bypass requiring physical access or administrative rights. 2. CVE-2025-21391: Windows Storage elevation of privilege vulnerability that could lead to data deletion. 3. CVE-2025-21418: Vulnerability in Windows Ancillary Function Driver for WinSock allowing privilege escalation. Critical vulnerabilities include: - CVE-2025-21376: Windows LDAP RCE vulnerability. - CVE-2025-21379: RCE vulnerability in DHCP Client Service. - CVE-2025-21381: RCE vulnerability in Microsoft Excel. The update also addresses additional vulnerabilities related to remote code execution, elevation of privilege, denial of service, security feature bypass, spoofing, and information disclosure across various Microsoft products. Microsoft advises immediate application of the updates to mitigate risks.

Winsage

February 12, 2025

Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE’s Fixed

Microsoft released its February 2025 Patch Tuesday security updates, addressing over 61 vulnerabilities across its products. The updates include: - 25 Remote Code Execution vulnerabilities - 14 Elevation of Privilege vulnerabilities - 6 Denial of Service vulnerabilities - 4 Security Feature Bypass vulnerabilities - 2 Spoofing vulnerabilities - 1 Information Disclosure vulnerability Notable critical vulnerabilities include: - CVE-2025-21376: Remote code execution risk via LDAP protocol. - CVE-2025-21379: Flaw in DHCP client service allowing system compromise via crafted network packets. - CVE-2025-21381, CVE-2025-21386, CVE-2025-21387: Multiple vulnerabilities in Microsoft Excel enabling code execution through specially crafted files. - CVE-2025-21406, CVE-2025-21407: Vulnerabilities in Windows Telephony Service allowing remote code execution. Two vulnerabilities confirmed as actively exploited: - CVE-2023-24932: Bypass of Secure Boot protections. - CVE-2025-21391: Elevated privileges on affected systems. - CVE-2025-21418: Gain SYSTEM privileges through exploitation. Other notable fixes include vulnerabilities in Visual Studio and Microsoft Office that could lead to remote code execution. Users can apply updates via Windows Update, Microsoft Update Catalog, or WSUS. Microsoft emphasizes the urgency of these updates due to the active exploitation of certain vulnerabilities.

Winsage

December 21, 2024

How to setup IPAM on Windows Server

IP Address Management (IPAM) in Windows Server automates and centralizes the management of IP address infrastructure, allowing administrators to monitor, manage, and audit DHCP and DNS servers. Setting up IPAM involves several steps: verifying prerequisites (supported Windows Server version, active directory domain, and operational DHCP/DNS roles), installing IPAM through Server Manager or command prompt, configuring IPAM for file sharing and access settings, configuring server discovery, and managing servers and settings. To add an IP address to IPAM, users access the IPAM console, navigate to the IP Address Space section, select the desired IP Address block, and provide necessary details before saving the changes.

Winsage

December 6, 2024

Previewing More Copilot+ Experiences with Windows Insiders in the Dev Channel

Windows 11 Insider Preview Build 26120.2510 (KB5048780) has been released to the Dev Channel, introducing new features for AMD and Intel®-powered Copilot+ PCs, including the Recall feature and an expansion of Click to Do (Preview). To join the Dev Channel, users must register for the Windows Insider Program, link their Microsoft account, select the Dev Channel, and check for updates. The Recall feature allows users to find apps, websites, images, or documents by describing their content and includes timeline control for revisiting past activities. The Cocreator feature in Microsoft Paint enables AI-assisted artwork generation from text prompts. The Photos app has been updated with Image Creator and Restyle Image features for generating new images and applying artistic styles to existing photos, respectively. Click to Do has been enhanced with new activation methods and intelligent text actions, allowing users to summarize or rewrite text. Additional changes include a modernized Windows Hello experience, improvements to the system tray, and various fixes for audio and application stability. Known issues include problems with Recall and Click to Do functionalities, which will be addressed in future updates. The Microsoft Store now supports direct updates for Win32 apps.

Winsage

November 13, 2024

Microsoft’s November Patch Tuesday squashes several bugs in Windows 11 24H2

The recent Patch Tuesday update for Windows 11 24H2, identified as KB5046617, addresses various bugs in the Windows 11 2024 edition. Key fixes include resolving a connectivity issue related to DHCP servers, correcting a flaw in the Task Manager that displayed zero processes when grouped by type, and fixing a black screen problem when using the Alt+Tab shortcut. The update also rectifies a glitch in the Windows Disk Cleanup tool that inaccurately reported free storage space and resolves an issue in the Windows Subsystem for Linux (WSL) affecting access to Dev Drives. Despite these improvements, Microsoft acknowledges ongoing issues, including update difficulties on some Asus PCs, unresponsive camera applications, problems with the Safe Exam Browser, blue screens from the Easy Anti-Cheat application, compatibility issues with specific Intel drivers, and sporadic unresponsiveness in the Asphalt 8 game. The update has been temporarily blocked for affected devices until fixes are implemented. Additionally, the update addresses nearly 100 security vulnerabilities and introduces new features, including a customizable Copilot keyboard key. The update installs automatically, but users can also check for it manually in Settings under Windows Update.

Winsage

November 13, 2024

Windows 11 KB5046617 and KB5046633 cumulative updates released

Microsoft has released two cumulative updates for Windows 11: KB5046617 for version 24H2 and KB5046633 for version 23H2. The updates address security vulnerabilities and system issues. After installation, the build number for 24H2 will be 26100.2314 and for 23H2 will be 22631.4460. Key fixes include: - Task Manager: Accurate group count on the Processes tab. - WSL: Access to Dev Drive without issues. - Internet connection: Resolved duplicate DHCP options affecting IPv4 connections. - Notifications: Option to disable suggestions from specific apps. - Wi-Fi password dialog: Updated visual design. - Narrator: New shortcut to copy last spoken content and auto-read email contents in new Outlook. - Start menu: "All apps" section renamed to "All." - ALT + Tab: Fixed black screen issue when switching windows. - Scanning apps: Correct detection of connected scanners. - Web sign-in: Resolved unresponsive screen issue. - Copilot key settings: Configuration options for opening applications or Search. - Windows Disk Cleanup app: Improved accuracy of free space estimates. For version 23H2, similar fixes include disabling notification suggestions, renaming "All apps," new Narrator features, Copilot key configuration, battery consumption fixes during Modern Standby, Microsoft Teams meeting access from Outlook reminders, added product activation phone numbers, and resolved printing issues with Multi-Function Printers (MFP). Users are advised to install these updates to address four actively exploited vulnerabilities.

Winsage

November 13, 2024

Say goodbye to the Copilot key on Windows 11, or at least say hello to the option to make the key open other apps

Microsoft has released the KB5046617 Patch Tuesday update for Windows 11, elevating the OS to Build 26100.2314 for users on the 24H2 version. This update allows users to reprogram the Copilot key on compatible keyboards to launch any application within a signed MSIX package. It includes all improvements from the previous KB5044384 preview update and addresses several issues, such as fixing an error in Task Manager, restoring access to the Dev Drive for WSL, and resolving connectivity problems related to duplicate DHCP options. A known issue for Arm device users playing Roblox persists, with a workaround available. Users can install the update via Windows Update or the Microsoft Update Catalog. Additional updates in Build 26100.2161 include new notification settings, a redesigned Wi-Fi password dialog, a new Narrator shortcut, renaming of the "All apps" section in the Start menu, and fixes for web sign-in issues and the Copilot key settings. Improvements have also been made to the Windows Disk Cleanup app.

Winsage

November 5, 2024

Windows 11 build 26120.2213 (KB5045885) fixes multi-monitor desktop background and more

Microsoft has released the Windows 11 Insider Preview Build 26120.2213 (KB5045885) in the Dev Channel. Key changes include the temporary suspension of the Gamepad keyboard feature, improvements to the Start menu, and enhancements for users typing in Chinese or Japanese, such as hiding the IME toolbar in full-screen mode. Fixes include enhanced reliability and corrected spacing in the Start menu, adjustments in File Explorer for navigation pane padding and RAW image display, taskbar improvements including a search box for auto-hide settings, and general fixes for all users addressing game launch issues and Task Manager display problems. Known issues include a problem with desktop backgrounds not displaying correctly across multiple monitors. Windows Insiders receive updates based on Windows 11, version 24H2, with features rolled out gradually and subject to change based on feedback.