elevated permissions Archives

Tech Optimizer

May 21, 2026

Nvidia tells users to update GPU drivers now or face possible attack — here’s what we know

NVIDIA has released an update to its GPU display drivers that addresses 14 vulnerabilities across its product lines, including GeForce, RTX, Quadro, Tesla, NVS, vGPU, and Cloud Gaming software. The most critical vulnerability is CVE‑2026‑24187, a high-severity use-after-free bug rated 8.8 out of 10, which could allow code execution, privilege escalation, data theft, or system crashes. Linux systems are vulnerable due to improper access to GPU resources at the kernel level, while Windows systems are at risk from a timing flaw. Two vulnerabilities in NVIDIA’s Unified Virtual Memory subsystem on Linux could lead to denial-of-service attacks without elevated permissions. The vGPU software also received patches for vulnerabilities in its virtual GPU manager component. Users can download the updated drivers from the NVIDIA Driver Downloads page or the NVIDIA Licensing Portal, with Windows users needing version 569.49 or newer and Linux users needing version 590.48.01. Users are advised to maintain their antivirus programs for enhanced security. NVIDIA thanked external security researchers for their responsible disclosure of these vulnerabilities.

AppWizard

May 15, 2026

Android 16 VPN Bypass Lets Apps Reveal Users’ Real IP Address

A security vulnerability in Android 16 allows malicious applications to expose a user's real IP address, even with "Always-On VPN" and "Block connections without VPN" features activated. Discovered by security researcher 0x33c0unt and disclosed on April 30, 2026, the flaw exploits the registerQuicConnectionClosePayload feature, which lacks permission checks. This vulnerability has been verified on a Pixel 8 with Proton VPN active. Google has not released a patch, but users can disable the feature via ADB commands.

AppWizard

April 28, 2026

10,000 Users Exposed As Fake Document Reader App Delivers Anatsa Banking Trojan

Security researchers from ThreatLabz discovered a malicious document reader app on the Google Play Store that delivered the Anatsa Android banking trojan. The app, which had over 10,000 downloads before its removal, disguised itself as a legitimate file management tool using the package name com.groundstation.informationcontrol.filestationbrowsefilesreaddocs. It employed a "dropper" technique to hide its malicious code, connecting to an external server to retrieve the malware payload after installation. Anatsa is designed to steal financial information by overlaying a fake login screen over legitimate banking apps, capturing user credentials and enabling unauthorized transactions. Users are advised to delete the app and monitor their financial accounts. Technical indicators for identifying infections include the Anatsa Installer SHA256 (5c9b09819b196970a867b1d459f9053da38a6a2721f21264324e0a8ffef01e20), Payload URL (http://23.251.108[.]10:8080/privacy.txt), Payload SHA256 Hash (88fd72ac0cdab37c74ce14901c5daf214bd54f64e0e68093526a0076df4e042f), and Command and Control servers (http://172.86.91[.]94/api/ and http://193.24.123[.]18:85/api/).

Winsage

April 18, 2026

‘They mopped the floor with me and pulled every childish game they could’: Disgruntled researcher releases second major Windows zero-day — claims Microsoft ‘would ruin my life, and they did’

A new zero-day vulnerability in Microsoft Defender has been disclosed by a researcher known as "Chaotic Eclipse," who has created a proof-of-concept exploit called "RedSun." This vulnerability allows local privilege escalation to SYSTEM level on Windows 10, Windows 11, and Windows Server when Microsoft Defender is active. The vulnerability has attracted attention from antivirus vendors, with some detecting it on VirusTotal due to an embedded EIRCAR in the executable. Chaotic Eclipse previously disclosed another vulnerability named BlueHammer, which also allowed local attackers to gain SYSTEM or elevated permissions. The researcher expressed dissatisfaction with Microsoft's vulnerability disclosure process, recounting negative interactions with the company. A Microsoft spokesperson stated the company's commitment to investigating security issues and supporting coordinated vulnerability disclosure.

Winsage

April 11, 2026

“We have discontinued SaRA”: Microsoft replaces its Windows 11 Recovery Assistant — here’s how to transition to Microsoft’s modern command-line replacement.

Microsoft has phased out the Support and Recovery Assistant (SaRA) utility with the March 2026 Security Update for Windows 11, replacing it with the new "Get Help" command-line tool. The SaRA was designed to troubleshoot and resolve common issues affecting Windows 11 and Microsoft 365 applications. Users are now encouraged to use the Get Help command-line tool, which offers enhanced functionality and security. To use the Get Help tool, users must download the files, extract them, and run specific commands in the Command Prompt. The tool addresses various issues, including Microsoft 365 activation challenges and Outlook profile errors.

Winsage

February 17, 2026

How to Uninstall and Reinstall Chrome on Windows 11 Using Winget CMD

Google Chrome can experience performance issues on Windows due to corrupted profiles, extension conflicts, broken updates, and crashes. A complete uninstall and reinstall often resolves these issues, and the Windows Package Manager (Winget) provides a command-line method for this process. To uninstall Chrome using Winget, open Terminal as an administrator and run the command PLACEHOLDER7836d906c03bd8f1. After uninstallation, verify it with PLACEHOLDER30cf24d62406b8ee, then reinstall using PLACEHOLDER76e40aae6965d719. For a clean reinstall, delete the leftover user data folder at PLACEHOLDER142352b706501488. Commands: - Check installed version: winget list Google.Chrome - Uninstall Chrome: winget uninstall Google.Chrome - Verify removal: winget list Google.Chrome - Reinstall Chrome: winget install Google.Chrome - Silent install: winget install Google.Chrome --silent - Delete leftover data: rmdir /s /q "%LocalAppData%GoogleChrome" Before executing commands, ensure Winget is available and updated, and that you have administrator privileges. Backup data by enabling Chrome Sync. Close Chrome completely before uninstalling to avoid process interference. A clean reinstall involves deleting the Chrome user data folder, which removes bookmarks, passwords, and other stored data. Winget is faster and more suitable for scripting and remote management compared to traditional uninstall methods through the Settings app or Control Panel. Common troubleshooting for Winget includes handling errors related to package recognition, installation blocks, and access issues. If uninstalling fails, terminate any running Chrome processes and retry the command. If unsuccessful, use the Settings app for removal and then Winget for reinstallation.

Winsage

January 30, 2026

Windows 11 KB5074105 update fixes boot, sign-in, and activation issues

Microsoft has released the KB5074105 preview cumulative update for Windows 11, which includes 32 enhancements to improve user experience. This optional update allows administrators to test upcoming fixes and features before the next Patch Tuesday. It addresses issues such as Explorer.exe hanging during login with specific startup apps, system unresponsiveness during startup with Windows Boot Manager debugging enabled, iSCSI boot failures, and problems with Windows license migrations during upgrades. The update elevates Windows 11 25H2 and 24H2 devices to builds 26200.7705 and 26100.7705, respectively. Key highlights include enhanced Cross-Device Resume functionality, support for peripheral fingerprint sensors in Windows Hello Enhanced Sign-in Security, fixes for unresponsiveness when running Windows Terminal with elevated permissions, resolution of GPU-related system errors, and improvements to Windows Sandbox. Microsoft will also introduce distinct identifiers for Windows 11 and Windows Server 2025 updates starting with the January 2026 security update, and has simplified update titles for better accessibility.

Winsage

December 14, 2025

My top 17 Windows 11 features introduced in 2025 — personal picks from cleaner UI experiences to major PC gaming upgrades

- Windows 11 received numerous enhancements in 2025 through monthly cumulative updates. - The revamped Start menu consolidates Pinned, Recommended, and All sections into a single scrollable interface, allowing up to eight pinned items per row. - The Recommended section can showcase up to six app and file suggestions, with an option to disable it. - The All section organizes apps by category by default, with options for grid or list view. - A redesigned Widgets board integrates a new settings page, allowing users to select which board opens by default. - Users can customize Lock Screen widgets through a new section under Personalization. - A new setting allows users to reposition on-screen hardware indicators for brightness and volume. - A dedicated page for Virtual Workspaces in the Settings app centralizes virtualization controls. - Users can opt for smaller icons on the Taskbar for a more compact arrangement of app buttons. - A new sharing shortcut allows users to send files to compatible apps directly from recent file icons. - An option to disable the "Drag Tray" has been added in the Nearby Sharing settings. - The Notification Center now supports a large clock with seconds and multiple clocks. - The Windows Hello interface has been redesigned with animations for better user engagement. - Support for third-party passkey providers has been integrated into Windows Hello. - A new security feature, Administrator Protection, adds an authentication prompt for actions requiring elevation. - Quick Machine Recovery is designed to repair the operating system during boot failures. - Windows Backup now supports local file transfers during new device setup. - The Xbox Full Screen Experience has been tailored for handheld gaming devices. - A battery percentage display has been added to the Taskbar, along with new battery iconography. - Multi-stream support for cameras allows multiple applications to access the same camera feed simultaneously.

Winsage

November 7, 2025

How to improve Windows 11 security using Administrator Protection — shielding your PC with a switch buried in its settings

Windows 11 will introduce a security feature called Administrator Protection with the November 2025 Patch Tuesday Update. This feature requires an authorization dialog via Windows Hello for unsigned or untrusted applications seeking elevated permissions. To configure Administrator Protection using Group Policy, users must navigate to Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options, select "Admin Approval Mode with Administrator protection," and reboot the device. Alternatively, to enable it via the Registry, users should change the TypeOfAdminApprovalMode key value to 2 in HKEYLOCALMACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem and reboot. To disable the feature, users can revert the settings to their defaults.