ESU Archives

Winsage

March 27, 2025

Windows 10 Ending : Microsoft Makes Windows 11 Free, But Not for Long

Microsoft's official end of support for Windows 10 is set for October 2025, prompting the company to encourage users to transition to Windows 11 through a "limited-time" free upgrade offer. Windows 11 has stringent system requirements, including TPM 2.0 support, which many older PCs lack. Microsoft 365 apps will stop receiving updates on Windows 10 after support ends, although they will continue to function. Users who do not upgrade can opt for the Extended Security Updates (ESU) program for continued security patches at a cost. Options for users include upgrading to a compatible PC, switching to another operating system like Linux, or remaining on Windows 10 with limited support.

Winsage

March 26, 2025

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials

A critical vulnerability affecting various Windows operating systems, including Windows 7, Server 2008 R2, Windows 11 v24H2, and Server 2025, allows attackers to capture NTLM authentication credentials through interactions with malicious files in Windows Explorer. Exploitation can occur when users open shared folders, insert USB drives with malicious files, or view downloaded files. The vulnerability is similar to a previously patched flaw (CVE-2025-21377) but has not been fully documented. Security researchers have developed micropatches available for free until Microsoft releases a permanent fix. These micropatches support a wide range of Windows versions, including legacy and currently supported systems. The micropatches have been automatically distributed to affected systems with the 0patch Agent installed.

Winsage

March 26, 2025

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials

A critical vulnerability affects all Windows operating systems from Windows 7 to Windows 11 v24H2 and Server 2025, allowing attackers to capture NTLM authentication credentials through malicious files viewed in Windows Explorer. Exploitation can occur when users open shared folders, insert USB drives with malicious files, or view previously downloaded files. The vulnerability is similar to a previously patched flaw (CVE-2025-21377) but has not been publicly documented. Security researchers have developed micropatches through 0patch to temporarily mitigate the issue, which will be available at no cost until Microsoft releases a permanent solution. The micropatches support various Windows versions, including legacy and currently supported systems, and can be automatically deployed without requiring system reboots.

Winsage

March 24, 2025

Windows 10 Support is Ending; Here’s What You Need to Do Next

Microsoft will end support for Windows 10 on October 14, 2025. After this date, Windows 10 PCs will still function but will not receive security updates or bug fixes, leading to potential vulnerabilities and compatibility issues. Microsoft is encouraging users to upgrade to Windows 11, which currently has a market share of 38%. Users can maintain security by keeping antivirus software and browsers updated, and Google Chrome will continue to receive updates on Windows 10. Microsoft offers an Extended Security Update (ESU) program for Windows 10, providing critical updates for a fee, with the first year starting on November 11, 2025, and ending on October 13, 2026. Consumers will need to upgrade to Windows 11 by October 2026 unless further extensions are announced. There are methods to bypass Windows 11's hardware requirements, such as using tools like Rufus or Registry workarounds. Alternatives to upgrading include Chrome OS Flex and Linux Mint, both of which offer user-friendly environments for continued computing tasks.

Winsage

March 23, 2025

Microsoft recommends a drastic move for Windows 11 upgrade, report says

Microsoft will end support for Windows 10 on October 14, 2025. Currently, Windows 10 accounts for 58.7% of all Windows desktop users, while Windows 11 has 38.1%. Microsoft is encouraging users to upgrade to Windows 11 by sending emails about the end of support and providing information on the upgrade process. The minimum specifications for Windows 11 include a 1 GHz or faster processor with 2 or more cores, 4GB of RAM, 64 GB of storage, and a TPM version 2.0. Some users have successfully installed Windows 11 on older computers, but certain hardware requirements may be challenging for others. Microsoft is offering Extended Security Updates (ESU) for Windows 10 users for a fee, providing an additional year of updates. The upgrade from Windows 10 to Windows 11 is free and designed to be straightforward, with notifications being sent to users. Windows 11 features enhanced functionality, including Microsoft Recall, which allows users to revisit past actions.

Winsage

March 12, 2025

Windows 10 security risks are now more of a reality for users

As of February 2025, the proportion of Windows 10 users has fallen to 58.7%, while Windows 11's user base has risen to 38.2%. Many businesses are adopting Windows 11 during hardware refresh cycles rather than upgrading existing machines. Microsoft has introduced a 12-month security extension option for Windows 10 users, requiring enrollment, as the operating system will no longer receive security updates after October 14. There are concerns about Microsoft's enforcement of end-of-life directives and the possibility of providing free security updates for outdated software in response to severe cybersecurity incidents.

Winsage

February 21, 2025

Hackers release TSforge exploit that «forever» activates Windows and Office

A hacker group called Massgrave has developed a method named TSforge Activation that permanently activates most Microsoft products and bypasses the digital rights management (DRM) system. This method allows updates for Windows 10 beyond its official end of support in October 2025. The group previously launched the Microsoft Activation Scripts (MAS) project in 2024, claiming to dismantle Microsoft’s DRM protections. The TSforge method works by replacing activation data files with counterfeit data, tricking the Software Protection Platform (SPP) into accepting fraudulent product keys. TSforge currently enables activation for Windows 7 and later versions, including Windows Server (2008 R2 – 2025), and Office 2013-2024 on Windows 8 and later. It also unlocks commercial features like Extended Security Updates for Windows 7-10. Despite being aware of these activators, Microsoft has not taken significant action against them. The MAS project is open-source and hosted on GitHub. The hackers argue that their tool could be used as an alternative activation method in urgent situations.

Winsage

February 20, 2025

Can’t quit Windows 10? You can pay Microsoft for updates after October, or try these alternatives

An ESU subscription allows customers to receive updates automatically through Windows Update, with updates also available for individual download via the Microsoft Update Catalog. Customers can set reminders to check for updates after their release, typically on the second Tuesday of each month. For a more streamlined approach, the third-party service 0patch offers critical security patches for Windows 10 for at least five years after the end-of-support date, costing between and per PC annually. 0patch provides "micropatches" for vulnerabilities discovered after October 14, 2025, which are small and applied to running processes without altering Microsoft's original files. Unauthorized alternatives, like PowerShell activation scripts from the Massgrave hacking collective, allow users to bypass Microsoft's licensing agreements for a free three-year ESU subscription, but using these scripts is illegal and poses significant risks to businesses.