Extended Security Archives

Winsage

June 21, 2026

Microsoft reveals how to verify Windows 11’s Secure Boot update, what to do if your PC missed it

The expiration of Microsoft's Secure Boot 2011 certificates on June 24 will not prevent older Windows PCs from booting, as confirmed by Microsoft. Devices will continue to operate normally, but they will miss future boot-level security updates, including updates to the Windows Boot Manager and mitigations for newly identified vulnerabilities. The ability to receive the Secure Boot 2023 update depends on the device firmware's compatibility, with many manufacturers, including Dell, HP, Lenovo, and ASUS, having cutoffs for BIOS updates based on the device's End of Service Life. Older PCs using Legacy BIOS or Compatibility Support Module (CSM) mode do not utilize UEFI Secure Boot, making the update irrelevant. Users running Windows 11 on unsupported hardware may have Secure Boot disabled or improperly configured. Without the 2023 certificates, devices cannot receive future revocation updates to the Secure Boot DBX, which lists compromised bootloaders. Users on Windows 10 with supported OEMs may receive the update if a compatible BIOS is available, while those on older PCs without updates can continue using their devices but will lack future security updates. The Secure Boot status can be checked through the Windows Security app, with color-coded badges indicating the status of the certificates.

Winsage

June 12, 2026

June’s Windows 10 patch has a BitLocker user lockout problem… again

Microsoft released a cumulative update for Windows 10, designated as KB5094127, during the latest Patch Tuesday. Some users are experiencing issues where they are prompted to enter their BitLocker recovery key after installing the update. This problem is linked to systems with an "unrecommended" BitLocker Group Policy configuration and has occurred in previous updates. Specific conditions that can lead to this issue include having BitLocker enabled on the operating system drive, a certain Group Policy setting configured, the System Information tool reporting a specific Secure Boot State, the presence of a particular certificate in the Secure Boot Signature Database, and not using the 2023-signed Windows Boot Manager. Affected users may face difficulties accessing their BitLocker recovery key, potentially leading to lockouts. Microsoft suggests that personal devices are less likely to be affected, with the issue primarily impacting enterprise setups. The company is working on a resolution and advises IT administrators to consider removing the Group Policy configuration before installing the update. Update KB5094127 is available only to Windows 10 users in the Extended Security Updates program for versions 21H2 and 22H2, addressing various bugs and security vulnerabilities.

Winsage

June 10, 2026

Microsoft patches record 198 Windows bugs in June update – and 3 are zero days

Microsoft's latest Patch Tuesday addressed 198 security vulnerabilities, the most extensive update in recent memory. Among these, 32 flaws are classified as critical, and three are zero-day vulnerabilities. The updates are detailed in KB articles: KB5094126 for Windows 11 versions 24H2 and 25H2, KB5093998 for version 23H2, and KB5094127 for Windows 10. The updates will automatically download and install, but users must verify their installation status and reboot their computers for changes to take effect. The vulnerabilities addressed this month are attributed to advancements in artificial intelligence, with companies like Microsoft leveraging AI models to expedite the identification and resolution of security flaws. The three zero-day vulnerabilities include one that allows an attacker to gain Windows System privileges through a flaw in file link resolution, another that could facilitate a denial-of-service attack via an HTTP vulnerability, and a third related to a flaw in Windows BitLocker that could enable data capture from an unpatched PC. Additionally, the update introduces new features to Windows 11, including new Secure Boot certificates, a Low Latency Profile for enhanced performance, support for shared audio devices for multiple Bluetooth connections, webcam functionality across multiple applications, and the ability to assign a custom name to the user folder during setup.

Winsage

June 10, 2026

Microsoft releases Windows 10 KB5094127 extended security update

Microsoft has released the Windows 10 KB5094127 extended security update, which addresses vulnerabilities identified during the June 2026 Patch Tuesday and enhances monitoring of updated Secure Boot certificates. Users on Windows 10 Enterprise LTSC or enrolled in the ESU program can install it via the Windows Update settings. The update upgrades Windows 10 to build 19045.7417 and Windows 10 Enterprise LTSC 2021 to build 19044.7417. It focuses on security enhancements and bug fixes, resolving a total of 200 vulnerabilities, including three zero-day flaws. Key features include improved File Explorer search functionality for Chinese text and UTF-8 encoded files, dynamic status reporting for Secure Boot states, a new policy setting to limit Secure Boot service data sent to Microsoft, and enhanced targeting data for automatic receipt of new Secure Boot certificates. A known issue may cause BitLocker recovery notifications on certain systems, particularly those with specific BitLocker Group Policy settings. Microsoft recommends removing the Group Policy setting and suspending/resuming BitLocker as a temporary fix.

Winsage

June 9, 2026

Live Webinar | Windows 10 End of Support in OT: Practical Strategies for Secure and Resilient Operations

Operational technology (OT) engineers and plant managers must decide between migrating to Windows 11, opting for Extended Security Updates, or implementing compensating controls as support for Windows 10 ends. Windows 10 Enterprise LTSC 2021 will stop receiving updates on January 12, 2027. A live webinar is available to help organizations develop a strategy for transitioning from Windows 10, addressing security and compliance challenges, key standards, and practical strategies for safeguarding systems. The webinar targets OT engineers, plant managers, OT security leaders, and operations teams in various sectors, aiming to assist them in maintaining operational integrity during the transition.

Tech Optimizer

June 6, 2026

PostgreSQL vs SQL Server 2026: $0 vs $15K License

PostgreSQL has become the most utilized database for developers for two consecutive years as of 2026, while SQL Server has introduced native AI capabilities and vector search functionalities in its latest release. PostgreSQL is favored for new projects due to its permissive licensing, cross-platform operation, and extensive ecosystem of extensions, whereas SQL Server is preferred by organizations already using Microsoft products for its robust tooling and enterprise support. As of June 2026, SQL Server ranks third in the DB-Engines popularity ranking with a score of 698, while PostgreSQL ranks fourth with a score of 688. Developer adoption trends show that 49% of respondents in the Stack Overflow 2024 Developer Survey use PostgreSQL, compared to 27% for SQL Server. The latest stable version of PostgreSQL is 18.4, released on May 14, 2026, while SQL Server 2025 (version 17.x) became generally available on November 18, 2025. PostgreSQL is free under a permissive license, while SQL Server's Enterprise Edition can cost upwards of ,123 per two-core pack, with an eight-core minimum. PostgreSQL supports various operating systems, including Linux, Windows, macOS, and BSD, while SQL Server operates on Windows and Linux. PostgreSQL uses PL/pgSQL as its primary procedural language, allowing for multiple procedural languages, whereas SQL Server uses T-SQL. PostgreSQL's JSONB type offers rich indexing, while SQL Server added native JSON support in its 2025 release. Both databases are capable of handling high transaction volumes, but PostgreSQL excels in read-heavy scenarios due to its multi-version concurrency control, while SQL Server's columnstore indexes provide advantages for analytical workloads. PostgreSQL supports tables up to 32 TB, while SQL Server can handle a maximum database size of 524 PB. SQL Server's high availability technology includes Always On Availability Groups, while PostgreSQL offers built-in streaming and logical replication. The security features of both databases meet enterprise standards, with PostgreSQL providing a transparent patching process and SQL Server integrating with Microsoft tools. Real-world usage examples include Stack Overflow using SQL Server, while Instagram and Reddit utilize PostgreSQL. Developer sentiment increasingly favors PostgreSQL for new projects, emphasizing flexibility and open-source solutions. For new startups or greenfield projects, PostgreSQL is recommended due to its zero license cost and compatibility. Existing Microsoft enterprises are advised to stick with SQL Server for its integration benefits. Migration from SQL Server to PostgreSQL is becoming common, with a structured approach required for successful transitions.

Winsage

May 29, 2026

“We are not ready to move” as HP’s Windows 10 holdouts highlight Microsoft’s upgrade struggle

30% of HP's installed user base is still operating on Windows 10, which leaves approximately 400 million PCs vulnerable as they do not meet the hardware requirements for Windows 11. The proportion of Windows 10 users has declined slightly since September 2025. HP's revenue rose by 9% year-on-year, reaching .41 billion, with the transition to Windows 11 providing a financial advantage for the company. Microsoft introduced the Extended Security Updates (ESU) program for Windows 10 users, allowing enrollment for free or through Microsoft Reward points, with access later made free for users in the European Economic Area who do not meet cloud backup requirements. Critics argue that the end of support for Windows 10 forces functional PCs into premature retirement due to hardware requirements for Windows 11. The Public Interest Research Group has raised concerns about the impact of discontinuing Windows 10 support on older devices and is promoting Linux as an alternative. Microsoft has been encouraging upgrades to Windows 11 through ads highlighting performance advantages.

Winsage

May 29, 2026

HP’s Windows 10 holdouts show just how hard Microsoft’s Windows 11 upgrade push really is

HP reported that 30% of its installed user base is still using Windows 10, which will lose support on October 14, 2025, leaving around 400 million PCs vulnerable. Many of these PCs do not meet the hardware requirements for upgrading to Windows 11. The percentage of Windows 10 users has declined slightly since September 2025, when nearly half of HP and Dell's PCs were still running the older system. Microsoft introduced an Extended Security Updates (ESU) program, allowing users to enroll for free or through a payment option, but later made access free for users in the European Economic Area who do not meet the cloud backup requirement. Critics argue that the end of support for Windows 10 exemplifies programmed obsolescence, potentially forcing many functioning PCs into retirement. Initiatives like End of 10 are encouraging users to consider transitioning to Linux, highlighting its lack of advertisements and telemetry tracking. Microsoft has attempted to persuade users to upgrade to Windows 11 through ads and claims of improved performance. It is unclear if Windows 10 users have enrolled in the ESU program or are operating without security updates.

Winsage

May 28, 2026

Microsoft tests the 15-character limit of Windows Server admins’ patience

Windows Server 2016 has a bug introduced by the May 12 security update that affects servers with hostnames exactly 15 characters long, causing errors in domain controller discovery. Specifically, calling the DCLocator results in an ERRORINVALIDPARAMETER, hindering applications and tools from locating a domain controller. This issue impacts features like Distributed File System (DFS) Namespace management. Microsoft has not provided a workaround but suggests changing the hostname length. Windows Server 2016 is officially supported until January 12, 2027, with extended support options available. Despite representing only 2.2 percent of all Windows devices, it accounts for 20.3 percent of all servers. Additionally, the May 2026 security update has caused installation failures on some Windows 11 devices due to insufficient EFI System Partition size.

Winsage

May 26, 2026

‘Restart Multiple Times’—Microsoft Changes Windows Next Week

Microsoft will begin the expiration of Secure Boot certificates on most PCs in June, marking the end of a 15-year period of stability. This affects all PCs manufactured before 2023. Users will likely need to perform multiple restarts during the update process, which includes pushing data into firmware and loading a new bootloader. Ignoring the Secure Boot deadline in June 2026 may lead to significant security risks, as Microsoft will stop providing essential boot updates and malware blacklists. The Windows Security App has been updated to help users monitor these changes, and users should check for warnings indicating the status of Secure Boot. It is important for Windows 10 users to ensure they are enrolled in the Extended Security Updates (ESU) program to avoid vulnerabilities.