file system Archives

Winsage

February 27, 2026

Windows Server finally gets ReFS boot support

Microsoft has introduced boot support for the Resilient File System (ReFS) in Windows Server, allowing insiders to boot the server operating system directly from a ReFS volume. This feature has been made available in the latest Windows Server Insider Preview build after a fourteen-year wait since ReFS was launched in 2012. ReFS can detect corruption early and address issues online, eliminating the need for chkdsk, and supports volumes up to 35 petabytes. It also includes block cloning and sparse provisioning technologies for efficient file management. To use ReFS boot, organizations must install the latest Windows Server vNext Insider Preview with a minimum build number of 29531.1000.260206-1841, format the system partition as ReFS, and ensure UEFI firmware is used.

Winsage

February 26, 2026

PoC Published for Microsoft Windows Flaw That Allows Low-Privileged Users to Force Irrecoverable BSODs

Security researchers have developed a working Proof of Concept (PoC) exploit for a vulnerability in the Windows kernel, identified as CVE-2026-2636, which allows low-privileged users to induce a Blue Screen of Death (BSoD), resulting in a Denial of Service. This vulnerability is linked to the Windows Common Log File System (CLFS) driver, specifically the CLFS.sys component, and arises from improper handling of invalid or special elements within CLFS (CWE-159). The PoC demonstrates that a non-administrative user can trigger the bug by executing a crafted ReadFile operation on a handle linked to an opened .blf log file without the expected I/O Request Packet (IRP) flags set. This leads to a critical inconsistency in the driver, causing Windows to invoke the kernel routine KeBugCheckEx, which results in a BSoD. The CVE-2026-2636 has a CVSS score of 5.5 (Medium) and poses a high impact on availability, allowing any authenticated user to crash the host reliably. Microsoft addressed this vulnerability in the September 2025 cumulative update, protecting systems running Windows 11 2024 LTSC and Windows Server 2025 by default. However, older or unpatched builds remain vulnerable. Organizations are advised to verify the deployment of the September 2025 updates, prioritize patching multi-user systems, and monitor for unusual spikes in BSoD events.

Tech Optimizer

February 25, 2026

Fix “kernel security check failure”: Step-by-step guide

The "kernel security check failure" error on Windows indicates corruption in critical system memory or internal data structures, triggering a bug check to prevent further damage. It is marked by the Blue Screen of Death (BSOD) displaying the message “KERNELSECURITYCHECK_FAILURE” and stop code 0x139. Causes include outdated or incompatible drivers, corrupted system files, faulty RAM, disk errors, third-party software conflicts, faulty Windows updates, overclocking, and malware threats. Common fixes involve updating Windows and drivers, scanning for corrupted files, using Check Disk (CHKDSK), running Windows Memory Diagnostic, and performing System Restore. If unresolved, a clean installation of Windows may be necessary. Regular updates and avoiding unnecessary software installations can help prevent future occurrences.

Winsage

February 20, 2026

Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets

Attackers are using social media advertising, specifically paid Facebook ads, to promote a malware campaign disguised as legitimate Microsoft promotions. They create near-exact replicas of the official Windows 11 download page to lure users into downloading malicious software. The deceptive domains used include ms-25h2-download[.]pro and ms-25h2-update[.]pro. The malware campaign employs geofencing to selectively target victims, redirecting security researchers to benign sites while delivering malware to unsuspecting users. The malicious file, named ms-update32.exe, is hosted on GitHub and mimics the size of a legitimate Windows installer. Once executed, it checks for monitoring tools and, if none are detected, installs an application named "Lunar" that collects sensitive data, including cryptocurrency wallet information. The malware maintains persistence by writing data to the Windows registry and employs various obfuscation techniques to evade detection. The attackers run parallel ad campaigns with different Facebook Pixel IDs to ensure continued operation even if one is suspended. Indicators of compromise include specific file hashes, domains, file system artifacts, and registry keys associated with the malware.

Winsage

January 29, 2026

Microsoft’s Quiet Exodus: Why Enterprise Developers Are Abandoning Windows for Linux Workstations

Microsoft developers and enterprise technology leaders are increasingly choosing Linux over Windows for development tasks, driven by performance concerns, workflow inefficiencies, and the rise of cloud-native development. The Windows Subsystem for Linux (WSL) has facilitated this shift by allowing developers to work in a Linux environment while still using Windows. Tools like Docker, Kubernetes, and Terraform, which are primarily designed for Linux, have led to a reevaluation of desktop strategies across various industries. Linux provides direct access to the same kernel and toolchain used in production, reducing discrepancies that can lead to bugs. It typically requires less memory at idle compared to Windows, making it more efficient for developers managing multiple containers or virtual machines. Microsoft has responded by investing in platform-agnostic tools like Visual Studio Code and embracing Linux on its Azure cloud platform, where over 50% of virtual machines run Linux. The introduction of WSL2 has improved compatibility and performance, but it has also highlighted Windows' limitations, leading to frustrations among developers. Security considerations favor Linux due to its open-source nature, allowing for greater customization and auditing. Financially, Linux can be more economical for enterprises due to lower licensing costs and reduced hardware requirements. Organizations that have switched to Linux report significant improvements in build times and overall developer experience. Hybrid strategies are emerging to accommodate developer preferences while ensuring security, with cloud-based development environments gaining traction. The trend toward Linux workstations reflects broader industry movements toward open source and platform independence, as companies adapt to attract and retain technical talent.

Winsage

January 21, 2026

Windows 11 apps like Notepad aren’t loading — what is error code 0x803f8001 and how do I fix it?

Windows 11 users are encountering the error code 0x803f8001 when launching applications, alongside the file system error (-2143322111). Affected applications include Armoury Crate, Notepad, Snipping Tool, Alienware Command Center, and Nitrosense. The error is often linked to issues with the Microsoft Store's ability to validate app licenses, potentially due to a corrupted Store cache or account sync problems. Users have reported similar issues on social media and forums, indicating a broader impact, including problems with Xbox Ally and ROG Ally Armoury Crate apps. Some users have attempted to reset the Microsoft Store app with mixed results, while one workaround involved uninstalling and reinstalling Armoury Crate from ASUS' website. Microsoft and ASUS are aware of the issue and are working on a resolution.

Winsage

January 21, 2026

Copilot AI: What You’re Missing on Windows 10 PCs — Virtualization Review

Microsoft's Copilot AI experience differs significantly between Windows 11 and Windows 10. On Windows 11, Copilot is integrated at the system level, allowing it to perform tasks such as opening specific Settings pages, toggling system settings, launching built-in applications, and providing contextual guidance with UI navigation. In contrast, Windows 10 users can only access Copilot through browser-based interfaces, limiting its functionality to providing written instructions without the ability to execute actions or interact with local system features. Copilot on Windows 10 lacks awareness of the operating system and cannot manage system configurations or settings directly, while Windows 11 allows for direct interaction with cloud-managed settings.

AppWizard

January 16, 2026

Running Factorio from over 1,000 floppy disks is a masochistically manual process that surely sets a new record for game load times

YouTuber DocJade is running the game Factorio on 1,000 3.5-inch floppy disks instead of a conventional hard drive. He developed a custom file system called Fluster using the RUST programming language, which divides each floppy disk into 512-byte blocks, allowing for a total of 2,880 blocks per disk and approximately 90 GB of storage. Fluster is open-sourced and available on DocJade's GitHub. Factorio's design allows it to load most content before the title screen, making it suitable for this unconventional method.

Winsage

January 1, 2026

Microsoft’s ReFS File System Remains Inaccessible to Windows 11 Users

Microsoft's Resilient File System (ReFS) supports volumes up to 35 petabytes and offers robust data protection through checksums and continuous integrity checks, reducing the risk of data corruption. However, Windows 11 defaults to the NTFS file system, requiring users to use command-line tools to access ReFS features, which may deter average consumers. ReFS is primarily designed for Windows Server environments and has not gained popularity among general users. Testing shows that Windows 11 formats new drives as NTFS, making ReFS less accessible. ReFS can experience performance degradation on single-drive consumer PCs compared to NTFS and lacks features like file system compression, encryption, object IDs, and extended attributes, raising compatibility concerns. Microsoft has introduced the Agent Launchers framework for AI agent registration in Windows, amidst user backlash regarding the evolution of Windows into an "agentic OS." The Windows and Devices segment generated .3 billion in the last fiscal year, remaining flat over three years, while Gaming and LinkedIn generated higher revenues. Users have reported frequent feature changes and declining quality in Windows 11, with Microsoft's Controlled Feature Rollout system causing inconsistencies across devices. ReFS is accessible through the Dev Drive feature in Windows 11, which prioritizes performance over security. Microsoft faces competition from various fronts, including Valve's SteamOS, Apple's upcoming MacBook, and Google's Chrome OS, particularly in the education sector.

Winsage

January 1, 2026

WinBoat is an open source tool that lets you seamlessly run Windows applications on Linux.

WinBoat is an open-source tool that enables users to run Windows applications natively on Linux systems through virtualization technology. It can be tested on an Ubuntu 24.04 Linux PC using Docker and FreeRDP. Users can download WinBoat as an AppImage, grant execution permissions, and follow installation steps that include specifying installation location, Windows version, language, and system resource allocation. Key features include a refined interface, automatic installation, universal application support, file system integration, USB pass-through support, future GPU support plans, and compatibility with Podman. As of December 2025, WinBoat is in beta and may have bugs. User feedback has been mixed, with some comparing it to a Windows virtual machine and noting issues like browser freezing and the need for a Windows license.