folder Archives

Winsage

March 31, 2025

10 Facts you probably didn’t know about Windows as Microsoft turns 50

- Windows was originally named "Interface Manager" before being changed to "Windows" prior to its launch in 1985. - Early versions of Windows (1.0, 2.0, and 3.x) operated on top of MS-DOS and required users to boot into MS-DOS before launching the graphical interface. - The Briefcase folder was an early tool for synchronizing files between computers, which became obsolete with the rise of cloud storage solutions. - Prior to Windows XP, user profiles were basic and lacked robust security; full user accounts were implemented with Windows NT. - Several applications from Windows 1.0, including Calculator, Paint, Notepad, Clock, and Control Panel, are still present in Windows 11 in modernized forms. - The "Format" dialog in File Explorer has used the same code for over 30 years, although updates for FAT32 support are being developed. - TrueType fonts were introduced in Windows 3.1 in 1992 through a licensing agreement with Apple, improving font rendering quality. - The "Ctrl + Alt + Delete" shortcut was created by IBM engineer David Bradley as a debugging tool and later adopted by Microsoft for secure attention sequences in Windows NT. - Windows 1.0 required a minimum of 256KB of RAM at its launch in 1985, while Windows 11 requires at least 4GB.

Winsage

March 30, 2025

5 reasons I use PowerShell to automate boring Windows tasks

PowerShell automates repetitive computing tasks, enhancing productivity by offering a faster command-line interface (CLI) compared to traditional graphical user interfaces (GUIs). It simplifies app management, allowing users to reinstall or update applications more effectively than through the Microsoft Store. PowerShell also streamlines file management with the Move-Item cmdlet, which transfers files and deletes the original from the source. Users can automate scripts with Task Scheduler for routine tasks, and it supports system maintenance through cmdlets and custom scripts, benefiting both IT administrators and casual users. PowerShell's automation capabilities make it a valuable tool for optimizing computing experiences.

Winsage

March 29, 2025

6 reasons Listary is one of the best launchers on Windows

Listary is an app launcher that enhances efficiency in locating and launching applications and files on Windows. Users can access a search field by pressing Ctrl twice, allowing for quick app searches even with typos. It offers a responsive search experience, unlike the slower Windows search feature, and simplifies file navigation with an interface similar to File Explorer. Listary allows customization of keyboard shortcuts and appearance settings, and integrates seamlessly with File Explorer for direct searches within specific directories. It is free for personal use, with a pro version available at an affordable price, offering additional features.

AppWizard

March 28, 2025

PJobRAT makes a comeback, takes another crack at chat apps

In 2021, PJobRAT, an Android Remote Access Trojan (RAT), targeted Indian military personnel through deceptive apps. A new campaign was discovered in 2023, focusing on users in Taiwan, with malicious apps like ‘SangaalLite’ and CChat disguised as instant messaging applications. These apps were available for download from WordPress sites, which have since been taken down. The campaign began in January 2023, with domains registered as early as April 2022, and the latest sample detected in October 2024. The number of infections was low, indicating a targeted approach rather than a broad attack. The distribution methods remain unclear, but may involve SEO poisoning, malvertising, or phishing. Once installed, the apps request extensive permissions and feature basic chat functionality. Recent versions of PJobRAT have shifted from stealing WhatsApp messages to executing shell commands, allowing greater control over compromised devices. PJobRAT communicates with its command-and-control (C2) servers using Firebase Cloud Messaging (FCM) and HTTP, enabling the upload of various data types, including SMS, contacts, and files. The now inactive C2 server was located in Germany.

Winsage

March 28, 2025

How to easily create an unattended answer file for Windows 11

On Windows 11, an answer file named autounattend.xml can be created to streamline the installation process by bypassing setup steps. To create this file, users need to install the DISMTools application, which provides a wizard for generating the unattended file. The installation of DISMTools involves using Command Prompt to run the command: winget install CodingWondersSoftware.DISMTools.Preview. To create the unattended file, users launch DISMTools, navigate to the "Unattended answer file creator," and follow the wizard to configure settings such as system language, processor architecture, disk settings, product key, account settings, and network settings. The final step is saving the file as autounattend.xml. To integrate the answer file into Windows 11 installation media, users download the Media Creation Tool, select the USB flash drive option, and copy the autounattend.xml file to the USB drive. This prepares the USB for an unattended installation of Windows 11. The XML file may also appear as "unattend.xml" in other contexts.

Winsage

March 27, 2025

Looking back at Windows Longhorn

Retired Microsoft engineer Dave Plummer discussed the Windows Longhorn project, which aimed to succeed Windows XP but faced significant challenges. Longhorn was envisioned to overhaul the user experience and introduce features like WinFS for content-based file searching. However, the simultaneous development of many new features led to a fragile and bloated codebase, making it difficult to use in daily operations. A 2002 memo from Bill Gates prioritizing security diverted resources from Longhorn, further complicating development. Ultimately, in August 2004, Microsoft scrapped the existing Longhorn codebase in favor of the Windows Server 2003 SP1 codebase, integrating select Longhorn features. The project resulted in Windows Vista, which retained some Longhorn features while discarding others. Plummer reflected on the mixed legacy of Longhorn, acknowledging its failures and the lessons learned that shaped Microsoft's future practices.

Winsage

March 27, 2025

Windows Photos gets revamped with powerful AI features and smarter tools

Microsoft has updated its Photos app for Windows Insiders, integrating AI features, including the Copilot assistant. This update introduces a dedicated button for accessing Copilot, which offers personalized photography editing tips and image insights. Users can upload images to receive AI-generated feedback, although Copilot does not yet edit photos. The app now includes enhanced optical character recognition with a "Search in Web" option, allowing users to highlight text in images and search online. New shortcuts in File Explorer enable users to access AI editing tools easily. The "Visual Search with Bing" tool allows exploration of similar images and related products. The updated Gallery View supports smarter folder navigation, and JPEG XL support improves image quality and compression. Microsoft has also addressed bugs affecting AI features and made general performance improvements.

Winsage

March 26, 2025

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials

A critical vulnerability affecting various Windows operating systems, including Windows 7, Server 2008 R2, Windows 11 v24H2, and Server 2025, allows attackers to capture NTLM authentication credentials through interactions with malicious files in Windows Explorer. Exploitation can occur when users open shared folders, insert USB drives with malicious files, or view downloaded files. The vulnerability is similar to a previously patched flaw (CVE-2025-21377) but has not been fully documented. Security researchers have developed micropatches available for free until Microsoft releases a permanent fix. These micropatches support a wide range of Windows versions, including legacy and currently supported systems. The micropatches have been automatically distributed to affected systems with the 0patch Agent installed.

Winsage

March 26, 2025

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials

A critical vulnerability affects all Windows operating systems from Windows 7 to Windows 11 v24H2 and Server 2025, allowing attackers to capture NTLM authentication credentials through malicious files viewed in Windows Explorer. Exploitation can occur when users open shared folders, insert USB drives with malicious files, or view previously downloaded files. The vulnerability is similar to a previously patched flaw (CVE-2025-21377) but has not been publicly documented. Security researchers have developed micropatches through 0patch to temporarily mitigate the issue, which will be available at no cost until Microsoft releases a permanent solution. The micropatches support various Windows versions, including legacy and currently supported systems, and can be automatically deployed without requiring system reboots.

Winsage

March 26, 2025

0patch releases yet another free fix for yet another 0day vulnerability in Windows that Microsoft has not addressed

0patch has released micropatches for a critical SCF File NTLM hash disclosure vulnerability affecting all Windows versions from Windows 7 to Windows 11 and Windows Server editions from 2008 to 2025. This vulnerability allows attackers to obtain users' NTLM credentials by having them view a malicious file in Windows Explorer. 0patch operates on a subscription model and provides security fixes for unsupported Windows versions, as well as complimentary patches for unaddressed vulnerabilities. Specific details about the vulnerability are currently withheld, pending an official fix from Microsoft.