hypervisor Archives

Winsage

August 19, 2025

Microsoft Windows Warning—Stop Playing These Free PC Games

Windows users are at risk when downloading large files, particularly free games from sites like Dodi Repacks, which have been linked to malware distribution. An investigation revealed that downloading these games involves multiple redirects leading to a ZIP file containing a malicious .dll file. This file triggers the installation of HijackLoader malware, designed to bypass antivirus protections and install additional malicious software. HijackLoader employs advanced techniques to evade detection, including checks for virtual machines and monitoring system resources. It manipulates environment variables and executes payloads to maintain persistence on infected PCs. The malware has been associated with various families, including Danabot and RedLine Stealer, and is capable of delivering secondary payloads, with LummaC2 being a recent example. Users are advised to exercise caution when engaging with pirated downloads.

Winsage

August 8, 2025

German researchers show ‘Windows Hell No’ flaw at Black Hat

Microsoft is working to move Windows users away from traditional passwords to its Hello biometrics system. Researchers from ERNW Research, supported by the German government, discovered a critical vulnerability in Hello that allows individuals with local admin access or malware credentials to inject biometric data, bypassing security measures. Hello facilitates authentication for business users by connecting corporate PCs to platforms like Entra ID or Active Directory, storing a cryptographic key in a database linked to Microsoft's Windows Biometric Service. While Enhanced Sign-in Security (ESS) is designed to mitigate such vulnerabilities, not all PCs are compatible with it. During a presentation, researchers demonstrated the flaw by logging in with a facial scan and then injecting a captured facial scan to unlock the device. They suggested that users without ESS disable biometric authentication and revert to using a PIN. Microsoft has not yet responded to these findings, which are part of a research program called Windows Dissect.

Winsage

June 26, 2025

The Great Migration Starts Here

Organizations must transition to Windows 11 Pro by October 14, 2025, as Windows 10 will no longer receive security updates, increasing vulnerability to cyber threats. The upgrade is complimentary for eligible Windows 10 devices, but compatible hardware is necessary to utilize enhanced security and performance features. Windows 11 Pro PCs include built-in security tools like Windows Hello, BitLocker encryption, and TPM 2.0. Windows AI PCs feature intelligent tools like Windows Copilot for improved efficiency, while Copilot+ PCs, launching in mid-2024, will have dedicated AI processors for advanced capabilities. Security features such as Secure Boot, Virtualization-Based Security, and BitLocker encryption are integral to Windows 11 Pro devices, mitigating risks of malware and unauthorized access. Upgrading to Windows 11 Pro enhances device stability and aligns with sustainability goals through energy-efficient designs.

Winsage

June 20, 2025

Microsoft boosts default security of Windows 365 Cloud PCs

Microsoft is enhancing its Windows 365 Cloud PCs with new security features starting in May 2025. All newly provisioned and reprovisioned Cloud PCs using a Windows 11 gallery image will have Virtualization-Based Security (VBS), Credential Guard, and Hypervisor-Protected Code Integrity (HVCI) enabled by default. VBS creates a secure environment to protect system processes, Credential Guard secures authentication credentials, and HVCI ensures only verified code runs at the kernel level. Additionally, beginning in the latter half of 2025, clipboard, drive, USB, and printer redirections will be disabled by default on newly provisioned and reprovisioned Cloud PCs to mitigate security risks, although IT administrators can re-enable these features if needed.

Winsage

June 20, 2025

How Uniphore achieved 30% cost savings by modernizing Windows servers on AWS

Uniphore is an AI innovation company that faced challenges with its legacy Windows Server infrastructure, which was costly and raised security concerns due to its end-of-support status. To modernize, Uniphore utilized Amazon Web Services (AWS) for containerization and cloud-native solutions, achieving a 30% reduction in costs and improved operational capabilities. The migration involved transitioning from 50 bare-metal Windows Server 2008 R2 instances to a Linux environment on AWS, optimizing call-center analytics workloads and enabling better training of large language models. The modernization strategy included three key areas: application modernization through refactoring and containerization, a custom data migration solution using Type 2 hypervisor technology, and a cloud infrastructure setup with Amazon EC2, Amazon EKS, Amazon EFS, and Amazon S3. The migration was executed in three phases: deploying the hypervisor and DataSync agent, secure data migration and validation, and production cutover with application deployment. Best practices adopted during the process included Infrastructure as Code (IaC) with Terraform, CI/CD pipelines using GitLab, comprehensive monitoring with DATADOG and CloudWatch, and enforcement of AWS Backup policies. The modernization resulted in benefits such as improved scalability and performance, flexibility and portability of applications, enhanced security and compliance, efficient data management, reduced operational overhead, and significant cost savings.

Winsage

May 29, 2025

Announcing Windows 11 Insider Preview Build 27868 (Canary Channel)

Windows 11 Insider Preview Build 27868 has been released to the Canary Channel. There are no plans to release SDKs for the 27xxx series builds. The voice access feature has been enhanced with a new in-product experience to highlight new features. A fix has been implemented for pen input issues on certain PCs, and problems with launching applications like Spotify from the Microsoft Store have been addressed. A rendering issue in the Group Policy Editor for some display languages has been corrected, and a SYSTEMTHREADEXCEPTIONNOTHANDLED bugcheck issue has been fixed. Known issues include potential loss of Windows Hello PIN and biometrics for Copilot+ PCs transitioning to the Canary Channel, an Administrative Templates error in the Group Policy Editor, taskbar display issues after upgrading, and audio problems with high sampling rate devices. Applications reliant on virtualization will require the "Windows Hypervisor Platform" component when Virtualization Based Security is enabled. Search and filtering options in Task Manager are currently non-operational. Insiders in the Canary Channel should note that builds reflect early development changes and may not align with any specific Windows release. Features may not reach the general public, and a clean installation is required to exit the Canary Channel. The desktop watermark is standard for pre-release builds.

Winsage

May 28, 2025

Three ways to run Windows apps on a Linux box

If you're transitioning to Linux and need to run Windows applications, you have several options, including dual-booting, using a virtual machine (VM), or employing a compatibility layer like WINE. For virtualization, VirtualBox is a popular open-source choice, while VMware is another option that has been free since late 2024. Both require a Windows ISO, which can be obtained for free from Microsoft. VirtualBox suggests allocating 2GB of RAM and one processor core, but 8GB of RAM and two cores are recommended for better performance. Running a VM requires significant resources, and a valid Windows license is necessary for the guest OS. Dual-booting allows both Windows and Linux to run natively, providing full hardware access and optimal performance. WINE translates Windows application calls into Linux commands and is included in most Linux distributions. Its effectiveness varies by application. Bottles is a user-friendly wrapper around WINE that simplifies installation. For enhanced compatibility, CodeWeavers CrossOver is a premium alternative to WINE, with a free evaluation version available. For gaming, Lutris and Valve’s Proton are tools that facilitate running Windows games on Linux.

Winsage

May 23, 2025

Announcing Windows 11 Insider Preview Build 26120.4161 (Beta Channel)

Windows 11 Insider Preview Build 26120.4161 (KB5058515) has been released to the Beta Channel for Windows 11, version 24H2. This update includes new features such as the Microsoft 365 Text Action in Click to Do, allowing users to draft content in Word by selecting recognized text. Lock screen widget personalization is now available globally, enabling users to customize their lock screens. The update introduces support for multiple dashboards in Widgets, enhancing organization and access to favorite widgets. Improvements include recommendations from the Microsoft Store in the "Open with..." dialog and a new PC-to-PC migration experience in the Windows Backup app. Various fixes have been made to the Start Menu, Task Manager, Narrator, and Voice Access. Known issues include incorrect build version display post-PC reset and Bluetooth issues with Xbox Controllers. Users are encouraged to provide feedback through the Feedback Hub.

Winsage

April 29, 2025

Microsoft teases pay-to-patch plan for Windows Server 2025

Microsoft plans to transition its hotpatching feature for on-premises Windows Server 2025 into a paid subscription service starting in July, priced at [openai_gpt model="gpt-4o-mini" prompt="Summarize the content and extract only the fact described in the text bellow. The summary shall NOT include a title, introduction and conclusion. Text: Microsoft has unveiled plans to transition its hotpatching feature for on-premises Windows Server 2025 into a paid subscription service starting in July. This innovative capability allows administrators to implement software updates without the need for system reboots, a significant advantage that streamlines the update process. Hotpatching: A Game Changer for Administrators Hotpatching is not a novel concept; it has been a staple in various environments, including the Linux kernel, VMware products, and the Xen hypervisor. The primary appeal lies in its ability to facilitate security updates without the disruption of reboots, enabling IT teams to maintain operational continuity without the hassle of scheduling downtime. This feature will be a game changer; you may finally get to see your family on the weekends. Currently, Microsoft offers hotpatching for its Windows Server: Azure Edition and version 2022 within its Azure cloud infrastructure. The company has highlighted that its Xbox team has been a significant user of this feature. In August 2024, a preview of hotpatching for Windows Server 2025 running in Azure was announced, followed by a subsequent preview for on-premises implementations managed through the Arc hybrid-and-multicloud management tool. With this latest update, hotpatching is now available for both the Standard and Datacenter editions of Windows Server 2025, allowing on-premises users to benefit from this functionality. Hari Pulapaka, Microsoft’s general manager of Windows Server, emphasized the transformative potential of hotpatching, noting, “This feature will be a game changer; simpler change control, shorter patch windows, easier orchestration.” He humorously added that it might even allow professionals to enjoy more time with their families on weekends. As of last Thursday, Microsoft announced that the current preview will conclude on June 30, transitioning into a subscription model priced at .50 per core per month. Traditional non-hotpatch updates will remain available at no cost. In a detailed explanation, Janine Patrick, Windows Server Product Marketing Manager, and Artem Pronichkin, Senior Program Manager, outlined the service's structure, which aims to deliver eight hotpatches annually. This schedule follows a three-month cycle: the first month serves as a baseline month (monthly cumulative update), followed by two months dedicated to hotpatches. During baseline months—January, April, July, and October—reboots will be necessary. They also noted that, on rare occasions, a non-hotpatch update may be required during a hotpatch month for security reasons, which would also necessitate a reboot. However, the goal remains to provide up to eight hotpatches each year. The benefits of hotpatching are clear, as it can significantly reduce the 'window of vulnerability' that often occurs when administrators delay updates and restarts following a Windows security update. Additionally, it alleviates the traditional burdens associated with 'Patch Tuesday' updates. Importantly, adoption of hotpatching remains optional; Microsoft will continue to provide software updates according to its existing schedule. However, the company anticipates that many Windows Server 2025 users will find value in the ability to minimize downtime through this subscription service. While Windows Server 2025 machines will need to be managed by Arc to utilize hotpatching, there will be no additional costs associated with using Arc for this new offering. Users currently testing the hotpatching preview will automatically transition to the subscription model starting July 1, unless they choose to disenroll before June 30. Notably, Azure Editions of Windows Server will continue to receive hotpatching at no charge. As this new subscription service approaches, the question remains: Will users embrace the opportunity to pay for the promise of non-disruptive patches? The conversation is open for your thoughts." max_tokens="3500" temperature="0.3" top_p="1.0" best_of="1" presence_penalty="0.1" frequency_penalty="frequency_penalty"].50 per core per month. Hotpatching allows administrators to implement software updates without system reboots, enhancing operational continuity. Currently, hotpatching is available for Windows Server: Azure Edition and version 2022 within Azure. A preview for Windows Server 2025 running in Azure was announced in August 2024, followed by a preview for on-premises implementations managed through the Arc hybrid-and-multicloud management tool. The feature will be available for both the Standard and Datacenter editions of Windows Server 2025, with a goal of delivering eight hotpatches annually. Baseline months will require reboots, while hotpatch months will not, unless a non-hotpatch update is necessary. Adoption of hotpatching is optional, and traditional updates will continue to be available at no cost. Users testing the hotpatching preview will automatically transition to the subscription model starting July 1, unless they disenroll before June 30. Azure Editions of Windows Server will continue to receive hotpatching at no charge.

Winsage

April 28, 2025

Microsoft makes hot patching a paid feature for Windows Server 2025

Hotpatching in Windows Server 2025 allows system administrators to apply security updates without rebooting, enhancing response times to vulnerabilities. Microsoft will introduce a subscription model for this feature starting July 1, 2024, at an initial rate of [openai_gpt model="gpt-4o-mini" prompt="Summarize the content and extract only the fact described in the text bellow. The summary shall NOT include a title, introduction and conclusion. Text: Hotpatching emerges as a significant advancement in the realm of Windows Server 2025, allowing system administrators to implement security updates without the need for system reboots. This capability enhances the speed at which organizations can respond to vulnerabilities, aligning with the growing demand for agile IT operations. However, Microsoft has decided to place this feature behind a paywall, introducing a subscription model that will take effect from July 1, 2024, at an initial rate of .50 per core per month. Notably, users operating on Azure will be exempt from this charge, providing a clear incentive for cloud-based deployments. Previously available in Azure Hotpatching is not an entirely new concept; it has been successfully utilized in various environments, including the Linux kernel, VMware products, and the Xen hypervisor. Microsoft has previously offered hot patching capabilities for Windows Server: Azure Edition and version 2022 within the Azure cloud ecosystem. In August 2024, the company unveiled a preview of hot patching for Windows Server 2025 in Azure, followed by an additional preview for deployments managed through the Arc hybrid and multicloud management system in September. This latest preview marks a pivotal moment, as it introduces hot patching for Windows Server 2025 Standard and Datacenter Edition, enabling on-premises applications of this technology for the first time. Microsoft has characterized this feature as a “game changer,” highlighting its potential to redefine patch management for enterprises. Subscription model and patching cycle Under the new subscription model, Microsoft anticipates releasing eight hot patches annually. However, it is important to note that there may be instances where a restart is still required for security purposes. As the transition to the paid version approaches, users currently in the preview phase will be automatically migrated unless they opt out by June 30, 2024. This move has drawn parallels to Microsoft's previous strategies regarding detailed logs, which have sparked concern among security experts. Critics argue that by monetizing essential security features, Microsoft risks compromising the overall security posture for users who may not opt for these additional services. While hotpatching was initially heralded as a cornerstone innovation for Windows Server 2025, its placement behind a paywall raises questions about the balance between enhanced security and cost considerations for organizations. Read also: Windows Server 2025 updates cause problems" max_tokens="3500" temperature="0.3" top_p="1.0" best_of="1" presence_penalty="0.1" frequency_penalty="frequency_penalty"].50 per core per month, with Azure users exempt from this charge. Hotpatching has been previously available in Azure and is now being introduced for on-premises applications in Windows Server 2025 Standard and Datacenter Edition. Microsoft plans to release eight hot patches annually, although some may still require a restart. Users in the preview phase will be automatically migrated to the paid version unless they opt out by June 30, 2024. Critics express concern that monetizing essential security features may compromise overall security for users who do not subscribe.