infrastructure Archives

Winsage

April 18, 2026

Microsoft’s Patch Tuesday release for April is a whopper

A series of updates have been released, focusing on system integrity and performance. Users should perform verification tasks, including installing, uninstalling, and repairing MSI packages, connecting and disconnecting cloud sync providers, and enrolling devices in Intune or MDM solutions. The Common Log File System driver (clfs.sys) is receiving a follow-up patch, along with updates to Storage Spaces (spaceport.sys) and app isolation file system drivers (bfs.sys, wcifs.sys). Users should also run Windows Update installation and rollback cycles, install and uninstall applications, and verify data integrity through backup solutions. For Storage Spaces, creating a pool with mirrored and thin virtual disks and ensuring clean deletion is necessary. April's updates for Office target MSI editions, including Excel 2016 (KB5002860), PowerPoint 2016 (KB5002808), Office 2016 shared libraries (KB5002859), and SharePoint Server editions from 2016 to 2019. These updates do not apply to Click-to-Run deployments like Microsoft 365 Apps. Users should validate complex Excel workbooks, PowerPoint presentations, SharePoint document libraries, and the functionality of Office add-ins. Testing for two High Risk components is essential: changes to Kerberos may disrupt services using RC4 keytabs, and the Remote Desktop client update requires validation of clipboard functionality, printer redirection, and session reconnection. Validating Secure Boot and BitLocker is critical as CVE-2023-24932 key rolling progresses. Additionally, cloud sync testing is important due to five patches to the Projected File System driver, and regression testing is needed for dual afd.sys updates and VPN/IPsec patches across remote-access infrastructure. Office updates are limited to MSI editions.

Winsage

April 17, 2026

Microsoft’s April patch puts Windows domain controllers into reboot loops — third known issue from KB5082063 is affecting Windows Server 2016 through 2025

Microsoft has acknowledged that the April 2026 security update for Windows Server, patch KB5082063, has caused significant disruptions for some enterprise domain controllers, leading to continuous reboot cycles in non-Global Catalog domain controllers used in Privileged Access Management (PAM) deployments. This has resulted in the unavailability of Active Directory authentication and directory services on affected servers. Additionally, the installation of KB5082063 may fail on some Windows Server 2025 systems. This issue marks the third consecutive year that April security updates have caused problems for Windows Server domain controllers. In previous years, Microsoft issued emergency fixes for similar issues, including crashes and complications with NTLM authentication. Administrators currently have limited options, including delaying the update, isolating a test domain controller, or engaging with Microsoft Support for tailored mitigation steps.

AppWizard

April 17, 2026

Meta announces date for 2026 Conversations event

Meta will host its 2026 Conversations messaging conference on June 3 in London, focusing on innovations for WhatsApp, Messenger, and IG Direct. The event will feature Meta executives discussing the future of messaging for businesses and the integration of AI tools. It will be live-streamed for global accessibility. This year's keynote will highlight innovations in business messaging, AI agents, and the potential for custom chatbots. Meta plans to invest over billion in AI infrastructure over the next three years. Messaging has become a key focus for Meta, with increased usage of private messaging and tools to enhance business interactions. The adoption of Click-to-Message ads is rising, and the conference will provide insights into the latest trends and tools in messaging.

Tech Optimizer

April 17, 2026

Why Postgres wants NVMe on the hot path, and S3 everywhere else

Efforts to merge storage roles into a single solution are ongoing, particularly with Amazon S3's durability and cost-effectiveness. In PostgreSQL, achieving a durable commit requires flushing the Write-Ahead Log (WAL) before signaling transaction completion, which can take tens of microseconds on high-performance NVMe drives but extend to milliseconds on slower storage. This latency impacts Online Transaction Processing (OLTP) systems and user response times. Benchmark studies show that systems with faster local storage outperform those with slower alternatives as workloads exceed memory capacity. The fsync operation in PostgreSQL is a commitment rather than a simple write, with enterprise-grade SSDs performing better due to power-loss protection. Read operations also face challenges, as PostgreSQL's need for small, latency-sensitive reads conflicts with S3's design for larger, higher-latency requests. As the working set exceeds memory, storage latency becomes a critical performance factor. Modern managed PostgreSQL systems typically do not place object storage in the critical commit path, instead maintaining a fast log or cache close to the database while relegating colder data to remote storage. Recent PostgreSQL developments, such as asynchronous I/O support in version 18, aim to leverage fast storage more effectively. S3 is valuable for tasks like WAL archiving and backups, but these should be kept separate from the commit path to avoid resource contention. The solution involves using both NVMe and S3, with fast storage managing commits and cache misses, while object storage handles archives and backups. PostgreSQL performs best when hot and cold storage functions are clearly delineated.

Tech Optimizer

April 17, 2026

EDB Spearheads the Year of the Agentic Workforce with Industry Recognition, Ecosystem Momentum, and Continued Postgres® Leadership

EnterpriseDB (EDB) announced that its product, EDB Postgres AI (EDB PG AI), won the "Data Management Innovation of the Year" at the 2026 Data Breakthrough Awards. EDB PG AI is recognized for transforming Postgres into a unified data and AI platform, facilitating hybrid management and observability across workloads. EDB contributes 30% to the open-source Postgres project, leading contributions among commercial entities. EDB PG AI was highlighted at the NVIDIA GTC 2026 and received multiple accolades, including recognition in CRN's 2026 AI 100 and Sustainability Innovation of the Year. EDB hosts a podcast, AI & Data Horizons, featuring industry experts discussing responsible AI use and data sovereignty. EDB PG AI is described as the first open, enterprise-grade sovereign data and AI platform, capable of unifying various workloads while ensuring compliance and security.

Winsage

April 16, 2026

Fake Proton VPN sites are pushing NWHStealer malware to Windows users

A malware campaign is utilizing counterfeit Proton VPN websites and other deceptive tactics to distribute a Windows infostealer known as NWHStealer. This malware extracts sensitive information, including browser credentials and cryptocurrency wallet details, and operates stealthily by injecting itself into legitimate processes. Two primary infection vectors have been identified: malicious ZIP archives on a free web hosting platform and trojanized installers from fake Proton VPN sites. The malware employs DLL hijacking and can exfiltrate data to a command-and-control server while ensuring persistence through scheduled tasks and disguising payloads as legitimate system processes. It also exploits the Windows cmstp.exe utility to bypass User Account Control. Users are advised to avoid downloading software from unofficial sources and to verify file signatures and publisher information.

Winsage

April 16, 2026

A zero-day BlueHammer Windows exploit was leaked by a researcher fed up with Microsoft’s Security Response Center — and the rushed fix isn’t perfect

On April 2, 2026, a security researcher named Chaotic Eclipse announced a zero-day Windows exploit called BlueHammer, which allows attackers to gain SYSTEM privileges. Will Dormann, a principal vulnerability analyst, confirmed the exploit's functionality. Chaotic Eclipse criticized the Microsoft Security Response Center (MSRC) for its perceived incompetence, suggesting that prior attempts to resolve the issue privately were ignored. Dormann indicated that budget cuts at Microsoft may have led to a decline in the quality of the MSRC. BlueHammer was neutralized in the Windows 11 CVE-2026-33825 update released on April 14, 2026, but some components may still exist.

Winsage

April 16, 2026

CISA flags Windows Task Host vulnerability as exploited in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability in the Windows Task Host, identified as CVE-2025-60710, which poses a risk of privilege escalation, potentially allowing attackers to gain SYSTEM privileges. This flaw affects devices running Windows 11 and Windows Server 2025 and arises from a weakness in link following. Microsoft released a patch for this issue in November 2025. CISA has added CVE-2025-60710 to its list of actively exploited vulnerabilities and mandated that Federal Civilian Executive Branch agencies secure their systems within two weeks. CISA encourages all organizations, including those in the private sector, to implement necessary patches and improve network security. CISA also advised organizations to follow vendor instructions for mitigations or discontinue use of the affected product if mitigations are unavailable.

Tech Optimizer

April 15, 2026

Postgres to Iceberg in 13 minutes: How Supermetal compares to Flink, Kafka Connect, and Spark

Supermetal introduced Iceberg sink support, allowing for data transfer from Postgres to Iceberg. In a performance comparison, Supermetal completed snapshotting in 13 minutes, while Flink took 90 to 116 minutes, Kafka Connect required 120 minutes, and Spark exceeded 3 hours. The tests focused on throughput during the snapshotting phase rather than latency. The setup used the TPC-H dataset with a scale factor of 50 and involved AWS infrastructure. Supermetal operates independently of Kafka, enabling direct data delivery from source to sink. It utilizes a JSON configuration file for deployment, supporting various catalogs and advanced configuration options. Supermetal's Iceberg writer can adjust settings based on the CDC source phase. Throughout the tests, Supermetal maintained low CPU and memory usage, while other tools faced challenges with performance and resource management. Data synchronization was validated across all tools, with Supermetal achieving at least 7x faster snapshotting performance without tuning.

Winsage

April 15, 2026

Why is France moving from Microsoft Windows to Linux

The government aims to reduce reliance on non-European digital solutions by transitioning from Windows to Linux-based systems for state operations. The national health insurance body is migrating 80,000 employees to state-approved digital tools, including secure messaging and file transfer platforms, with plans to transition the health data platform to a sovereign solution by the end of 2026. Ministries will submit roadmaps by autumn to outline strategies for reducing dependence on non-European technologies in areas such as workplace software, collaboration tools, cybersecurity, artificial intelligence, database management, and network equipment. A centralized strategy will oversee these initiatives, with industry meetings planned for June to formalize public-private partnerships. Additionally, Japan and France have agreed to enhance cooperation on critical mineral supply chains.