initialization Archives

Winsage

May 5, 2026

Defender yanks root certs as Windows updates blocks backups

Microsoft's Defender anti-malware tool update version 1.449.425.0 removed two DigiCert root digital certificates, leading to false positives that flagged them as severe malware (Trojan:Win32/Cerdigent.A!dha). This incident was later identified as a false positive, and updating to version 1.449.430.0 or later reinstates the certificates. The issue may be linked to a DigiCert employee encountering disguised malware. Additionally, Windows updates from April 14 caused third-party backup applications to malfunction due to the addition of vulnerable psmounterex.sys kernel driver versions to a blocklist. Users experienced difficulties with mounting backup image files, and Microsoft referenced a vulnerability rated 9.3 out of 10 in the driver. Other affected software includes Acronis Cyber Protect Cloud and UrBackup server. Microsoft has not explained the delay in adding the vulnerable driver to the blocklist, and other recent update-related issues have also been reported.

Tech Optimizer

May 4, 2026

Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha

Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, leading to their removal from Windows systems globally. This issue arose after a Defender signature update on April 30th, with affected certificates including 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 and DDFB16CD4931C973A2037D3FC83A4D7D775D05E4. The certificates were removed from the AuthRoot store under the Registry key HKLMSOFTWAREMicrosoftSystemCertificatesAuthRootCertificates. Microsoft has addressed the issue in Security Intelligence update version 1.449.430.0, which also restored the removed certificates. The false positives were linked to detections related to a recent DigiCert breach, where threat actors obtained valid code-signing certificates used for signing malware. DigiCert revoked 60 code-signing certificates, including those linked to the "Zhong Stealer" malware campaign. The malware utilized certificates issued to companies like Lenovo and Kingston, but the certificates flagged by Microsoft Defender are root certificates and do not correspond to the revoked code-signing certificates.

TrendTechie

April 27, 2026

Домашний Netflix за вечер: Transmission + Jellyfin + Telegram-бот на Docker с поддержкой NAS

The setup involves a Keenetic router with a 2TB USB drive, functioning as a NAS for network storage. It utilizes three Docker containers: Transmission with Flood UI for torrent management, Jellyfin as a media server, and a Telegram bot for adding torrents and receiving notifications. The process allows users to send .torrent files via Telegram, which are then downloaded and made available in Jellyfin for viewing on various devices. The configuration requires Docker, a NAS or router with SMB share, and a Telegram account. The system is designed to maintain data integrity through OS reinstalls, and it can be set up quickly using a provided repository and configuration files.

Winsage

April 14, 2026

Windows 11 cumulative updates KB5083769 & KB5082052 released

Microsoft has released cumulative updates KB5083769 and KB5082052 for Windows 11 versions 25H2, 24H2, and 23H2, incorporating the April 2026 Patch Tuesday security patches. Users can install these updates automatically or manually via the Microsoft Update Catalog. The build numbers will be updated to 26200.8246 for 25H2, 26100.8246 for 24H2, and 22631.6936 for 23H2. Key features include the ability to modify Smart App Control without reinstalling Windows 11, improved Narrator functionality, enhancements in Account Settings for Microsoft 365 Family subscribers, refined Pen settings, a redesigned About page in Settings, and various reliability improvements across File Explorer, Display, Printing, Safe mode, Voice Access, Start menu, Remote Desktop, and Audio. No new issues have been reported from this update, and Microsoft is planning a significant quality update for Windows 11 in 2026.

AppWizard

April 1, 2026

Running A Game On A PC With No System RAM

The video by PortalRunner explores alternatives for running modern software in environments with limited RAM, particularly in the context of the challenges posed by the absence of DDR5 memory. It discusses various strategies, including: - Testing Linux with specific boot arguments, which can lead to system failures if insufficient RAM is allocated. - Maximizing swap usage on SSDs, which, despite being faster than HDDs, results in sluggish performance due to overhead. - Utilizing video RAM from GPUs as a substitute for system RAM, which also suffers from significant overhead. - Modifying a CoreBoot BIOS image to use CPU cache memory, allowing lightweight software to run without system RAM, although this method raises scalability and practicality concerns. The exploration highlights creative responses to RAM shortages in computing.

Winsage

March 27, 2026

Microsoft Introduces WinApp CLI to Unify Windows App Development Workflows

In January 2026, Microsoft launched the public preview of the WinApp CLI, a command-line tool for Windows application development that is open source and supports various frameworks including .NET, C++, Electron, and Rust. The tool aims to simplify the complexities of Windows development by providing a unified entry point for environment setup, configuration, and packaging. Key features include the winapp init command for environment initialization, the winapp create-debug-identity command for attaching package identities without full MSIX packaging, and automation capabilities for manifests, certificates, and signing processes. The CLI also supports Electron and Node.js scenarios, allowing developers to inject package identity into running Electron processes. The WinApp CLI is currently in public preview, with potential changes before general availability, and an updated version 0.2.0 was released in late February 2026. It can be accessed via WinGet, npm, and as a GitHub project for community contributions.

Tech Optimizer

February 24, 2026

Fake Huorong Site Delivers ValleyRAT Backdoor in Targeted Malware Campaign

A cyber operation is targeting users of Huorong Security antivirus software through a typosquatted domain, huoronga[.]com, which mimics the legitimate site huorong.cn. Users who mistakenly visit the counterfeit site may download a file named BR火绒445[.]zip, which contains a trojanized installer that leads to the installation of ValleyRAT, a remote access trojan. The malware employs various techniques to evade detection, including using an intermediary domain for downloads, creating Windows Defender exclusions, and establishing a scheduled task for persistence. The backdoor facilitates activities such as keylogging and credential access while disguising its operations within legitimate processes like rundll32.exe. Attribution points to the Silver Fox APT group, and there has been a significant increase in ValleyRAT samples documented in recent months. Security measures include ensuring software downloads are from the official site and monitoring for specific malicious activities.

Winsage

January 30, 2026

Why Windows 11 feels slower than Windows 10—and why it’s not just in your head

Windows 11 features a modern architecture with advanced schedulers and SSD support, but many users experience sluggishness, with delays in menus and dialog boxes. This perception of reduced responsiveness compared to Windows 10 has been linked to the use of XAML, which modernizes traditional desktop components but introduces performance issues due to added abstraction layers. Disabling animations does not resolve the delays, which are attributed to XAML's reliance on GPU acceleration for simple tasks, leading to inefficiencies. The cumulative effect of these micro-delays, measured in milliseconds, contributes to an overall feeling of sluggishness, regardless of high-end hardware. Microsoft's design choices prioritize visual consistency and modern UI technology, resulting in trade-offs in everyday responsiveness. The slower perception of Windows 11 compared to Windows 10 is rooted in these deliberate technical decisions.

Tech Optimizer

January 26, 2026

AlloyDB managed connection pooling

AlloyDB for PostgreSQL is a fully managed database service designed for enterprise workloads, combining PostgreSQL's strengths with Google Cloud technology for enhanced performance, scalability, and availability. A new feature, managed connection pooling, addresses the challenges of inefficient database connection management, which can lead to performance degradation, resource exhaustion, and reliability issues. Managed connection pooling maintains a cache of active database connections, allowing applications to reuse connections instead of creating new ones for each request, thus reducing latency and resource consumption. This feature is tightly integrated into AlloyDB, simplifying operations and optimizing performance and security. It offers two configurable pooling modes: transaction mode, which maximizes reuse for short transactions, and session mode, which maintains a connection for the entire session. Enabling managed connection pooling can increase transactions per minute by up to five times, support over three times more concurrent connections, decrease connection latency, and improve reliability during traffic spikes. UKG, a provider of HR solutions, has adopted this feature to enhance the performance and scalability of their applications. To enable managed connection pooling, users can activate it in the Google Cloud console and connect applications using standard PostgreSQL drivers to the designated port.

Tech Optimizer

December 3, 2025

Malicious Rust Crate Delivers OS-Specific Malware to Web3 Developer Systems

A malicious Rust package named "evm-units," uploaded by a user called "ablerust" to crates.io in mid-April 2025, poses a significant threat to developers on Windows, macOS, and Linux. It has over 7,000 downloads and is designed to execute its payload stealthily, depending on the victim's operating system and the presence of Qihoo 360 antivirus. The package disguises itself as a function that returns the Ethereum version number and can detect Qihoo 360 antivirus software. It downloads and executes different payloads based on the operating system: a script for Linux, a file for macOS, and a PowerShell script for Windows. If the antivirus is not detected, it creates a Visual Basic Script wrapper to run a hidden PowerShell script. The package targets the Web3 community, particularly developers, and is linked to the widely used "uniswap-utils" package. Both "evm-units" and "uniswap-utils" have been removed from the repository.