integrity Archives

Winsage

March 7, 2026

Microsoft’s Secure Boot certificates expire in June 2026, but older PCs may never get the fix

Every Secure Boot-enabled Windows PC relies on cryptographic certificates issued by Microsoft in 2011, embedded in the motherboard's firmware, to ensure a secure boot process. The first of these certificates will expire on June 24, 2026, which will affect the ability to receive future security updates for critical components of the Windows startup process. Microsoft is rolling out replacement certificates through Windows Update, marking a significant security maintenance effort. Secure Boot operates as a chain of trust with certificates stored in the motherboard's UEFI firmware, validating software before the operating system loads. The Platform Key (PK) is at the top of this chain, followed by the Key Exchange Key (KEK) and the Signature Database (DB). The replacement certificates introduced in 2023 restructure certificate management, separating responsibilities among different certificate authorities to enhance the trust model. Not all PCs are affected by the upcoming expiration; newer devices manufactured since 2024 already have the new certificates. Windows 10 users face challenges as support for this version ends in October 2025, and they will not receive the new certificates unless enrolled in Extended Security Updates. Home users should ensure their PCs are set to receive updates automatically, while enterprise environments require coordination for firmware updates before the Windows certificate update.

AppWizard

March 7, 2026

Admittedly over the top WW1 shooter is out now, and it’s the one time the question of an anti-cheat solution sounds ridiculous

Over The Top: WWI is a World War I shooter that allows up to 200 players to engage in chaotic combat, focusing on enjoyment rather than historical accuracy. The game features a whimsical aesthetic and encourages camaraderie and humor. Developers believe stringent anti-cheat measures are unnecessary, as critical game functions are server-controlled, reducing the impact of common hacks. The chaotic gameplay makes traditional competitive integrity less relevant, as the unpredictability of combat and the large number of players diminish the effectiveness of cheats.

Winsage

March 6, 2026

Microsoft’s Secure Boot certificates expire in June 2026, but older PCs may never get the fix

Every Secure Boot-enabled Windows PC relies on cryptographic certificates issued by Microsoft in 2011 for boot process integrity. The first of these certificates will expire on June 24, 2026, impacting the ability to receive future security updates. Microsoft is rolling out replacement certificates through Windows Update, requiring collaboration between Microsoft, PC manufacturers, and users. Three critical certificates will expire: the Microsoft Corporation KEK CA 2011 and Microsoft UEFI CA 2011 in June 2026, and the Microsoft Windows Production PCA 2011 in October 2026. The new certificates introduced in 2023 have a restructured functionality to enhance security. Not all PCs are affected; newer devices manufactured since 2024 come with the new certificates. Windows 10 users face challenges as support ends in October 2025, and unsupported devices will not receive updates. Home users should ensure automatic Windows updates and check for firmware updates, while enterprise environments must verify firmware updates before applying certificate updates. The first certificate expiration is on June 27, 2026.

AppWizard

March 6, 2026

Building realistic Minecraft worlds with Open Data on AWS: How Arnis uses elevation datasets at scale

Arnis is an open-source tool that transforms real-world locations into Minecraft experiences using geospatial data from Amazon Web Services (AWS). It recently migrated to Terrain Tiles, a global elevation dataset, which has reduced data retrieval costs and improved accessibility for nearly 300,000 users. Users can select geographic regions and customize parameters to generate locations in Minecraft, with the conversion process occurring locally on their machines. The integration of elevation data was a key feature, achieved through a processing pipeline designed by contributors after consulting GIS specialists. This pipeline allows accurate terrain rendering globally, even in areas with significant elevation variations. The transition to Terrain Tiles eliminated the need for a commercial provider, simplifying the codebase and removing account-bound authentication for data access. Previously, users made around 2,000,000 elevation tile requests over three months, incurring substantial costs. Now, users benefit from free access to the Terrain Tiles dataset, enhancing the elevation feature's reliability and accessibility. The Arnis processing pipeline operates on the client’s machine without backend services or API keys, involving steps such as calculating tile coordinates, fetching terrain tiles from AWS, decoding them, applying smoothing, and voxelizing the map data. A local cache is used to minimize redundant reads, and the system defaults to flat terrain if the endpoint is temporarily unavailable. Future developments include a public Minecraft server for exploring generated worlds without downloading the application, automatic region selection for optimized data retrieval, expanded landform detection for better representations, and a terrain-only mode for custom city planning and adventure map creation.

AppWizard

March 5, 2026

Sony Has Reportedly Returned to Console Exclusivity in Part Because Some Within PlayStation Are Worried That R

Sony's upcoming titles, Ghost of Yotei and Saros, will remain exclusive to the PlayStation 5, marking a shift away from releasing games on PC. The company will reserve single-player experiences for its console while continuing to offer online games on PC. Upcoming titles like Marvel Tokon will be available on both PC and PS5, and Bungie's Marathon will launch on multiple platforms. The anticipated PC launch of Ghost of Yotei has been canceled due to concerns over the PlayStation brand and future console sales. Disappointing sales figures for PlayStation games on PC have influenced this policy shift, as has the potential for PlayStation titles to be accessible on the next Xbox. Sony's strategy has favored staggered releases for single-player titles, while live service games are published on PC from day one. Recent reports suggest potential delays in the launch of the PS6, possibly pushing it to 2028 or beyond, due to the AI-driven chip crisis. Rising memory costs could lead to challenges and price increases for consumers. Sony's recent closure of Bluepoint Games and continued operation of Nixxes Software, a specialist in PC ports, are also notable developments.

Winsage

March 4, 2026

PoC Exploit Released for Microsoft Windows Error Reporting ALPC Privilege Escalation

A proof-of-concept exploit for CVE-2026-20817, a local privilege escalation vulnerability in the Windows Error Reporting (WER) service, has been released by security researcher oxfemale on GitHub. This vulnerability allows low-privileged users to gain SYSTEM-level access through crafted Advanced Local Procedure Call (ALPC) messages. The flaw is located in the WER service's SvcElevatedLaunch method, which fails to validate caller privileges before executing WerFault.exe with user-supplied command line parameters. The CVSS v3.1 base score for this vulnerability is 7.8, indicating a high severity level. It affects unpatched versions of Windows 10, Windows 11, Windows Server 2019, and Windows Server 2022 prior to the January 2026 update. Demonstrations have shown successful exploitation on Windows 11 23H2. Security teams are advised to monitor for unusual processes related to WerFault.exe, investigate missing SeTcbPrivilege in SYSTEM tokens, and review WER-related activities from low-privilege users. Immediate application of the January 2026 security patches is recommended, and a temporary workaround involves disabling the WER service.

Winsage

March 2, 2026

NTLM is going away: what Microsoft’s phaseout means for MSPs and IT teams

The migration from NTLM to Kerberos authentication is essential for improving security in Windows systems, but it faces challenges such as legacy systems and hardcoded authentication. Organizations must identify NTLM usage, conduct testing with NTLM disabled, and make necessary adjustments or upgrades to migrate successfully. Ongoing monitoring is crucial post-migration to prevent NTLM from re-entering the network. NTLM is associated with significant security vulnerabilities and has been exploited by various threat groups, making its elimination a priority for organizations despite potential hesitations to invest in the migration process. Transitioning to Kerberos is seen as a strategic security investment.

AppWizard

March 1, 2026

Signal Review 2026: Secure Messenger (Pros and Cons)

Signal is a secure messaging application known for its robust encryption protocols and user-centric features. It offers end-to-end encryption for messages, calls, and video chats, an open-source code for security verification, and an ad-free experience funded by donations. However, it has limitations such as fewer features compared to competitors, a requirement for users to register with their phone numbers, and occasional performance issues.

Winsage

February 28, 2026

Microsoft testing Windows 11 batch file security improvements

Microsoft has released new Windows 11 Insider Preview builds that enhance security and performance for batch files and CMD scripts. IT administrators can now activate a secure processing mode by adding the LockBatchFilesInUse registry value, which prevents modifications to batch files while they are running. This update also requires signature validation only once per batch file, improving performance. Additionally, the Shared Audio feature has been refined, allowing users to share audio across multiple devices with individual volume sliders and a new taskbar indicator. The feature now supports more Bluetooth LE Audio accessories, including Samsung Galaxy Buds 4, Sony WF-1000XM6, and Xbox Wireless Headset. These updates are available for Windows Insiders in the Beta and Dev channels with specific preview builds installed.

AppWizard

February 28, 2026

Centre’s SIM binding directive on app-based messaging platforms ‘unconstitutional’: Tech industry body BIF

The Broadband India Forum (BIF) has expressed legal concerns about the government's SIM binding mandate, stating it is "ultra vires the parent legislation" and "unconstitutional," based on a senior counsel's opinion. This opinion critiques the Telecommunications (Telecom Cyber Security) Amendment Rules, 2025, claiming they exceed the authority of the Telecommunications Act of 2023. The government's directive requires app-based communication services to maintain a link to a user's active SIM card, which BIF argues violates principles of due process and proportionality. BIF also highlights that the introduction of Telecommunication Identifier User Entities (TIUEs) alters the scope of telecom regulation improperly, potentially leading to legal conflicts with existing laws like the Information Technology Act. BIF concludes that the amendment rules represent an impermissible expansion of delegated authority under the Telecom Act, advocating for adherence to the statutory framework. The government's directive, aimed at addressing cyber security concerns, would change how users access messaging services in India.