IT administrators Archives

Winsage

June 12, 2026

June’s Windows 10 patch has a BitLocker user lockout problem… again

Microsoft released a cumulative update for Windows 10, designated as KB5094127, during the latest Patch Tuesday. Some users are experiencing issues where they are prompted to enter their BitLocker recovery key after installing the update. This problem is linked to systems with an "unrecommended" BitLocker Group Policy configuration and has occurred in previous updates. Specific conditions that can lead to this issue include having BitLocker enabled on the operating system drive, a certain Group Policy setting configured, the System Information tool reporting a specific Secure Boot State, the presence of a particular certificate in the Secure Boot Signature Database, and not using the 2023-signed Windows Boot Manager. Affected users may face difficulties accessing their BitLocker recovery key, potentially leading to lockouts. Microsoft suggests that personal devices are less likely to be affected, with the issue primarily impacting enterprise setups. The company is working on a resolution and advises IT administrators to consider removing the Group Policy configuration before installing the update. Update KB5094127 is available only to Windows 10 users in the Extended Security Updates program for versions 21H2 and 22H2, addressing various bugs and security vulnerabilities.

Tech Optimizer

June 11, 2026

9 Best Antivirus Software On G2: My Top Picks

Antivirus software can become overwhelming for organizations due to alert fatigue shortly after deployment. Analysts often struggle to prioritize notifications, leading to the mismanagement of legitimate tools and unclear incident timelines. A review of nine antivirus solutions based on G2's Winter 2026 Grid® Report identified the following top performers: 1. ESET PROTECT: Best for machine learning-driven endpoint protection; offers enterprise-grade security with a free trial available. 2. Sophos Endpoint: Best for ransomware prevention; provides centralized policy control with a free trial available. 3. ThreatDown: Cost-effective EDR with MDR flexibility; combines antivirus and endpoint detection with a free trial available. 4. CrowdStrike Falcon: Best for large-scale enterprise threat prevention; cloud-native platform with subscription-based pricing and a free trial available. 5. Check Point Harmony Endpoint: Best for unified endpoint and zero-trust protection; integrates malware prevention and phishing defense with a free trial available. 6. Microsoft Defender for Endpoint: Best for Microsoft-native environments; deeply integrated with Microsoft 365, licensed through enterprise agreements. 7. Kaspersky AntiVirus: Best for traditional malware protection; provides real-time protection against various threats. 8. SentinelOne: Best for autonomous AI-driven endpoint response; features automated remediation and ransomware rollback with a free trial available. 9. FortiClient: Best for Fortinet-centric environments; offers VPN access and security policy enforcement with a free basic client available. The analysis highlighted that effective antivirus solutions prioritize behavioral analysis over traditional signature-based detection, minimize false positives, and maintain low system impact during operation. Key factors for evaluating antivirus software include threat detection accuracy, centralized visibility, response capabilities, and deployment stability.

Winsage

June 11, 2026

Microsoft fixes BitLocker recovery bug on Windows Server 2025

Microsoft has resolved an issue affecting certain Windows Server 2025 devices that were booting into BitLocker recovery mode after the April 2026 security update. This issue was linked to specific BitLocker Group Policy configurations and required users to input their BitLocker recovery key upon the first restart after the update. However, this key would only need to be entered once for subsequent restarts, provided the group policy configuration remained unchanged. The problem primarily affected enterprise systems rather than personal devices. The issue arose under specific conditions: BitLocker was enabled on the operating system drive, a particular Group Policy was set, the Secure Boot State PCR7 Binding was "Not Possible," the Windows UEFI CA 2023 certificate was present, and the device was not already using the 2023-signed Windows Boot Manager. Microsoft released fixes in the KB5094125 and KB5093998 updates to address this problem, preventing devices with incompatible group policy configurations from installing the 2023-signed Windows Boot Manager. Event ID 1032 in the System event log indicates the issue when Windows updates are installed. For IT administrators unable to deploy the latest updates, it is recommended to remove the Group Policy configuration before installing updates or to implement a Known Issue Rollback (KIR) on affected devices. Additionally, Microsoft had previously addressed similar BitLocker recovery issues in August 2024 and May 2025.

Winsage

June 11, 2026

Windows Ready Print is Microsoft’s biggest overhaul of Windows printing in years

Microsoft is introducing Windows Ready Print (WRP), a new printing model that aims to modernize the printing experience on Windows by integrating contemporary communication standards like the Internet Printing Protocol (IPP) and Universal Print. WRP will manage newly installed printing devices by default starting in July 2026, while older printers and OEM drivers will still function on newer Windows releases. The initiative focuses on simplifying printing processes and enhancing reliability, with new options for customization available in Windows printer preferences. Users and administrators can choose to enforce or disable WRP-based print management. Additionally, new policies in Group Policy Editor will allow for the selection or blocking of drivers through WRP. The initiative is supported by the Mopria Alliance to improve security and compatibility in printer management across devices.

Winsage

June 10, 2026

Microsoft to Allow Users to Disable Web Search in Windows 11

Microsoft is introducing new controls for Windows 11 that will allow users to disable web search and remove Microsoft Store suggestions from their search results. The update, demonstrated on June 2, 2026, will include two toggles in the Windows 11 Settings app under Privacy and Security → Search Permissions. The first toggle will turn off Bing-powered web results in the taskbar search and Start menu, while the second will control the appearance of Microsoft Store app suggestions. This change replaces the previous method of disabling web search, which required complex registry edits. The new settings aim to enhance user experience by prioritizing local search results and addressing privacy concerns, as user queries will no longer be transmitted to Microsoft’s servers. The toggles are expected to roll out through the Windows Insider program before becoming available to all users.

Winsage

June 8, 2026

Microsoft answers what you must do as Windows 11 Secure Boot deadline hits in days

The expiration date of the original Microsoft Secure Boot KEK certificate is June 24, 2026. Microsoft held a live "Ask Microsoft Anything" session on June 4 to address concerns regarding this deadline. The expiration affects the KEK key, while the DB key remains valid until October. After June 24, Microsoft will not be able to sign new DBX payloads, which are necessary for revoking compromised bootloaders. Devices without the new KEK may miss future revocations, leading to decreased security but will not stop booting immediately. The June Patch Tuesday update is expected to classify most systems as high confidence. IT administrators are advised to use the Intune monitoring report for device status and updates. Devices in a "temporarily paused" status require OEM firmware updates. Administrators should not delay manual rollouts for devices outside the high confidence classification. Secure Boot must be enabled to update certificates, and re-enabling it later can pose risks. Older models may receive high confidence classification faster than newer ones due to statistical requirements. In PXE boot environments, caution is needed when updating bootloaders. The Secure Boot update mechanism is consistent across Windows 10 and 11, and event logs are important diagnostic tools. Key event log entries include 1801, 1802, and 1803, which indicate various device statuses and issues. Microsoft provides resources at aka.ms/GetSecureBoot for further guidance.

Winsage

June 5, 2026

Microsoft Promises Customizable Windows Right-Click Menus

Microsoft is working on a more efficient, streamlined, and customizable right-click context menu for Windows File Explorer and Desktop interactions, responding to user feedback about the cluttered nature of existing menus. The initiative aims to improve user experience by allowing customization, which marks a shift from Microsoft's previous rigid approach. Developers will need to adapt to new APIs and guidelines for context menu interactions, and there may be restrictions on the number of items that can be added. Performance improvements are also planned to address slow-loading context menus. The timeline for implementation is uncertain, but updates may first appear through Windows Insider testing channels. The changes are part of Microsoft's broader strategy to modernize Windows 11 and improve basic functionalities like file management and interface responsiveness. Customizable context menus could provide enterprise IT departments with new management options, and the initiative reflects Microsoft's awareness of competition from other operating systems.

Winsage

June 5, 2026

Microsoft resumes forced Copilot app installation on some Windows PCs

Microsoft has resumed the automatic installation of the Microsoft 365 Copilot app on select Windows PCs that already have Microsoft 365 applications installed. This rollout, which had been paused in March 2026 due to technical issues, is now moving forward, with users expected to see the Copilot app in their Installed Apps section if they have an active Microsoft 365 license. IT administrators can manage this rollout and opt out if desired. The phased rollout began on June 4 and is projected to conclude by the end of June, with specific timelines for various feature flags. Users who already have the Copilot app or are located in the European Economic Area will not be affected by this initiative.

Winsage

June 4, 2026

ADCS Now Generates Post-Quantum Certificates For Windows

Active Directory Certificate Services (ADCS) now supports the generation of post-quantum certificates, enhancing quantum-safe cryptography within Windows' secure connection protocols. Microsoft has integrated PQ TLS hybrid key exchange into the Windows Transport Layer Security (TLS) stack, providing protection against "Harvest Now, Decrypt Later" attacks. The PQ TLS hybrid key exchange combines traditional cryptographic methods with the NIST ML-KEM algorithm, offering three hybrid combinations: X25519MLKEM768, SecP256r1MLKEM768, and SecP384r1_MLKEM1024. This feature is available in preview via the Windows Insider Program and will be rolled out to Windows 11 and Windows Server. Additionally, Windows cryptography APIs now support composite ML-KEM and ML-DSA algorithms, which are NIST-approved standards for key exchange and digital signatures, enhancing security by requiring multiple components to be compromised. Microsoft emphasizes the importance of establishing new Certification Authorities (CAs) for implementing post-quantum certificate issuance, as existing CAs cannot be upgraded. The introduction of ML-DSA support within ADCS allows organizations to counter HNDL risks associated with long-lived data. Organizations are encouraged to inventory their use of public-key cryptography, prioritize systems protecting sensitive data, and test hybrid and composite approaches in non-production environments to facilitate a smooth transition to quantum-safe cryptography.

Winsage

June 3, 2026

The Future Microsoft Showed at Build 2026 Barely Looks Like Windows

During the Build 2026 conference, Microsoft CEO Satya Nadella discussed the potential of AI agents in various sectors and introduced OpenClaw, an AI agent system. Microsoft showcased a local AI agent that attempted to delete user files but failed, emphasizing safety and the promotion of OpenClaw-style AI agents on personal computers. To support this, Microsoft introduced Microsoft Execution Containers (MXC) for secure operation of OpenClaw on Windows and a companion app. The Nvidia RTX Spark-powered Surface Laptop Ultra was highlighted as capable of running AI agents locally without internet reliance. Nvidia CEO Jensen Huang discussed the future of AI agents, envisioning PCs as autonomous tools. Microsoft aims to optimize Windows for AI functionalities, potentially integrating AI agents into the user experience. Security concerns surrounding OpenClaw led to the introduction of MXCs, which allow control over AI agent permissions. The demonstration of OpenClaw's failure was seen as a positive indication of security measures. Despite advancements, the practical applications of AI agents for everyday Windows users remain unclear.