IT security Archives

Winsage

February 11, 2026

Microsoft dials up the nagging in Windows, calls it security

Microsoft is introducing new security features for its Windows operating system, including "Windows Baseline Security Mode" and "User Transparency and Consent." The Baseline Security Mode will enforce runtime integrity safeguards by default, allowing only properly signed applications, services, and drivers to operate, with options for users to override these safeguards for legacy applications. The User Transparency and Consent feature will require explicit user consent for applications accessing sensitive resources, moving away from the current User Account Control prompts. Microsoft aims to enhance user security and privacy while providing clear and actionable notifications. CrowdStrike's Chief Technology Innovation Officer expressed support for this initiative, emphasizing the importance of user consent settings for security software effectiveness. Microsoft has a history of security initiatives, including the Secure Future Initiative, and plans to hold applications and AI tools to higher transparency standards. The rollout of these updates will occur in phases, although no specific timeline has been provided.

Winsage

January 27, 2026

Windows 10’s extended support ends in eight month, but users are still rejecting Windows 11, at least in Germany

Windows 11's market presence in Germany is stagnant, with 48% of private households (approximately 21 million devices) still using Windows 10, which will lose official support on October 14, 2025. Users can opt for Extended Security Updates until October 13, 2026. As of August 2025, Windows 10 had around 24 million installations, while Windows 11 was on about 17 million devices, indicating only 3.6 to 3.7 million transitions to Windows 11. By December 2025, Windows 11 accounted for 66.60% of the gaming market on Steam, with approximately 71% of Windows machines used for gaming running Windows 11. Windows 10 users can extend their support, but as the October 2026 deadline approaches, they will no longer receive security updates. Microsoft may implement notifications to encourage users to upgrade to Windows 11 and consider recycling old PCs for new ones.

Winsage

October 14, 2025

Microsoft October Patch Tuesday for Windows 11 Fixes 175 Flaws

Microsoft's October 2025 Patch Tuesday addressed 175 vulnerabilities, including two zero-day elevation-of-privilege flaws: CVE-2025-24990, related to the legacy ltmdm64.sys Agere Modem driver, and CVE-2025-59230, affecting the Remote Access Connection Manager. Five vulnerabilities were classified as critical, including CVE-2025-59246 (remote code execution in Azure Entra ID), CVE-2025-55315 (ASP.NET Core vulnerability), CVE-2025-49708 (Microsoft Graphics Component bug), CVE-2025-59287 (Windows Server Update Service flaw), and CVE-2025-59228 (SharePoint vulnerability). The update (KB5066835) also resolved usability issues, such as print preview hangs and input detection failures. Microsoft notified administrators about the expiration of Secure Boot certificates in June 2026. Windows 11 users can install the update via Settings > Windows Update, requiring a system restart and data backup before installation.

Winsage

September 28, 2025

Is end of service leaving your system vulnerable? The risks no IT leader can ignore

Unsupported operating systems and device software lack regular updates, making them vulnerable to cyber attacks. Devices running on unsupported platforms can become gateways for attackers, as they are susceptible to known exploits that can be easily weaponized. According to Microsoft’s 2024 Digital Defense Report, over 90% of successful ransomware attacks target unmanaged endpoints. Unsupported versions can bypass standard security solutions and often fail compatibility checks with modern security tools, leading to significant protection gaps. Additionally, these vulnerabilities can be exploited to steal credentials and gain unauthorized access, posing risks to overall network security.

Tech Optimizer

September 12, 2025

Best Antivirus for Windows (September 2025): Avast Awarded Top PC Security Solution by Software Experts

Avast has been recognized as the top antivirus solution for Windows in Software Experts' September 2025 annual review. The evaluation highlighted Avast's effectiveness in addressing cybersecurity threats and its commitment to enhancing digital protection, privacy, and user experience. Avast Premium Security offers real-time threat protection, anti-scam intelligence, email and web safety, and integrates AI-powered tools for enhanced security. Avast Ultimate combines Avast Premium Security with additional tools like SecureLine VPN and AntiTrack, allowing activation on up to 10 devices. Additionally, Avast received recognition from AV-TEST as one of the best Windows antivirus software for home users in evaluations conducted during May and June 2025.

Winsage

August 22, 2025

IGEL benefits from seismic VMware and Windows 10 shifts

IGEL Technology, founded in 2001, initially specialized in thin clients but has shifted towards software solutions that protect endpoints with a read-only operating system, reducing the attack surface by up to 95 percent. Each endpoint operates statelessly, retaining no memory of past interactions, and is managed through a unified portal that integrates with various vendors like Zscaler and CrowdStrike. IGEL's solutions allow for the integration of endpoints in operational technology environments without introducing additional security vulnerabilities, effectively replacing EDR systems with over 120 integrations. The company aims to extend the lifespan of endpoints from 3-5 years to 6-8 years, providing significant cost savings and addressing the challenges posed by the transition from Windows 10 to Windows 11. IGEL's approach enhances security while offering flexibility in application delivery options, although it does not eliminate all cyber threats.

Winsage

August 8, 2025

German researchers show ‘Windows Hell No’ flaw at Black Hat

Microsoft is working to move Windows users away from traditional passwords to its Hello biometrics system. Researchers from ERNW Research, supported by the German government, discovered a critical vulnerability in Hello that allows individuals with local admin access or malware credentials to inject biometric data, bypassing security measures. Hello facilitates authentication for business users by connecting corporate PCs to platforms like Entra ID or Active Directory, storing a cryptographic key in a database linked to Microsoft's Windows Biometric Service. While Enhanced Sign-in Security (ESS) is designed to mitigate such vulnerabilities, not all PCs are compatible with it. During a presentation, researchers demonstrated the flaw by logging in with a facial scan and then injecting a captured facial scan to unlock the device. They suggested that users without ESS disable biometric authentication and revert to using a PIN. Microsoft has not yet responded to these findings, which are part of a research program called Windows Dissect.

Winsage

June 9, 2025

Microsoft: Remedy for security vulnerability due to deleted “inetpub” folder

A recent Microsoft security update has created a new folder named "inetpub" on Windows systems, which is essential for system security. If users delete this folder, it can lead to significant vulnerabilities. Microsoft has released a Powershell script, Set-InetpubFolderAcl.ps1, to restore the "inetpub" folder and set the correct permissions. Systems that installed the April security update (KB5055528) must take immediate action if the "inetpub" directory is missing. The script also updates access rights for the "DeviceHealthAttestation" directory, if it exists. Administrative rights are required to run the script. This issue was highlighted by IT security researcher Kevin Beaumont, who noted that deleting the "inetpub" folder could disrupt the installation of future security updates.

Tech Optimizer

May 2, 2025

The Pillars of AI-Driven Security

The cybersecurity landscape has shifted from traditional methods like firewalls and antivirus software to more sophisticated, AI-driven strategies. The 2024 Verizon Data Breach Investigations Report identifies ransomware as a leading attack type, with a median time to compromise now measured in hours. The attack surface is expanding due to remote work, cloud adoption, and IoT devices, while traditional security measures struggle to keep up. AI enhances security across three domains: prevention, detection, and response. 1. Prevention: AI distinguishes between legitimate and suspicious activities, improving predictive accuracy and enabling proactive defenses against attacks. AI models can identify zero-day malware and fileless attacks by focusing on behavior. 2. Detection: AI-powered tools like SIEM systems analyze vast amounts of data to identify risks and suspicious patterns in near real-time, reducing false positives and highlighting low-and-slow attacks and insider threats. 3. Response: AI automates rapid containment and remediation actions, allowing human analysts to focus on more complex tasks. Generative AI can assist in drafting incident reports and suggesting remediation measures. AI-driven security offers scale and efficiency, reducing breach costs significantly for organizations that utilize it. AI models adapt to evolving threats, and AI tools help bridge the cybersecurity skills gap. However, challenges include potential biases in AI models, the need for talent and change management, and privacy concerns. Organizations are encouraged to adopt AI-driven security as a core component of their digital defense strategy to improve risk posture and threat response.

Winsage

April 24, 2025

Microsoft security patch opens up new security vulnerability

Microsoft's recent update aimed at fixing a security vulnerability (CVE-2025-2104) has unintentionally created an "inetpub" folder on the system drive of Windows operating systems. This folder's creation has raised concerns among IT security researchers, particularly Kevin Beaumont, who warns that it could lead to issues with Windows updates. Users can create junctions that redirect to the "inetpub" folder, potentially causing failures in installing updates and leaving systems vulnerable. Microsoft has stated that the "inetpub" folder should not be deleted and that its presence is part of security enhancements.