local accounts Archives

Winsage

November 15, 2024

A helpful Windows 11 Start menu feature is now in Windows 10

Windows 10 holds a 61 percent share of the Windows desktop market, while Windows 11 has about 35 percent. Microsoft is focusing on enhancing Windows 10, particularly the Start menu, which now features advertisements for its products. A recent update includes the integration of a Microsoft 365 account manager in the Start Menu's sidebar, allowing users to switch between Microsoft 365 and local accounts easily. Users can access options like Change account settings, Lock, and Sign out through this new feature, which also provides direct links to Microsoft 365 and OneDrive. There is currently no option to disable the Microsoft 365 account manager or to opt out of prompts for a paid subscription.

Winsage

October 27, 2024

Windows 11 Enterprise/Edu may get Settings “Home” with Microsoft account ads

Microsoft has introduced a Home section in the Settings app of Windows 11 23H2, initially for consumer editions, which will soon extend to commercial editions. This Home page allows users to view their device name, connection status, and last update check, as well as access essential settings like power, display, and sound. It also includes personalization options, cloud storage monitoring, backup management, and security reminders. The feature is set to enhance user experience across various environments, with observations indicating a focus on settings recommendations and personalization. Promotions for Microsoft Account services are prevalent in the consumer edition, but may be less relevant for commercial users. There is potential for future updates to streamline the Home page and reduce clutter. Users of Windows 11 LTSC currently do not see these advertisements.

Winsage

October 14, 2024

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf

The Iranian threat actor known as OilRig is exploiting a patched privilege escalation vulnerability (CVE-2024-30088) in the Windows Kernel as part of a cyber espionage campaign targeting the United Arab Emirates and the Gulf region. OilRig, also referred to as Earth Simnavaz and by other aliases, employs advanced tactics including a backdoor that exploits Microsoft Exchange servers for credential theft. Their recent operations involve a previously undocumented implant for exfiltrating credentials and the use of a web shell for initial access to vulnerable web servers. They utilize the ngrok remote management tool for persistence and movement within networks. The exploitation of the privilege escalation vulnerability allows the delivery of a backdoor called STEALHOOK, which transmits harvested data via the Exchange server. OilRig has also employed a password filter policy DLL (psgfilter.dll) to extract sensitive credentials. This group has a history of targeting critical infrastructure in geopolitically sensitive areas to maintain a persistent presence for further attacks.

Winsage

September 28, 2024

Microsoft explains how it’s tackling security and privacy for Recall

Microsoft's Recall feature for Copilot+ AI PCs was designed to help users locate past activities but faced backlash over security concerns related to constant screenshotting of user activity. In response, Microsoft delayed the rollout for Windows Insider beta testers and announced enhanced security measures, making Recall an opt-in feature by default and integrating Windows Hello biometric authentication. The feature will utilize encryption and VBS Enclaves to protect data, and users can opt to remove Recall entirely. Additional protective measures include rate-limiting and anti-hammering strategies, with a fallback PIN method after configuration. Recall will not retain private browsing data by default and will filter sensitive content. Microsoft has engaged a third-party vendor for penetration testing and security design review, while the Microsoft Offensive Research and Security Engineering team has been testing the feature.

Winsage

August 21, 2024

10 shocking reasons Windows 10 outshines Windows 11

- Windows 10 supports a broader range of older hardware compared to Windows 11's stringent system requirements. - Windows 10 offers more customization options than Windows 11. - Windows 10 has undergone extensive refinements since its launch in 2015, while Windows 11 is relatively new and faces challenges. - The Start Menu in Windows 10 is considered more usable than the simplified version in Windows 11. - Windows 10 provides greater control over update timing and installation compared to Windows 11's aggressive update policy. - Windows 10's tablet mode offers a smoother transition between desktop and tablet use than Windows 11's touch interface. - Windows 10 supports legacy applications better than Windows 11, making it preferable for users dependent on specific software. - Windows 10 maintains a familiar layout, providing stability and consistency for users. - Windows 10 allows the creation and use of local accounts, while Windows 11 encourages signing in with a Microsoft account. - Microsoft will support Windows 10 until October 2025, offering updates and security patches.

Winsage

August 15, 2024

Microsoft is making BitLocker device encryption default on Windows 11: What it means ‘good news’ for users and buyers – Times of India

Microsoft is introducing BitLocker encryption as a default feature in the upcoming Windows 11 24H2 update, ensuring automatic data encryption for new devices and clean installations. This enhancement aims to protect users from unauthorized access to their disks and eliminates the need for separate encryption software. BitLocker will be available to a broader range of devices, including those running Windows 11 Home, without requiring specific hardware specifications like the Hardware Security Test Interface (HSTI) or Modern Standby. Existing Windows 11 users must perform a clean installation or purchase a new PC with the 24H2 update to enable BitLocker, as upgrading will not activate it automatically. A Microsoft account is necessary to complete the encryption process, and users should back up their BitLocker recovery key to regain access in case of unauthorized access attempts or hardware changes. While BitLocker encrypts data, it does not protect against malware, which can access encrypted files if the system is infected and the drive is unlocked.

Winsage

August 15, 2024

The next Windows 11 update may seriously slow down your SSD | Digital Trends

Microsoft's upcoming Windows 11 24H2 update will enable the BitLocker device encryption tool by default, expanding its availability beyond just Windows Pro editions to a broader range of devices. Tests indicate that enabling BitLocker may significantly reduce SSD performance, with sequential read speeds potentially dropping by up to 45% and write speeds by around 40%. Random read and write operations also experience slowdowns, though to a lesser extent. BitLocker will be automatically activated only on new PCs or during clean installations, not for users upgrading existing systems. Users with local accounts will need to manually enable BitLocker. The update will also simplify the encryption process by removing previous hardware requirements and streamline compliance with Hardware Lab Kit standards for manufacturers.

Winsage

August 14, 2024

Microsoft is enabling BitLocker device encryption by default on Windows 11

Microsoft's upcoming Windows 11 version 24H2 will make BitLocker device encryption a standard feature for users performing clean installations. Device encryption will be automatically enabled when signing in with a Microsoft or work/school account. The update lowers hardware requirements for automatic device encryption, making it accessible to more devices, including those running the Home version of Windows 11, and eliminates previous requirements for Hardware Security Test Interface (HSTI) and Modern Standby. The 24H2 update will be preinstalled on new Copilot Plus PCs and is expected to be available for existing machines by late September. Users upgrading from previous versions will not have this feature enabled automatically. Automatic device encryption can be bypassed by setting up devices with a local account, but BitLocker can still be manually activated. Users can also disable device encryption through Windows 11's settings. Microsoft has implemented requirements for modern processors, Secure Boot, and Trusted Platform Module (TPM) chips to enhance security, enabling the activation of its virtualized Memory Integrity feature by default.

Winsage

August 11, 2024

Windows 11 24H2 reduces BitLocker eligibility, turns on automatic encryption for more PCs

Microsoft's Windows 11 version 24H2 has updated BitLocker encryption requirements, making it more accessible for a wider range of PCs. The update removes the need for certain hardware features, such as the Hardware Security Test Interface (HSTI) and Modern Standby, which were previously mandatory for automatic encryption. The requirement to verify untrusted Direct Memory Access (DMA) interfaces has also been eliminated. BitLocker is automatically turned on during the reinstallation of Windows 11 24H2 for both Pro and Home editions, provided the manufacturer has enabled a specific flag in the UEFI settings. However, devices upgraded via Windows Update will not have this feature activated. Automatic encryption requires a Trusted Platform Module (TPM) and UEFI Secure Boot. The process initiates during setup but only becomes operational once the user signs in with a Microsoft Account. Users can manually activate BitLocker or disable automatic encryption through a bootable ISO or by adjusting the Registry. Windows 11 24H2 is expected to ship on Intel and AMD PCs in late September or early October.

Winsage

July 18, 2024

Windows local accounts are the bugbear that Microsoft can’t get rid of

People keep finding ways to make local accounts on Windows, even though Microsoft prefers users to use Microsoft accounts for data syncing and easier access to services. Microsoft has been trying to push users towards using Microsoft accounts, but some people prefer local accounts for privacy reasons.