Mail Archives

Winsage

June 20, 2025

Microsoft boosts default security of Windows 365 Cloud PCs

Microsoft is enhancing its Windows 365 Cloud PCs with new security features starting in May 2025. All newly provisioned and reprovisioned Cloud PCs using a Windows 11 gallery image will have Virtualization-Based Security (VBS), Credential Guard, and Hypervisor-Protected Code Integrity (HVCI) enabled by default. VBS creates a secure environment to protect system processes, Credential Guard secures authentication credentials, and HVCI ensures only verified code runs at the kernel level. Additionally, beginning in the latter half of 2025, clipboard, drive, USB, and printer redirections will be disabled by default on newly provisioned and reprovisioned Cloud PCs to mitigate security risks, although IT administrators can re-enable these features if needed.

AppWizard

June 6, 2025

Amazon Prime Members Get These 9 Free Games In June

Amazon has announced the lineup of PC games for Prime Gaming in June, which includes: - Available Now: - Mordheim: City of the Damned (GOG code) - The Abandoned Planet (Amazon Games app) - June 12: - Station to Station (Amazon Games app) - Death Squared (GOG code) - June 19: - Dark Envoy (GOG code) - Fate: Undiscovered Realms (GOG code) - June 26: - Thief: Deadly Shadows (GOG code) - Jupiter Hell (GOG code) - Gallery of Things: Reveries (Legacy games code) Additionally, Prime subscribers will have access to games via the Prime Gaming Luna channel, including titles such as Batman: Arkham Knight, Lego DC Super-Villains, and Fallout New Vegas: Ultimate Edition. Games claimed through Prime Gaming remain permanently in the user's library, even if the subscription ends.

AppWizard

June 3, 2025

Jonathan Joss, who appeared in Cyberpunk 2077 and Red Dead Redemption, shot dead in Texas

Jonathan Joss, a 59-year-old actor known for his roles in video games and as John Redcorn in King of the Hill, was shot multiple times during a confrontation with a neighbor, Sigfredo Alvarez Ceja, near his former residence, which had burned down earlier this year. Emergency medical services pronounced him dead at the scene. Joss's husband, Tristan Kern de Gonzales, reported that they had faced over two years of harassment from local residents, including violent homophobic slurs, leading up to the incident. De Gonzales stated that Joss pushed him out of the way during the shooting, saving his life. Joss had previously indicated that the fire that destroyed their home was an accident caused by a barbecue grill, while de Gonzales claimed it was part of ongoing harassment. Joss's career included voice work in various television shows and video games, with notable roles in Red Dead Redemption, Days Gone, Wasteland 3, and Cyberpunk 2077. He was set to reprise his role in a revival of King of the Hill scheduled to premiere on Hulu in August.

Winsage

May 30, 2025

Microsoft unveils “centralized” software update tool for Windows

Microsoft is developing a Windows-native update orchestration platform to improve the software updating experience for IT administrators and end-users. This platform aims to streamline the management of updates across various applications and components within the Windows ecosystem, reducing confusion caused by independent updates for different products. Currently in private preview, developers can access the platform through Windows Runtime (WinRT) APIs and PowerShell commands by registering as update providers. The orchestrator will intelligently defer updates based on user activity and system performance, and it will automatically reschedule failed attempts. Additionally, Microsoft is introducing Windows Backup for Organizations to assist with the transition from Windows 10 to Windows 11. This feature simplifies the backup and restoration of settings for Windows 10 and 11 devices. To use this functionality, devices must be Microsoft Entra hybrid joined or Microsoft Entra joined and running a supported version of Windows. The restore feature is compatible only with Microsoft Entra joined devices running Windows 11, version 22H2 and later. The Windows Backup for Organizations feature is currently in a limited public preview for select members of the Microsoft Management Customer Connection Program.

AppWizard

May 28, 2025

The best password managers for Android of 2025: Expert tested

Safeguarding personal information like login credentials and credit card details is crucial for Android users, and a password manager is essential for generating and securely storing strong, unique passwords. Bitwarden is highlighted as the best free password manager due to its open-source nature and robust encryption, allowing unlimited credential syncing across devices. It features autofill, secure note storage, a password generator, encrypted sharing, biometric unlock, and passkey support. 1Password is recommended for its user-friendly interface and security features, offering a library of over 20 credential types, autofill capabilities, and a feature called Watchtower for security alerts. It requires a subscription after a 14-day trial. Keeper is noted for its user-friendly onboarding process and enterprise-level security, accommodating various record types and offering features like account recovery and offline access, but it may be less appealing for budget-conscious users. Proton Pass, an open-source option from the creators of Proton VPN and Proton Mail, emphasizes privacy and offers features like password health alerts and hide-my-email aliases, although it currently lacks some functionalities of more established managers. Overall, Bitwarden is the top choice for cost-effective password management, while 1Password is recognized for its user experience.

Winsage

May 23, 2025

Unpatched Windows Server vulnerability allows full domain compromise

A newly discovered privilege escalation vulnerability in Windows Server 2025, known as the “BadSuccessor” attack, allows attackers to compromise any user within Active Directory (AD), including those with Domain Admin privileges. This vulnerability stems from the delegated Managed Service Account (dMSA) feature, which can be exploited by creating a new dMSA linked to any user or computer account without requiring direct access to the original account. Researchers found that 91% of examined environments had users outside the Domain Admin group with the necessary permissions to execute this attack. Microsoft has been notified and is working on a patch, while organizations are advised to restrict dMSA creation to trusted administrators and enhance their security measures.

Tech Optimizer

May 13, 2025

If I would ever install an antivirus, this open-source tool would be my choice, and here is why

ClamAV is a free, open-source antivirus tool that allows public scrutiny of its code, ensuring security and integrity. It is compatible with multiple platforms, including Linux, Windows, and macOS, and is suitable for self-hosted servers and virtual machines. ClamAV includes features like SigTool for managing the virus signature database and ClamBC for advanced dynamic detection capabilities. It operates through a command-based interface, which may be intimidating for some users, and requires initial configuration. Despite its thorough scanning process, it may not perform as quickly as other antivirus solutions. ClamAV is recognized for its ability to identify a wide array of potential threats without financial investment.

Winsage

May 8, 2025

The 12 KB Windows just can’t quit

Raymond Chen discussed the moricons.dll file on his blog, highlighting its significance in the Windows operating system. The file, sized at 12,288 bytes, contains icons from the Windows 3.1 era, including those for Turbo Pascal, Quattro Pro, WordPerfect, Lotus 123, and cc:Mail. Originally, icons were stored in progman.exe, but as their collection grew, they were moved to moricons.dll for better organization. This library has persisted through various Windows upgrades, evolving from Program Manager icons to shortcut files in Windows 95. Despite the transition to 64-bit Windows, which no longer supports MS-DOS programs, moricons.dll has survived, suggesting that some users may still find value in these nostalgic icons.

AppWizard

May 7, 2025

Help Your Government, Become USPS Beta Tester

The United States Postal Service (USPS) is seeking Android users to participate in a beta testing program for the Informed Delivery app. Interested users can request access by logging into their Google account and following a provided link. Approved participants will receive a link to download the app from Google Play. The app offers features such as package tracking and a preview of daily mail. Users are encouraged to provide feedback on any issues encountered during the trial period to assist in the app's development.

Winsage

April 17, 2025

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

CVE-2025-24054 is a vulnerability that allows attackers to capture NTLMv2-SSP hashes from a victim's machine during authentication requests to an attacker-controlled SMB server. Active exploitation of this vulnerability has been observed since March 19, 2025, targeting government and private sectors in Poland and Romania. The attacks involve phishing emails that lead victims to download an archive file containing exploits designed to leak NTLMv2-SSP hashes. Microsoft has released patches for this vulnerability, but users on older, unsupported versions may need to consider micropatching.