Microsoft Edge Archives

Tech Optimizer

May 17, 2025

Do You Really Need Antivirus on Windows 11? Probably Not—Here’s Why

Windows 11 has robust built-in security features that may reduce the need for third-party antivirus software. Windows Security now offers comprehensive protection, including real-time malware detection, firewall protection, SmartScreen alerts, hardware-level security, account monitoring, and system health reports. According to AV-TEST results from January and February 2025, Microsoft Defender Antivirus scored 6.0/6.0 in protection, performance, and usability, effectively stopping advanced malware and phishing attempts with minimal system resource usage. Users of Microsoft Edge benefit from SmartScreen filtering, while those using other browsers receive system notifications for network protection. Basic digital hygiene practices, such as avoiding suspicious downloads and keeping software updated, are crucial for security. Third-party antivirus solutions may offer additional features but can lead to performance issues and privacy concerns. For casual users who maintain their systems and practice safe browsing, Windows Security is generally sufficient, while those handling sensitive information or needing advanced features may consider premium antivirus options.

Winsage

May 14, 2025

WSL is the best feature added to Windows in the last decade

Microsoft introduced the Windows Subsystem for Linux (WSL) in the Windows 10 Anniversary Update in August 2016, initially as a tool for developers. WSL debuted as a beta version with a native-kernel translation layer, allowing Windows to run unmodified Linux ELF binaries. Its early performance was limited, leading users to prefer Linux virtual machines for full compatibility. The launch of WSL2 in May 2020 replaced the translation layer with a lightweight, real Linux kernel running in a Hyper-V utility VM, providing near-native performance and comprehensive syscall coverage. WSL2 has since seen continuous improvements, including GPU-compute and CUDA support in 2021, full GUI support for X11 and Wayland applications in 2022, and systemd support in September 2022. WSL2 approaches the performance of bare-metal Linux while integrating seamlessly with Windows, allowing users to launch a Linux shell easily. It enables developers to access the C drive and interact between Windows and Linux environments without dual-booting. WSL2 enhances productivity for data science workflows, allowing the use of tools like PyTorch with CUDA. It also offers features for non-developers, such as creating aliases for launching Windows applications and running Linux GUI applications. WSL's integration into Windows represents a significant shift, providing opportunities for users across various domains to explore Linux functionalities.

Winsage

May 14, 2025

Microsoft’s ‘Patch Tuesday’ Update Fixes Seven Zero-Day Exploits

Microsoft's latest Patch Tuesday update addresses 72 security vulnerabilities, including five critical zero-day vulnerabilities. Four of these zero-days are elevation of privilege flaws: - CVE-2025-32701 and CVE-2025-32706 target the Windows Common Log File System Driver. - CVE-2025-30400 affects the Microsoft DWM Core Library. - CVE-2025-32709 involves the Windows Ancillary Function Driver for WinSock. These vulnerabilities allow attackers to gain SYSTEM privileges locally. The fifth zero-day, CVE-2025-30397, is a remote code execution vulnerability in the Microsoft Scripting Engine, which can be exploited through malicious links in Microsoft Edge or Internet Explorer. CVE-2025-30397, CVE-2025-32701, and CVE-2025-30400 were discovered by the Microsoft Threat Intelligence Center, while CVE-2025-32706 was disclosed by the Google Threat Intelligence Group and CrowdStrike, and CVE-2025-32709 was reported by an anonymous researcher. Additionally, a publicly disclosed spoofing flaw in Microsoft Defender, CVE-2025-26685, allows unauthenticated attackers with local network access to impersonate another account. The final zero-day, CVE-2025-32702, is a remote code execution vulnerability in Visual Studio.

AppWizard

May 14, 2025

Marbled Dust leverages zero-day in Output Messenger for regional espionage

Since April 2024, the threat actor Marbled Dust has been exploiting a zero-day vulnerability (CVE-2025-27920) in the Output Messenger chat application, targeting user accounts that have not applied necessary fixes. This exploitation has resulted in the collection of sensitive data from users in Iraq, specifically linked to the Kurdish military. Microsoft has high confidence in this assessment and notes that Marbled Dust conducts reconnaissance to identify potential targets using Output Messenger. Marbled Dust has successfully utilized this vulnerability to deploy malicious files and exfiltrate data. Microsoft notified the application’s developer, Srimax, about the vulnerability, leading to the release of a software update. A second vulnerability (CVE-2025-27921) was also found, but no exploitation of this second flaw has been observed. The zero-day vulnerability allows an authenticated user to upload malicious files to the server's startup directory. Marbled Dust has exploited this flaw to place a backdoor file, OMServerService.vbs, in the startup folder, enabling them to access communications and sensitive data indiscriminately. The attack chain begins with Marbled Dust gaining access to the Output Messenger Server Manager, likely through DNS hijacking or other credential interception techniques. Once inside, they exploit the vulnerability to drop malicious files, including a GoLang backdoor, which connects to a Marbled Dust command-and-control domain for data exfiltration. To mitigate this threat, Microsoft recommends updating to the latest version of Output Messenger, activating various security protections, and implementing rigorous vulnerability management strategies. Microsoft Defender XDR customers can identify potential threat activity through specific alerts related to Marbled Dust and utilize advanced hunting queries for detection. Indicators of compromise include traffic to the domain api.wordinfos[.]com, associated with Marbled Dust activities.

Winsage

May 14, 2025

Patch Tuesday for May: Five zero day vulnerabilities CISOs should focus on

A vulnerability identified as CVE-2025-30397 can be exploited when Microsoft Edge is in “Internet Explorer” mode, which is typically not the default setting but may be necessary for certain users. Another vulnerability, CVE-2025-29831, can only be exploited during a restart of the Remote Desktop Protocol (RDP) service. SAP has released 18 Security Notes to address various vulnerabilities, including critical authorization issues, remote code execution, information disclosure, and cross-site scripting.

Winsage

May 14, 2025

Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network

Microsoft has identified a memory corruption vulnerability in its Scripting Engine, designated as CVE-2025-30397. This vulnerability allows unauthorized remote code execution and is classified as “Important” under CWE-843 (Type Confusion). It was disclosed in the May 2025 Patch Tuesday updates and arises from improper handling of resource types. Exploitation occurs when a user clicks a specially crafted URL in Microsoft Edge's Internet Explorer Mode, potentially compromising system confidentiality, integrity, and availability. Although the attack complexity is high, successful exploitation has been confirmed in the wild. Microsoft has issued patches for all supported Windows versions, and users are advised to apply these updates and consider disabling Internet Explorer Mode to reduce risk.

Winsage

May 8, 2025

6 changes I make immediately to make the Windows 11 experience less irritating

Upon initiating a fresh installation of Windows 11, essential adjustments can enhance the user experience and productivity. Winhance is a utility that helps implement these changes. Key modifications include: - Notifications: Users can reduce the number of notifications by navigating to Settings -> System -> Notifications and toggling off notifications from specific apps. Scheduling notifications and using the Focus feature can also help minimize distractions. - Disable Microsoft ads: To eliminate subtle promotional content, users should uncheck options in Notifications settings and disable recommendations in Settings -> Personalization -> Start. - Move the Start button: Users can reposition the Start menu to the left corner by adjusting the “Taskbar alignment” in Settings -> Personalization -> Taskbar -> Taskbar behaviors. - Adjust visual effects: To improve system responsiveness, users can disable animations and transparency effects by accessing sysdm.cpl and Settings -> Accessibility -> Visual effects. - Change the default browser: After installing a preferred browser, users can set it as the default in Settings -> Apps -> Default app, ensuring it is set for various file types. - Disable News widget: Users can turn off the news widget by going to Settings -> Personalization -> Taskbar and toggling off the Widgets option. These adjustments can be completed in about 20 minutes and help create a more productive environment in Windows 11.

Winsage

May 8, 2025

Winhance is the best free and open-source tool to customize and optimize your Windows 11 install

Winhance is a free, open-source application designed to enhance the Windows 11 experience by allowing users to debloat, optimize, and customize their systems. It originated as a PowerShell script and simplifies the installation and customization process for Windows users. Winhance is compatible with certain long-term servicing channel versions of Windows 10 until support ends in October 2025. The application provides an overview of available applications and features for installation or removal, enabling users to uninstall unnecessary Windows apps like Bing search, Copilot, and Microsoft Edge. It also offers alternative browsers such as Brave and DuckDuckGo. The main interface is intuitive, allowing users to easily identify and remove Microsoft applications. While it includes basic customization options, it lacks some popular open-source alternatives but offers storage and security applications like Proton VPN and Proton Drive. Users can initiate the installation process by selecting desired applications and features, and the removal of unwanted features is straightforward. The efficiency of these operations varies based on the number of items selected, but user feedback indicates a responsive process.

Winsage

April 25, 2025

Microsoft set to make huge Windows change — and it’s hoping you won’t notice

The Windows 11 Insider Preview Build (27842) will replace the Blue Screen of Death (BSoD) with a new error screen featuring a Medium Forest Green backdrop. This change is part of an effort to create a more streamlined user interface for unexpected restarts, although it may provide less context for troubleshooting. The new design is currently being tested in Microsoft's Canary Channel and is expected to become standard with the Windows 11 25H2 update later this year.

Winsage

April 23, 2025

I turned my Windows PC into an EdgeBook — Microsoft’s web apps were the most glaring issue

Microsoft Edge was used as the sole application for two weeks to explore its capabilities as a potential alternative to ChromeOS for Windows 10 users. The experiment revealed that while Edge has useful features like the Sidebar and Edge Drop, the web versions of Microsoft Office were inadequate for daily tasks, often performing poorly and lacking functionality compared to desktop versions. Essential applications identified during the experiment included Snipping Tool, PowerToys, Microsoft Office apps, and a dedicated photo editor. The experiment also highlighted the possibility of uninstalling many applications from Windows 11, emphasizing the benefits of a clean install. Additionally, the potential of Windows 10X as a competitor to ChromeOS was noted, though it remains unrealized.