Microsoft releases Archives

Winsage

January 12, 2026

Microsoft releases 2026’s first Insider build of Windows 11

The latest Insider build of Windows 11, KB5072046, updates the operating system to build 26220.7535 and is available to Insiders in the Dev and Beta channels. A significant enhancement is the new Narrator feature powered by Copilot, which allows users to generate AI-driven descriptions for images. This feature is not available in the European Economic Area due to regulatory restrictions. Users can press Narrator key + Ctrl + D to describe a focused image or Narrator key + Ctrl + S for a full screen description. Microsoft has also introduced a policy for system administrators to uninstall the Microsoft Copilot App under specific conditions, applicable to Enterprise, Pro, and EDU SKUs. Various fixes have been implemented, including resolving issues with the Start menu, File Explorer, input using the Snipping Tool, print dialogs, and Windows Update settings.

Winsage

December 15, 2025

Still running Windows 10? Here’s why that’s a bad idea

Hundreds of millions of computers are still using Windows 10, despite it reaching its end-of-support deadline. An Extended Security Updates (ESU) subscription is available for free until October 2026, providing updates to help protect against security threats. By early 2021, around 100 million PCs were still running Windows 7, which had ceased receiving updates in January 2020, making them vulnerable to cyberattacks from groups like Digital Shadows, LockBit, Conti, and Vice Society. Notable incidents include the PrintNightmare flaw in July 2021, which led Microsoft to issue a patch for Windows 7, and the WannaCry attack in 2017, which targeted Windows XP machines. Microsoft releases monthly security fixes, and vulnerabilities like CVE-2025-62215, identified in November 2025, have been categorized as "Exploitation Detected." While current vulnerabilities require local access, history suggests that remote attacks may soon occur, posing severe risks to unpatched systems.

Winsage

December 12, 2025

New Windows RasMan zero-day flaw gets free, unofficial patches

Free unofficial patches are available for a newly identified Windows zero-day vulnerability that allows attackers to crash the Remote Access Connection Manager (RasMan) service, which operates with SYSTEM-level privileges and manages VPN and remote network connections. This denial-of-service flaw was discovered by ACROS Security while investigating a previously patched privilege escalation vulnerability (CVE-2025-59230) in RasMan. The new zero-day has not yet received a CVE ID and affects all Windows versions from Windows 7 to Windows 11, including Windows Server 2008 R2 through Server 2025. The vulnerability can be exploited by unprivileged users due to a coding error in how RasMan processes circular linked lists, leading to a crash when a null pointer is encountered. ACROS Security is providing free micropatches through its 0Patch service until Microsoft releases an official fix. Users must create an account and install the 0Patch agent to apply the micropatch automatically.

Winsage

December 9, 2025

Microsoft releases Windows 10 KB5071546 extended security update

Microsoft has released the KB5071546 extended security update, addressing 57 security vulnerabilities, including three critical zero-day flaws. This update is intended for Windows 10 Enterprise LTSC users and those in the ESU program. Users can install it by navigating to Settings, selecting Windows Update, and performing a manual 'Check for Updates'. The update will automatically install and prompt for a restart. After installation, Windows 10 will be upgraded to build 19045.6691, and Windows 10 Enterprise LTSC 2021 will move to build 19044.6691. The update focuses on security enhancements and bug fixes, including a remote code execution vulnerability in PowerShell (CVE-2025-54100). PowerShell 5.1 will now issue a warning when using the "Invoke-WebRequest" command to alert users about potential script execution risks. Users are advised to use the -UseBasicParsing command line argument to prevent embedded scripts from executing. Microsoft has confirmed there are no known issues with this update.

Winsage

December 4, 2025

This Windows Update Pop-Up Is a Scam

Hackers have exploited Windows update screens to deliver malware disguised as a "critical security update," a tactic known as the ClickFix attack. This attack uses social engineering techniques, including fake error messages and CAPTCHA forms, to trick users into executing harmful commands. The scam appears as a pop-up mimicking the standard Windows blue screen but originates from a malicious domain. Users are prompted to paste and execute harmful commands, leading to malware installation. Researchers from Huntress have detailed this attack, noting that malicious code can be embedded within PNG images. Although recent law enforcement actions have reduced the presence of malware payloads on these domains, the threat remains. Users should be cautious of any update screens that do not show a progress indicator or require manual command input, as these are signs of a ClickFix attack. Microsoft releases security updates on the second Tuesday of each month, and users are advised to enable automatic updates and consider disabling the Windows Run box for added security.

Tech Optimizer

December 1, 2025

How To Use the Windows Malicious Software Removal Tool

The Windows Malicious Software Removal Tool (MSRT) identifies and eliminates specific high-risk malware families on Windows devices. It is updated monthly by Microsoft and is integrated into all supported versions of Windows 10 and Windows 11. MSRT functions as a cleanup utility, scanning for known active malware infections. Users can run the tool manually by pressing Windows + R, typing mrt, and selecting a scan type. MSRT is recommended for use after installing software from unfamiliar sources, when a PC shows unusual behavior, for quick secondary scans, or in response to Windows Defender alerts. Manual downloads of MSRT are available for offline systems. The tool maintains a detailed log of scans in the Debug folder. MSRT targets malware such as MyDoom, Blaster, and Sasser, and while it removes infections, it does not provide real-time monitoring. Microsoft updates the tool monthly, and it runs automatically after updates but can also be launched manually.

Winsage

November 18, 2025

Microsoft: Windows 10 KB5072653 OOB update fixes ESU install errors

Microsoft released an emergency out-of-band update, KB5072653, on November 17, 2025, to address installation issues related to the November extended security updates for Windows 10. This update specifically targets the error code 0x800f0922 that prevented users from successfully installing the ESU update. To install this update, devices must be running Windows 10 version 22H2 and have the October 2025 KB5066791 cumulative update installed. Users can check for updates via Windows Update, where KB5072653 will be included. Microsoft plans to release a new Scan Cab with updated metadata to improve compliance update checks for organizations using WSUS and SCCM.

Winsage

November 12, 2025

Microsoft releases update-fixing update for update-eligible Windows 10 PCs

Windows 10 officially ended last month, but Microsoft is offering Extended Security Updates (ESUs) for one to three additional years for many devices. The process to secure an extra year of updates is intended to be straightforward and free, but some users faced bugs that prevented enrollment in the ESU program, leaving their PCs vulnerable. Microsoft has released an update (KB5071959) for Windows 10 version 22H2 to address these enrollment challenges, allowing affected users to access essential security updates. This update is available to all Windows 10 PCs, regardless of their ESU enrollment status.

Winsage

November 12, 2025

Microsoft Releases November 2025 Patch Tuesday Updates

Microsoft has rolled out its November 2025 Patch Tuesday updates for Windows 11, addressing 63 vulnerabilities across various platforms, including Windows, Office, Microsoft Edge, Azure Monitor Agent, Dynamics 365, Hyper-V, and SQL Server. The update includes four critical and 59 important vulnerabilities, with one currently being exploited. Key vulnerabilities fixed include: - CVE-2025-62215: A privilege escalation vulnerability in the Windows Kernel. - CVE-2025-60724: A critical heap-based buffer overflow in the Microsoft Graphics Component (GDI+) enabling remote code execution, rated CVSS 9.8. - CVE-2025-60704: A high-severity vulnerability in Windows Kerberos, rated CVSS 7.5. - CVE-2025-62220: A heap-based buffer overflow in the Windows Subsystem for Linux GUI (WSLg), rated CVSS 8.8. - CVE-2025-60719: An untrusted pointer dereference in the Windows Ancillary Function Driver for WinSock. The update enhances features for Windows 11 versions 25H2 and 24H2, improving Click to Do, File Explorer, Voice Access, and Windows Search for Copilot+ devices. The taskbar has been updated with a new battery icon, and the Start Menu has been redesigned to include a scrollable All section. A preview of the Administrator Protection feature has been introduced to prevent unauthorized changes. Additionally, Microsoft released KB5068781 for Windows 10 Extended Security Updates, fixing an incorrect “end of support” message and addressing the same 63 vulnerabilities. Organizations are advised to conduct thorough testing before deploying the patches and to back up systems to mitigate potential issues.

Winsage

November 11, 2025

Microsoft releases KB5068781 — The first Windows 10 extended security update

Microsoft has released the KB5068781 update, which is the first extended security update for Windows 10 since the operating system reached its end of support last month. This update follows the final cumulative update on October 14, which ended bug fixes and free security updates for Windows 10. Extended security updates (ESU) are available for consumers and business customers for up to three years, depending on the account type. Consumers can enroll in the ESU program through payment, Microsoft reward points, or Windows Backup synchronization. In the European Economic Area, additional options include free access with a Microsoft account or payment for a local account. Business customers can utilize the ESU program for three years at a total cost of 0 per device. A bug has affected some devices' enrollment in the ESU program, prompting Microsoft to issue an emergency fix. Users can install the update via Settings and Windows Update. The update is mandatory and will automatically install, requiring a device restart. After installation, Windows 10 ESU will be upgraded to build 19045.6575, and Windows 10 Enterprise LTSC 2021 will be updated to build 19044.6575. The update primarily addresses a bug that incorrectly indicated Windows 10 LTSC devices had reached their end of support. It also includes security updates that fix 63 vulnerabilities, including one actively exploited elevation-of-privilege vulnerability, with no known issues reported.