Microsoft releases Archives

Winsage

June 17, 2025

Microsoft releases patch after Surface Hubs v1 bricked

Microsoft has released an out-of-band update to fix an issue with Surface Hub v1 devices that arose from the June Patch Tuesday updates, specifically related to KB5060533 for Windows 10 versions 21H2 and 22H2. This issue caused some Surface Hub v1 units to become inoperable, displaying a "Secure Boot Violation: Invalid signature detected" error message. Microsoft paused the update on June 11 and issued a patch a week later. The problem does not affect Surface Hub 2S and 3 models. Users have reported inconsistent success using a disk re-imaging tool, and the Surface team is investigating potential recovery methods. Microsoft is working on a solution for the affected devices and will provide updates as they become available.

Winsage

June 11, 2025

Microsoft Windows Secure Boot Bypass Confirmed

The second Tuesday of each month is when Microsoft releases monthly security updates for Windows. A significant zero-day vulnerability, CVE-2025-3052, has been identified, affecting all Windows users and allowing a Secure Boot bypass. This vulnerability could compromise system integrity by enabling malware to infiltrate Windows PCs and servers. CVE-2025-3052 is classified as a memory corruption issue within a module signed with Microsoft’s third-party UEFI certificate and can execute unsigned code during the boot process, potentially allowing attackers to install bootkits.

Winsage

May 26, 2025

Microsoft releases an update to tackle a built-in issue in Windows images, but who is it for?

Microsoft encourages users to adopt the latest version of Windows or a version eligible for monthly security updates to protect against security threats. Older Windows ISOs are vulnerable due to outdated security updates and antimalware software. Microsoft has released an update for Microsoft Defender to enhance the security of these older Windows images. This update includes the latest Microsoft Defender binaries, which must be applied offline to WIM and VHD files for Windows 11, Windows 10 (Enterprise, Pro, Home), Windows Server 2022, 2019, and 2016. The update improves both the anti-malware client and engine, with package sizes of 78.2 MB for ARM64, 128 MB for x86, and 132 MB for x64 systems. Users need a 64-bit version of Windows 10 or later, PowerShell 5.1 or later, and specific modules to implement the update. Regular updates every three months are recommended for optimal security.

Winsage

May 20, 2025

Microsoft releases emergency hotfix for Windows 10’s May update issues

Microsoft released an out-of-band update, KB5061768, for Windows 10 users to address urgent security vulnerabilities. This update is available through the Microsoft Update Catalog for Windows 10 versions 1903 and later, including Windows 10 LTSB, and supports both x86 and x64 architectures. The download size ranges from 415 MB to 711 MB. The update is crucial for users experiencing BitLocker issues and blue screen crashes after the May Windows 10 patch, particularly on devices with Intel Trusted Execution Technology enabled on 10th-generation Intel vPro processors or newer. Users unable to install the update due to boot issues should disable Intel VT for Direct I/O and Intel Trusted Execution Technology in the BIOS/UEFI settings to allow normal startup and apply the update.

Winsage

May 17, 2025

Why Windows 10 PCs are locking up and crashing after May update

Microsoft will end update support for Windows 10 in October 2025, but new patches are still being released. The latest cumulative update, KB5058379, has caused issues for users, especially those with devices from Dell, Lenovo, and HP. Microsoft is aware of the problems and has not yet deployed a fix as of May 16, but has provided a temporary workaround. For users affected by the BitLocker bug, Microsoft Support recommends the following steps to regain access: 1. Disable Secure Boot in BIOS/Firmware settings. 2. If issues persist, disable all virtualization technologies in BIOS/Firmware settings. 3. Check the Microsoft Defender System Guard Firmware Protection Status via Registry Editor or GUI method. 4. If firmware protection settings are restricted by Group Policy, disable them using Group Policy Editor or Registry Editor. A system restart is required for these changes to take effect, and these workarounds should only be temporary until a patched update is released. Disabling certain BIOS settings may compromise system security.

Winsage

May 12, 2025

Microsoft Releases Detailed Guide to Fix Windows Blue Screen Errors

Microsoft has released an official guide to address the Blue Screen of Death (BSOD) issues in Windows 11 and Windows 10, updated on May 11, 2025, following a significant global outage in July 2024 caused by a problematic CrowdStrike update. The guide categorizes troubleshooting into basic and advanced steps, highlighting common error codes like PAGEFAULTINNONPAGEDAREA (0x00000050). Approximately 75% of stop errors are attributed to faulty drivers, making driver verification essential. Basic troubleshooting includes removing recently added hardware, booting into Safe Mode, checking Device Manager for problematic components, ensuring 10-15% free disk space, installing the latest Windows Updates, and using System Restore. Advanced troubleshooting involves using Event Viewer, running Windows Memory Diagnostics, and analyzing memory dumps with WinDbg. The guide emphasizes the resource-intensive nature of Driver Verifier and suggests testing suspicious drivers in smaller groups. It also includes hardware-specific troubleshooting tips, such as checking for overheating components and performing disk diagnostics with the “chkdsk” command.

Winsage

April 9, 2025

Microsoft releases KB5055523 update to fix a glut of Windows 11 problems

Microsoft has released the KB5055523 update for Windows 11, which includes various fixes and enhancements. Key improvements include a fix for the Explorer context menu issue, increased reliability of ctfmon.exe, and resolution of a Kerberos authentication problem related to RC4 encryption. New features for Copilot+ PC users include an improved Windows Search with semantic indexing, natural language search for cloud-stored photos, enhanced communication capabilities with live captions and real-time translation, and support for real-time translation into Simplified Chinese on Snapdragon-powered devices. The update also addresses issues with machine password rotation in the Identity Update Manager, updates for Daylight Saving Time in Chile, and unexpected behavior in the PcaUiArmUpdate feature. KB5055523 will be automatically installed for users.

Winsage

March 26, 2025

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials

A critical vulnerability affecting various Windows operating systems, including Windows 7, Server 2008 R2, Windows 11 v24H2, and Server 2025, allows attackers to capture NTLM authentication credentials through interactions with malicious files in Windows Explorer. Exploitation can occur when users open shared folders, insert USB drives with malicious files, or view downloaded files. The vulnerability is similar to a previously patched flaw (CVE-2025-21377) but has not been fully documented. Security researchers have developed micropatches available for free until Microsoft releases a permanent fix. These micropatches support a wide range of Windows versions, including legacy and currently supported systems. The micropatches have been automatically distributed to affected systems with the 0patch Agent installed.

Winsage

March 26, 2025

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials

A critical vulnerability affects all Windows operating systems from Windows 7 to Windows 11 v24H2 and Server 2025, allowing attackers to capture NTLM authentication credentials through malicious files viewed in Windows Explorer. Exploitation can occur when users open shared folders, insert USB drives with malicious files, or view previously downloaded files. The vulnerability is similar to a previously patched flaw (CVE-2025-21377) but has not been publicly documented. Security researchers have developed micropatches through 0patch to temporarily mitigate the issue, which will be available at no cost until Microsoft releases a permanent solution. The micropatches support various Windows versions, including legacy and currently supported systems, and can be automatically deployed without requiring system reboots.

Winsage

March 26, 2025

0patch releases yet another free fix for yet another 0day vulnerability in Windows that Microsoft has not addressed

0patch has released micropatches for a critical SCF File NTLM hash disclosure vulnerability affecting all Windows versions from Windows 7 to Windows 11 and Windows Server editions from 2008 to 2025. This vulnerability allows attackers to obtain users' NTLM credentials by having them view a malicious file in Windows Explorer. 0patch operates on a subscription model and provides security fixes for unsupported Windows versions, as well as complimentary patches for unaddressed vulnerabilities. Specific details about the vulnerability are currently withheld, pending an official fix from Microsoft.