Microsoft releases Archives

Winsage

May 20, 2025

Microsoft releases emergency hotfix for Windows 10’s May update issues

Microsoft released an out-of-band update, KB5061768, for Windows 10 users to address urgent security vulnerabilities. This update is available through the Microsoft Update Catalog for Windows 10 versions 1903 and later, including Windows 10 LTSB, and supports both x86 and x64 architectures. The download size ranges from 415 MB to 711 MB. The update is crucial for users experiencing BitLocker issues and blue screen crashes after the May Windows 10 patch, particularly on devices with Intel Trusted Execution Technology enabled on 10th-generation Intel vPro processors or newer. Users unable to install the update due to boot issues should disable Intel VT for Direct I/O and Intel Trusted Execution Technology in the BIOS/UEFI settings to allow normal startup and apply the update.

Winsage

May 17, 2025

Why Windows 10 PCs are locking up and crashing after May update

Microsoft will end update support for Windows 10 in October 2025, but new patches are still being released. The latest cumulative update, KB5058379, has caused issues for users, especially those with devices from Dell, Lenovo, and HP. Microsoft is aware of the problems and has not yet deployed a fix as of May 16, but has provided a temporary workaround. For users affected by the BitLocker bug, Microsoft Support recommends the following steps to regain access: 1. Disable Secure Boot in BIOS/Firmware settings. 2. If issues persist, disable all virtualization technologies in BIOS/Firmware settings. 3. Check the Microsoft Defender System Guard Firmware Protection Status via Registry Editor or GUI method. 4. If firmware protection settings are restricted by Group Policy, disable them using Group Policy Editor or Registry Editor. A system restart is required for these changes to take effect, and these workarounds should only be temporary until a patched update is released. Disabling certain BIOS settings may compromise system security.

Winsage

May 12, 2025

Microsoft Releases Detailed Guide to Fix Windows Blue Screen Errors

Microsoft has released an official guide to address the Blue Screen of Death (BSOD) issues in Windows 11 and Windows 10, updated on May 11, 2025, following a significant global outage in July 2024 caused by a problematic CrowdStrike update. The guide categorizes troubleshooting into basic and advanced steps, highlighting common error codes like PAGEFAULTINNONPAGEDAREA (0x00000050). Approximately 75% of stop errors are attributed to faulty drivers, making driver verification essential. Basic troubleshooting includes removing recently added hardware, booting into Safe Mode, checking Device Manager for problematic components, ensuring 10-15% free disk space, installing the latest Windows Updates, and using System Restore. Advanced troubleshooting involves using Event Viewer, running Windows Memory Diagnostics, and analyzing memory dumps with WinDbg. The guide emphasizes the resource-intensive nature of Driver Verifier and suggests testing suspicious drivers in smaller groups. It also includes hardware-specific troubleshooting tips, such as checking for overheating components and performing disk diagnostics with the “chkdsk” command.

Winsage

April 9, 2025

Microsoft releases KB5055523 update to fix a glut of Windows 11 problems

Microsoft has released the KB5055523 update for Windows 11, which includes various fixes and enhancements. Key improvements include a fix for the Explorer context menu issue, increased reliability of ctfmon.exe, and resolution of a Kerberos authentication problem related to RC4 encryption. New features for Copilot+ PC users include an improved Windows Search with semantic indexing, natural language search for cloud-stored photos, enhanced communication capabilities with live captions and real-time translation, and support for real-time translation into Simplified Chinese on Snapdragon-powered devices. The update also addresses issues with machine password rotation in the Identity Update Manager, updates for Daylight Saving Time in Chile, and unexpected behavior in the PcaUiArmUpdate feature. KB5055523 will be automatically installed for users.

Winsage

March 26, 2025

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials

A critical vulnerability affecting various Windows operating systems, including Windows 7, Server 2008 R2, Windows 11 v24H2, and Server 2025, allows attackers to capture NTLM authentication credentials through interactions with malicious files in Windows Explorer. Exploitation can occur when users open shared folders, insert USB drives with malicious files, or view downloaded files. The vulnerability is similar to a previously patched flaw (CVE-2025-21377) but has not been fully documented. Security researchers have developed micropatches available for free until Microsoft releases a permanent fix. These micropatches support a wide range of Windows versions, including legacy and currently supported systems. The micropatches have been automatically distributed to affected systems with the 0patch Agent installed.

Winsage

March 26, 2025

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials

A critical vulnerability affects all Windows operating systems from Windows 7 to Windows 11 v24H2 and Server 2025, allowing attackers to capture NTLM authentication credentials through malicious files viewed in Windows Explorer. Exploitation can occur when users open shared folders, insert USB drives with malicious files, or view previously downloaded files. The vulnerability is similar to a previously patched flaw (CVE-2025-21377) but has not been publicly documented. Security researchers have developed micropatches through 0patch to temporarily mitigate the issue, which will be available at no cost until Microsoft releases a permanent solution. The micropatches support various Windows versions, including legacy and currently supported systems, and can be automatically deployed without requiring system reboots.

Winsage

March 26, 2025

0patch releases yet another free fix for yet another 0day vulnerability in Windows that Microsoft has not addressed

0patch has released micropatches for a critical SCF File NTLM hash disclosure vulnerability affecting all Windows versions from Windows 7 to Windows 11 and Windows Server editions from 2008 to 2025. This vulnerability allows attackers to obtain users' NTLM credentials by having them view a malicious file in Windows Explorer. 0patch operates on a subscription model and provides security fixes for unsupported Windows versions, as well as complimentary patches for unaddressed vulnerabilities. Specific details about the vulnerability are currently withheld, pending an official fix from Microsoft.

Winsage

March 19, 2025

6 essential skills every Windows 11 user needs to master

- Windows 11 users can enhance their experience and security by mastering essential skills such as managing updates, securing online presence, and utilizing system settings. - To protect accounts and sensitive information online, users should consider using a password manager, passkeys, and enabling two-factor authentication (2FA) on accounts. - A VPN with end-to-end encryption can enhance online security, and users should familiarize themselves with their web browser's security settings. - Windows 11 updates are released on the first Tuesday of each month, with a major feature update annually; users can prevent auto-restarts and pause updates for up to five weeks. - The Settings app in Windows 11 has replaced much of the Control Panel for managing system settings, and users should explore it thoroughly. - OneDrive is integrated into Windows 11 for backing up, restoring, and sharing files, and users can create encrypted folders and use Files-on-Demand. - Regularly reviewing and uninstalling unnecessary applications can help maintain PC performance, and users can manage default applications and disable startup apps via Task Manager. - Accessing the BIOS/UEFI allows for updates, security adjustments, and hardware configuration changes, typically done by pressing keys like Esc, F2, or F8 during boot.

Tech Optimizer

March 2, 2025

5 things you may already be doing that compromise your Windows security

Many individuals compromise their computer security through everyday habits, which cybercriminals exploit, leading to data theft and unauthorized access. Common missteps include: 1. Downloading software from untrusted sources, which can harbor malware. To mitigate this risk, always download from official websites and consider using a sandbox for testing. 2. Using weak or reused passwords, making accounts vulnerable if one site is breached. To enhance security, use a password manager, enable multi-factor authentication, and create unique, complex passwords. 3. Clicking on phishing emails and links, which can lead to credential theft. To defend against phishing, scrutinize emails and links, and visit official websites directly for verification. 4. Disabling or ignoring antivirus and firewall protection, which exposes PCs to risks. Ensure these protections remain active and trustworthy before bypassing any warnings. 5. Ignoring software and OS security updates, which are crucial for addressing vulnerabilities. Regularly installing updates helps maintain security, as neglecting them can leave systems exposed.

Winsage

February 7, 2025

Windows 11 OOBE updates adjusted after widespread criticism

Starting in mid-2025, Microsoft will allow organizations to manage how fresh installations of Windows 11 handle cumulative updates from the outset, responding to system administrators' concerns about previous control limitations. This new policy will be available for devices running Windows 11 version 22H2 or newer during the Out-of-the-Box Experience (OOBE). Initially, Microsoft planned to require the installation of the latest updates upon first boot, but this raised concerns about potential issues with fixes and critical features. The new configuration can be enabled through Windows Autopilot, synchronizing existing quality update settings. This change applies only to cumulative or quality updates, not optional monthly updates. Organizations without Autopilot can disable quality updates during OOBE via Group Policy. The update process typically takes around 20 minutes, depending on various factors.