Patch Tuesday releases Archives

Winsage

January 17, 2026

How to fix Nvidia GPU FPS drop due to the Windows January 2026 update?

Users with Nvidia GPUs are experiencing decreased gaming performance after the January 2026 Windows update (KB5074109), which was intended to enhance security and address vulnerabilities. Reported issues include drops in frames per second (FPS), black screen freezes, display hangs, and driver crashes related to nvlddmkm errors. Nvidia has released a new GPU driver to address these problems. A temporary solution for affected users is to uninstall the KB5074109 update, although it is a security patch that may need to be reinstalled later. Users can also update their Nvidia drivers to the latest hotfix version and use Display Driver Uninstaller (DDU) in Safe Mode for better results. It is recommended to pause Windows updates until a fix is provided by Microsoft.

Winsage

August 11, 2025

‘Win-DDoS’: Researchers unveil botnet technique exploiting Windows domain controllers

SafeBreach researchers have identified several vulnerabilities in Windows environments that could lead to denial of service (DoS) attacks. These include: 1. CVE-2025-26673: A flaw in the Netlogon service that allows remote crashes via crafted Remote Procedure Call (RPC) requests without authentication, potentially locking users out of domain resources until a reboot. 2. CVE-2025-49716: A vulnerability in the Windows Local Security Authority Subsystem Service (LSASS) that enables remote attackers to destabilize the service through specially crafted Lightweight Directory Access Protocol (LDAP) queries, causing immediate DoS. 3. CVE-2025-49722: A DoS vulnerability in the Windows Print Spooler that can be triggered by malformed RPC requests, disrupting printing operations and system stability. Microsoft has addressed some vulnerabilities but has not yet resolved the three identified by SafeBreach, and there has been no response to inquiries about these issues. SafeBreach recommends organizations apply the latest patches, limit exposure of Domain Controller services, segment critical systems, and monitor for unusual LDAP or RPC traffic for early attack detection.

Winsage

August 11, 2025

Win-DoS’ Zero-Click Exploit Could Weaponize Windows Infrastructure for DDoS Attacks

Security researchers have identified a "zero-click" denial-of-service (DoS) exploit that can covertly turn Microsoft Windows Domain Controllers (DCs) into a global botnet. DDoS attacks increased by 56% year-over-year in late 2024, with Cloudflare blocking an attack that peaked at 7.3 Tbps in 2025. The average minute of downtime from these attacks costs businesses approximately ,000, with incidents for small and midsize firms exceeding 0,000. The exploit, known as Win-DDoS, leverages the Lightweight Directory Access Protocol (LDAP) client in Windows, allowing DCs to automatically target victim servers through LDAP referrals without user interaction. This results in thousands of DCs inadvertently overwhelming a target with TCP traffic. Four vulnerabilities (CVEs) related to this exploit were disclosed to Microsoft in March 2025 and addressed in subsequent patch releases in June and July 2025. These vulnerabilities include: - CVE-2025-32724: LSASS (LDAP client) - None needed, causes memory exhaustion/DC crash, patched June 2025. - CVE-2025-26673: NetLogon (RPC) - None needed, causes TorpeDoS memory crash, patched May 2025. - CVE-2025-49716: NetLogon (RPC) - None needed, causes Stateless RPC DoS, patched July 2025. - CVE-2025-49722: Print Spooler (RPC) - Authenticated user needed, causes any Windows endpoint crash, patched July 2025. The vulnerabilities indicate significant architectural flaws in the LDAP client’s referral logic and RPC interfaces. SafeBreach advises administrators to apply patches promptly and limit DC exposure to the Internet. The emergence of Win-DDoS marks a shift in attack strategies, utilizing legitimate servers for amplification without leaving malware traces, complicating detection and response efforts. Enterprises are urged to enhance their threat models and implement DoS hardening measures.

Winsage

April 3, 2025

Microsoft adds hotpatching support for Windows 11 enterprise users as it looks to end unnecessary downtime for work devices

Microsoft has introduced hotpatch updates for Windows 11 Enterprise version 24H2, allowing compatible business devices to install OS security patches without requiring a restart. This feature minimizes downtime and user disruption while maintaining security. Hotpatch updates take effect immediately and provide the same level of security as traditional Patch Tuesday releases. Companies must establish a hotpatch-enabled quality update policy through Microsoft Intune to implement this feature. Devices will still require a reboot for security updates installed quarterly, but updates can occur without a restart during the other months. Arm64 devices are currently in public preview, with general availability for hotpatching set for April 2, 2025.

Winsage

November 22, 2024

Microsoft fixes update error in Windows 10 22H2

Microsoft has released a non-security update, KB5046714, which resolves an issue that prevented Windows 10 users from updating applications through the Microsoft Store. This problem was linked to the release of WinAppSDK version 1.6.2 on November 12, which was subsequently retracted. The update KB5046714 specifically addresses the update issues for Windows 10 22H2. Additionally, Windows 11 users received two interim updates: KB5046740 for Windows 11 24H2 and KB5046732 for Windows 11 22H2 and 23H2.

Winsage

November 22, 2024

Microsoft fixes the bug breaking app updates on Windows 10

Microsoft informed Windows 10 users about an issue affecting the update process for packaged applications from the Microsoft Store, resulting in a "Something happened on our end" error. This issue has been resolved with the installation of Windows update KB5046714, released on November 21, 2024. The problem was caused by a version of WinAppSDK (1.6.2) released on November 12, 2024, which was later withdrawn. Additionally, Windows 11 users received updates KB5046740 and KB5046732, introducing features such as a shortened date and time display on the taskbar, new "Share" buttons for jump list items, and improvements to File Explorer functionality.

Winsage

August 9, 2024

Microsoft pushes Dynamic Update for Windows 11 24H2

Microsoft has released a Dynamic Update for Windows 11 24H2 that improves setup binaries and files used during feature updates, specifically for Copilot+ PCs. This update includes fixes for Setup.exe binaries and SafeOS updates for the Windows Recovery Environment. Users must manually download these updates from the Windows Update Catalog, as they are not automatically distributed. Additionally, Microsoft has rolled out a series of non-security updates for Windows 10 and 11, including a C-release preview update in late July and subsequent updates for Windows 11 24H2 and Copilot+ PCs.

Winsage

July 11, 2024

Microsoft releases new Windows 11 24H2 preview ISO images for clean installation

- Microsoft has released fresh updates for testing in the Beta and Release Preview Channels for both Windows 10 and 11. - Windows 11 build 26100.1165 is now available for x86 and ARM64 devices. - Windows 11 Version 24H2 is rolling out for Copilot+ PCs with Qualcomm's Snapdragon X processors. - Support for Windows 11 versions 21H2 and 22H2 will end in less than 90 days.

Winsage

July 10, 2024

Microsoft Releases Large Update To Overcome Windows Security Vulnerabilities

Microsoft has unveiled major updates to fix security loopholes in the Windows ecosystem. The company issued a warning about attackers exploiting Windows Hyper-V privileges escalation bugs, which can allow them to gain SYSTEM privileges. The updates include fixes for over 140 vulnerabilities, with five rated as critical by Microsoft. Security experts recommend prioritizing addressing the critical remote code execution vulnerability in Microsoft Office SharePoint.