Patch Tuesday update Archives

Winsage

May 13, 2026

Disgruntled researcher releases two more Microsoft zero-days

An anonymous researcher known as Nightmare-Eclipse has revealed two new vulnerabilities affecting Windows systems, named YellowKey and GreenPlasma, shortly after Microsoft's latest Patch Tuesday update. YellowKey is a "BitLocker bypass" that allows attackers with physical access to gain unrestricted shell access to protected machines. Experts have expressed concerns about YellowKey's potential to transform laptop theft into a serious breach notification scenario, and suggested mitigations such as implementing a BitLocker PIN and a BIOS password lock. Nightmare-Eclipse has also hinted that YellowKey could function as a backdoor allegedly introduced by Microsoft, although this claim remains unsubstantiated. GreenPlasma is a privilege escalation flaw for which partial exploit code has been released, but it currently triggers a User Account Control (UAC) consent prompt, requiring attackers to invest time in weaponizing it. There is no known mitigation for GreenPlasma, making it crucial for organizations to patch their systems promptly once Microsoft addresses the issue. Nightmare-Eclipse has previously disclosed five zero-day vulnerabilities this year, including BlueHammer, and has characterized their actions as a response to a perceived violation of trust. The researcher has indicated the existence of a "dead man's switch," suggesting that more disclosures could follow if their demands are not met.

Winsage

May 13, 2026

Former Windows boss reveals why modern Windows 11 apps feel slower, says Microsoft once gave every engineer a stopwatch

Steven Sinofsky, former head of the Windows Division at Microsoft, discussed the company's engineering culture and its focus on resource management from 1980 to 2000, where every engineer was given a physical stopwatch to measure various performance metrics. This practice emphasized optimizing software for speed and efficiency, a stark contrast to modern applications that consume significant RAM due to shifts in market dynamics and hardware advancements. The current trend prioritizes rapid feature deployment over optimization, leading to performance issues in applications. Microsoft is responding to criticism by enhancing the performance of Windows 11, focusing on native desktop applications and optimizing core components, including the Start menu and File Explorer. They are also testing new CPU scheduling profiles to reduce micro-lags during user interactions.

Winsage

May 6, 2026

Microsoft’s Windows 11 update just fixed memory leaks, slow startup, and File Explorer bugs

Microsoft released the April 2026 optional preview update (KB5083631) for Windows 11, targeting versions 24H2 and 25H2. This update resolves the "white flash" bug in File Explorer, overhauls its codebase, and preserves user settings for View and Sort preferences. It improves the reliability of the explorer.exe process, optimizes the Delivery Optimization service to reduce memory leaks, and enhances the boot sequence for faster startup. The update lifts the FAT32 formatting limit from 32GB to 2TB. It also includes reliability improvements for the Taskbar, fixes for Microsoft Store download errors, resolves a Windows Hello fingerprint data loss issue, enhances Remote Desktop scaling, ensures color profile consistency, and improves the Fluid Dictation feature. The comprehensive improvements will be included in the mandatory Patch Tuesday update on May 12, 2026.

Winsage

May 5, 2026

Microsoft confirms Windows 11 may restart multiple times after updates and your PC isn’t broken, as it’s due to Secure Boot 2023

Upon installing the April 2026 Patch Tuesday update, some users experienced two or three reboots, which Microsoft confirmed is intentional due to the installation of Secure Boot 2023 certificates. This behavior is expected for a limited number of devices and is part of the Secure Boot update process. The Secure Boot certificates are replacing older ones issued in 2011, set to expire in June 2026. Users can check their Secure Boot status in the Windows Security app, which indicates the status with green, yellow, or red badges. A green badge means the system is up to date, while yellow and red badges indicate issues with certificate updates. Microsoft is managing Secure Boot certificates on modern PCs, but older machines without OEM support may struggle to receive updates due to firmware limitations.

Winsage

May 2, 2026

“Xbox mode is easily the headline feature”: In May’s Windows 11 update, I walk through the 11 upgrades that change how we use the OS, and why some of them surprised me

Microsoft will begin rolling out the May 2026 Security Update for Windows 11 on May 12, 2026. Key features of this update include: 1. Xbox Mode: Transforms PCs into a console-like experience, prioritizing system resources for gaming and freeing up to 2GB of memory. 2. Voice Typing Improvements: Redesign of Voice Typing elements on the touch keyboard. 3. New Arabic 101 Legacy Keyboard Layout: Available for addition from the Region page in Settings. 4. Drop Tray Changes: Renamed from Drag Tray and can be disabled in Settings > System > Multitasking. 5. Taskbar AI Agents Support: Allows monitoring of AI agents directly from the Taskbar, starting with the Microsoft 365 Copilot app. 6. Debloat Policy with Dynamic List Support: Enables administrators to specify additional apps for removal beyond the default list. 7. Windows Driver Policy Update: Changes how the kernel manages trust for third-party drivers, eliminating default trust for cross-signed drivers. 8. Batch File Security Changes: Enhances security for batch files and Command Prompt scripts, with an option for a hardened processing mode. 9. Format FAT32 up to 2TB: The format command-line tool now supports formatting volumes up to 2TB using FAT32.

Winsage

May 1, 2026

Optional April Update for Windows 11 Brings AI Agents on Taskbar, More

Microsoft's optional April update for Windows 11, designated as KB5083631, introduces several new features, including: - Xbox Mode, which offers a console-like interface for PC games. - AI agents on the taskbar, allowing users to monitor agents like the Microsoft 365 Researcher. - File Explorer improvements that support additional archive formats. - New haptic feedback effects for compatible pens. - Redesigned touch keyboard voice typing feature. - Rebranding of the Drag Tray to Drop Tray with a new compact view. - Enhancements to the Microsoft Store to reduce specific error codes during app downloads. Additionally, Microsoft released the optional KB5083806 update for Windows 11 version 26H1, aimed at new ARM-powered devices expected to launch later this year.

Winsage

April 29, 2026

5 ways your Windows updates are about to get a lot less painful

Microsoft is implementing changes to the Windows Update process in Windows 11 to address user frustrations. Key updates include: 1. Users can delay updates indefinitely by selecting specific end dates for pauses, extending up to 35 days at a time. 2. The Power menu will now include options for "Update and shut down" and "Update and restart," giving users more control over when updates are finalized. 3. Microsoft is consolidating updates to reduce the number of restarts to one per month. 4. Users will no longer be forced to install updates during the setup of a new Windows PC, allowing updates to occur in the background. 5. Microsoft will provide more detailed information on updates, particularly for driver updates, by clarifying the device class in the titles. These changes are expected to be tested in the Windows Insider program before being released to the general public.

Winsage

April 25, 2026

Windows 11 KB5083769 causing a death loop on 24H2 and 25H2 systems

Microsoft's April 2026 Patch Tuesday update, KB5083769, has caused significant boot issues for Windows 11 users on versions 24H2 and 25H2. Users reported problems such as distorted visuals and the Blue Screen of Death after restarting post-update. The issue affects various hardware configurations, including HP and Dell systems. Additionally, the update may trigger BitLocker recovery on some systems, complicating recovery for users without their recovery key. Users have also experienced an increase in the number of restarts required during installation. Microsoft has not yet provided an emergency fix. Affected users are advised to use the Windows Recovery Environment for troubleshooting, including System Restore and Startup Repair. To check if KB5083769 is installed, users can go to Settings → Windows Update → Update history, and if present, it is recommended to uninstall it and pause updates.

Winsage

April 19, 2026

Microsoft is giving Windows 11 File Explorer a speed boost, dark mode fix, and reducing explorer.exe crashes

Microsoft is updating Windows 11 by improving File Explorer, focusing on performance and user experience. The latest release, Windows 11 Build 26200.8313, shows File Explorer loading faster and eliminating white flashes in dark mode. This build is currently for Windows Insiders, with public availability expected in April 2026 and further updates in May 2026. The update enhances speed, manages themes better, and adds support for new archive formats like cpio, uu, xar, and nupkg. Reliability improvements have reduced crashes related to explorer.exe, and new features include a preview option for internet-downloaded files, a redesigned search bar, and immediate reflection of folder view preferences.

Winsage

April 17, 2026

Windows 11’s mandatory update is pushing users to Microsoft Edge

Microsoft has programmed its Edge browser to automatically launch after a Windows 11 update, displaying a page that informs users their update is complete and prompts them to explore new features. This page lacks a close button, directing users to click a blue "Next" button to proceed. The features highlighted include the reinstatement of the taskbar clock, the ability to pin Emojis to the taskbar, Copilot's document summarization, the Snipping Tool's Quick markup, and AI actions in File Explorer's context menu. Users can provide feedback via like and dislike buttons, but these do not close the page. Windows 11 also includes pre-installed Get Started and Get Help apps that could showcase features instead of redirecting users to Edge. Edge, built on the Chromium engine, supports all extensions from that platform and includes features like AI tab organizer, Vertical Tabs, and Immersive Reader.