Patch Tuesday Archives

Winsage

March 20, 2026

Microsoft breaks Microsoft account sign-ins in Windows 11 with latest update

Microsoft is facing a significant issue affecting account sign-ins for Windows 11 versions 25H2 and 24H2 due to a recent update. Users signing in with Microsoft accounts may receive error messages indicating a lack of internet connectivity, despite being online. This issue does not affect businesses using Entra ID for authentication. Microsoft has acknowledged the problem and suggested that it may resolve on its own, with a device restart often helping if the device is connected to the internet. However, restarting without an active connection may perpetuate the issue. Microsoft is working on a resolution and may release an out-of-band update to address the complications from the March 10 update. Additionally, enterprise users have reported Bluetooth problems with hotpatching enabled.

Winsage

March 20, 2026

Microsoft: March Windows updates break Teams, OneDrive sign-ins

Microsoft has acknowledged that the March update for Windows 11 (KB5079473) has caused sign-in complications with Microsoft accounts in various applications, including Teams, OneDrive, Microsoft Edge, Excel, Word, and Microsoft 365 Copilot. Users may receive error messages indicating a lack of Internet connection during sign-in attempts, despite being online. This issue affects Microsoft account sign-ins but does not impact businesses using Entra ID for app authentication. Microsoft is working on a fix and suggests users restart their PCs while connected to the Internet as a temporary workaround. If restarted without an Internet connection, the sign-in problem may persist. Additionally, Microsoft has released two emergency out-of-band updates for Bluetooth visibility issues and security vulnerabilities in the Routing and Remote Access Service. Guidance has also been provided to resolve access issues related to the C: drive and app failures on certain Samsung Windows 11 laptops due to a problematic version of the Samsung Galaxy Connect app.

Winsage

March 18, 2026

Researchers Reveal ‘RegPwn,’ a Windows Registry Vulnerability That Granted SYSTEM Privileges

A Windows vulnerability named "RegPwn" (CVE-2026-24291) allows low-privileged users to elevate their access to full SYSTEM privileges. Discovered by the MDSec red team, it has been in use since January 2025 and was addressed in a recent Microsoft Patch Tuesday update. The vulnerability exploits the management of Windows accessibility features, which generate a registry key that grants full control to low-privileged users. When a user activates an accessibility tool, the configurations are copied into the local machine registry hive, which remains writable by the logged-in user. This creates an opportunity for manipulation, especially when user-controlled settings interact with the Windows Secure Desktop environment. An attacker can exploit this by modifying their user-level accessibility registry key and using an oplock on a system file, allowing them to replace the local machine registry key with a symbolic link to an arbitrary system registry key. This process operates under SYSTEM privileges, enabling the attacker to write arbitrary values to restricted areas of the Windows registry. MDSec demonstrated this technique to gain access to a SYSTEM-level command prompt. Microsoft has released security updates to address this vulnerability, and MDSec has made the exploit code available on GitHub for research purposes.

Winsage

March 17, 2026

Samsung Windows 11 Bug Blocks Access to C: Drive on Some Laptops

Microsoft has identified the Samsung Galaxy Connect app as the source of a significant bug affecting Samsung laptops running Windows 11, which causes "C: is not accessible - Access denied" messages. This issue prevents users from accessing files, launching applications like Outlook and Office, and performing administrative tasks without specific user action. Initially suspected to be related to Samsung Share, the investigation confirmed the Galaxy Connect app as the culprit. The bug has been reported in Brazil, Portugal, South Korea, and India, particularly affecting the Samsung Galaxy Book 4 and other Samsung devices, though a comprehensive list of affected models has not been provided. In response, Microsoft has removed the Galaxy Connect app from the Microsoft Store and is working with Samsung to investigate the issue. Samsung has reintroduced a stable older version of the app to help users. Users are advised not to install or update the Galaxy Connect app and to wait for an official patch, as recovery options for affected devices are currently limited.

Winsage

March 16, 2026

Windows 11 KB5079473 is not causing BSODs or an inaccessible C: drive and app failures, says Microsoft

The March 2026 Patch Tuesday update, KB5079473, is not causing significant issues like BSODs or reboot loops, according to Microsoft. Reports of an inaccessible C: drive and application malfunctions on Samsung PCs are linked to a recent update of the Galaxy Connect app, not the Windows update. Microsoft confirmed no known connections between the March update and major system failures. The update includes over a dozen security fixes and introduces new features, such as improvements to the File Explorer search bar and a Bing-based Internet speed test tool. Specific Samsung models are experiencing C drive accessibility issues due to the Galaxy Connect app, which has disrupted permissions.

Winsage

March 15, 2026

Microsoft Releases Emergency Windows 11 Hotpatch to Fix Remote Code Execution Flaw

Microsoft has released an out-of-band hotpatch update, KB5084597, to address three critical remote code execution vulnerabilities (CVE-2026-25172, CVE-2026-25173, CVE-2026-26111) in the Windows Routing and Remote Access Service (RRAS) management tool. This update is specifically for Windows 11 Enterprise devices in the hotpatch program that did not receive fixes during the March 2026 Patch Tuesday. The vulnerabilities can be exploited by an authenticated attacker within the domain, potentially leading to remote code execution. Hotpatch updates apply fixes through in-memory patching without requiring a device reboot, making them suitable for mission-critical devices. The update is applicable to Windows 11 versions 24H2, 25H2, and Windows 11 Enterprise LTSC 2024, and will be automatically installed on enrolled devices without a restart. Non-enrolled devices received the fix via the standard March 10 Patch Tuesday update.

Winsage

March 12, 2026

Windows 11’s March Optional Update is Now Available for Release Preview Insiders

The March optional update for Windows 11 versions 25H2 and 24H2, identified as KB5079387, has been released for Insiders on the Release Preview Channel. Key enhancements include: - Narrator improvements: Enhanced reliability for setting up Natural Voices, access to rich image descriptions via shortcuts, and instant on-device descriptions for Copilot+ PC users. - Settings improvements: Increased reliability for downloading updates in the Settings menu. - Smart App Control improvements: Users can toggle this security feature on or off without a clean installation. - Modern pen setting experience: Digital pen users can configure the pen tail button to launch the same application as the Copilot key. - Display improvements: Enhanced reliability of auto-rotation after sleep and external monitors connected via USB4 can operate at a low power level during sleep. - File Explorer improvements: Ability to rename files using Voice Typing and sort permissions entries in Advanced Security Settings by ‘Principal’. - Windows Recovery Environment improvements: x64 applications are expected to perform better on ARM64 devices. The update will be available to non-Insiders as an optional update in the last week of March, with a broader public rollout expected in April.

Winsage

March 12, 2026

Windows 11 KB5079473 & KB5078883 cumulative updates released

Microsoft has released cumulative updates KB5079473 and KB5078883 for Windows 11 versions 25H2, 24H2, and 23H2 as part of the March 2026 Patch Tuesday. These updates address security vulnerabilities, fix bugs, and introduce new features. Users can install the updates via Start > Settings > Windows Update or manually from the Microsoft Update Catalog. The build numbers will change to 26200.8037 for 25H2, 26100.8037 for 24H2, and 22631.6783 for 23H2. Key enhancements include improved device targeting data for Secure Boot certificates, better reliability in File Explorer searches, and various new features such as a curated selection of emojis, a new backup and restore experience, automatic activation of Quick Machine Recovery, a built-in network speed test on the taskbar, and the ability to set WebP images as desktop backgrounds. Additionally, improvements have been made to the Windows Update settings page and the reliability of waking from sleep. No new issues have been reported with this month's updates.

Winsage

March 11, 2026

I tested Windows 11 March 2026 Updates: Everything new, improved, and fixed

Microsoft has rolled out the March 2026 Patch Tuesday update for Windows 11 (KB5079473, Build 26200.8037) and Windows 10, focusing on enhancements and functional upgrades. The update applies to Windows 11 versions 25H2 and 24H2, introducing new features, security enhancements, system fixes, and reliability improvements. Key features include: - Support for Emoji 16.0, allowing users to insert new emojis through the Emoji panel. - Windows Backup restore adapted for organizational use, enabling restoration of user settings and applications during sign-in. - Quick Machine Recovery (QMR) enabled by default on more Windows 11 Pro PCs. - A Bing-powered Internet speed test tool accessible from the taskbar. - Sysmon included as a native component for system activity monitoring. - Support for WebP images as desktop wallpapers. - Remote Server Administration Tools (RSAT) supported on Windows 11 Arm64 devices. - Minor enhancements in Accounts and Camera settings. The update also includes reliability and stability improvements, such as enhanced responsiveness of the Windows Update settings page, improved sign-in screen reliability, and better performance for the Windows printing service. It lays groundwork for Secure Boot certificate updates and addresses BitLocker reliability issues. Additionally, internal AI components have been updated, and a servicing stack update (SSU) has been released to enhance Windows Update infrastructure reliability. Microsoft is also expanding the updated Start menu and battery icons to more devices and warns users about the importance of updating Secure Boot certificates before their expiration in June 2026.

Winsage

March 11, 2026

Microsoft Releases March 2026 Patch Tuesday Updates

Microsoft has released the March 2026 Patch Tuesday update, KB5079473, for all supported versions of Windows 11 (25H2 and 24H2). Key changes include: - A Network Speed Test Tool in the Taskbar for measuring Ethernet, Wi-Fi, and cellular performance. - New pan and tilt options for supported cameras in the Settings menu. - Built-in System Monitor (Sysmon) available as an optional feature; users should uninstall previous versions before enabling it. - Remote Server Administration Tools (RSAT) support for Windows 11 Arm64 devices. - Quick Machine Recovery tool enabled for Windows Professional devices not domain-joined or enrolled in enterprise management. - Ability to use .webp image files for desktop backgrounds. - Introduction of new emojis from Emoji 16.0, including a face with bags under the eyes and a fingerprint. - BitLocker improvements for device responsiveness after entering a recovery key. - Enhanced reliability of search functions in File Explorer. Additionally, Microsoft is publishing patch notes for the upcoming version 26H1, which is currently available to Windows Insiders on the Canary Channel but not yet public. The KB5079466 patch for version 26H1 includes features already seen in earlier Windows 11 versions.