PowerShell Archives

Winsage

April 27, 2025

5 hidden Windows features I wish I’d been using all along

Windows 11 includes several features that enhance productivity: 1. Clipboard History: Allows users to copy and paste multiple items. To enable, go to Settings -> System -> Clipboard and toggle on Clipboard history and Clipboard history across devices. 2. Scroll Inactive Windows: Enables scrolling through inactive windows by hovering over them. To activate, go to Settings -> Bluetooth & devices -> Mouse and toggle on "Scroll inactive windows when hovering over them." 3. Ctrl+Shift+Enter in Run Dialog Box: Launches applications with administrative privileges using the Ctrl+Shift+Enter shortcut in the Run dialog box. 4. Enable Enhanced Search: Expands search capabilities to include the entire drive. To enable, go to Settings -> Privacy & security -> Searching Windows and select the Enhanced option. 5. Enable God Mode: Provides access to numerous system settings in one location. To activate, create a new folder and rename it to a specific string that grants access to these settings.

Winsage

April 24, 2025

Microsoft fixes bug causing incorrect 0x80070643 WinRE errors

Microsoft has resolved a known issue causing 0x80070643 installation failure errors during the deployment of the April 2025 Windows Recovery Environment (WinRE) updates. This issue affected the KB5057588 update for Windows Server 2022 and the KB5057589 update for Windows 10, versions 22H2 and 21H2. The error message was misleading, as it did not reflect the actual status of the update or the device's performance. The error typically occurred when a device attempted to install the WinRE update while another update was pending a reboot. Microsoft confirmed that users will no longer see the incorrect error message after installing the affected updates. Additionally, in August of the previous year, Microsoft retired the January 2024 Windows security updates that also triggered 0x80070643 errors during WinRE updates. During that time, fraudulent IT support websites promoted malicious PowerShell "fixes" for these errors, leading to malware infections among users.

Winsage

April 22, 2025

These 7 WSL programs changed how I use Windows

Windows users previously faced challenges using Linux tools via virtual machines until the introduction of the Windows Subsystem for Linux (WSL), which was further improved with WSL2. WSL2 integrates a lightweight virtual machine into Windows, allowing users to run Linux applications seamlessly. Runtipi and CasaOS can be easily set up on WSL2 to host self-service applications without complex configurations. Visual Studio Code (VS Code) offers a WSL extension that enables code execution directly in Linux distributions from Windows, enhancing the coding experience. Gigolo is a frontend for managing network shares, which can also be integrated into Windows 11 through WSL2. Ansible can automate the provisioning of virtual machines and containers on WSL2, making it easier for users engaged in DIY projects. Rsync can be installed via WSL2 for efficient file synchronization and backups on Windows. Podman Desktop allows Windows users to explore container runtimes using WSL2, providing a GUI for managing containers. Lastly, WSL2 enables users to access the Linux terminal and run various Linux distributions directly within Windows 11.

Winsage

April 18, 2025

How to Set Up Windows Terminal with WSL, PowerShell, and CMD for Maximum Productivity

Windows Terminal is a unified interface that allows users to access multiple command-line environments, such as Command Prompt, PowerShell, and Windows Subsystem for Linux (WSL), from a single application. It features a tabbed interface for running multiple sessions and supports split panes for side-by-side work. Windows Terminal is pre-installed on Windows 11 version 22H2 or later, while Windows 10 users can download it from the Microsoft Store. Users can add profiles for different shells, customize themes and appearance, configure startup actions, and define custom keybindings. The application enhances productivity by consolidating command-line tools and providing an organized workspace.

Winsage

April 15, 2025

Microsoft tells Windows users to ignore 0x80070643 WinRE errors

Microsoft has acknowledged that some users may experience installation failures with error code 0x80070643 when deploying the April 2025 Windows Recovery Environment (WinRE) updates, specifically affecting the KB5057589 update for Windows 10 versions 22H2 and 21H2, and the KB5057588 update for Windows Server 2022. The company stated that this error is misleading and does not affect device functionality, as the WinRE update is typically applied successfully after a device restart. Users may see a failure indication in Windows Update, but this will be resolved after the next daily scan and restart. Microsoft is working on a resolution for this issue, which follows a similar situation from August 2024. Additionally, fraudulent IT support websites have been identified promoting malicious PowerShell "fixes" for these errors.

Winsage

April 15, 2025

Windows Server 2025 may lose DC connectivity after restart

Microsoft has warned about potential accessibility issues with Windows Server 2025 domain controllers after a restart, where affected servers revert to the default firewall profile, disrupting applications and services. A temporary workaround involves manually restarting the network adapter on the impacted servers using the PowerShell command: Restart-NetAdapter *. This workaround needs to be reapplied after each restart of the domain controller, and Microsoft recommends setting up a scheduled task to automate this process. Windows Server 2025, launched earlier this year, introduced new features and security enhancements but has faced previous issues, including freezing Remote Desktop sessions and accidental upgrades from Windows Server 2022. Developers are currently working on a permanent solution for the domain controller issue.

Winsage

April 14, 2025

Windows Server 2025 Restart Bug Breaks Connection with Active Directory Domain Controller

Microsoft has warned IT administrators about a significant issue affecting Windows Server 2025 domain controllers, which may struggle to manage network traffic after a system restart. This problem arises because the domain controllers revert to the standard firewall profile instead of the required domain firewall profile, leading to potential inaccessibility on the domain network, application failures, and open ports that could pose security risks. The issue specifically affects Windows Server 2025 systems with the Active Directory Domain Services role, while client systems and earlier server versions remain unaffected. To address this, Microsoft recommends a temporary workaround: manually restarting the network adapter using PowerShell with the command Restart-NetAdapter * after each reboot. Administrators are advised to create a scheduled task for automation, monitor domain controllers for disruptions, and minimize unnecessary restarts. Microsoft is working on a permanent fix, with an update expected in the future.

Winsage

April 14, 2025

Microsoft: Windows Server 2025 restarts break connectivity on some DCs

Microsoft has warned IT administrators about a potential issue with Windows Server 2025 domain controllers (DCs) becoming inaccessible after a restart, due to defaulting to the standard firewall profile instead of domain-specific settings. This mismanagement can lead to DCs being unreachable on the domain network or improperly accessible through restricted ports and protocols. A workaround involves manually restarting the network adapter on affected servers after each reboot, and Microsoft recommends setting up a scheduled task for this. The company is working on a permanent solution for a future update. Additionally, Microsoft has alerted users to another issue with Windows Hello logins related to the KB5055523 April 2025 security update and has implemented a fix for authentication issues with Credential Guard and the Kerberos PKINIT pre-auth security protocol.

Winsage

April 7, 2025

EncryptHub’s dual life: Cybercriminal vs Windows bug-bounty researcher

EncryptHub has been linked to breaches affecting 618 organizations and is associated with the disclosure of two Windows zero-day vulnerabilities, CVE-2025-24061 and CVE-2025-24071, to Microsoft. The vulnerabilities were addressed during the March 2025 Patch Tuesday updates, and the reporter was acknowledged as 'SkorikARI with SkorikARI.' Investigations revealed a connection between EncryptHub and SkorikARI, following an incident where EncryptHub exposed their credentials. SkorikARI's accounts were used to report the vulnerabilities, contributing to Windows security. Evidence linking SkorikARI to EncryptHub includes password files exfiltrated from EncryptHub's system and a GitHub account associated with SkorikARI. EncryptHub has previously attempted to market zero-day vulnerabilities on underground forums and is believed to have affiliations with ransomware groups. The threat actor has executed social engineering campaigns, phishing attacks, and developed a custom infostealer known as Fickle Stealer. They created fictitious social media profiles and websites, such as a fake project management application called GartoriSpace, which installed malicious files on unsuspecting users. EncryptHub has also been implicated in exploiting a Microsoft Management Console vulnerability, CVE-2025-26633.

Winsage

April 2, 2025

Your PC’s Windows install needs spring cleaning too. Here’s how to do it

- Regular maintenance of a PC is essential, especially during seasonal changes. - Uninstall unnecessary programs by accessing the Windows 11 Start menu, reviewing installed applications, and selecting Uninstall. - Specialized uninstall tools like Revo Uninstaller or Iobit Uninstaller can help remove leftover files and registry entries after standard uninstallation. - Unused Windows apps and features can be removed using Powershell commands or the freeware version of CCleaner. - Windows has a built-in cleaning service called "Storage Sense" that can be activated in Settings > System > Storage to manage unnecessary files automatically. - The Disk Cleanup tool can be accessed by typing cleanmgr in the search field to target temporary files and the recycle bin. - Software like Duplicate Photos Fixer Pro can help find and delete duplicate photos in large collections. - To reset Windows 11, navigate to Settings > System > Recovery > Reset PC, with an option to keep existing files or perform a complete reinstall.