PowerShell

Winsage
July 1, 2026
In 2001, Steve Ballmer, then CEO of Microsoft, referred to Linux as a "cancer" threatening Microsoft's intellectual property and likened its users to "communist thieves." By 2016, after Microsoft ported SQL Server to Linux, Ballmer expressed enthusiasm for the change and acknowledged that the conflict with open-source had benefited Microsoft's financial success. In 2020, Microsoft President Brad Smith admitted the company had been on the wrong side of history regarding open source and noted the need for change. Microsoft has since embraced open-source technologies, introducing products like Azure Linux 4.0, built on Fedora. As Windows 11's transition becomes difficult for users, advocacy groups have criticized Microsoft for ending support for Windows 10, which could lead to millions of discarded computers. Microsoft extended Windows 10's life through an Extended Security Updates program until October 14, 2026, with a recent announcement pushing it to 2027. Rising hardware costs and design flaws in Windows 11 have led some users to consider alternatives like Linux. A survey revealed that 30% of PCs are still running Windows 10, and a poll showed that 68% of respondents plan to stick with Windows 10 through 2027.
Winsage
June 30, 2026
Former Microsoft CEO Steve Ballmer initially described Linux as a "cancer" in 2001 but changed his perspective by 2016, supporting Microsoft's decision to port SQL Server to Linux. Microsoft President Brad Smith acknowledged the company's past underestimation of the open-source movement in 2020. Microsoft has integrated open-source solutions into its products, including PowerShell and Visual Studio Code, and launched Azure Linux 4.0. As Microsoft phases out support for Windows 10, critics argue this leads to programmed obsolescence, affecting up to 400 million PCs. Microsoft extended support for Windows 10 through its Extended Security Updates (ESU) program until October 14, 2026, with an additional extension through 2027. Rising hardware costs and stringent requirements for Windows 11 hinder many users' transitions. Advocacy groups are encouraging users to consider Linux, highlighting its advantages. Recent surveys show that 30% of HP PCs still run Windows 10, and a poll indicated that 68% of participants plan to stay with Windows 10 through 2027. There is a growing awareness among consumers regarding the potential shift to open-source alternatives like Linux.
Winsage
June 29, 2026
Major PC manufacturers, including HP, Dell, ASUS, Lenovo, MSI, Acer, Samsung, LG, and Microsoft’s Surface division, have provided guidance on transitioning to new Secure Boot certificates as the expiration of Microsoft’s 2011 certificates approaches. The expiration will occur in three phases: Microsoft Corporation KEK CA 2011 expired on June 24, 2026; Microsoft UEFI CA 2011 expired on June 27, 2026; and Microsoft Windows Production PCA 2011 is set to expire on October 19, 2026. Microsoft has begun rolling out replacement certificates through Windows Update, contingent on OEMs providing compatible BIOS updates. ASUS offers detailed documentation for both consumer and commercial devices, confirming that most users will receive updates automatically. Lenovo provides direct download links for BIOS updates organized by product family and specifies which products will not receive updates. Dell's support article covers its entire product lineup, noting that devices with an End of Service Life before January 1, 2026, will not receive updates. HP outlines a dual-track approach for updates, with specific timelines for commercial PCs. Microsoft's Surface devices receive updates directly from Microsoft, while MSI categorizes guidance based on processor generation for its laptops. Acer emphasizes backing up the BitLocker recovery key and provides a model table for confirmed BIOS release dates. Samsung confirms that all PCs running Windows 10 or 11 will function normally post-expiration, but security updates will cease. LG has released a guide for checking BIOS updates for its PCs. To verify if a PC has the 2023 certificates, users can check the Secure Boot section in Windows Security. A green checkmark indicates successful application, while yellow or red icons indicate pending updates or incompatibility. Microsoft has pushed the certificates to all eligible devices as of June 2026.
Winsage
June 25, 2026
Component Object Model (COM) is a technology in Windows that enables object activation, inter-process communication, and automation across different programming languages. Malware exploits COM interfaces for activities such as lateral movement, execution, downloading, exfiltration, persistence, evasion, system discovery, and automation of Windows and Office functionalities. Reverse engineering COM-heavy binaries involves navigating GUIDs and indirect vtable calls to understand malware mechanics. Research at the AVAR 2025 conference and CARO 2026 workshop discusses methodologies for analyzing COM binaries and case studies of malware families that utilize COM. COM is an application binary interface (ABI) model that allows software components to be reused and enables interaction between different programming languages through interfaces defined at the binary level. Distributed COM (DCOM) allows clients to activate COM objects on remote systems. COM classes are identified by unique class identifiers (CLSIDs), and interfaces by interface identifiers (IIDs). The Windows registry stores COM registration data, with classes and interfaces located under specific keys. Malware often acts as a COM client, utilizing the COM runtime to instantiate classes and request interfaces. ProgIDs provide human-readable registry entries for COM classes. The CoCreateInstance function helps create class objects by resolving CLSID registrations. All COM interfaces derive from IUnknown, which manages object lifetimes and interface querying. COM has its own security model, and identifying classes and interfaces used by malware is crucial for threat researchers. Tools like ComView and OleView.NET assist in inspecting COM registrations. The analysis workflow includes identifying activation API calls, extracting CLSID and IID values, consulting registry definitions, and mapping vtable calls. Qakbot, a banking trojan, exemplifies the use of COM in malware, with its architecture enabling malicious activities like credential theft. Dynamic analysis tools can log COM-related calls in real-time to trace execution flow. Notable malware families that utilize COM include Gh0stRAT, which uses Task Scheduler COM interfaces, and the Attor platform, which employs BITS for file transfers. WarmCookie demonstrates the use of COM for persistence through Task Scheduler. Understanding COM's role in malware is essential for cybersecurity professionals.
Winsage
June 25, 2026
Setting up a PC with the base Dev Config has been streamlined for developers, utilizing the Winget configuration service to install applications, execute updates, and apply developer settings on Windows. Users can access setup scripts by cloning a GitHub repository or downloading a zip archive, with clear instructions provided by Microsoft. The installation may require a reboot during the Windows Subsystem for Linux (WSL) installation, but the script resumes automatically afterward. The process installs applications such as PowerShell, Git, GitHub command-line interfaces, Windows App SDK, Visual Studio Code, and language support for Node.js, Python, and .NET. It also includes developer-friendly fonts and a theme engine for Windows Terminal, along with options for customizing File Explorer and the Windows Task Bar. After WSL installation, developers can use WSL Comfort scripts to install additional tools and personalize their Windows Terminal experience. This utility has two phases: the Windows component configures WSL and Ubuntu, while the Linux component fine-tunes the WSL environment, allowing for zsh and starship terminal display tools. It also integrates popular command-line interfaces and supports the Homebrew package installer, targeting existing Ubuntu instances without needing a new Linux distribution installation.
Search