reboot Archives

Winsage

April 16, 2026

Microsoft April Update Forces BitLocker Recovery on Servers

A recent Microsoft security update, April 2026 KB5082063, has caused issues for administrators of Windows Server 2025 and Windows 11 systems, with many devices entering BitLocker recovery mode after reboot, requiring a 48-digit recovery key. This issue primarily affects enterprise-managed systems with specific TPM Group Policy settings involving PCR7 validation. Similar problems have been reported with updates KB5083769 and KB5082052 on Windows 11. The issue arises from five conditions: BitLocker must be enabled on the OS drive, the Group Policy must include PCR7, the msinfo32.exe tool must show Secure Boot State PCR7 Binding as “Not Possible,” the Windows UEFI CA 2023 certificate must be in the Secure Boot Signature Database, and the device must not be using the 2023-signed Windows Boot Manager. Microsoft suggests two workarounds: removing the TPM validation Group Policy before the update and re-enabling BitLocker, or applying a Known Issue Rollback (KIR) before installation. Skipping the April updates is not advisable due to the addressing of 167 vulnerabilities, including two zero-days. BitLocker recovery issues following updates have been recurring since 2022, with similar incidents reported in August 2022, August 2024, and May 2025, indicating ongoing challenges with Secure Boot certificates and TPM validation bindings in enterprise environments.

Winsage

April 15, 2026

Windows Update Warning: Fake Windows 11 24H2 Site Pushes Password-Stealing Malware

A sophisticated fake Windows update site has emerged, designed to mimic Microsoft’s branding to distribute malware, specifically targeting individuals seeking early access to Windows 11 version 24H2. The fraudulent site resembles a legitimate cumulative update download page, using familiar design elements to evade detection. The malware operates as an information-stealing entity, targeting saved passwords and browser sessions, potentially bypassing two-factor authentication. It transmits stolen credentials through encrypted channels to external servers. The installer uses legitimate packaging tools to minimize detection and employs obfuscated scripts within legitimate software components. The campaign modifies system startup entries and creates disguised shortcuts to maintain persistence. Researchers noted the use of a typosquatted domain and meticulously spoofed file properties. As of April 2026, Microsoft has not released Windows 11 version 24H2 to the public, and legitimate updates are only available through Windows Update. Users are advised to obtain updates exclusively through official channels and keep security features updated.

Winsage

April 14, 2026

Microsoft’s VP brings macOS-style click to reveal desktop feature to Windows with new tool

Scott Hanselman, VP at Microsoft, has introduced a tool called PeekDesktop for Windows, which allows users to minimize all open windows by clicking on an empty area of their desktop wallpaper. A second click or switching back to any application restores the windows to their original positions. This feature is similar to the "click wallpaper to reveal desktop" function in macOS Sonoma, which has not been available in Windows until now. PeekDesktop is easy to install from GitHub, requires no additional setup, and is compatible with Windows on ARM. It uses minimal system resources and operates through lightweight Windows APIs to manage window states. Users can customize settings from the system tray, and Hanselman is working on enhancements to replicate more macOS-style behaviors.

AppWizard

April 14, 2026

Despite rumors of a GTA 6-inspired delay, Fable studio says it’s ‘excited to welcome you back to Albion in autumn 2026’

The reboot of Fable is set to be released in the fall of 2026, 15 years after Fable 3. It will compete with Grand Theft Auto 6, which launches on November 19, 2026. There are speculations about a potential delay for Fable to avoid clashing with GTA 6, with hints from Jeff Grubb that Fable might be "pushed internally." A delay to Q1 2027 could lead to further complications if Rockstar decides to move GTA 6 to February 2027. Inquiries have been made to Playground Games for clarification on the release schedule.

Winsage

April 13, 2026

Data Doctors: 6 hidden settings slowing your Windows PC

A slow computer does not always indicate outdated hardware; simple adjustments can enhance performance without upgrading. Key tips include: - Restarting the computer to clear temporary files and finalize updates. - Disabling unnecessary startup applications to improve boot time. - Limiting background apps to conserve memory and processing power. - Switching to a "High Performance" power plan when plugged in to enhance responsiveness. - Setting "Active Hours" to manage intrusive Windows updates. - Disabling visual effects to reduce the burden on graphics hardware. - Enabling "Storage Sense" to automatically manage and delete unnecessary files.

Tech Optimizer

April 13, 2026

Fake Claude site installs malware that gives attackers access to your computer

Claude, an AI tool developed by Anthropic, receives nearly 290 million web visits monthly and has become a target for cybercriminals. A fake website has been found that impersonates Claude, distributing a trojanized installer named Claude-Pro-windows-x64.zip. This installer, while appearing legitimate, deploys PlugX malware, granting attackers remote access to users' systems. The fraudulent site mimics the official download page and uses passive DNS records linked to commercial bulk-email platforms, indicating active maintenance by the operators. The ZIP file contains an MSI installer that incorrectly spells "Claude" as "Cluade" and creates a desktop shortcut that launches a VBScript dropper. This script runs the legitimate claude.exe while executing malicious activities in the background, including copying files to the Windows Startup folder to ensure persistence after reboot. The attack utilizes a DLL sideloading technique recognized by MITRE as T1574.002, where a legitimate G DATA antivirus updater is exploited with a malicious DLL. Within 22 seconds of execution, the malware establishes a connection to an IP address associated with Alibaba Cloud, indicating control over the compromised system. The dropper script also employs anti-forensic measures to delete itself and the VBScript after deployment. Indicators of compromise include the filenames Claude-Pro-windows-x64.zip, NOVUpdate.exe, avk.dll, and NOVUpdate.exe.dat, along with the network indicator 8.217.190.58:443 (TCP) as the command and control destination. Users are advised to download Claude only from the official site and to remain vigilant against potential compromises.

AppWizard

April 13, 2026

Hades 2, the Award-Winning Sequel, Lands on Xbox Game Pass Soon

Hades 2 has been recognized as one of CNET's best games of 2025, winning Best Action Game at the 2025 Game of the Year awards and Best Game on Steam Deck at the Steam Awards. It will be available on Xbox Game Pass starting Tuesday. Xbox Game Pass offers a library of games for a monthly fee, with the premium Game Pass Ultimate subscription providing access to hundreds of games, including new releases on launch day. DayZ, a multiplayer survival game, is now available on Game Pass Ultimate, Game Pass Premium, Game Pass Essential, and PC Game Pass. Endless Legend 2, a fantasy strategy game, has been added to Game Pass Premium. FBC: Firebreak, a first-person shooter, is also new to Game Pass Premium. Planet Coaster 2, a park management game, is part of Game Pass Ultimate, Game Pass Premium, and PC Game Pass. Tiny Bookshop, a management game, is available on Game Pass Ultimate, Game Pass Premium, and PC Game Pass. Football Manager 26 has been added to Game Pass Premium. Hades 2 is set to launch on April 14, continuing the story of Melinoe. Replaced and The Thaumaturge will also debut on April 14. The Elder Scrolls IV: Oblivion Remastered will be available on Game Pass Premium starting April 16, along with EA Sports NHL 26. Call of Duty: Modern Warfare will launch on April 17. Little Rocket Lab and Sopa: Tale of the Stolen Potato will be new to Game Pass Premium on April 21, along with Vampire Crawlers. Kiln will launch on April 23. Game Pass Essential has added two new titles as of April 8. Five games, including GTA 5, will be removed from Game Pass on April 15.

Winsage

April 13, 2026

Tested: Microsoft may finally end forced Windows 11 updates with a new pause feature that gives you full control

Microsoft is piloting a feature that allows users to select a specific date for pausing updates in Windows 11, moving away from the previous system that allowed pauses of up to five weeks. Users can access this feature through Settings > Windows Update, where they can choose to pause updates for a specific date using a calendar flyout. Currently, Windows 11 typically receives updates at least twice a month, with additional updates as needed. Users of Windows 11 Pro or Enterprise can defer updates for extended periods, potentially up to a year. The new pause controls are still in development, and while the upper limits for pause duration are unclear, there may be a cap similar to the Group Policy limit of one year. Microsoft is also working on streamlining the installation process for large updates and enhancing user control over third-party drivers.

Winsage

April 9, 2026

This fake Windows support website delivers password-stealing malware

A phishing campaign has been identified that uses a counterfeit Microsoft support website, microsoft-update[.]support, to trick users into downloading a malicious Windows update disguised as WindowsUpdate 1.0.0.msi. This file, created on April 4, 2026, appears legitimate but contains malware designed to steal sensitive information. The campaign targets French-speaking users, leveraging recent data breaches in France to create convincing scams. The malware, once executed, installs an Electron application that runs a Python interpreter, which then deploys various data theft tools. It employs two persistence mechanisms: modifying the Windows registry and creating a shortcut in the Startup folder. The malware connects to external sites for reconnaissance and data exfiltration, using domains like datawebsync-lvmv.onrender[.]com and store8.gofile[.]io. The malware's components have evaded detection by antivirus tools, with VirusTotal reporting zero detections for the main executable and its launcher. Users are advised to check their registry, remove suspicious files, change passwords, and run a full system scan if they suspect installation of the malicious update. Safe updating practices include using the built-in Windows update feature and being cautious of phishing attempts. Indicators of compromise include specific file hashes, domains associated with the phishing campaign, and file system artifacts related to the malware's installation.

Tech Optimizer

April 8, 2026

PostgreSQL logical replication: How to replicate only the data that you need

Many organizations using PostgreSQL face challenges in replicating data across different logical databases while controlling shared information. PostgreSQL 15 introduces native logical replication with column-level and row-level filtering within publications, allowing precise control over data transfer between PostgreSQL databases. Logical replication operates on a publish-subscribe model, where the source database logs changes to the Write-Ahead Log (WAL) and applies publication filters to transmit only the relevant data to the target database. Two filtering modes are available: column-level filtering allows users to specify which columns to replicate, while row-level filtering uses WHERE clauses to determine which rows to include. Both filtering modes can be combined in a single publication. The SQL syntax for creating publications and subscriptions is consistent across various PostgreSQL environments, with specific configurations required for enabling logical replication. Use cases for logical replication include multi-tenant SaaS data isolation, regional data distribution for ecommerce, PCI DSS compliance in financial services, development and testing environments, and retail inventory management. Prerequisites for implementing logical replication include using PostgreSQL 15 or later, ensuring network connectivity, having a user with replication privileges, enabling logical replication on the source instance, and monitoring WAL retention. Logical replication has limitations, such as the need for a replica identity for UPDATE and DELETE operations, the non-replication of DDL changes and sequences, and potential performance overhead during initial synchronization and ongoing replication. After testing, it is advisable to clean up by removing replication resources to prevent unnecessary costs.