Reboots Archives

Winsage

June 15, 2026

Microsoft released the Windows 11 Secure Boot update for all PCs, how to verify yours

Microsoft has expanded the rollout of the Secure Boot 2023 certificate update to more Windows 11 and Windows 10 devices with the June 2026 Patch Tuesday update (KB5094126). This update aims to ensure that most supported consumer PCs are classified as high confidence, meaning necessary certificates are either installed or will be applied automatically. Secure Boot is a firmware security feature that verifies the software attempting to load during the startup process, blocking unauthorized software. The certificates supporting Secure Boot, issued in 2011, are expiring in stages starting June 24, 2026, prompting Microsoft to deploy replacement certificates. Most home users do not need to take manual action as the updates will occur automatically via Windows Update. Users can check their Secure Boot certificate status in the Windows Security app. A yellow warning indicates pending compatibility data, while a red alert suggests a firmware incompatibility requiring a BIOS update. Multiple reboots during the update process are normal, and a new SecureBoot folder in Windows is for staging cryptographic files. Older PCs may experience longer update times, and some may not receive updates due to firmware issues. HP users should check for BIOS updates if encountering BitLocker recovery loops. IT administrators should monitor device classifications and manually initiate updates for devices not in the high confidence category. Devices with Secure Boot disabled cannot receive updates, leaving them vulnerable. The expiration of the Microsoft Corporation KEK CA 2011 certificate on June 24 does not immediately affect device functionality, but it limits Microsoft's ability to sign new bootkit blacklist updates.

Winsage

June 12, 2026

Windows NT on the GameCube is Basically a Homebrew Project That Brings the Classic OS to Nintendo Hardware

GameCube enthusiasts are utilizing homebrew projects to enhance the console's capabilities, including region-free play and disc backups. A new initiative allows a full PowerPC build of Windows NT to run on the GameCube, leveraging its Gekko CPU's compatibility with early PowerPC-based PCs. The entii-for-workcubes project, led by Wack0, provides components for running Windows NT 3.51 or 4.0 on GameCube and Wii systems, featuring an ARC firmware bootloader for loading homebrew software. Users need to prepare an SD card with specific files and a Windows NT ISO to initiate the process. After installation, basic productivity tools are accessible, but limitations include only 24MB of RAM, slower access speeds, lack of sound support, and potential reboot stalls.

Winsage

June 2, 2026

New PHANTOMPULSE RAT Campaign Uses UAC Bypass in Windows Attacks

The REF6598 intrusion set has revealed a Remote Access Trojan (RAT) named PHANTOMPULSE, which is distributed via malicious Obsidian plugins. It uses advanced evasion techniques, including a blockchain-based command and control (C2) channel and a public User Account Control (UAC) bypass to infiltrate Windows systems. The malware disables security measures like the Antimalware Scan Interface (AMSI) and Windows Lockdown Policy (WLDP) through a hardware-breakpoint technique, allowing it to avoid detection by signature-based memory scanners. PHANTOMPULSE hides its core files in encrypted registry blobs and creates scheduled tasks that appear as .NET Framework updates. Its decentralized C2 framework queries public blockchains for operational data, but it lacks sender authentication, which can be exploited by defenders. The malware inventories the system for antivirus software and targets high-value applications. It employs a UAC bypass technique called “schuac” to gain elevated permissions. Analysts attribute this campaign to DPRK-aligned threat actors, particularly the BlueNoroff group, due to its focus on cryptocurrency wallets and blockchain exploitation. Defenders can identify new infrastructure by searching blockchain ledgers for a specific hex signature associated with the malware's C2 encryption routine.

Winsage

May 30, 2026

How to Disable Windows Defender in Windows 11 (GUI, PowerShell, CMD & Group Policy)

Disabling Windows Defender is common among users setting up virtual machines or optimizing build processes, but it can be frustrating due to Windows 11's resistance to such actions. Many guides suggest using outdated registry keys, which are often reverted by updates, leading to repeated attempts to disable the protections. Users may disable Defender for several reasons, including performance issues with virtual machines, conflicts with Android emulators, hindrances in development environments, troubleshooting disk performance, and security testing in isolated labs. However, disabling antivirus software increases exposure to threats. Microsoft Defender includes components such as Antivirus, Real-Time Protection, Cloud-Delivered Protection, Tamper Protection, and Defender for Endpoint. Tamper Protection is a significant barrier to disabling Defender, as it prevents unauthorized changes to security settings. Key considerations before disabling Defender include the need for administrator rights, the effect of Tamper Protection, potential resets from Windows Updates, temporary toggles for Real-Time Protection, and the option to install third-party antivirus software, which places Defender in passive mode. Methods to disable Defender include using the Windows Security GUI, PowerShell commands, Command Prompt, or Group Policy (available only for certain editions). Disabling Tamper Protection requires accessing the GUI or being managed by an organization. To check if Defender is disabled, users can use PowerShell to review specific fields. Common reasons for Defender reactivating include enabled Tamper Protection, system reboots, Windows Updates, lack of third-party antivirus, and security policy refreshes. Installing a legitimate third-party antivirus is often the best way to maintain a consistent state. Instead of disabling Defender, users can add exclusions for specific folders related to virtual machines or development tools, allowing them to maintain protection while avoiding conflicts. Troubleshooting common problems includes ensuring elevated sessions for PowerShell, checking Tamper Protection status, and understanding the limitations of the Group Policy editor based on the Windows edition. Disabling Defender may be appropriate in specific scenarios, but for regular use, especially on machines handling sensitive tasks, the risks generally outweigh the benefits. Using exclusions is recommended for performance improvements without compromising security.

Winsage

May 27, 2026

Is it time to move from Windows to Linux?

The evolution of software development has progressed from intricate coding practices in the era of Windows 3.1 to more user-friendly programming environments. Linux applications typically require less RAM, often functioning efficiently with 8 to 16 GB, compared to 32 GB for Windows. Users can explore Linux through platforms like WSL, Hyper-V, or VirtualBox without fully committing. Linux serves as a viable alternative for older PCs that cannot support Windows 11 and acquiring Linux development skills can enhance professional profiles. Linux updates generally do not require reboots, and users can choose when to install them. Windows systems tend to slow down over time due to registry clutter, while Linux maintains performance integrity. Windows runs numerous background processes that could be disabled for better performance, but users may not know which ones are safe to turn off. Developers may find Windows frustrating due to increasing restrictions and limited administrative privileges. In contrast, Linux provides transparency regarding telemetry data. Microsoft's Visual Studio Code is a leading text editor for Linux, highlighting Microsoft's influence on Linux development. The introduction of Python and C# on Linux has showcased its performance advantages. While Windows has an edge in GUI development, tools like Flutter are enabling Linux GUI application creation. Many Linux utilities work seamlessly from the terminal. Transitioning to full-time Linux use is a personal choice, especially for gamers or those with specific project needs. The ability to develop in languages like Rust, Flutter, and C# across both operating systems encourages exploration of various Linux distributions.

AppWizard

May 27, 2026

Total Android recall: Never lose an important notification again

BuzzKill features an intuitive “if this, then that” format for automation, allowing users to customize timing and conditions for their rules. It includes an experimental “Restore after reboot” action that reliably restores notifications after a device restart, ensuring important alerts are not missed. This mechanism activates whenever the phone reboots, providing continuity in communication.

Winsage

May 26, 2026

Tame Windows 11 with Winhance + Group Policy as your preventive Affirmative Defense against undesired advertising, bloat and espionage by Allan Tépper

Users of Windows 11 face issues with unwanted advertising, bloatware, and privacy concerns. To combat these, a combination of Group Policy and Winhance is recommended. Group Policy can be used to preemptively instruct Windows to ignore specific undesired elements, while Winhance addresses issues that may re-emerge after updates. Group Policy is referred to as "Directivas de grupo local" in Castilian. Before implementing policies, Windows should be fully updated. Two essential policies to enhance control include removing default Microsoft Store packages and opting out of sending diagnostic data to Microsoft. Group Policies can be saved and shared if the target computer matches the original system's version and update status. Winhance is a tool that monitors and manages unwanted applications, offers customization options, and provides a list of third-party apps for replacing built-in applications.

Winsage

May 23, 2026

Microsoft says you should pause Windows 11 Updates when you need to work, as it tests greater controller

Microsoft is shifting its approach to Windows updates, responding to user frustrations about receiving update notifications during critical work hours. The company is currently testing more nuanced controls for updates with Windows Insiders, including a "Pick a date" feature that allows users to pause updates for up to 35 days, with the option to extend the pause indefinitely. Retail Windows 11 users can pause updates for up to five weeks, after which updates will automatically download without further pause options. Microsoft acknowledges that the frequency of updates can disrupt workflows for its 1.6 billion users, many of whom view mandatory updates as interruptions. The time required for updates has increased due to larger cumulative update packages, which can exceed 4GB, and the complexity of the operating system. To improve user control, Microsoft is testing a new power menu that separates update and shutdown options, allowing users to power down without installing updates. Additionally, updates will now include device class information in their titles for better user awareness. These changes aim to streamline the update experience and address long-standing user complaints.

Winsage

May 18, 2026

Windows CE Ported to Nintendo 64

Throaty Mumbo successfully ran Windows CE 2.11 on the Nintendo 64 by leveraging the shared architecture of both systems, which are based on the MIPS R4000 processor family. The project involved a month of reverse engineering, using Microsoft toolchains, custom hardware modifications, and debugging techniques. An EverDrive flash cartridge was used to load custom ROMs, and a USB connection facilitated uploads from a PC. Challenges included crashes with the initial EverDrive cartridge, which were resolved by upgrading to the EverDrive-64 X7. A custom kernel clone was created to troubleshoot issues with the stock Windows CE kernel, ultimately allowing the project to revert to the unmodified version. The Nintendo 64 controller was repurposed as a mouse, and standard Windows CE applications could be launched from the desktop. Comprehensive build details are available on GitHub.

Winsage

May 17, 2026

I got tired of hunting through Windows for every setting, so I built my own control center

The utility created simplifies Windows management by consolidating various settings and diagnostics into a single interface. It provides an overview of system metrics such as DNS latency, system uptime, and temporary file accumulation. The application includes dedicated pages for health checks, network insights, services, scheduled tasks, drives, drivers, power plans, gaming toggles, privacy settings, and taskbar configuration. Each diagnostic is executed through PowerShell scripts, with results displayed in a user-friendly format. The utility maintains transparency by creating .reg backups before modifying the registry and allows users to revert changes easily. It is open-source, lightweight, and designed for personal use rather than debloating. The program's structure enables users to inspect and modify scripts, ensuring clarity and control over system adjustments.