Registry Archives

Winsage

March 27, 2026

Microsoft Confirms Dark Mode Expansion For Windows 11 Legacy Interfaces

Microsoft is working to enhance dark mode support in Windows 11, focusing on older system components, particularly legacy interfaces. Marcus Ash, head of Windows Design and Research, stated that efforts are underway to incorporate dark mode into more areas, including the Windows Registry Editor, although no timeline has been provided. Dark mode remains inconsistent across various system areas, such as File Properties dialogs, Registry Editor, Run dialog, Device Manager, and Disk Management. While some aspects of File Explorer have received dark mode support, others still display light-themed interfaces. Users should expect inconsistencies and are advised to use the system dark mode setting while regularly checking for updates. Microsoft has not disclosed specific details or timelines for future updates related to dark mode enhancements.

Winsage

March 25, 2026

Your Windows 11 File Explorer stutters because of an XP-era feature you can turn off in seconds

Windows 11's File Explorer has received mixed reviews, particularly due to delays in opening folders caused by the Automatic Folder Type Discovery feature. This feature scans folder contents to determine the best view, which can lead to frustrating delays, especially in folders with many files. Users can disable this feature through a registry edit, specifically by creating a new string value named FolderType and setting it to NotSpecified in the Registry Editor. After making this change and restarting the PC or File Explorer, the delays associated with Automatic Folder Type Discovery will be eliminated.

Winsage

March 25, 2026

Windows 95 let installers trash its files then fixed the mess behind their backs

Microsoft veteran Raymond Chen discussed how Windows 95 handled installers that overwrote crucial system files. The operating system was designed to allow installers to compare version numbers, permitting overwrites only if the new file had a higher version. However, many installers ignored this rule, often replacing Windows 95 components with outdated Windows 3.1 versions, causing significant system issues. Windows 95's commitment to backward compatibility meant that preventing file operations could disrupt installers, leading to installation failures or error messages for users. To address these challenges, Microsoft created a hidden directory, c:windowssysbckup, to store commonly overwritten files. After an installation, Windows would check version numbers and replace lower versions with higher ones, maintaining system integrity despite third-party installer chaos.

Winsage

March 25, 2026

Microsoft Removes Registry Hack for Faster NVMe SSDs in Windows 11

Microsoft has removed a registry hack that allowed users to unlock faster speeds for NVMe SSDs, following the introduction of native NVMe SSD support in Windows Server 2025. This change aims to enhance SSD performance by eliminating the need for the previous method that translated NVMe commands into SCSI commands, which caused latency and reduced speeds. Currently, Windows 11 does not support native NVMe SSD processing and continues to use the older command conversion method. Although the registry hack is now obsolete, third-party tools like ViVeTool can still enable this feature through specific commands, but using such tools carries risks.

Winsage

March 23, 2026

Microsoft blocks registry trick that unlocked performance-boosting native NVMe driver on Windows 11 — workarounds still exist to enable support, however

Microsoft has disabled a registry modification that allowed Windows 11 users to activate native NVMe support. This change was noted in the latest Insider builds of Windows 11. The registry trick had previously improved random write performance by up to 85% and enhanced random I/O across various drives and CPUs. However, it caused compatibility issues with third-party SSD management tools and could trigger recovery prompts from BitLocker. Users can still enable native NVMe support using a third-party utility called ViVeTool, which requires an elevated command prompt and a system reboot. The timeline for official native NVMe support in Windows 11 versions 25H2 and 26H2 is uncertain.

Winsage

March 18, 2026

Researchers Reveal ‘RegPwn,’ a Windows Registry Vulnerability That Granted SYSTEM Privileges

A Windows vulnerability named "RegPwn" (CVE-2026-24291) allows low-privileged users to elevate their access to full SYSTEM privileges. Discovered by the MDSec red team, it has been in use since January 2025 and was addressed in a recent Microsoft Patch Tuesday update. The vulnerability exploits the management of Windows accessibility features, which generate a registry key that grants full control to low-privileged users. When a user activates an accessibility tool, the configurations are copied into the local machine registry hive, which remains writable by the logged-in user. This creates an opportunity for manipulation, especially when user-controlled settings interact with the Windows Secure Desktop environment. An attacker can exploit this by modifying their user-level accessibility registry key and using an oplock on a system file, allowing them to replace the local machine registry key with a symbolic link to an arbitrary system registry key. This process operates under SYSTEM privileges, enabling the attacker to write arbitrary values to restricted areas of the Windows registry. MDSec demonstrated this technique to gain access to a SYSTEM-level command prompt. Microsoft has released security updates to address this vulnerability, and MDSec has made the exploit code available on GitHub for research purposes.

Winsage

March 17, 2026

Microsoft to Block Windows 11 and Server 2025 Automated Installation After Critical RCE Vulnerability

Microsoft is implementing a two-phase initiative to disable the hands-free deployment feature in Windows Deployment Services (WDS) due to a critical remote code execution vulnerability (CVE-2026-0386) identified on January 13, 2026. This vulnerability arises from improper access control related to the Unattend.xml file, which is transmitted over an unauthenticated RPC channel, allowing attackers on the same network segment to exploit it. Successful exploitation could grant SYSTEM-level privileges and compromise OS deployment images. The initiative includes: - Phase 1 (January 13, 2026): The hands-free deployment feature will remain operational but can be disabled. New Event Log alerts and registry key controls will be introduced to enforce secure practices. - Phase 2 (April 2026): The hands-free deployment feature will be completely disabled by default for administrators who have not modified registry settings. Administrators can temporarily re-enable the feature by setting AllowHandsFreeFunctionality = 1, but this is not secure. Recommendations include reviewing WDS configurations, applying security updates, setting registry keys for secure behavior, monitoring Event Viewer for alerts, and considering alternative deployment methods. Microsoft’s KB article 5074952 provides further guidance for impacted organizations.

Winsage

March 15, 2026

I stopped letting Windows 11 “help” with my files—my PC feels faster now

Windows File Explorer's performance has declined due to the accumulation of features that have made it more cumbersome. Users can improve performance by disabling certain features: 1. Disable OneDrive: OneDrive consumes over a gigabyte of memory during syncing. To disable it, right-click the cloud icon in the system tray, access settings, unlink the PC, and disable it from auto-launching in Task Manager. 2. Turn off Bitlocker: Bitlocker encrypts drives by default, which can slow down file operations. To disable it, go to Control Panel > System & Security > Bitlocker Encryption and select Turn Bitlocker off. 3. Disable automatic folder type discovery: This feature can cause lag when opening folders. To disable it, edit the Windows Registry by navigating to a specific path and creating a new String Value named "FolderType" with the value "NotSpecified." 4. Turn off Windows Search indexing: Windows Search consumes resources and may perform poorly. To disable it, access services.msc, stop Windows Search, and change its Startup type to Disable. Users can then download and use the tool "Everything" for a more efficient search experience.

Winsage

March 12, 2026

How to Block Windows Upgrade for Good

Recent reports indicate concerns among users about automatic upgrades of Windows PCs, particularly for those who prefer to stay on Windows 10 or a specific feature update. Despite these fears, there is no evidence that Microsoft upgrades PCs without user consent; many users may unintentionally accept upgrade prompts or face bugs that trigger updates. Microsoft's upgrade approach can feel aggressive, especially when feature updates are bundled with regular updates. If the option to receive the latest updates is enabled, automatic installations may occur, particularly when a version reaches its end of service. Users can prevent unwanted upgrades through several methods: 1. Group Policy Editor: For Windows Pro or Enterprise users, they can lock in a specific feature update by accessing the Group Policy Editor and setting the desired OS edition and feature update version. 2. Windows Registry: Windows Home users can modify the Windows Registry to restrict upgrades. This involves creating specific DWORD and String Values to set the target OS edition and feature update version. 3. InControl App: A user-friendly application that allows users to freeze their current OS edition and feature update version, preventing upgrades while still allowing monthly updates. These methods enable users to maintain control over their operating systems and avoid unexpected upgrades.

Winsage

March 12, 2026

Windows 11 reaches new milestone as Microsoft comes closer to finally killing off Windows 10

Microsoft's Windows 10 global share has decreased to 26.27% as of February, down from 35.77% in January, while Windows 11's adoption rate has risen to 72.77%. Windows 11 is now used by 1 billion individuals worldwide. Official support for Windows 10 will end in October 2025, leaving users vulnerable to security risks. Microsoft is phasing out the Security Boot feature, and users must upgrade to Windows 11 for ongoing protection and updates. Windows 11 offers features like default encryption and improved virtual desktop support. Users with eligible Windows 10 systems can upgrade for free, but the minimum hardware requirements include a 64-bit processor, 4GB RAM, 64GB storage, TPM 2.0, and Secure Boot. As many as 240 million functioning laptops may be unable to upgrade due to these requirements. New hardware is available with Windows 11 pre-installed, and Microsoft has introduced Copilot+ PCs with unique AI functionalities.