registry values Archives

Winsage

May 8, 2026

Windows 11 Clients: The Group Policy Editors gpedit.msc and GPMC are broken

The Group Policy Editors gpedit.msc and gpmc from the RSAT tools are experiencing functionality issues in Windows 11 due to a bug that causes an overflow error, resulting in incorrect configurations being saved. This issue was first reported by Mark Heitbrink to Microsoft in March 2026, but he has not received feedback. The bug appears to be unique to Windows 11 clients, as tests on Windows Server did not show the problem. Mark documented the bug with submission number VULN-180447 and case number 111952. He described how to reproduce the issue involving the group policy "Delay Foreground download from http" and the decimal value "4294967295," which gets altered to "2147483647" on Windows 11. Mark speculated that the issue might be due to the Windows client using the INT data type instead of unsigned INT, leading to an overflow. He noted that over 50 policies are affected by this MaxValue issue across various components.

Winsage

February 24, 2026

How to Disable Copilot in Windows 11 — Uninstall, Hide, and Stop It from Coming Back

Microsoft has integrated its AI assistant, Copilot, into various parts of Windows 11, including the taskbar, Edge, and Notepad. Users have expressed a desire to remove Copilot, leading to the creation of a guide detailing methods to disable it. Copilot can be uninstalled through Settings, but additional steps are required to remove it from Edge, Notepad, and Windows Search. Users can also prevent Copilot from reinstalling after updates by adjusting registry settings. The Copilot app is categorized as a standalone application in Windows 11 24H2, making it easier to uninstall compared to previous versions. Methods to disable Copilot include: 1. Uninstalling the app via Settings. 2. Hiding the icon from the taskbar. 3. Using Group Policy Editor (limited to Pro, Enterprise, Education). 4. Removing Copilot for all users using PowerShell. 5. Adjusting settings in Edge and Notepad to disable Copilot features. 6. Editing the registry to remove Copilot from Windows Search and Paint. 7. Remapping the physical Copilot key on newer laptops. 8. Disabling silent reinstallation of Copilot through registry edits. Disabling Copilot will not affect core Windows functionality but will remove AI-specific features such as the chatbot and writing assistance.

Winsage

December 24, 2025

This neat Windows 11 registry trick offers higher NVMe SSD performance—but it’s not for everyone

Recent discoveries have revealed a registry tweak that can enhance the performance of NVMe SSDs on Windows 11, particularly improving random 4K speeds. Traditionally, Windows has treated most drives as SCSI, limiting the potential of NVMe drives. Microsoft is introducing native NVMe support in Windows Server 2025, which bypasses the SCSI conversion process for improved speed and efficiency. Users can achieve similar enhancements on Windows 11 through specific registry modifications, which must be done at their own risk. The necessary driver is included in recent updates for both Windows Server 2025 and Windows 11. Users need to adjust three registry values to enable this functionality. Once modified, NVMe drives will appear under 'Storage Media' in Device Manager. Reports indicate significant performance gains, with one user noting increases of 45% in random 4K read and 49% in write performance. Microsoft suggests enterprise users could see up to 80% higher IOPS and a 45% reduction in CPU cycles. The WD Black SN8100 SSD is noted for its high random 4K speeds, loading games faster than competitors. Many users have pointed out that Linux has had native NVMe support for some time.

Winsage

December 23, 2025

Windows 11 25H2 Includes a Faster NVMe Driver Needing Manual Installation

Windows has supported the NVMe storage media protocol since Windows 8.1, but the default driver, disk.sys, may not provide optimal performance. Microsoft has introduced a new driver, nvmedisk.sys, with Windows 11 25H2 and Windows 2025, aimed at improving NVMe performance. Users can check if they are using the older driver via Device Manager. The new driver has the potential to enhance performance for compatible NVMe drives in both sequential and random workloads. However, compatibility issues exist, as not all NVMe SSDs support nvmedisk.sys, which could lead to boot problems with Windows 11. Notebookcheck has published a guide on enabling nvmedisk.sys, which involves modifying three Windows Registry values, and it is advised that users back up their data before making changes.

Winsage

December 2, 2025

Microsoft needs to make it easier to disable automatic Windows 11 updates

Updates in the Windows ecosystem are essential for enhancing stability, performance, and security. However, users of Windows 11 have expressed frustration due to frequent updates disrupting functionalities like network connectivity and printer access. Automatic updates can interrupt productivity, with unexpected restart prompts leading to potential loss of unsaved work. Issues with third-party programs and drivers often arise post-update, and older PCs experience significant performance degradation due to background updates. Many users face limitations with internet access, as substantial update sizes can consume data quickly, especially under fair usage policies. Storage constraints on older devices can lead to operational issues, and attempts to pause updates may not always be effective. While updates are crucial for delivering new features and security fixes, their frequency can diminish their perceived importance, causing users to delay addressing issues. Disabling automatic updates can be complicated, requiring adjustments in the Windows Update service, Group Policy Editor, or Registry, which may not be accessible or user-friendly. A simple one-click "Disable" button in the Windows Update settings would enhance user control over update installations, allowing them to manage updates according to their schedules.

Winsage

October 23, 2025

‘Unusable’—Microsoft Issues Emergency Update For All Windows 11 Users

Microsoft's recent mandatory security update, "Windows 11 KB5070773," has caused significant issues for users, including problems with localhost connections and a breakdown in the Windows Recovery Environment (WinRE), rendering essential peripherals like mice and keyboards non-functional. This emergency update is being rolled out to address the critical issue of non-responsive input devices in WinRE, which hampers recovery processes. Users must download and install the update manually, although it is designed to occur automatically for Windows 11 PCs on versions 24H2 and 25H2. The update will upgrade version 25H2 to Build 26200.6901 and version 24H2 to 26100.6901. Microsoft has acknowledged the severity of the situation, stating that the issue prevents navigation of recovery options within WinRE. Additionally, some users are experiencing errors related to smart card authentication and certificates, with a temporary workaround suggested by Microsoft.

Winsage

September 4, 2025

Windows 11 will finally let you switch themes based on schedule or time via PowerToys

Windows 11 will introduce an automated feature to switch between light and dark themes based on the time of day, currently being tested through a PowerToys utility expected by October 2025. Users can set custom hours or use location services for this functionality. Task Scheduler can also be used to create tasks that automatically switch themes by modifying registry values.

Winsage

August 23, 2025

Hackers Can Exfiltrate Windows Secrets and Credentials Silently by Evading EDR Detection

A new method allows attackers to extract Windows secrets and credentials without being detected by most Endpoint Detection and Response (EDR) solutions. This technique enables individuals with access to a Windows machine to gather credentials for lateral movement within a network. The Local Security Authority (LSA) manages sensitive information through two in-memory databases: the SAM database, which stores user credentials, and the Security database, which holds LSA secrets. Access to these databases requires interaction with the SAM and SECURITY registry hives, protected by Discretionary Access Control Lists (DACLs) that limit access to SYSTEM privileges. Attackers typically face detection when accessing the lsass.exe process memory, as EDR solutions monitor high-risk activities. Researcher Sud0Ru has introduced a method that bypasses these defenses by using the undocumented API NtOpenKeyEx with the REGOPTIONBACKUPRESTORE flag, allowing attackers to read the SAM and SECURITY hives without SYSTEM-level privileges. To avoid detection, attackers use the RegQueryMultipleValuesW API, which is less monitored by EDRs, to extract encrypted secrets from the hives. This approach allows the operation to occur entirely in memory, leaving no on-disk artifacts and evading typical security alerts.

Winsage

July 19, 2025

This free tool is the best way to find and edit registry values on Windows

RegScanner is a free utility designed to simplify the process of locating specific registry keys in Windows 11. It offers highly customizable search options, allowing users to find keys based on specific terms, filter by key names or attributes, and refine results by modification date. The tool also supports remote searches and facilitates the creation of backups for registry items, enabling users to select multiple items for backup in REG and TXT formats. RegScanner is portable, available in a ZIP format, and compatible with Windows XP to Windows 11, requiring no administrator privileges for basic searches. It aims to reduce the time and frustration associated with registry management.

Winsage

March 5, 2025

Microsoft updates Windows 11 CPU support for OEM systems to include 8th to 10th Gen Intel CPUs

In mid-February 2025, Microsoft updated its support documentation regarding Intel processors' compatibility with Windows 11 24H2, adding several models from the 8th, 9th, and 10th generations that were previously excluded. These processors, introduced about eight years ago, can still perform adequately if their motherboards meet the TPM 2.0 requirement. Microsoft confirmed that these Intel CPU models meet the minimum system requirements for Windows 11 and indicated that future processor generations meeting similar principles will also be considered supported. Although the three Intel generations have not been reinstated on the official list, systems using these processors will not be rendered obsolete or stop receiving updates. Manufacturers are advised against using these older processors in new systems running Windows 11. An official list of supported CPUs for non-OEM or custom PC builders is not available, but builders should refer to Microsoft’s Windows 11 System Requirements, which require a CPU operating at 1 GHz or faster with two or more cores. It is possible to install Windows 11 on unsupported hardware by adjusting certain registry values, but this may result in missing system and security updates. Users can also continue using Windows 10 for ongoing security updates or consider transitioning to a Linux operating system.