remote Archives

Winsage

January 16, 2026

‘Fail To Shut Down’—Microsoft Issues Windows Update Warning

Microsoft has raised concerns about the shutdown process of Windows PCs, indicating complications following the January 13, 2026, security update. PCs with Secure Launch may fail to shut down or hibernate, instead restarting unexpectedly. A temporary solution is to use the Command Prompt with the command shutdown /s /t 0 for shutting down, but there is no workaround for the hibernation issue. Microsoft recommends saving work and shutting down devices to avoid power loss. Additionally, some users are facing credential prompt failures during Remote Desktop connections, affecting services like Azure Virtual Desktop and Windows 365. Alternatives include using the Remote Desktop client for Windows or the Windows App Web Client. An emergency update is expected to resolve these issues.

Winsage

January 16, 2026

Windows Remote Assistance Vulnerability Allow Attacker to Bypass Security Features

Critical security updates have been released to address CVE-2026-20824, a vulnerability in Windows Remote Assistance that allows attackers to bypass the Mark of the Web (MOTW) defense system. This affects various Windows platforms, including Windows 10 and Windows Server 2025, and is rated with an Important severity level. The flaw enables unauthorized local attackers to circumvent MOTW defenses, posing risks to confidentiality. The vulnerability requires local access and user interaction for exploitation, often using social engineering tactics. Microsoft has issued security updates for 29 Windows configurations, including specific KB articles for affected versions of Windows 10, Windows 11, and Windows Server. Users are advised to apply the necessary patches, which are classified as “Required” customer actions. The vulnerability remains unexploited in the wild and was not publicly disclosed before the patches were released. Microsoft’s assessment categorizes it as “Exploitation Less Likely.”

Winsage

January 15, 2026

Windows App forgets how to log in with first security update of the year

Microsoft's January security update, released on January 13, 2026, has caused connection and authentication failures for users of Azure Virtual Desktop and Windows 365, particularly affecting those using the Windows App. The update has resulted in credential prompt failures during Remote Desktop connections across all supported Windows versions, from Enterprise LTSC 2016 to Windows 11 25H2, as well as Windows Servers from 2019 to 2025. Microsoft is investigating the issue and plans to release an out-of-band update soon. Users have been advised to either uninstall the update or use the Remote Desktop Client or the Windows App web client as workarounds. Reports indicate persistent issues, including an "Unable to Authenticate" error when attempting to connect via the Windows App. Microsoft has also made a Known Issue Rollback available to address these credential problems.

AppWizard

January 15, 2026

Slack Messenger Review: Why This Work Chat App Is Still the Only One That Feels Human

Slack Messenger is a collaboration platform developed by Slack Technologies, part of Salesforce Inc., designed to enhance work communication by replacing email and fragmented chat applications with an organized, searchable hub. It features channel-based messaging for project and topic organization, powerful search capabilities for efficient information retrieval, and integrations with popular tools like Google Drive and GitHub. Additional functionalities include Slack Connect for external collaboration, built-in audio/video huddles, Workflow Builder for automating tasks, and enterprise-grade security options. Users report a significant reduction in internal email, improved search efficiency, and a positive impact on team culture, although challenges such as notification overload and a learning curve exist. Compared to alternatives like Microsoft Teams and Google Chat, Slack is noted for its user-friendly experience and dynamic functionality.

Winsage

January 15, 2026

Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm

Microsoft and the U.S. government have issued a warning about a vulnerability in Windows, designated CVE-2026-20805, which is currently being exploited. This flaw allows an authorized attacker to leak a memory address from a remote ALPC port, potentially leading to arbitrary code execution. It has a medium severity rating of 5.5 on the CVSS scale. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog and requires federal agencies to implement a patch by February 3. Additionally, two other vulnerabilities were acknowledged: CVE-2026-21265, a secure boot certificate expiration bypass with a CVSS rating of 6.4, and CVE-2023-31096, an elevation of privilege flaw affecting third-party Agere Modem drivers, rated at 7.8. Two more vulnerabilities, CVE-2026-20952 (CVSS 7.7) and CVE-2026-20953 (CVSS 7.4), are use-after-free flaws in Office that could allow unauthorized code execution.

Winsage

January 14, 2026

U.S. CISA adds a flaw in Microsoft Windows to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Microsoft Windows vulnerability, CVE-2026-20805, to its Known Exploited Vulnerabilities (KEV) catalog, with a CVSS score of 8.7. This vulnerability, part of the January 2026 Patch Tuesday updates, affects the Windows Desktop Window Manager and allows attackers to leak memory information, potentially aiding in further exploits. Federal Civilian Executive Branch agencies must address this vulnerability by February 3, 2026, as mandated by Binding Operational Directive 22-01.

Winsage

January 14, 2026

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

On Tuesday, Microsoft released its first security update for 2026, addressing 114 vulnerabilities, including eight classified as Critical and 106 as Important. The vulnerabilities include 58 related to privilege escalation, 22 concerning information disclosure, 21 linked to remote code execution, and five categorized as spoofing flaws. A notable vulnerability, CVE-2026-20805, involves information disclosure within the Desktop Window Manager (DWM) and has a CVSS score of 5.5. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this flaw to its Known Exploited Vulnerabilities catalog, requiring federal agencies to implement fixes by February 3, 2026. Additionally, Microsoft announced the expiration of three Windows Secure Boot certificates issued in 2011, effective June 2026, urging customers to transition to newer certificates to avoid disruptions. The update also removed vulnerable Agere Soft Modem drivers due to a local privilege escalation flaw (CVE-2023-31096) and addressed another critical privilege escalation flaw in Windows Virtualization-Based Security (CVE-2026-20876) with a CVSS score of 6.7. Other vendors, including Adobe, Amazon Web Services, and Cisco, have also released security patches for various vulnerabilities.

Winsage

January 14, 2026

How much RAM does your PC really need in 2026? A Windows and Mac expert’s verdict

Shopping for a new computer involves focusing on three critical components: the processor, storage drive, and RAM. For Windows machines, 16GB of RAM is the operational minimum for new consumer laptops, while 4GB is the minimum requirement for Windows 11. MacBook users can find satisfactory performance with 8GB of RAM, but Apple has set 16GB as the starting point for its new MacBook Air M4. Chromebooks can operate effectively with 8GB or less. More RAM generally improves performance, but excessive memory can lead to diminishing returns. DDR stands for "double data rate," with DDR5 being the latest standard for faster data transfer speeds. Most users find 16GB adequate, while gamers and creative professionals may need 32GB. Beyond 32GB is typically excessive unless engaged in demanding activities, where 48GB or 64GB may be warranted.

Winsage

January 13, 2026

Microsoft fixes 114 flaws in year’s first Windows 11 Patch Tuesday

Microsoft's January 2026 Patch Tuesday update, KB5074109, addresses 114 vulnerabilities, including a critical zero-day vulnerability (CVE-2026-20805) in the Windows Desktop Window Manager (DWM) that has been actively exploited. The update is applicable to Windows 11 versions 24H2 and 25H2 and includes security enhancements and updates to AI components. Other high-severity vulnerabilities addressed include CVE-2026-20816 (privilege escalation in Windows Installer), CVE-2026-20817 (elevation of privilege in Windows Error Reporting), CVE-2026-20840 (vulnerability in Windows NTFS), CVE-2026-20843 (flaw in Routing and Remote Access Service), CVE-2026-20860 (vulnerability in Ancillary Function Driver for WinSock), and CVE-2026-20871 (another DWM vulnerability). The update removes legacy modem drivers to minimize the attack surface and resolves reliability issues in Azure Virtual Desktop and WSL networking. It also changes the default setting for Windows Deployment Services (WDS) to disable hands-free deployment. Users can install the update through Windows Update, and a system reboot is required for full application.

Tech Optimizer

January 12, 2026

Trend Micro releases critical security fixes for Apex Central RCE

Trend Micro has addressed a security vulnerability in its Apex Central platform, identified as CVE-2025-69258, which allowed unauthenticated DLL injection and remote code execution. The company released Critical Patch Build 7190 to fix this vulnerability and two others, CVE-2025-69259 and CVE-2025-69260. Organizations are urged to implement the patch immediately, as temporary mitigations are deemed insufficient for long-term security. Apex Central is a self-hosted platform for managing Trend Micro's security products.