remote desktop services Archives

Winsage

September 9, 2025

Windows 10 KB5065429 update includes 14 changes and fixes

Microsoft has released the KB5065429 cumulative update for Windows 10 22H2 and 21H2, which includes fourteen enhancements and fixes. This mandatory update addresses two zero-day vulnerabilities and 81 other flaws, improving the security of the operating system. Users can install the update through Windows Update, and it will automatically begin installation after checking for updates. The update upgrades Windows 10 22H2 to build 19045.6332 and Windows 10 21H2 to build 19044.6332. Key fixes include resolving unexpected User Account Control prompts, performance issues with NDI streaming software, and various other bug fixes related to input methods, app compatibility, multimedia, and search functionality. There are no known issues with this update.

Winsage

August 14, 2025

Releasing Windows 10 Build 19045.6276 to the Release Preview Channel

The Windows 10 22H2 Build 19045.6276 (KB5063842) is now available in the Release Preview Channel. Key updates include: - Updated Mobile Operator Profiles for better connectivity. - Fixed display issues for certain characters in textboxes. - Resolved issues with mf.dll for web camera devices in Remote Desktop Services. - The Narrator now correctly identifies the “Enhance Facial Recognition Protection” checkbox. - The “Ask to Use” approval flow for blocked applications is functioning properly. - Addressed issues with the Removable Storage Access policy. - Improved the Chinese Simplified Input Method Editor to prevent empty boxes for extended characters. - Introduced a feature for blocking outbound network traffic for customers using the Windows 10 keyless Commercial ESU solution with a Windows 365 subscription. - Fixed an issue with the Windows Search pane preview display. - Windows Backup for Organizations is now generally available, facilitating device transitions with backup and restore capabilities.

Winsage

May 15, 2025

Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network

Microsoft's May 2025 Patch Tuesday addressed 72 vulnerabilities in Windows Remote Desktop services, including two critical vulnerabilities, CVE-2025-29966 and CVE-2025-29967, which are heap-based buffer overflow issues. These flaws allow unauthorized attackers to execute arbitrary code over a network, posing significant risks. The vulnerabilities have been rated as "Critical" and classified under CWE-122. They affect various versions of Windows operating systems utilizing Remote Desktop services. Although there have been no reported active exploitations, experts warn of the potential dangers, urging users to apply patches immediately. The update also addressed five actively exploited zero-day vulnerabilities in other Windows components. Patches are available through Windows Update, WSUS, and the Microsoft Update Catalog.

Winsage

May 15, 2025

Windows Remote Desktop Gateway Vulnerability Let Attackers Trigger Dos Condition

The Microsoft Security Response Center (MSRC) has released critical security updates to address a significant vulnerability in the Windows Remote Desktop Gateway service, identified as CVE-2025-26677, which allows unauthorized attackers to cause denial of service (DoS) conditions. This vulnerability is rated as "High" severity with a CVSS score of 7.5 and affects multiple versions of Windows Server, including 2016, 2019, 2022, and 2025. Microsoft has provided security updates (KB5058383, KB5058392, KB5058385, and KB5058411) to rectify the issue. Additionally, another vulnerability, CVE-2025-29831, has been identified that could enable remote code execution (RCE) through a Use After Free weakness, also rated with a CVSS score of 7.5. This vulnerability requires user interaction, specifically an admin user to stop or restart the service, and affects Windows Server versions 2008 R2, 2012/R2, 2016, 2019, 2022, and 2025. Organizations are advised to prioritize patching both vulnerabilities and to review network configurations to limit exposure of Remote Desktop Gateway services. The vulnerabilities were discovered by security researchers from Kunlun Lab.

Winsage

April 16, 2025

I disabled these 5 Windows services to improve my PC performance

Windows operating systems have numerous background services that can consume system resources and slow down performance. Users can improve responsiveness by disabling non-essential services. 1. Windows Search: Indexes files and data for quick searches; can tax CPU and RAM. To disable: press Ctrl + R, type services.msc, locate Windows Search, stop the service, and set Startup type to Disabled or Manual. 2. SysMain (formerly Superfetch): Preloads frequently used applications into memory but can lead to unnecessary disk activity on SSDs. To disable: access services.msc, find SysMain, stop the service, and set Startup Type to Disabled. 3. Windows Update Delivery Optimization: Shares update files with other PCs, consuming bandwidth. To disable: go to Settings -> Windows Update -> Advanced Options and turn it off. 4. Remote Desktop Services: Enables remote connections, which can drain resources and pose security risks. To disable: locate Remote Desktop Services in services.msc, stop it, and set Startup type to Disabled. 5. Connected User Experiences and Telemetry: Collects usage data and can transmit sensitive information. To disable: turn off the service and navigate to Settings -> Privacy & Security -> Diagnostics & Feedback to disable Diagnostic data. Additional services that may be disabled include Print Spooler, Fax, Bluetooth Support, and Windows Error Reporting Service for further performance optimization.

Winsage

April 9, 2025

Patch Tuesday fixes an exploited bug, but not for Windows 10

Microsoft's Patch Tuesday updates addressed over 120 vulnerabilities, including one actively exploited flaw (CVE-2025-29824) and 11 critical issues. CVE-2025-29824 is an elevation of privilege vulnerability in the Windows Common Log File System Driver, targeted by the group Storm-2460 to deploy ransomware called PipeMagic, affecting victims in the US, Spain, Venezuela, and Saudi Arabia. This vulnerability has a CVSS score of 7.8 and allows attackers to escalate privileges due to a use-after-free flaw. Patches for Windows Server and Windows 11 have been released, but Windows 10 users are still awaiting a fix, with Microsoft promising updates soon. Among the critical vulnerabilities addressed, all allow for remote code execution (RCE). Notable vulnerabilities include: - CVE-2025-26670: LDAP Client RCE, Critical, CVSS 8.1 - CVE-2025-27752: Microsoft Excel RCE, Critical, CVSS 7.8 - CVE-2025-29791: Microsoft Excel RCE, Critical, CVSS 7.8 - CVE-2025-27745: Microsoft Office RCE, Critical, CVSS 7.8 - CVE-2025-27748: Microsoft Office RCE, Critical, CVSS 7.8 - CVE-2025-27749: Microsoft Office RCE, Critical, CVSS 7.8 - CVE-2025-27491: Windows Hyper-V RCE, Critical, CVSS 7.1 - CVE-2025-26663: Windows LDAP RCE, Critical, CVSS 8.1 - CVE-2025-27480: Windows RDP RCE, Critical, CVSS 8.1 - CVE-2025-27482: Windows RDP RCE, Critical, CVSS 8.1 - CVE-2025-26686: Windows TCP/IP RCE, Critical, CVSS 7.5 - CVE-2025-29809: Windows Kerberos Security Feature Bypass, Important, CVSS 7.1 Dustin Childs from ZDI noted that CVE-2025-29809 requires additional measures beyond standard patching. CVE-2025-26663 and CVE-2025-26670 are considered wormable, necessitating prompt updates, especially for networks exposing LDAP services. Adobe released over 50 fixes for vulnerabilities in products like Cold Fusion, After Effects, and Photoshop, with some issues in Cold Fusion classified as critical. AMD updated advisories regarding GPU access and various Ryzen AI software vulnerabilities.

Winsage

April 8, 2025

Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824)

April 2025 Patch Tuesday introduced fixes for over 120 vulnerabilities, including a critical zero-day vulnerability (CVE-2025-29824) that is actively exploited. CVE-2025-29824 is a user-after-free vulnerability in the Windows Common Log File System (CLFS), allowing privilege escalation to SYSTEM on compromised Windows machines. Microsoft has patched 32 CLFS vulnerabilities since 2022, with six exploited in the wild. Updates for Windows 10 are not yet available. Other notable vulnerabilities include CVE-2025-26663 and CVE-2025-26670, both unauthenticated user-after-free vulnerabilities in Windows LDAP, and CVE-2025-27480 and CVE-2025-27482 in Windows Remote Desktop Services. None of these vulnerabilities have been patched for Windows 10 systems, but updates are forthcoming. Microsoft reversed its decision to discontinue driver update synchronization to WSUS servers, confirming that WSUS will continue to synchronize driver updates.

Winsage

March 28, 2025

Microsoft fixes Remote Desktop issues caused by Windows updates

Microsoft has addressed an issue affecting Remote Desktop Protocol (RDP) and Remote Desktop Services (RDS) connections for users connecting from Windows 11 24H2 to RDS hosts on earlier versions of Windows Server 2016, which arose after installing Windows updates since January 2025. Users reported disconnections after 65 seconds when establishing UDP connections. Affected users were advised to install the KB5053656 preview update to resolve the issue, which will be generally available with next month's cumulative updates. Additionally, Microsoft is working on fixing another issue causing Remote Desktop freezes on Windows Server 2025 and is investigating connection errors related to data restoration on Windows 11 24H2 systems. A bug causing USB printers to print random text has also been resolved.

Winsage

March 27, 2025

Optional Windows 11 update fixes USB printers spitting out nonsense

Microsoft released the KB5053657 update on Tuesday to address an issue in Windows 11 where certain USB printers were printing random text. This update is applicable only to Windows 11 23H2 and 22H2 versions, while users of Windows 11 24H2 do not have an equivalent update yet. The USB printer issue originated from a problematic update released in January 2025, which affected multiple patches. Microsoft clarified that the update fixes issues with USB connected dual-mode printers that might output incorrect text. Additionally, complications from the January update for Windows 11 24H2 have caused Remote Desktop Protocol (RDP) disconnections. Microsoft is implementing a Known Issue Rollback to revert the problematic changes, with a permanent solution expected in a future update for Windows 11 24H2.

Winsage

March 27, 2025

Recent Windows Server 2025 updates cause Remote Desktop freezes

Microsoft has acknowledged a significant issue affecting Remote Desktop functionality on Windows Server 2025 systems, which arose after the installation of security updates released since February 2025. Users may experience freezes in Remote Desktop sessions shortly after connecting, with unresponsive mouse and keyboard inputs requiring a disconnect and reconnect to regain functionality. This issue also affects Windows 11 24H2 systems, but Microsoft addressed it for Windows 11 users with an optional update (KB5052093) released on February 25. A fix for Windows Server 2025 devices is planned for an upcoming update. Additionally, Microsoft has implemented Known Issue Rollback (KIR) to reverse problematic non-security updates related to Remote Desktop and Remote Desktop Services (RDS) connection issues from Windows 11 24H2 updates since January 2025. Users may experience Remote Desktop Protocol (RDP) disconnections lasting up to 65 seconds when connecting from Windows 11 24H2 devices to RDS hosts on Windows Server 2016 systems. A permanent fix for RDP disconnection issues is planned for next month's cumulative updates. Microsoft is also investigating connection errors on Windows 11 24H2 systems related to restoring data from SMB network shares or Backup & Replication servers.