rollback Archives

AppWizard

May 4, 2026

Google finally explains why the AICore app is eating up your storage

AICore can temporarily use large storage (up to 11GB) during updates on Android devices. Google retains both old and new AI models for up to three days as a fail-safe during these updates. The storage used is automatically freed once the new AI model is confirmed stable.

Winsage

May 4, 2026

Microsoft Confirms Critical Windows Update Error Disrupting Global Systems

Microsoft has confirmed a critical bug in its latest cumulative update, affecting millions of Windows 10 and Windows 11 users. The issue leads to a "Restart and Shut Down" loop, preventing users from completing the update and locking them out of their devices. This disruption is particularly severe for corporate IT departments, with reports of entire office networks being paralyzed. The problematic update, identified as KB5037853, was meant to address security vulnerabilities but has caused systems to display an endless "Update and Restart" message. Some users experience a "Blue Screen of Death" (BSOD) and may be forced into "Recovery Mode." Microsoft is working on a "Known Issue Rollback" (KIR) to automatically undo the problematic code for consumer machines, while enterprise users may require manual intervention. The downtime is projected to result in significant financial losses, with large enterprises potentially losing up to ,600 per minute of unplanned downtime. Affected versions include Windows 11 22H2, 23H2, and Windows 10 22H2. Symptoms include failure to shut down, BSOD on boot, and missing Start menu icons. The estimated downtime ranges from 4 to 12 hours, depending on IT response speed. Critics have raised concerns about Microsoft's development process, suggesting it places users in the role of beta testers.

Winsage

April 27, 2026

Microsoft Adds Policy to Let IT Admins Uninstall Copilot From Enterprise Windows 11 Devices

Microsoft has introduced a policy allowing IT administrators to remove the Microsoft Copilot app from managed enterprise devices. This "Remove Microsoft Copilot App" policy will be available as a Policy CSP and Group Policy after the April 2026 Windows security updates for Windows 11 devices on the 25H2 update, specifically for Enterprise, Professional, and Education editions. The policy will uninstall Copilot under certain conditions: both Microsoft 365 Copilot and Microsoft Copilot must be installed, the user must not have manually installed the app, and the app must not have been launched in the past 28 days. Administrators can enable the policy through the Group Policy Editor or configure it via Microsoft Intune and SCCM after the April 2026 updates. The policy aligns with Microsoft's recent changes in managing Copilot, including the cessation of automatic installations and the cancellation of plans to integrate Copilot into system notifications and other features. The policy was initially available to Windows Insiders in January before becoming generally accessible in April 2026.

Winsage

April 27, 2026

Windows 11 KB5083769: The April Update may require the recovery key on certain BitLocker-enabled systems

The April update KB5083769 for Windows 11 versions 24H2 and 25H2, released on April 14, 2026, has a known issue where certain devices may enter BitLocker recovery mode after installation. This problem affects a limited subset of devices with specific, non-recommended BitLocker Group Policy settings. The issue arises when BitLocker is activated, a specific TPM platform validation policy is set to include PCR7, PCR7 binding is not feasible, the Windows UEFI CA 2023 certificate is present, and the device is not using the 2023-signed Windows Boot Manager. Microsoft advises organizations to review their BitLocker Group Policy settings and verify PCR7 binding status before deploying the update to prevent devices from requesting recovery keys. If the recovery prompt appears, users will need to enter the BitLocker recovery key, but subsequent reboots should not trigger the recovery process again if the Group Policy remains unchanged.

AppWizard

April 21, 2026

Jagex initiates emergency RuneScape rollback for the most ironic reason possible: Too many runes

Jagex initiated a general rollback of RuneScape due to an issue with an overwhelming surplus of runes, allowing players to store up to 2,147,483,647 of a single type in their pouches. This bug posed a risk of causing irreparable economic damage to the game's economy. The rollback was implemented as a last resort, leading to disappointment among players who lost their progress. Community reactions were mixed, with some expressing understanding despite their frustration, while others found humor in the situation.

Winsage

April 18, 2026

Microsoft’s Patch Tuesday release for April is a whopper

A series of updates have been released, focusing on system integrity and performance. Users should perform verification tasks, including installing, uninstalling, and repairing MSI packages, connecting and disconnecting cloud sync providers, and enrolling devices in Intune or MDM solutions. The Common Log File System driver (clfs.sys) is receiving a follow-up patch, along with updates to Storage Spaces (spaceport.sys) and app isolation file system drivers (bfs.sys, wcifs.sys). Users should also run Windows Update installation and rollback cycles, install and uninstall applications, and verify data integrity through backup solutions. For Storage Spaces, creating a pool with mirrored and thin virtual disks and ensuring clean deletion is necessary. April's updates for Office target MSI editions, including Excel 2016 (KB5002860), PowerPoint 2016 (KB5002808), Office 2016 shared libraries (KB5002859), and SharePoint Server editions from 2016 to 2019. These updates do not apply to Click-to-Run deployments like Microsoft 365 Apps. Users should validate complex Excel workbooks, PowerPoint presentations, SharePoint document libraries, and the functionality of Office add-ins. Testing for two High Risk components is essential: changes to Kerberos may disrupt services using RC4 keytabs, and the Remote Desktop client update requires validation of clipboard functionality, printer redirection, and session reconnection. Validating Secure Boot and BitLocker is critical as CVE-2023-24932 key rolling progresses. Additionally, cloud sync testing is important due to five patches to the Projected File System driver, and regression testing is needed for dual afd.sys updates and VPN/IPsec patches across remote-access infrastructure. Office updates are limited to MSI editions.

Winsage

April 18, 2026

RedSun: Windows 0day when Defender becomes the attacker

A vulnerability has been discovered in Windows Defender that allows standard users to exploit a logic error in the file remediation process, enabling code execution with elevated privileges without administrative access. This flaw, identified by security researcher Chaotic Eclipse, occurs because Windows Defender does not verify if the restoration location of flagged files has been altered through a junction point. The exploit, named RedSun, takes advantage of a missing validation in the MpSvc.dll file, allowing attackers to redirect file restoration to the C:WindowsSystem32 directory. RedSun operates by chaining together four legitimate Windows features: Opportunistic Locks (OPLOCKs), Cloud Files API, Volume Shadow Copy Service (VSS), and Junction Points. The execution of the exploit involves monitoring shadow copies, triggering Defender's detection, synchronizing OPLOCKs, and ultimately writing malicious binaries to the System32 directory. The root cause is the lack of reparse point validation in the restoration process, and currently, no patch or CVE has been assigned for this vulnerability. It affects Windows 10, Windows 11, and Windows Server 2019 and later, and organizations are advised to implement behavioral detection strategies until a fix is available.

Winsage

April 18, 2026

Microsoft closes book on rogue Windows Server 2025 upgrades

Microsoft has officially resolved the incident involving the unexpected upgrade to Windows Server 2025, which occurred over a year ago and caused significant disruption for system administrators. The upgrade was automatic, with no rollback option, and was attributed to third-party products managing updates. Additionally, Microsoft's cumulative update KB5082063 has introduced new issues, causing LSASS crashes on non-Global Catalog domain controllers in environments using Privileged Access Management, leading to repeated restarts and potential inaccessibility of domains. Microsoft has acknowledged this problem and promised a resolution soon.

Winsage

April 16, 2026

Windows 11’s April update is locking some users out of their PCs

Users have reported issues with Windows 11 update KB5083769, which has triggered BitLocker recovery key prompts, locking some users out of their PCs. Microsoft acknowledged that the problem mainly affects corporate devices with specific BitLocker Group Policy settings. The issue is limited to systems where BitLocker is enabled, certain Group Policy configurations are set, and the Secure Boot State PCR7 Binding is “Not Possible.” Affected users need to enter their BitLocker recovery key or contact IT support for assistance. Microsoft has also provided guidance for IT departments to perform a Known Issue Rollback to remove the problematic updates, though this may expose systems to vulnerabilities.

Tech Optimizer

April 16, 2026

Best Antivirus Software for Windows PCs in 2026

Bitdefender Total Security offers real-time malware and virus detection, multi-layer ransomware protection, a limited daily data VPN, a password manager, parental controls, and webcam protection. It is compatible with Windows, Mac, Android, and iOS. Pros include excellent detection ratings, minimal system impact, and coverage for up to five devices. Cons are a VPN data cap unless upgraded, significant renewal price increases, and some advanced features being buried in menus. Surfshark Antivirus provides real-time malware scanning, webcam and microphone protection, data breach alerts, and is bundled with Surfshark VPN. It is available on Windows and Android. Pros include competitive pricing when bundled with VPN, a clean interface, and decent malware detection. Cons are fewer features compared to dedicated suites, limited iOS support, and being relatively new in the antivirus space. Norton 360 includes real-time threat detection, LifeLock identity monitoring (on higher tiers), a built-in VPN with no data cap, cloud backup, and a password manager. It supports multiple platforms. Pros are strong overall protection, dark web monitoring alerts, and no VPN data limits. Cons include a higher starting price, automatic renewal enabled by default, and being resource-heavy on older machines. Avast Free Antivirus offers real-time virus and malware protection, a Wi-Fi network scanner, a browser cleanup tool, and a basic ransomware shield. It is available on multiple platforms. Pros include core protection for free, lightweight installation, and an extensive threat database. Cons are aggressive upselling, past privacy concerns, and advanced features locked behind a subscription. Malwarebytes focuses on malware and adware detection, offering real-time protection (Premium only), a browser guard extension, and a light system footprint. It is available on multiple platforms. Pros include excellent detection of adware and a user-friendly interface. Cons are the lack of real-time protection in the free version and fewer features compared to full-suite competitors. Free antivirus software should prioritize real-time protection, coverage beyond basic viruses, a browser extension for blocking suspicious sites, and automatic updates. Free versions typically handle common threats adequately but lack advanced features and support found in paid versions. Some free tools may collect user data, raising privacy concerns. To install antivirus software on Windows 10, download it from the official website, follow setup instructions, and ensure background protection and automatic updates are enabled. Transitioning from Windows Defender is usually managed automatically by most antivirus programs. Running two real-time scanners can cause conflicts; instead, pair a primary antivirus with a secondary tool like Malwarebytes for manual scans. If a paid antivirus plan is not renewed, protection may revert to a limited mode or cease entirely. Microsoft Defender offers adequate protection but lacks additional features like a VPN or identity monitoring. Standard antivirus plans typically range from to 0 annually, with renewal prices often increasing.