Security Archives

Winsage

May 2, 2025

Microsoft really, really wants Windows 10 users to buy Copilot+ PCs

Microsoft is encouraging Windows 10 users to transition to Windows 11, promoting its Copilot+ PCs as a solution for those whose devices do not qualify for the upgrade. Copilot+ PCs feature AI tools like Recall, which captures and indexes screenshots for easy searching, and offer performance improvements, claiming to be up to five times faster than devices that are five years old. However, there are concerns about privacy and security related to Recall. Support for Windows 10 will end on October 14, 2025, after which it will no longer receive security updates. Options for Windows 10 users include upgrading to Windows 11 if eligible, purchasing a Copilot+ PC, paying for extended support, switching to Linux, or remaining on Windows 10 with associated risks.

Winsage

May 2, 2025

Microsoft is pulling the plug on Windows 10 — here’s what you need to do

A limited-time offer allows users to purchase a Windows 11 Pro key for .97, down from its regular price of 9. This promotion enables upgrades for two compatible PCs. Windows 11 Pro features a user-friendly installation process, a lifetime license with no ongoing fees, productivity enhancements like snap layouts and virtual desktops, and robust security measures including biometric login and device encryption. It also includes an AI-powered assistant, Copilot, to help optimize workflows. Support for Windows 10 will end soon, making this an opportune time to upgrade. Prices on StackSocial may change.

Winsage

May 2, 2025

Windows RDP has a major security problem, and Microsoft has refused to do anything about it

A significant vulnerability has been identified in the Windows Remote Desktop Protocol (RDP), which allows old credentials to remain functional even after a password reset. Security researcher Daniel Wade revealed that users can still access their systems with previously revoked credentials due to the authentication process relying on locally stored credentials that do not update in real-time. Microsoft's Security Response Center acknowledged this behavior but stated it is an intentional design to ensure at least one user account can log in, regardless of the system's online status. Microsoft has been aware of this issue since at least August 2023 and has chosen not to modify the code, citing potential compatibility issues.

Winsage

May 2, 2025

Windows Recall Is Back (but Should You Use It?)

Windows Recall, an AI-driven feature by Microsoft, was initially launched in July but withdrawn due to security and privacy concerns. It has since returned with modifications aimed at improving user experience, although concerns about its functionality persist. Recall captures and analyzes screenshots of user activities to aid in retrieving past documents or messages. Users must have a Copilot+ PC to access Recall, which is not activated by default. Security enhancements include encrypted data storage and mandatory Windows Hello authentication for access. However, issues remain, such as potential access via a computer PIN, inconsistent filtering of sensitive data, and the risk of data being captured from shared devices. Users can exempt specific sites and apps from being captured, but the process is cumbersome.

Winsage

May 2, 2025

Microsoft Warns Windows Users—Delete Your Password

Microsoft aims to eliminate passwords for a billion users, promoting the use of passkeys that enhance account security by linking it to physical devices. The company warns that password-related attacks are increasing and emphasizes that having both a passkey and a password leaves accounts vulnerable to phishing. On World Password Day, Microsoft encourages users to abandon passwords entirely. The FIDO Alliance supports this initiative with a "Passkey Pledge," highlighting that over 35% of individuals have faced account compromises due to password vulnerabilities. Research shows that 54% of those familiar with passkeys find them more convenient, and 53% believe they offer better security. Microsoft will make new accounts passwordless by default and encourages existing users to remove their passwords. Passkeys are described as easy to use, intuitive, and resistant to phishing. For those who continue to use passwords, Microsoft advises making them long and complex and using authentication apps for two-factor authentication.

Tech Optimizer

May 2, 2025

Amazon Aurora now supports PostgreSQL major version 17

Amazon Aurora has integrated support for PostgreSQL major version 17, specifically version 17.4. This release includes enhancements such as improved memory management, faster storage metadata initialization, and optimizations for write-heavy workloads on Graviton 4 instances. It also introduces new features for Babelfish, security updates, and revisions to extensions like pgvector 0.8.0 and postgis 3.5.1. PostgreSQL 17.4 is available across all commercial AWS Regions and AWS GovCloud (US) Regions. Users can create a new Aurora PostgreSQL-compatible database through the Amazon RDS Management Console and should review the Aurora documentation for upgrade strategies.

Winsage

May 1, 2025

Windows RDP has a major security problem, and Microsoft has refused to do anything about it

A security flaw in Windows RDP allows previously revoked credentials to remain functional after a password reset, enabling users to access their PCs with old passwords. Microsoft does not classify this issue as a bug, stating it is an intentional design to ensure at least one user account can always log in. This behavior is not flagged by Microsoft Defender, Azure, or Entra ID, and the company's documentation lacks clarity on the matter. Microsoft has been aware of this issue since at least August 2023 but has chosen not to modify the code, citing potential compatibility issues.

Winsage

May 1, 2025

Windows Warning — Microsoft Confirms Old Passwords Still Work To Login

Microsoft has confirmed that users can log into their Windows accounts using old passwords that have been changed and revoked under certain conditions. This behavior is classified as a feature rather than a security vulnerability. The issue arises from the Remote Desktop Protocol (RDP), which allows remote access to Windows machines. An independent security researcher discovered that after changing his password, he could still access his machine using the old credentials, even from new devices. Microsoft's documentation was updated to explain that credentials are verified against a local cached copy before network authentication, allowing continued access with the old password. Microsoft stated that this design ensures at least one user account can always log in, regardless of system offline status, and confirmed there are no plans to change this behavior.

Winsage

May 1, 2025

Secure your organization against changing conditions with a special offer from Windows 365

82% of business leaders view 2023 as critical for reevaluating strategic and operational frameworks. Windows 10 support will end in October 2025, prompting organizations to consider strategies for transitioning to Windows 11 or Windows 365. Microsoft is offering a 20% discount on all Windows 365 plans for new customers from May 1, 2025, to October 31, 2025. Windows 365 provides a secure Windows 11 experience via a Cloud PC and is designed with Zero Trust principles for enhanced security. Transitioning to Windows 365 can lower carbon footprints and align with sustainability goals. Crocs reported annual cost savings of 0,000 after switching to Windows 365. Dnata Travel Group chose Windows 365 for secure access for their mobile workforce. Hamburg Commercial Bank plans to expand its use of Windows 365 for sustainability improvements. The promotional offer is available for new customers and has specific terms and conditions, including a deadline for processing transactions.

Winsage

May 1, 2025

Microsoft Windows 11 Pro Is Almost Free Now, but This 92% Off Deal Won’t Last Long

The Blue Screen of Death can indicate the need for a fresh installation of Windows 11 Pro, especially after issues like corrupt files or viruses. StackSocial is currently offering Windows 11 Pro activation keys for a reduced price of , down from 9, which is a 92% discount. The Home edition is also available at a discount of 89%. These keys are intended for PCs that require a new Windows license, and users should ensure compatibility with Windows Update for the upgrade. Windows 11 Pro includes features like Microsoft Teams, Widgets, and AI-powered Windows Copilot, providing advanced security, user-friendly design, and productivity tools. The deal is time-sensitive, with keys selling rapidly.