security enhancements Archives

Winsage

May 2, 2025

Windows Recall Is Back (but Should You Use It?)

Windows Recall, an AI-driven feature by Microsoft, was initially launched in July but withdrawn due to security and privacy concerns. It has since returned with modifications aimed at improving user experience, although concerns about its functionality persist. Recall captures and analyzes screenshots of user activities to aid in retrieving past documents or messages. Users must have a Copilot+ PC to access Recall, which is not activated by default. Security enhancements include encrypted data storage and mandatory Windows Hello authentication for access. However, issues remain, such as potential access via a computer PIN, inconsistent filtering of sensitive data, and the risk of data being captured from shared devices. Users can exempt specific sites and apps from being captured, but the process is cumbersome.

Winsage

April 25, 2025

Time to see Windows 11 as a transformation accelerator – not a drag on resources

Many organizations are hesitant to upgrade to Windows 11, with a global adoption rate of only 38% since its launch in 2021. This reluctance is due to companies wanting to extend the lifespan of existing devices, despite the risks associated with inaction. Microsoft will soon discontinue free security patching for Windows 10, leading to potential costs for continued support. Windows 11 has been shown to reduce security incidents by 58% and decrease firmware attacks by more than threefold. Organizations that delay the transition may hinder their competitiveness and face employee dissatisfaction, particularly in sectors like healthcare. The end of support for Windows 10 presents a crucial opportunity for companies to reassess their IT infrastructure and invest in higher-performing technology.

Winsage

April 24, 2025

Microsoft security patch opens up new security vulnerability

Microsoft's recent update aimed at fixing a security vulnerability (CVE-2025-2104) has unintentionally created an "inetpub" folder on the system drive of Windows operating systems. This folder's creation has raised concerns among IT security researchers, particularly Kevin Beaumont, who warns that it could lead to issues with Windows updates. Users can create junctions that redirect to the "inetpub" folder, potentially causing failures in installing updates and leaving systems vulnerable. Microsoft has stated that the "inetpub" folder should not be deleted and that its presence is part of security enhancements.

Winsage

April 23, 2025

Windows 10’s April update stealthily removed this Start menu feature

Microsoft's April update for Windows 10, designated as KB5055518, has removed the jump lists feature, which allowed users to access recent files associated with applications. This change has caused frustration among users, and the reason for the removal is unclear, with no official statement from Microsoft. Users can restore the jump lists by uninstalling the update, but this would also eliminate important security enhancements included in it.

Winsage

April 22, 2025

Windows 10 KB5055612 preview update fixes a GPU bug in WSL2

Microsoft has released the optional KB5055612 preview cumulative update for Windows 10 22H2, which addresses a GPU paravirtualization issue in the Windows Subsystem for Linux 2 (WSL2). This update is part of Microsoft's initiative for optional non-security preview updates, typically available at the end of each month, allowing administrators to test upcoming fixes and features. The update does not include security updates and can be installed manually through Windows Update or downloaded from the Microsoft Update Catalog. The key changes in the KB5055612 update include security improvements to internal Windows OS functionality, a fix for the case-sensitive GPU paravirtualization check in WSL2, and updates to the Windows Kernel Vulnerable Driver Blocklist to include drivers with known vulnerabilities exploited in BYOVD attacks. Microsoft has noted two known issues: one related to the Citrix Session Recording Agent (SRA) version 2411 causing update failures, with a suggested workaround, and another involving an Event 7023 error in Windows EventViewer regarding SgrmBroker.exe, which is currently non-functional and can be ignored. A fix for this bug is expected in future updates.

Winsage

April 22, 2025

Copilot+ PCs are leveling up — Windows 11 beta reveals new AI upgrades, but there’s a catch

Windows 11 Preview Build 26120.3872 (Beta Channel) introduces new Copilot+ PC features and addresses significant user issues. Users can access updates by enabling “Get the latest updates as soon as they’re available” and checking for updates. Key improvements include the ability to add custom words to the dictionary through voice access and an improved voice access tour. Additional updates feature options to disable cloud content searches, refined widget notification controls, and a fix for the Start menu crash when creating folders. Not all Copilot+ PCs will receive these features at the same time, with a focus on Snapdragon devices first, while accessibility features are available immediately to all users.

Winsage

April 22, 2025

More Americans are on Windows 11 than Windows 10: the older OS is getting abandoned en masse

Microsoft will officially cease support for Windows 10 on October 14, compelling users to transition to Windows 11, which has more demanding hardware requirements. Users with older systems may struggle to meet these requirements, and Microsoft will not guarantee updates for installations on unsupported hardware. Windows 10 will continue to receive support until October 2025, after which paid updates will be available. The Trusted Platform Module (TPM) is emphasized in Windows 11 for enhanced security, providing encryption and verifying software integrity. Recent statistics show that Windows 11 has surpassed Windows 10 in market share in the U.S., with 54% of users on Windows 11 compared to 44% on Windows 10. However, Windows 10 still holds a 55% market share in Europe and over 60% in Asia.

Winsage

April 21, 2025

Microsoft explains why TPM makes Windows 11 PCs better for you

Microsoft is intensifying efforts to encourage users to transition from Windows 10 to Windows 11 as the deadline for Windows 10 support approaches. A dedicated webpage has been launched to highlight the security advantages of the Trusted Platform Module (TPM), which is a mandatory requirement for Windows 11. This requirement has made many older Windows 10 machines ineligible for the upgrade. However, resources are available for users with Windows 10 systems that do not meet the TPM specifications to help extend the life of their PCs after the end-of-support date in October.

Tech Optimizer

April 18, 2025

Breached Identities and Infostealers: One of the Largest Ongoing Data Leak in History

Breached identities due to infostealer malware are a significant threat to corporate information security in 2024. Infostealers are a type of remote access trojan that exfiltrate sensitive data, including saved credentials, session cookies, browser history, crypto wallet information, screen captures, and host data. Infections often stem from downloading cracked software, malicious advertising, fake Windows updates, and repackaged games. Infostealers do not require local administrative privileges, making them easy to execute. Threat actors primarily aim to profit from breached bank accounts and crypto wallets, often bypassing multi-factor authentication by targeting session cookies. They also seek credentials for subscription services and corporate access. Research shows that 90% of breached companies had leaked corporate credentials in a stealer log, with 78% experiencing leaks within six months of a breach. In comparison, 76% of similar companies without breaches had experienced a corporate stealer log compromise. The investigation identified high-criticality credentials from various corporate applications, indicating that a single user often has access to multiple credentials. The rise of infostealer malware represents a broad threat, encompassing a wide range of sensitive data. Organizations are advised to implement strategies such as restricting download privileges, avoiding illegal content, disabling macros, and regularly updating software to mitigate risks associated with infostealer malware.

AppWizard

April 15, 2025

Android 12 and 12L have received their last official Google security update

Google has officially ended support for Android 12 and Android 12L, with the last security patch released in March 2025. As of March 31, 2025, these operating systems will no longer receive updates or security enhancements. Over 12% of Android devices globally are still using Android 12 or 12L. OEMs may choose to backport security releases, and users can switch to custom ROMs for continued updates. Popular devices still running these operating systems include the Samsung Galaxy S10 series, Google Pixel 3a series, and OnePlus 7 series.