security feature Archives

Winsage

May 29, 2025

Forced E-Waste PCs And The Case Of Windows 11’s Trusted Platform

The process of upgrading Windows operating systems was straightforward until Windows 11, which introduced a new requirement for a Trusted Platform Module (TPM), potentially rendering many capable PCs obsolete. The TPM is used for boot validation and storing biometric data, but it complicates data recovery and may lock out legitimate users. Users have found ways to bypass Windows 11's TPM and CPU restrictions, allowing installation on unsupported hardware. Microsoft’s enforcement of these requirements remains uncertain, raising concerns about system reliability and user access to updates. Many users are opting to stay on Windows 10 while advocating for continued support from developers.

Tech Optimizer

May 26, 2025

Discover Smart App Control

Smart App Control in Windows 11 is a security feature that evaluates applications before they are executed, using artificial intelligence to predict their safety and prevent potentially harmful apps from running. Traditional antivirus software scans active files and programs to detect and remove known threats, operating in a reactive manner. The key difference between the two is that Smart App Control takes a proactive approach by blocking suspicious applications before they can cause harm, while traditional antivirus software responds to threats after they have been detected.

Winsage

May 23, 2025

Signal Will Black Out Windows Recall Screenshots to Preserve Privacy

Signal has introduced a "screen security" feature for its Windows 11 application to counter Microsoft's Windows Recall, an AI feature that captures screenshots of user activities. This new feature ensures that any attempts by Recall to take screenshots will result in a black screen. Signal's blog post notes that while the feature enhances privacy, it may cause compatibility issues with some accessibility tools, and users can disable it if necessary. The feature only protects the local machine and does not prevent other conversation participants from taking screenshots. Signal criticized Recall for lacking built-in privacy controls for app developers and emphasized the need for operating system developers to prioritize user privacy. The screen security feature is being rolled out and is enabled by default for Windows 11 users.

Winsage

May 22, 2025

Signal’s new Windows update prevents the system from capturing screenshots of chats

Signal has updated its Windows application to enhance user privacy by introducing a feature called "screen security," which prevents screenshots on Windows 11. This update responds to privacy concerns raised by Microsoft's Recall functionality, which captures screenshots for user activity tracking. Although Microsoft paused Recall due to public backlash, it resumed testing the feature as opt-in. With screen security enabled, users will see a blank screen when attempting to take a screenshot, but this may affect functionalities like screen readers. Users can disable this feature in Signal Settings, but will receive a warning before confirming the change. Signal hopes that developers will consider privacy implications more thoughtfully in the future.

Winsage

May 16, 2025

Microsoft confirms May Windows 10 updates trigger BitLocker recovery

Microsoft has acknowledged an issue affecting some Windows 10 and Windows 10 Enterprise LTSC 2021 systems after the installation of the May 2025 security update (KB5058379), causing devices to boot into BitLocker recovery mode. This problem arises when the update leads to multiple startup failures, preventing the system from initiating Automatic Repair without the recovery key. Users experiencing this issue may see LSASS errors and the 0x800F0845 error code in the Windows Event Viewer. Reports indicate that various devices from manufacturers like Lenovo, Dell, and HP are affected. Microsoft suggests troubleshooting steps such as disabling Intel Trusted Execution Technology, Secure Boot, Virtualization Technologies, or Firmware Protection. This is not the first occurrence of such issues, as similar problems were reported after previous updates in August 2024 and August 2022.

Winsage

May 16, 2025

Windows 10 KB5058379 update triggering BitLocker Recovery after install

The Windows 10 KB5058379 cumulative update, released on May 13, 2025, has caused unexpected BitLocker recovery prompts for some users after installation and reboot. Reports indicate that affected devices, including those from Lenovo, Dell, and HP, automatically boot into the Windows Recovery Environment and display the BitLocker recovery screen. Users have experienced various issues, such as needing BitLocker keys to start up or devices refusing to start. A workaround involves disabling Intel Trusted Execution Technology (TXT) in the BIOS. Microsoft has not publicly acknowledged the issue but support representatives are aware and working on a resolution. Microsoft has provided steps to resolve the issue, including disabling Secure Boot and virtualization technologies, checking Microsoft Defender System Guard Firmware Protection status, and disabling firmware protection via Group Policy or Registry Editor.

AppWizard

May 9, 2025

Gemini fuels Chrome for Android with enhanced scam and spam protection

Google has announced a new security feature for Chrome on Android that uses machine learning through its Gemini intelligence to alert users about potential scams, spam, and unwanted notifications from malicious websites. This update allows Chrome to analyze website notifications more effectively, enhancing user protection. In September, Google also updated Chrome's Safety Check for Android, which now includes improved background tasks, notification alerts, and scans for security risks in passwords and installed extensions. The machine learning model was trained using synthetic data evaluated against real notifications to ensure effectiveness. The enhancements aim to provide a stronger defense against online threats.

AppWizard

May 6, 2025

‘Intrusion Detection’ might help Android 16 users catch suspicious phone activity

Google is set to introduce a security feature called "Intrusion Detection" in its upcoming Android 16, aimed at enhancing user security against threats. This feature, found in a beta version of the Google Play Services app, will log encrypted entries of essential device information to help users identify suspicious activity. "Intrusion Detection" is expected to be part of the Advanced Protection Program, which includes measures against malicious downloads and supports passkey sign-ins, moving away from traditional passwords. The feature's development has progressed, but it is unclear if it will launch with Android 16 or later. Android 16 Beta 4 was released to testers in mid-April, leading up to the anticipated full launch in May 2025.

Winsage

April 30, 2025

Unpatched Windows Shortcut Vulnerability Let Attackers Execute Remote Code

Security researcher Nafiez has discovered a vulnerability in Windows LNK files that allows remote code execution without user interaction. Microsoft has chosen not to address this issue, stating it does not meet their security servicing criteria. The vulnerability exploits specific components of LNK files, enabling attackers to create malicious shortcuts that initiate silent network connections when a user accesses a folder containing them. The exploit involves manipulating the HasArguments flag, EnvironmentVariableDataBlock, and embedding UNC paths. Microsoft defends its inaction by citing the Mark of the Web (MOTW) feature as adequate protection, despite concerns from security experts about its effectiveness. Previous vulnerabilities in LNK files have been addressed by Microsoft, and the availability of proof-of-concept code raises fears of potential exploitation by malicious actors.

Winsage

April 27, 2025

New Security Warning After 1 Billion Windows Users Told Do Not Delete

Microsoft's recent security update for Windows has raised concerns among users due to the introduction of a new vulnerability. The update, intended to address the CVE-2025-21204 vulnerability, inadvertently created a folder named inetpub, which Microsoft claims is essential for user protection. Security researcher Kevin Beaumont has warned that this update has introduced a denial of service vulnerability that allows non-admin users to halt future Windows security updates. Microsoft has classified the issue as moderate in severity and suggested that deleting the inetpub symlink and retrying the update may resolve the problem. The report has been forwarded to the Windows security team for potential further action.