security fixes Archives

Winsage

May 14, 2025

Windows 11’s May update brings a heap of new features

Microsoft's latest update for Windows 11, KB5058411, includes enhancements and security fixes. Key features include AI integration in Windows Search for natural language queries, direct access to Microsoft 365 content in File Explorer (subscription required), improved performance for file opening and ZIP unpacking, and aesthetic updates to the interface. The update also removes the blue background for desktop shortcuts based on user feedback and implements various bug fixes. The update will download and install automatically for Windows 11 24H2 users, with an option for manual installation through Windows Update.

Winsage

May 14, 2025

Microsoft Confirms Windows Upgrade Choice—You Must Now Decide

Microsoft has released a mandatory update for Windows 11, identified as “KB5058411,” which includes essential security fixes and introduces a new feature called Recall. Recall uses artificial intelligence to capture snapshots of the user's screen at regular intervals, creating a photographic memory of digital interactions. Users will be prompted to enable Recall during the installation of the May 2025 Windows 11 24H2 update, and opting in for the first time simplifies future re-enabling. However, enabling Recall raises privacy concerns, as it records activities and communications from secure messaging platforms like WhatsApp and Signal, potentially exposing sensitive information. A user reported that someone was able to access his entire PC history, including deleted messages, highlighting the vulnerabilities associated with the feature. Users are advised to carefully consider the implications of opting into Recall.

Winsage

May 14, 2025

Windows 11’s Patch Tuesday for May finally brings Recall into the mix

Microsoft's Recall feature is set to debut after a delay due to security concerns. The update for Windows 11, released on May 13th, includes AI-driven tools to enhance user interactions and productivity. Key features integrated from the April 25th Preview update include: - Recall (preview): Allows users to retrieve information from various applications, websites, and documents using AI for quick searches based on content descriptions, with options to save snapshots of activities and manage them through Windows Hello. - Click to Do (preview): Enables immediate action on items displayed on the screen using a keyboard shortcut for editing or summarizing content. - Improved Windows Search: Enhanced search capabilities allow natural language queries to locate documents and settings. - Phone Link: Facilitates interaction between Windows PCs and mobile devices for calls, messages, and content sharing. - Widgets: Web developers can create interactive widgets with customization options for lock screen widgets. Additional updates include improvements to File Explorer, accessibility enhancements, and new settings management options for app recommendations. The update for Windows 10 focuses on a fix for Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI) to improve detection of Linux systems. Detailed patch notes and download links are available through the Microsoft Update Catalog.

Winsage

May 13, 2025

Windows 10 M365 apps to get security fixes into 2028

Microsoft will provide security updates for Windows 10 users until October 10, 2028, despite the end of official support on October 14, 2025. Microsoft 365 subscribers on Windows 10 will continue to receive security patches for applications like Word and Excel, but support will be limited to troubleshooting for those unable to upgrade to Windows 11. If issues arise that are exclusive to Microsoft 365 apps on Windows 10 and do not occur on Windows 11, users will be encouraged to upgrade. Transitioning to Windows 11 has faced resistance due to hardware requirements, particularly affecting users of older Surface devices. As of now, Windows 10 holds a 53 percent global desktop market share, while Windows 11 has 44 percent.

Winsage

May 6, 2025

Microsoft introduces Surface PCs that run AI models and cost less than earlier versions

Microsoft introduced two next-generation Copilot+ PCs, the Surface Pro convertible tablet and a traditional Surface Laptop, designed to operate AI models without internet connectivity. The Surface Laptop starts at 9, while the Surface Pro starts at 9, both reflecting a 0 reduction from last year's models. They are powered by an Arm-based Qualcomm Snapdragon X Plus chip with eight cores and have slightly reduced screen sizes of 12 inches for the Pro and 13 inches for the Laptop. The Surface Laptop now supports up to 16 hours of web browsing, an increase from 13 hours. The new machines run on Windows 11 and feature AI-enhanced capabilities, including a Recall function and improved file search. Preorders began on Tuesday for a release on May 20, with color options of platinum, ocean, and violet. Microsoft reported a nearly 75% year-over-year increase in Windows 11 commercial deployments.

Winsage

April 29, 2025

Microsoft Confirms $1.50 Windows Security Update Fee Starts July 1

Microsoft has introduced a subscription model for no-reboot security "hotpatch" updates, which will be available for Windows 11 Enterprise, version 24H2, and Windows Server 2025. Users must operate on Windows Server 2025 Standard or Datacenter, connected to Azure Arc, to access these updates. Starting July 1, 2025, there will be a charge of [openai_gpt model="gpt-4o-mini" prompt="Summarize the content and extract only the fact described in the text bellow. The summary shall NOT include a title, introduction and conclusion. Text: In the realm of operating systems, security updates are paramount, especially when they pertain to software utilized by billions globally. However, Microsoft has recently found itself in a challenging spotlight following a controversial Windows security patch that inadvertently introduced a mysterious folder, sparking a wave of confusion and concern among users. Social media commentators hastily advised users to delete this folder, only for Microsoft to counter with a warning that such actions could leave systems vulnerable to attacks. This incident has now unveiled a broader issue within the Windows security update framework, particularly surrounding the introduction of a subscription model for no-reboot security “hotpatch” updates. What Is Windows Hotpatching, And Who Needs To Pay The .50 A Month Fee? As previously reported, Microsoft is advancing towards a system where hotpatching will eliminate the need for users to reboot their Windows systems after a security update. This innovative feature allows security fixes to be downloaded and installed seamlessly in the background, integrating directly into the in-memory code of processes that are already running. Initially, this functionality is set to be available for a specific segment of users: those operating Windows 11 Enterprise, version 24H2, on x64 (AMD/Intel) CPU devices managed through Microsoft Intune. Recent confirmations from Janine Patrick, Windows Server product marketing manager, and Artem Pronichkin, a senior program manager at Microsoft, indicate that the hotpatching system for Windows Server 2025, which has been in preview since 2024, will transition to a subscription-only model starting July 1. To utilize the no-reboot hotpatch security updates, users must operate on “Windows Server 2025 Standard or Datacenter,” with an essential requirement of being connected to Azure Arc. The noteworthy and contentious aspect of this announcement is the introduction of a subscription fee for the Hotpatch service. While hotpatching has long been available for Windows Server Datacenter: Azure Edition at no cost, users of Windows Server 2025 will incur a charge of .50 per CPU core each month for these security updates. Microsoft emphasizes that while hotpatching will significantly reduce the frequency of required reboots—approximately four times a year for baseline updates—this new approach aims to alleviate the traditional inconveniences associated with Patch Tuesday." max_tokens="3500" temperature="0.3" top_p="1.0" best_of="1" presence_penalty="0.1" frequency_penalty="frequency_penalty"].50 per CPU core each month for the hotpatch service, which aims to reduce the frequency of required reboots to approximately four times a year for baseline updates.

Winsage

April 28, 2025

Microsoft Can Put a Price on Safety & It’s $1.50 Per Month

Microsoft has launched a new subscription service for Hotpatch security fixes, priced at .50 per month per CPU core, available for Windows Server 2025 Standard or Datacenter, and requires a connection to Azure Arc. The service allows security updates without rebooting, although users must reboot four times a year for baseline updates. The AI server sector is projected to grow to .83 billion by 2030, with a CAGR of 34.3% from 2024 to 2030. Analysts expect Microsoft's upcoming earnings report to show earnings per share of .22 and revenue of .43 billion. The consensus rating for Microsoft stock is Strong Buy, with an average price target of 0.86, indicating a potential upside of 25.36%.

Winsage

April 27, 2025

Last Chance to Get Windows 11 Pro at an All-Time Low Price

The majority of Windows users are still using Windows 10, with the end of support for this version approaching, prompting the need to upgrade to Windows 11. Windows 11 Pro license keys are currently available for .97, down from the regular price of 9, but this offer expires on April 27. Windows 11 Pro includes features such as biometric login, encrypted authentication, advanced antivirus protections, improved voice typing, and better search capabilities. It also integrates Microsoft Teams and Widgets and introduces an AI-powered assistant called Copilot. For gaming, Windows 11 Pro supports DirectX 12 Ultimate for enhanced graphics. To upgrade, devices must meet specific requirements: running Windows 10 or higher, a processor of at least 1GHz, a minimum of 4GB of RAM, and 64GB of storage. The upgrade is designed to improve productivity with tools like Snap Layouts and support for multiple virtual desktops.

Winsage

April 25, 2025

Microsoft’s Patch for Symlink Vulnerability Introduces New Windows Denial-of-Service Flaw

In early April 2025, Microsoft addressed a security vulnerability (CVE-2025-21204) related to symbolic links in the Windows servicing stack, specifically affecting the c:inetpub directory used by Internet Information Services (IIS). The updates created the c:inetpub folder with appropriate permissions to mitigate risks. However, this fix introduced a new denial-of-service (DoS) vulnerability, allowing non-administrative users to create junction points on the c: drive, disrupting the Windows Update mechanism. A command such as "mklink /j c:inetpub c:windowssystem32notepad.exe" could be used to exploit this flaw, preventing systems from receiving future security patches. As of April 25, Microsoft had not released a patch or acknowledged the issue, leaving systems vulnerable and emphasizing the need for monitoring user permissions and manually removing suspicious symlinks.

Winsage

April 17, 2025

It must be a day with a ‘y’ in it – there’s a problematic Windows 11 update causing blue screens

Microsoft is addressing issues stemming from the KB5055523 update for Windows 11, which has caused Blue Screen of Death (BSoD) errors with the 0x18B error code. This update was automatically installed on most devices and is linked to the earlier KB5053656 preview update. Microsoft is implementing a Known Issue Rollback (KIR) to mitigate the problem, although it may take up to 24 hours for the fix to propagate to consumer and non-managed business devices. For enterprise-managed devices, IT administrators must manually resolve the issue by configuring the necessary Group Policy.