server side Archives

Winsage

December 21, 2025

Windows emergency update fixes MSMQ faults after December patchday

Microsoft has released emergency updates to address malfunctions with Windows Message Queuing (MSMQ) that occurred after the December security updates. The issues affect several versions of Microsoft Windows, including Windows 10 and various editions of Windows Server up to Server 2019, posing a risk of application outages for users relying on MSMQ. The problem arose from changes to the MSMQ security model, which modified NTFS access rights to the C:WindowsSystem32MSMQstorage folder, stripping applications or services without administrative rights of necessary write permissions. The updates are identified by knowledgebase numbers: KB5074976 for Windows 10, KB5074975 for Windows Server 2019, and KB5074974 for Windows Server 2016, raising Windows 10 build numbers to 19044.6693 and 19045.6693. Initially, these updates were not available through the standard Windows update function and could only be accessed via the Windows update catalog. Microsoft has expanded the list of affected systems to include earlier versions of Windows 10 (21H2, 1809, and 1607) and Windows Server 2012 R2 and 2012. Users of these systems should verify the application of December updates and manually install the emergency updates if necessary.

Winsage

October 22, 2025

CISA urges immediate patching of exploited Windows SMB client vulnerability

The U.S. Cybersecurity and Infrastructure Agency (CISA) has issued a warning about a high-severity vulnerability, CVE-2025-33073, affecting unpatched versions of Microsoft Windows, including Windows 10, Windows 11, and Windows Server. This vulnerability targets the Windows Server Message Block (SMB) client, crucial for file and printer sharing. It was initially addressed by Microsoft in June 2025, but not all installations received the updates, leading to active exploitation. Attackers can exploit this vulnerability by tricking a Windows client into connecting to a malicious SMB server, allowing them elevated access privileges. CISA has mandated that federal civilian agencies implement the security update by November 10 and is encouraging private organizations to ensure patch compliance. Recommendations for organizations include restricting SMB access, segmenting internal networks, and monitoring for unusual outbound SMB traffic.

Winsage

August 26, 2025

Windows 11 24H2 and Windows 10 Hit by Severe Lag After Microsoft’s August 2025 Update

Windows 11 Version 24H2, also known as the 2024 Update, is being rolled out to users via Windows Update. Eligible devices can check for the update in Settings > Windows Update. Devices running Windows 10 and Windows 11 versions 23H2, 22H2, and 21H2 will receive the update automatically, with options to schedule or postpone restarts. Copilot+ PCs will receive new AI features through the Windows Insider program, with availability varying by hardware and region. Users can seek help with update issues via the Get Help app or Microsoft support website. Known issues include: 1. NDI streaming performance degradation with OBS and NDI Tools (Confirmed). 2. WSUS installation failure for the August 2025 security update (Resolved). 3. WUSA installs failing from shared folders (Mitigated). 4. CertificateServicesClient error events (Confirmed). 5. Missing parental consent prompt for non-Edge browsers (Mitigated). 6. Easy Anti-Cheat causing blue screens (Resolved). 7. Incompatibility with sprotect.sys driver (Confirmed). 8. Dirac Audio devices losing audio output (Confirmed). 9. Camera use hanging apps on select devices (Confirmed). 10. Intel Smart Sound Technology driver causing blue screens (Confirmed). Workarounds and fixes are suggested for several issues, including switching NDI Receive Mode and copying .msu files locally for installation. Devices with certain drivers are blocked from receiving the update until compatibility issues are resolved.

Tech Optimizer

August 25, 2025

Linux Foundation says yes to NoSQL via DocumentDB

The Linux Foundation has welcomed Microsoft's DocumentDB as an open-source project under the MIT license, marking a shift in document databases. This move responds to MongoDB's licensing changes in 2018, which introduced the Server Side Public License (SSPL), raising concerns among developers about cloud services and competition. Many companies have shifted to more restrictive licenses to protect innovations from larger cloud providers, but such licenses have not gained widespread acceptance. Microsoft developed DocumentDB in 2024 with PostgreSQL extensions to support BSON data models and MongoDB-compatible operations, aiming to bridge relational and non-relational databases. DocumentDB's MIT license allows users to fork, use, and distribute the software freely. The project emerged in response to MongoDB's practices, and initiatives like FerretDB advocate for standardized query languages across document databases. Microsoft's commitment to DocumentDB reflects a trend towards transparency and collaboration in the industry.

Tech Optimizer

April 16, 2025

Transition a pivot query that includes dynamic columns from SQL Server to PostgreSQL

The text discusses the process of migrating workloads from SQL Server to PostgreSQL, specifically focusing on the implementation of the PIVOT function. It highlights the limitations of using CASE WHEN statements in SQL Server for dynamic reports and introduces the crosstab function from PostgreSQL’s tablefunc extension as a more flexible alternative. The solution involves creating a PostgreSQL function called get_dynamic_pivot_data that utilizes crosstab to dynamically generate columns based on query results. To test the function, users need to provision either Amazon Aurora PostgreSQL or Amazon RDS for PostgreSQL and install a PostgreSQL client tool. For those using C#, .NET SDK 8 and Visual Studio Code must be installed. The text provides detailed steps for creating sample tables and stored procedures in SQL Server, along with the equivalent setup in PostgreSQL, including the use of the crosstab function and cursor management. It emphasizes the need for security measures, such as storing database credentials in AWS Secrets Manager. The author encourages sharing experiences related to implementing PIVOT functionality in PostgreSQL.

AppWizard

March 9, 2025

I use Apollo and Artemis to stream PC games to my phone

Apollo and Artemis are server and client applications designed for streaming visuals from a gaming PC to a smartphone while allowing input from the smartphone. Apollo is installed on the gaming PC and includes a virtual display feature, while Artemis is installed on the smartphone. Both applications are forks of Sunshine and Moonlight, with Apollo offering automatic adjustments for resolution, refresh rate, and aspect ratio. To set up Apollo, users must download and install the Apollo.exe file on a Windows machine, create a password, and access the web UI. For Artemis, users download the APK file, connect to the same WLAN as the Apollo server, and enter a pin displayed on the smartphone into the Apollo web UI. The setup is currently limited to Windows PCs and Android smartphones, and while it can work with Moonlight, the developer plans to move away from Sunshine and Moonlight in the future.

Winsage

February 17, 2025

About darn time: Microsoft says it has fixed the annoying lag in Windows Explorer when working with cloud-based files

The recent beta update from Microsoft, identified as KB5052094, aims to improve the sluggish performance of Windows Explorer when managing OneDrive files. This update is currently available only to users in the Review Release Channel of Windows 11. Users on the standard public release have not yet tested these performance claims. The update is anticipated to address the lag experienced during context menu operations, such as right-clicking on cloud files. The delays in these operations have been a source of frustration for users, impacting workflow. There are speculations regarding the delay in addressing this issue, which may involve necessary adjustments to Azure's infrastructure.

BetaBeacon

September 21, 2024

Xbox Cloud Gaming: Everything you need to know about the service

Xbox Cloud Gaming is Microsoft's official cloud gaming service that allows players to connect their local device to a server in the cloud to stream native Xbox games. It was initially known as Project xCloud and has since expanded to include support for Android mobile devices, Windows PCs, Xbox consoles, and Apple devices via a web browser. The service is bundled with Game Pass Ultimate and does not have a standalone subscription.

Winsage

August 8, 2024

Windows Zero-day Flaw Let Hackers Downgrade Fully Updated Systems to Old Vulnerabilities

Software and operating system vendors are increasingly focused on enhancing cybersecurity due to the rapid exploitation of outdated software by threat actors. A significant example is the BlackLotus UEFI BootKit malware, which downgraded the Windows Boot Manager to a vulnerable version, allowing attackers to bypass Secure Boot and gain persistent access to systems. This malware can operate on fully patched Windows 11 systems, raising concerns about current security measures. Researchers discovered a critical flaw that allowed control over the Windows Update process, leading to the creation of a tool called Windows Downdate. This tool could downgrade updates and bypass verification steps, allowing the downgrading of critical OS components while the system falsely reported being fully updated. Key security features were also downgraded, exposing previously patched vulnerabilities and transforming them into zero-days. The Windows Update architecture involves an update client and server, with the client typically operating with Administrator privileges. The update process includes client requests, server validation, and execution of actions during system reboot. Investigation revealed that the Trusted Installer was not enforced on a specific registry key, allowing for manipulation of update actions. The attack methodology did not require malicious elevation of Trusted Installer privileges and relied on setting the Trusted Installer service to Auto-Start, modifying the registry, and including the pending.xml identifier without enforcement. The attack was undetectable, allowing the system to appear fully updated despite downgrades. Actions performed during the attack cannot be reversed, and Microsoft has issued two CVEs in response to these vulnerabilities, acknowledging the work of SafeBreach in identifying them.

Winsage

July 25, 2024

Windows update might send a user to BitLocker recovery

Some Windows devices are presenting users with a BitLocker recovery screen after the July Patch Tuesday update.