SmartScreen Archives

Winsage

February 16, 2026

Multiple Flaws Found in Microsoft Windows & Office — Could Let Hackers In

Microsoft has identified at least six zero-day vulnerabilities in Windows and Microsoft Office that were actively being exploited by hackers before patches were released. These vulnerabilities allow attackers to compromise systems with minimal user interaction, such as clicking on malicious links or opening compromised Office documents. Notable examples include a Windows Shell Security Bypass (CVE-2026-21510) and an Office File Exploit that can execute malicious code. The vulnerabilities pose serious risks, including active exploitation, remote code execution, and the potential for malware installation and credential theft. Microsoft has released security patches to address these vulnerabilities, and users are urged to install them immediately. The affected systems include all supported versions of Windows and Microsoft Office applications. Users are advised to install updates, be cautious with emails and links, enable security tools, and keep software up to date.

Winsage

February 16, 2026

Windows 11 KB5077181 Security Update Causing Some Devices to Restart in an Infinite Loop

Microsoft's security update KB5077181, released on February 10, 2026, for Windows 11 versions 24H2 and 25H2, has caused critical boot failures, leading to infinite restart loops for users. The update addresses 58 vulnerabilities, including six zero-day exploits, and introduces new Secure Boot certificates. Users have reported errors such as “a specified procedure could not be found” and DHCP failures, with installation errors like 0x800f0983 and 0x800f0991 affecting specific hardware. To resolve issues, users are advised to uninstall the update and pause Windows Update. Accessing the Windows Recovery Environment may also be necessary for persistent boot loops. While some users experienced improvements, the overall instability highlights risks associated with updates. Microsoft has not acknowledged any known issues related to this update as of February 15.

Winsage

February 14, 2026

Microsoft Fixes Critical Windows 11 Notepad Flaw

Microsoft has released a patch for a significant vulnerability in Notepad on Windows 11 that could allow attackers to execute code by opening a Markdown file and clicking on a malicious link. This vulnerability was due to how Notepad processed links within Markdown files, which could trigger unverified protocols to load remote content. The patch now includes a security warning before such links can be activated. Users are advised to check for updates via Windows Update and the Microsoft Store to ensure Notepad and related components are up to date. Security tips include inspecting URLs before clicking and keeping Microsoft Defender features enabled.

Winsage

February 12, 2026

Microsoft says hackers are exploiting critical zero-day bugs to target Windows and Office users

Microsoft has addressed critical security vulnerabilities in its Windows operating system and Office suite that are actively exploited by malicious actors. These vulnerabilities include one-click attacks that can be triggered by users clicking on malicious links or opening compromised Office files. Known as zero-days, these flaws were exploited before Microsoft could implement fixes. One significant vulnerability, tracked as CVE-2026-21510, affects the Windows shell and allows hackers to bypass Microsoft's SmartScreen feature, potentially enabling remote malware installation. Another vulnerability, CVE-2026-21513, is found in the MSHTML browser engine, allowing hackers to install malware by bypassing security measures. Microsoft has also patched three other zero-day bugs that were under active exploitation.

Winsage

February 12, 2026

February 2026 Patch Tuesday includes six actively exploited zero-days

Microsoft released security updates on the second Tuesday of each month, addressing 59 vulnerabilities this month, including six critical zero-day exploits. 1. CVE-2026-21510: Windows Shell security feature bypass vulnerability (CVSS score 8.8) allows attackers to circumvent Windows SmartScreen by tricking users into opening malicious links or shortcuts. 2. CVE-2026-21513: MSHTML Framework security feature bypass vulnerability (CVSS score 8.8) enables attackers to weaken browser protections by persuading users to open malicious HTML files or shortcuts. 3. CVE-2026-21514: Microsoft Word security feature bypass vulnerability (CVSS score 5.5) allows attackers to exploit untrusted inputs in malicious Word documents to execute blocked content. 4. CVE-2026-21519: Desktop Window Manager elevation of privilege vulnerability (CVSS score 7.8) allows low-privileged attackers to gain higher privileges without user interaction. 5. CVE-2026-21525: Windows Remote Access Connection Manager denial-of-service vulnerability (CVSS score 6.2) can be exploited by unauthenticated local attackers to crash the service without compromising confidentiality or integrity. 6. CVE-2026-21533: Windows Remote Desktop Services elevation of privilege vulnerability (CVSS score 7.8) allows local authenticated attackers to escalate privileges to SYSTEM without user interaction. Additionally, Azure users should be aware of two critical vulnerabilities with CVSS ratings of 9.8.

Winsage

February 11, 2026

Users Solve Windows 11 Issues With Four Settings Checks

To address slowdowns and glitches in Windows 11, users should verify several settings before considering a complete reinstallation. Key actions include: 1. Check for Windows Updates: Navigate to Settings > Windows Update to install patches and update device drivers. Uninstall problematic updates if necessary. 2. Manage Startup Applications: Use Task Manager (Ctrl+Shift+Esc) or Settings > Apps > Startup to disable unnecessary auto-starting applications to improve boot speed. 3. Pause OneDrive Syncing: Temporarily pause OneDrive syncing during resource-intensive tasks to prevent performance degradation. 4. Adjust Visual Effects: Disable Transparency effects and Animation effects in Settings > Personalization > Colors and Settings > Accessibility > Visual effects, respectively, to reduce GPU strain. 5. Limit Notifications: Turn off notifications in Settings > System > Notifications to minimize interruptions. 6. Restrict Background Activity: Set background app permissions to "Never" for infrequently used applications to conserve memory and disk usage. 7. Run Security Scans: Use Windows Security to perform a Quick scan and ensure that real-time protection features are enabled to detect malware and adware. 8. Browser Maintenance: Reset browser settings, remove unknown extensions, and enable tracking protection to improve resource management. If issues persist, further steps include running System File Checker, testing memory, checking storage health, or performing a repair install of Windows.

Winsage

February 11, 2026

Microsoft fixes six actively exploited flaws in latest Windows 11 update

Microsoft's February 2026 Patch Tuesday addressed 59 vulnerabilities in Windows 11, with six confirmed as actively exploited. The most critical vulnerability is CVE-2026-21510, a Windows Shell security feature bypass with a CVSS rating of 8.8, allowing attackers to evade warnings by tricking users into opening malicious files. Another significant vulnerability, CVE-2026-21513, also rated at 8.8, affects MSHTML and allows remote attackers to bypass execution prompts through malicious code in HTML or shortcut files. CVE-2026-21514 impacts Microsoft Word and enables adversaries to disable OLE mitigations, posing risks through document-based attacks. Two local privilege escalation vulnerabilities are CVE-2026-21519 in Desktop Window Manager and CVE-2026-21533 in Windows Remote Desktop Services, with CVSS scores of 7.8. CVE-2026-21525 is a denial-of-service vulnerability in Remote Access Connection Manager. The update includes 53 additional vulnerabilities across various Microsoft products and services, with CVE-2026-21531 in Azure SDK rated at 9.8 and CVE-2026-20841 affecting Windows Notepad rated at 8.8. The cumulative update for Windows 11 (KB5077181) also includes enhancements and resolves WPA3 Wi-Fi connectivity issues. Microsoft reminded users of the June 2026 expiration of Secure Boot certificates, which requires timely updates to ensure secure booting. Users can install the updates via Windows Update.

Winsage

January 20, 2026

Windows 11 Home vs. Windows 11 Pro: I compared both versions, and this one’s best for your PC

Windows 11 is approaching its fifth anniversary since launch, featuring significant changes while retaining core functionalities from Windows 10. Key updates include a refreshed visual design, improved system performance, support for Android applications, and the introduction of AI-powered Copilot. Microsoft offers a Pro version for power users, providing advanced tools, deeper control over system settings, and enhanced security options. Windows 11 Home includes features like Windows Hello, Device Encryption, Windows Defender Antivirus, Firewall, SmartScreen, Family Safety, and support for Android apps. It is suitable for average users and those on a budget, as it is free for upgrades from compatible Windows 10 devices and comes preinstalled on new PCs. Windows 11 Pro includes additional features such as BitLocker Drive Encryption, Credential Guard, Hyper-V, Windows Sandbox, and full Remote Desktop hosting. It is ideal for users needing greater control over their system and those who rely on virtualization tools. Windows 11 Home is free for users upgrading from Windows 10, while Windows 11 Pro costs approximately 9 for a full license or for an upgrade from Home.

Winsage

January 18, 2026

Windows 11 Home vs. Windows 11 Pro: I compared both versions, and here’s my upgrade advice

Windows 11 is nearing its fifth anniversary and features enhancements in visual design, system performance, and support for Android applications. Microsoft offers a Pro version for power users, which includes advanced functionalities not available in the Home version, such as BitLocker Drive Encryption, Hyper-V, and enhanced remote access capabilities. Windows 11 Home is suitable for average users who prefer simplicity, offering essential features for everyday tasks and automatic updates. It is free for users upgrading from compatible Windows 10 devices and comes preinstalled on new PCs. Windows 11 Pro, priced around 0 for a full license, is ideal for users seeking greater control over system settings and those who rely on virtualization tools. Key specifications include: - Both editions share core features like the full Windows 11 UI, Snap Layouts, and Copilot. - Windows 11 Home includes basic security features, while Pro adds advanced options like BitLocker and Credential Guard. - Pro supports virtualization with Hyper-V and Windows Sandbox, while Home does not. - Processor support differs, with Home supporting 1 CPU and 64 cores, and Pro supporting 2 CPUs and 128 cores.

Winsage

January 7, 2026

Hackers Use Fake Windows BSOD To Spread Malware

Security researchers have identified a social engineering campaign that mimics the Windows Blue Screen of Death (BSOD) to deceive users into installing a remote access Trojan (RAT). The campaign, named PHALT#BLYX, begins with phishing emails that appear to be legitimate cancellation notices from travel websites, leading victims to a fake login page and an interactive CAPTCHA. This culminates in a full-screen imitation of the BSOD, prompting users to follow instructions that ultimately allow attackers to gain control of their computers. The attackers use a “ClickFix” process that involves executing commands through native Windows tools like PowerShell and MSBuild, making detection more challenging. The malware delivered is an obfuscated version of DCRat, which provides attackers with remote control capabilities, keylogging, and the ability to download additional malware. The campaign primarily targets hotels and hospitality businesses in Europe, exploiting the urgency of front-desk staff to respond to apparent technical issues. Indicators of a fake BSOD include the ability to interact with the screen, requests to execute commands via Windows tools, and the presence of CAPTCHA prompts. Organizations are advised to train employees, implement application control, enhance email and web defenses, and prepare for incident response to mitigate risks associated with such attacks.