SMB shares Archives

Winsage

December 3, 2025

Windows 11 KB5070311 update fixes File Explorer freezes, search issues

Microsoft has released the KB5070311 preview cumulative update for Windows 11, which includes 49 enhancements aimed at improving user experience. This optional update allows IT administrators to preview upcoming bug fixes and features before the official Patch Tuesday rollout. The update addresses several known issues, including unresponsive explorer.exe and taskbar processes, search problems in File Explorer related to SMB shares, and instability in the Local Security Authority Subsystem Service (LSASS). To install KB5070311, users can go to Settings, select Windows Update, and click 'Check for Updates'. Users must confirm their intention to install it by selecting 'Download and install', or they can manually download it from the Microsoft Update Catalog. The update elevates Windows 11 25H2 and 24H2 devices to builds 26200.7309 and 26100.7309, respectively. Notable enhancements include a broader search results menu, the ability to use Windows Studio Effects with additional cameras, new context menu options for Windows Spotlight backgrounds, and improvements to File Explorer's dark mode experience. Microsoft has announced there will be no preview update in December, with regular updates resuming in January. They are also working on a solution for a known issue where the password sign-in option has disappeared from the lock screen options.

Winsage

December 2, 2025

Microsoft: KB5070311 triggers File Explorer white flash in dark mode

Microsoft has acknowledged a glitch with the KB5070311 preview update that causes bright white flashes when launching File Explorer in dark mode on Windows 11. The issue occurs not only when opening File Explorer but also during actions like navigating to Home or Gallery, creating new tabs, toggling the Details pane, and selecting 'More details' while copying files. As a temporary solution, Microsoft recommends disabling dark mode. The KB5070311 update also resolved a bug that caused the explorer.exe process and taskbar to become unresponsive after certain notifications and addressed search failures in File Explorer on some SMB shares. Additionally, Microsoft had previously confirmed a critical bug affecting File Explorer and the Start Menu on Windows 11 24H2 devices with cumulative updates since July 2025.

Winsage

September 10, 2025

Windows 11 KB5065431 23H2 released, direct download links (.msu)

KB5065431 is the latest security update for Windows 11 23H2 devices, being rolled out as a reminder that this version will reach its end of life on November 11, 2025. Microsoft is migrating eligible 23H2 Home and Pro edition PCs to Windows 11 24H2, but the rollout was temporarily paused due to around a dozen reported errors, some linked to app compatibility issues. Most barriers to upgrading have now been resolved, allowing the automatic upgrade process to begin. The Enterprise and Education editions of Windows 11 23H2 have an extended support timeline until November 10, 2026. The KB5065431 update will automatically install on PCs, or users can manually install it using the offline update installer file (.msu). The Windows 11 22631.5909 build includes important fixes but no new functionalities, addressing issues like NDI streaming performance and enhancing security for SMB shares. It also introduces a UAC prompt for administrator credentials during certain operations, which can be disabled by administrators via group policy.

Winsage

September 2, 2025

Threat Actors Exploit Windows Search in AnyDesk ClickFix Attack to Spread MetaStealer

Cybercriminals have developed a sophisticated variant of the ClickFix scam, utilizing human-verification social engineering and the Windows search protocol to deploy MetaStealer, an infostealer that steals credentials and sensitive data. The attack begins when a target searches for the legitimate AnyDesk tool and is redirected to a phishing page featuring a deceptive human-verification prompt. This page uses a search-ms URI scheme to connect to an attacker-controlled SMB share, presenting a malicious Windows shortcut disguised as a PDF. Executing this shortcut downloads the legitimate AnyDesk installer and retrieves a malicious "PDF" from an external server. The MSI package contains a dropper (ls26.exe) that operates similarly to known MetaStealer samples, scanning for browser credentials and exfiltrating data. The attack circumvents user suspicion by mimicking a legitimate application installation. Organizations are advised to implement strict application whitelisting, monitor Windows protocol handlers, educate users about suspicious prompts, and deploy detection rules to mitigate these threats.

Winsage

August 28, 2025

Windows Update Preview brings Windows backup for organizations

Microsoft has released update preview versions for Windows 11 23H3 and Windows 10 22H2. This is the final update preview for Windows 10. The Windows 11 23H2 update (KB5064080) raises the build to version 22621.5840 and includes improvements to the "Copilot key," mobile provider profiles, and fixes for USB stick access issues. The Windows 10 update (KB5063842) raises the version to 19045.6282 and introduces a new licensing feature for blocking outgoing network traffic, along with mobile provider profile updates and removable disk access policy fixes. The Windows Backup for Organizations tool is now available, designed to simplify device management and troubleshooting, and facilitate migration from Windows 10 to Windows 11. Devices must be connected to Microsoft Entra and running at least Windows 11 22H2 to utilize this backup solution. Access to Intune service admin or global admin is required for activation. Microsoft has also reminded users about the expiration of Windows Secure Boot certificates in June 2026, advising timely updates to maintain secure booting capabilities.

Winsage

July 30, 2025

Secure Windows with Microsoft’s Security Compliance Toolkit

The Microsoft Security Compliance Toolkit is a suite of tools for administrators to assess Group Policy Objects (GPOs) against Microsoft's security baselines, helping to identify discrepancies and implement secure settings. It includes tools such as the Policy Analyzer, Local Group Policy Object (LGPO) utility, and Set Object Security application. Administrators can download the toolkit from Microsoft's website, which contains zip files for various security baseline packages. The Policy Analyzer compares GPOs with local security policies to identify inconsistencies, while the LGPO tool manages local security policies and allows for policy backup and verification. The Set Object Security tool applies security descriptors to objects like files and folders. For Windows Server, administrators should test security baselines in non-production environments before deployment. With Windows Server 2025, the OSConfig platform allows for direct application of security baselines through PowerShell, simplifying the update process and maintaining compliance.

Winsage

July 18, 2025

Microsoft blocked some SMB shares on Windows, but here’s how you can fix it

Microsoft has introduced significant changes to SMB shares with the rollout of Windows 11 version 24H2, primarily enhancing security protocols. SMB shares now require SMB signing, and guest access has been disabled for most editions of Windows 11, necessitating a username and password for connection. These changes aim to address security risks associated with unauthorized data access. Users with Network-Attached Storage (NAS) setups may face accessibility issues due to these modifications. To regain access, users should enable SMB signing on their NAS and disable guest access. If necessary, users can disable security protections using Windows PowerShell, but this is not recommended.