Subsystem Archives

Winsage

December 3, 2025

Windows 11 KB5070311 update fixes File Explorer freezes, search issues

Microsoft has released the KB5070311 preview cumulative update for Windows 11, which includes 49 enhancements aimed at improving user experience. This optional update allows IT administrators to preview upcoming bug fixes and features before the official Patch Tuesday rollout. The update addresses several known issues, including unresponsive explorer.exe and taskbar processes, search problems in File Explorer related to SMB shares, and instability in the Local Security Authority Subsystem Service (LSASS). To install KB5070311, users can go to Settings, select Windows Update, and click 'Check for Updates'. Users must confirm their intention to install it by selecting 'Download and install', or they can manually download it from the Microsoft Update Catalog. The update elevates Windows 11 25H2 and 24H2 devices to builds 26200.7309 and 26100.7309, respectively. Notable enhancements include a broader search results menu, the ability to use Windows Studio Effects with additional cameras, new context menu options for Windows Spotlight backgrounds, and improvements to File Explorer's dark mode experience. Microsoft has announced there will be no preview update in December, with regular updates resuming in January. They are also working on a solution for a known issue where the password sign-in option has disappeared from the lock screen options.

Winsage

November 19, 2025

Microsoft Integrates System Monitor (Sysmon) into Windows 11

Microsoft will integrate its forensic tool, System Monitor (Sysmon), into the Windows kernel with the upcoming releases of Windows 11 and Server 2025. This integration will transform Sysmon from a standalone utility into a native “Optional Feature” that will be serviced automatically through Windows Update. Administrators will no longer need to manually distribute Sysmon; instead, it can be activated through the “Turn Windows features on or off” dialog or command-line instructions. The integration will ensure that updates flow through the standard Windows Update pipeline, providing official support and Service Level Agreements (SLAs) for Sysmon. Microsoft plans to utilize local computing capabilities for AI inferencing to enhance security measures, focusing on detecting credential theft and lateral movement patterns. Sysmon will maintain backward compatibility with existing workflows, allowing the use of custom configuration files and adhering to the XML schema while continuing to log events to the Windows event log. Community-driven configuration repositories will remain operational, preserving established community knowledge.

Winsage

November 18, 2025

Microsoft Finally Makes Sysmon Native To Windows

Sysmon is a system monitoring tool that traditionally requires users to download and install it from Microsoft's Sysinternals page, often leading to its deployment only after issues arise. Pre-installing Sysmon can enhance proactive monitoring and issue diagnosis. Its effectiveness can be improved through tailored configurations, with resources available from Bleeping Computer for specific use cases like monitoring DNS queries. Additionally, Sysmon can now be installed on Linux systems via the Windows Subsystem for Linux (WSL), increasing its accessibility and versatility for users familiar with Sysmon.

Winsage

November 17, 2025

I tried 3 Windows laptops with Qualcomm chipsets this year – and found 3 glaring issues

Last year, Microsoft introduced Snapdragon-powered Copilot+ PCs, prompting the purchase of a Surface Pro 11, which became essential for daily tasks. This led to acquiring additional devices, including a Surface Laptop and a Dell XPS 13, both with Snapdragon X Elite chips. Despite effective marketing, businesses remain cautious about these devices. Windows on Arm has improved for Office applications and web services, with devices maintaining cool temperatures and long battery life. However, there are limitations: backup software may not work effectively on Arm devices, as external drives are inaccessible during recovery, necessitating workarounds like network or cloud storage. Installing Linux on Snapdragon-powered PCs is challenging due to a lack of compatible installation images, making Intel-based PCs more practical for work tasks. Additionally, Arm-based devices have performance constraints for gaming, with Snapdragon processors unable to compete with dedicated GPUs, making high-performance gaming unfeasible.

Winsage

November 14, 2025

A fan project called Windows Astria resurrects Windows Phone from Microsoft’s graveyard, showing off what the OS could have been while reminding us why it still inspires tech nostalgia today

Microsoft CEO Satya Nadella reflected on the company's exit from the mobile phone market, describing it as one of his most difficult decisions and expressing a sense of missed opportunity. Former CEO Steve Ballmer noted that a mix of "paranoia and confidence" may have limited Microsoft's ability to succeed in the smartphone market. The decline of Windows Phone was attributed to a weak app ecosystem, which the new concept, Windows Astria, aims to improve by running Android apps natively. Windows Astria incorporates elements from Windows 11 and features like Live Tiles, designed for modern screens. The concept also adapts to larger screens and foldable devices, showcasing potential applications like MS Word and a system-integrated Wallet app.

BetaBeacon

November 13, 2025

Valve cracks the door on Steam to Android games

Valve's Steam has 35+ million concurrent users, making it the largest PC gaming storefront in terms of active engagement. Android games will run natively on Valve's new Steam Frame, which runs on an Arm-based Snapdragon 8 Gen 3 platform. Developers can reuse their existing toolchain when bringing Android games to Steam, but will need to integrate Steamworks features. Valve's broader Arm ambitions include paving the way for SteamOS to be more broadly supported across Arm devices. By embracing Android games, Valve is breaking down platform walls to benefit developers and players, potentially making it one of Steam's most important platform expansions in years.

Winsage

November 12, 2025

Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack

On November 12, 2025, Microsoft released patches for 63 vulnerabilities, including four classified as Critical and 59 as Important. Notably, CVE-2025-62215, a privilege escalation flaw in the Windows Kernel with a CVSS score of 7.0, is actively exploited. This vulnerability allows an authorized attacker to elevate privileges locally through a race condition. Additionally, Microsoft patched two heap-based buffer overflow vulnerabilities (CVE-2025-60724 and CVE-2025-62220) with CVSS scores of 9.8 and 8.8, respectively, which could lead to remote code execution. Another significant vulnerability is CVE-2025-60704, a privilege escalation flaw in Windows Kerberos with a CVSS score of 7.5, enabling attackers to impersonate users and control a domain. Other vendors, including Adobe, Amazon Web Services, and Apple, also released security updates addressing various vulnerabilities.

Winsage

November 12, 2025

Microsoft Releases November 2025 Patch Tuesday Updates

Microsoft has rolled out its November 2025 Patch Tuesday updates for Windows 11, addressing 63 vulnerabilities across various platforms, including Windows, Office, Microsoft Edge, Azure Monitor Agent, Dynamics 365, Hyper-V, and SQL Server. The update includes four critical and 59 important vulnerabilities, with one currently being exploited. Key vulnerabilities fixed include: - CVE-2025-62215: A privilege escalation vulnerability in the Windows Kernel. - CVE-2025-60724: A critical heap-based buffer overflow in the Microsoft Graphics Component (GDI+) enabling remote code execution, rated CVSS 9.8. - CVE-2025-60704: A high-severity vulnerability in Windows Kerberos, rated CVSS 7.5. - CVE-2025-62220: A heap-based buffer overflow in the Windows Subsystem for Linux GUI (WSLg), rated CVSS 8.8. - CVE-2025-60719: An untrusted pointer dereference in the Windows Ancillary Function Driver for WinSock. The update enhances features for Windows 11 versions 25H2 and 24H2, improving Click to Do, File Explorer, Voice Access, and Windows Search for Copilot+ devices. The taskbar has been updated with a new battery icon, and the Start Menu has been redesigned to include a scrollable All section. A preview of the Administrator Protection feature has been introduced to prevent unauthorized changes. Additionally, Microsoft released KB5068781 for Windows 10 Extended Security Updates, fixing an incorrect “end of support” message and addressing the same 63 vulnerabilities. Organizations are advised to conduct thorough testing before deploying the patches and to back up systems to mitigate potential issues.

Winsage

November 12, 2025

Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws

Microsoft's November 2025 Patch Tuesday addresses a total of 63 vulnerabilities, including one actively exploited zero-day flaw (CVE-2025-62215) related to Windows Kernel Elevation of Privilege. The updates include four vulnerabilities classified as "Critical," with two for remote code execution, one for elevation of privileges, and one for information disclosure. The breakdown of vulnerabilities is as follows: - 29 Elevation of Privilege Vulnerabilities - 2 Security Feature Bypass Vulnerabilities - 16 Remote Code Execution Vulnerabilities - 11 Information Disclosure Vulnerabilities - 3 Denial of Service Vulnerabilities - 2 Spoofing Vulnerabilities This Patch Tuesday marks the first extended security update (ESU) for Windows 10, and users are encouraged to upgrade to Windows 11 or enroll in the ESU program. Microsoft has also released an out-of-band update to assist with enrollment issues. Other companies, including Adobe, Cisco, and Google, have also issued security updates in November 2025.

Winsage

November 11, 2025

The 7 apps I always install first on a Windows 11 PC — and they’re all FREE

PowerToys is an open-source collection of utilities that enhances productivity for Windows 11 users, featuring tools like FancyZones for window management and Image Resizer. Google Chrome is a popular web browser known for its synchronization across devices. Steam is a primary gaming platform with a robust library and the ability to stream games to a Steam Deck. The Heroic Games Launcher is a third-party alternative to the Epic Games Launcher, offering customizable features and support for GOG and Amazon Games libraries. GIMP is a powerful open-source photo editing tool that provides advanced features without the cost of commercial software. The Windows Subsystem for Linux (WSL) allows seamless integration between Windows and Linux, supporting applications like Docker Desktop and Visual Studio Code. Spotify is used for audio entertainment, helping users maintain focus during work. Tools like Ninite, the Microsoft Store, and winget streamline the installation of applications on Windows 11, with winstall.app providing a user-friendly interface for generating installation scripts.