system security Archives

Winsage

April 2, 2025

Microsoft adds hotpatching support to Windows 11 Enterprise

Microsoft has made hotpatch updates available for business customers using Windows 11 Enterprise 24H2 on x64 systems, allowing seamless installation of security updates without device reboots. Hotpatching modifies in-memory code of active processes to deploy updates without interrupting user activities. Devices under a hotpatch-enabled quality update policy will receive updates quarterly, with no restarts required for eight months of the year. A Microsoft subscription is necessary to activate hotpatching, and devices must meet specific prerequisites, including an x64 CPU and enabled Virtualization-based Security. Hotpatch updates can be managed through Microsoft Intune, and devices on Windows 10 and versions 23H2 and lower will continue to receive standard updates. Microsoft initially introduced hotpatch support for Windows Server Azure Edition in February 2022 and has expanded testing to include Windows 11 24H2.

Winsage

March 12, 2025

Critical Windows Warning As 6 Zero-Day Attacks Confirmed—Update Now

In March, Microsoft confirmed six zero-day vulnerabilities in its Patch Tuesday security announcement, marking an increase from five reported in January and February combined. The March update includes a total of 57 Common Vulnerabilities and Exposures (CVEs), with all six zero-days classified as critical. These vulnerabilities can be addressed with a single cumulative update, requiring no additional configuration steps post-patch. The zero-days affect critical components such as the Microsoft Management Console, NTFS, Fast FAT, and the Win32 Kernel Subsystem. The specific vulnerabilities are: 1. CVE-2025-26633: Security feature bypass in the Microsoft Management Console, requiring social engineering to exploit. 2. CVE-2024-24993: Heap-based buffer overflow in Windows NTFS, allowing unauthorized code execution through a specially crafted virtual hard disk. 3. CVE-2025-24991: Information disclosure vulnerability affecting Windows 10 to 11 and Server 2008 to 2025, deemed critical. 4. CVE-2025-24985: Vulnerability in the Windows fast FAT file system driver, posing a risk of remote code execution via a specially crafted virtual hard disk. 5. CVE-2025-24983: Elevation of privilege vulnerability in the Windows Win32 kernel subsystem, potentially granting unauthorized access to sensitive data. 6. CVE-2025-24984: Another information disclosure vulnerability in Windows NTFS, also affecting the same range of Windows editions and considered critical.

Winsage

March 11, 2025

: Microsoft fixes Windows 11 File Explorer’s more annoying issues for Patch Tuesday

Windows 11 users can find relief from bugs in File Explorer with the KB5053598 update, released as part of Microsoft's Patch Tuesday. This update addresses issues such as mislabeling of hard drives as solid-state drives, color mismatches in the Start menu, improved loading times for folders with many media files, a non-responsive address bar, and enhanced context menu support for cloud files. The update also introduces new features like the ability to share files from the taskbar jump list, hover information for Windows Spotlight background images, and improved navigation functions for the Narrator. Additionally, it includes fixes for Hyper-V, Daylight Saving Time updates for Paraguay, and Remote Desktop display issues. Older versions of Windows receive standard security fixes without significant changes.

Winsage

February 27, 2025

Windows 11 pirates have a new and unlikely ally

Microsoft Copilot has begun sharing a method to activate Windows 11 without a legitimate license, a process that has been circulating since 2022. Users have successfully reproduced this activation method by executing a script provided by Copilot. However, Copilot includes a warning about the risks associated with using such scripts, which may violate Microsoft's terms of service and lead to legal repercussions. The risks highlighted include potential legal issues, security risks from malware, system instability, lack of official support, inability to receive updates, and ethical concerns regarding software piracy.

AppWizard

February 24, 2025

Top 5 Websites to Download PC Games for Free in 2024

Steam is the most extensive digital distribution platform for PC games, offering robust security measures like Steam Guard protection and two-factor authentication. The Epic Games Store is known for exclusive titles and strong security protocols. GOG specializes in DRM-free gaming experiences, appealing to retro and indie game enthusiasts. Origin is EA's platform featuring a catalog of EA games and secure transaction systems. Humble Bundle allows gamers to purchase game bundles while supporting charitable causes. For safe game downloads, gamers should enable two-factor authentication, maintain updated antivirus software, examine user reviews, and stick to official platforms with established reputations.

Winsage

February 18, 2025

Windows 10 Approaches Its End of Life: What You Need to Know

Microsoft has announced that Windows 10 will reach its end of support on October 14, 2025, meaning it will no longer receive security updates, bug fixes, or technical support. Users will be left vulnerable to malware and other cyber threats, and existing system issues will remain unresolved. Microsoft recommends upgrading to Windows 11, which offers new features, improved performance, and enhanced security. Users can upgrade to Windows 11 through Windows Update if their devices meet the system requirements. If not, they may need to consider new hardware. While Windows 10 will still receive security updates until the end of support date, it will not receive new features, prompting users to plan their migration to avoid security risks. It is advised to back up important data before transitioning to ensure a smooth upgrade process.

Winsage

February 17, 2025

Windows 11 and 10 receive key security improvements

Microsoft has released significant updates for Windows 11 and Windows 10, focusing on system security and user-friendly features. The February 2025 update includes security patches and functional improvements for both operating systems. For Windows 11 users on versions 23H2 and 24H2, notable features include automatic tab restoration in File Explorer, quick access to Windows Studio Effects from the taskbar for devices with Neural Processing Units (NPU), refined taskbar app preview animations, and improvements to Auto HDR for better visual clarity in games. Additionally, issues with slow shutdowns when game controllers are connected and USB camera recognition have been addressed. For Windows 10 users on builds 19044.5487 and 19045.5487, the update integrates the new Outlook app into the system menu while preserving existing email settings and fixes a virtual memory leak issue that caused crashes in resource-intensive applications. Both updates address 55 security vulnerabilities, including: - CVE-2025-21391: risk of unauthorized file deletion in Windows storage - CVE-2025-21377: NTLM hash leakage potentially compromising user accounts - CVE-2025-21194: flaw in the hypervisor that could bypass UEFI security Users are advised to install these updates promptly due to the increased risk of exploitation. Some features will be rolled out gradually over the coming weeks.

Winsage

December 27, 2024

Microsoft warns Windows 11 install media bug blocks future security updates

Microsoft has issued a caution regarding the installation of Windows 11 version 24H2 using physical media, specifically if the media contains security updates from October 8 to November 12, 2024. In such cases, the operating system may not accept future security updates. This issue does not affect systems receiving updates through Windows Update or the Microsoft Update Catalog, nor does it impact installations using the December 2024 security update. Microsoft recommends creating new installation media that includes the December 2024 security update to ensure future updates can be received. Users who have already installed version 24H2 with the October or November updates should apply the December 2024 security update to restore their system's ability to accept future updates. Microsoft is working on a permanent solution to this issue. Users have also reported challenges with the Disk Cleanup tool and speaker volume spikes since the launch of version 24H2. Maintaining an updated version of Windows 11 is essential for security, stability, and performance, as updates address vulnerabilities and fix bugs.

Winsage

December 23, 2024

Your Windows 11 PC is acting up? 4 essential settings I always check first

Windows 11 users may experience a decline in performance due to resource-heavy applications, unoptimized settings, or malware. A simple reboot can refresh the RAM and system connections. To enhance performance, users can: 1. Download the latest updates by checking the Windows Update section in Settings and installing any pending patches. Users can revert to a previous version if performance issues arise post-update. 2. Disable startup applications through the Task Manager to prevent them from launching at boot, which can improve system performance. OneDrive syncing can also be paused to reduce slowdowns. 3. Deactivate unused features, such as notifications and Transparency Effects, to free up system resources. 4. Remove malware by installing a robust antivirus program. Windows Security provides basic protection, but alternatives like Bitdefender Total Security or AVG Antivirus may offer more comprehensive security against threats.

Winsage

December 20, 2024

Why Windows 11 requires a TPM – and how to get around it

Microsoft introduced a hardware compatibility requirement for Windows 11 in 2021, mandating the Trusted Platform Module (TPM) 2.0 standard. A TPM is a secure cryptoprocessor designed to manage security-related tasks and encryption keys, enhancing system security by encrypting data, generating random numbers, and validating digital signatures. The TPM architecture is defined by the ISO/IEC 11889 standard. TPM can be integrated as a chip on a motherboard or within firmware, with major companies like Intel, AMD, and Qualcomm adopting this technology. TPM 2.0 is essential for Windows security features, working with Secure Boot to ensure only trusted code is executed at startup and facilitating biometric authentication through Windows Hello. It also secures BitLocker keys, making unauthorized data access difficult. Most PCs manufactured from 2016 onwards include TPM 2.0 by default, while older systems may have limited TPM capabilities or adhere to the unsupported TPM 1.2 standard. Users can check their TPM status using the System Information tool. TPM functionality is not exclusive to Windows; it is also utilized in Linux PCs and IoT devices, while Apple devices use a different architecture called Secure Enclave. Windows 10 and 11 automatically initialize the TPM during installation, and users can upgrade to Windows 11 with any version of TPM through a registry modification.