system shutdown Archives

Winsage

April 16, 2026

CISA flags Windows Task Host vulnerability as exploited in attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability in the Windows Task Host, identified as CVE-2025-60710, which poses a risk of privilege escalation, potentially allowing attackers to gain SYSTEM privileges. This flaw affects devices running Windows 11 and Windows Server 2025 and arises from a weakness in link following. Microsoft released a patch for this issue in November 2025. CISA has added CVE-2025-60710 to its list of actively exploited vulnerabilities and mandated that Federal Civilian Executive Branch agencies secure their systems within two weeks. CISA encourages all organizations, including those in the private sector, to implement necessary patches and improve network security. CISA also advised organizations to follow vendor instructions for mitigations or discontinue use of the affected product if mitigations are unavailable.

Winsage

November 17, 2025

Custom Windows Event Viewer log notifications upped my debugging game

Windows Task Scheduler can be configured to monitor system events and send notifications for anomalies, allowing users to proactively address issues before they escalate. Users can set up custom notifications by specifying Event IDs in the Task Scheduler. Common Event IDs for debugging include: - Application crash: Event ID 1000 (Application Error) - Application hang: Event ID 1002 (Application Hang) - Service failure: Event ID 7000 (Service Control Manager) - Service stopped: Event ID 7036 (Service Control Manager) - Disk/I/O issues: Event ID 129 (Disk or NTFS) - Group policy failure: Event ID 1058 (Microsoft-Windows-GroupPolicy) - Driver error: Event ID 7023 (Service Control Manager or Kernel-PnP) - Failed logon: Event ID 4625 (Microsoft-Windows-Security-Auditing) - User account locked out: Event ID 4740 (Microsoft-Windows-Security-Auditing) - Audit log cleared: Event ID 1102 (EventLog) - Unexpected system shutdown: Event ID 41 (Kernel-Power) To set up notifications, users can create a PowerShell script that performs specific actions based on the event type, such as sending an email for critical alerts or displaying on-screen messages for less critical events. This setup enables effective monitoring without the need for third-party applications.

Winsage

October 13, 2025

Microsoft Fixes Long-standing Windows 11 ‘Update and Shut down’ Bug

Microsoft has resolved the "update and shut down" bug in Windows 11 with the release of Build 26220.6760 on September 29, 2025. This bug caused systems to reboot automatically instead of shutting down when users selected the "update and shut down" option. The fix ensures that pending updates no longer trigger automatic restarts during a shutdown request. Windows Insiders in the Dev or Beta channels can access this fix, while non-Insider users are advised to wait for the stable release.