Teams Archives

Winsage

March 4, 2026

PoC Exploit Released for Microsoft Windows Error Reporting ALPC Privilege Escalation

A proof-of-concept exploit for CVE-2026-20817, a local privilege escalation vulnerability in the Windows Error Reporting (WER) service, has been released by security researcher oxfemale on GitHub. This vulnerability allows low-privileged users to gain SYSTEM-level access through crafted Advanced Local Procedure Call (ALPC) messages. The flaw is located in the WER service's SvcElevatedLaunch method, which fails to validate caller privileges before executing WerFault.exe with user-supplied command line parameters. The CVSS v3.1 base score for this vulnerability is 7.8, indicating a high severity level. It affects unpatched versions of Windows 10, Windows 11, Windows Server 2019, and Windows Server 2022 prior to the January 2026 update. Demonstrations have shown successful exploitation on Windows 11 23H2. Security teams are advised to monitor for unusual processes related to WerFault.exe, investigate missing SeTcbPrivilege in SYSTEM tokens, and review WER-related activities from low-privilege users. Immediate application of the January 2026 security patches is recommended, and a temporary workaround involves disabling the WER service.

AppWizard

March 3, 2026

Logitech G Study shows Esports enters its prime

A comprehensive study from Logitech G surveyed 18,000 individuals across 12 countries, revealing that nearly 8% of respondents globally would choose to pursue a career as a professional gamer if given the opportunity, surpassing traditional professions like politician (6%) and professional racer (5%). Among Generation Z, the desire to become a pro gamer rises to 15%. Two-thirds of Gen Z see esports as a legitimate professional career path, with 54% of all respondents considering esports a legitimate professional avenue. The global esports audience reached 611 million in 2024, projected to grow to 641 million by the end of 2025, with the industry valued at .1 billion and expected to reach .5 billion by 2030. Nearly half of Gen Z support adding esports to the Olympic Games, while 49% of Gen Z favor including esports in the main Olympics, compared to 21% of Baby Boomers. The 2024 League of Legends World Final attracted a peak global audience of 50 million, and over 62,000 spectators attended the 2025 Honor of Kings KPL Grand Finals in Beijing. Concerns about financial risk (42%), high competition levels (34%), and lack of support (31%) deter many from pursuing esports careers.

AppWizard

March 3, 2026

The Marathon server slam consumed my weekend: 21 hours later, I’ve gone from ‘meh’ to believer

Last year, Embark and Bungie conducted playtests for their extraction shooters, with Bungie's Marathon being their first project outside the Destiny universe in over 15 years. Arc Raiders, developed by Embark, launched as the first mainstream title in the genre, while Marathon faced delays. The author initially felt indifferent towards Marathon but grew enthusiastic after playing for over four days. The game features a PvP experience with looting mechanics, weapon upgrades, and unique gun modifications. Critics compare Marathon to Call of Duty and Apex Legends, but the author finds its pacing more similar to Halo, emphasizing positioning and timing. The game includes movement shooter elements, allowing creative navigation techniques. Weapon designs are visually appealing and feature a variety of modifications. The game's progression system encourages experimentation with builds, and the vendor system aids in resource management. The upcoming full version will include a third map, Outpost, and additional content like the Cryo Archive.

Winsage

March 3, 2026

PoC Exploit Released for Windows Error Reporting ALPC Privilege Escalation

A critical local privilege escalation vulnerability, tracked as CVE-2026-20817, affects Microsoft Windows through the Windows Error Reporting (WER) service. This flaw allows authenticated users with low-level privileges to execute arbitrary code with full SYSTEM privileges. The vulnerability resides in the SvcElevatedLaunch method (0x0D) and fails to validate user permissions, enabling attackers to launch WerFault.exe with malicious command-line parameters from a shared memory block. The exploit affects all versions of Windows 10 and Windows 11 prior to January 2026, as well as Windows Server 2019 and 2022. Microsoft addressed this vulnerability in the January 2026 Security Update. Organizations are advised to apply security patches and monitor for unusual WerFault.exe processes.

Tech Optimizer

March 3, 2026

Snowflake Postgres: Unify Postgres and Analytics on One Platform

Snowflake Postgres is now generally available on AWS and Azure in all major regions, enabling users to initiate a database in minutes. It integrates transactional and analytical data, accelerating innovation by eliminating complex data pipelines, thus saving time and minimizing risks. Comprehensive resources, including technical documentation, a getting started guide, and a demo overview video, are available for users.

AppWizard

March 2, 2026

5 of the best productivity apps on Android for getting organized and getting stuff done

Perplexity allows users to access multiple AI models with cited sources for verification. Google Docs enables collaborative document creation and editing with features like commenting, automatic cloud saving, and offline access. Notion serves as a hub for to-do lists, notes, documents, and project management, with AI capabilities for transcribing and summarizing notes. Microsoft To Do offers a user-friendly interface for creating to-do lists, setting reminders, and collaborating with others, while syncing across devices. Proton Drive provides end-to-end encryption for file security, automatic backups, and additional security features like PIN or biometric protection and secure file sharing options.

Winsage

March 2, 2026

NTLM is going away: what Microsoft’s phaseout means for MSPs and IT teams

The migration from NTLM to Kerberos authentication is essential for improving security in Windows systems, but it faces challenges such as legacy systems and hardcoded authentication. Organizations must identify NTLM usage, conduct testing with NTLM disabled, and make necessary adjustments or upgrades to migrate successfully. Ongoing monitoring is crucial post-migration to prevent NTLM from re-entering the network. NTLM is associated with significant security vulnerabilities and has been exploited by various threat groups, making its elimination a priority for organizations despite potential hesitations to invest in the migration process. Transitioning to Kerberos is seen as a strategic security investment.

AppWizard

March 1, 2026

After its disastrous launch last year, I’m here to tell you that 2025’s most promising auto-battler finally lives up to its potential

The Bazaar is an auto-battler game released in March of the previous year, which faced backlash due to its monetization strategies and microtransactions. The game features a whimsical galactic marketplace where players select heroes and acquire items to enhance their boards. Players engage in automatic battles, refining their strategies with various item synergies, such as assembling teams of aquatic and robotic creatures. The current meta favors weapon builds, and players enjoy the randomness of hero selection and item discovery. Developer Tempo has made significant improvements, addressing community concerns, refining the monetization model, and introducing ranked matchmaking to enhance the experience for both newcomers and seasoned players.

Winsage

March 1, 2026

Hackers Abuse Windows File Explorer and WebDAV for Stealthy Malware Delivery

Cybercriminals are exploiting a legacy feature in Windows File Explorer, specifically the WebDAV protocol, to distribute malware and bypass traditional security measures. Despite Microsoft deprecating native WebDAV support in November 2023, it remains active on many systems. Attackers use WebDAV to deceive victims into executing malicious payloads by sending links that connect File Explorer directly to remote servers, avoiding web browsers and their security warnings. They employ methods such as direct linking, URL shortcut files, and LNK shortcut files to deliver exploits. The primary objective of these campaigns, which surged in late 2024, is to deploy Remote Access Trojans (RATs), with 87% of Active Threat Reports involving multiple RATs like XWorm RAT, Async RAT, and DcRAT. These campaigns predominantly target corporate networks in Europe, with many phishing emails written in German and English. Attackers use short-lived WebDAV servers hosted on Cloudflare Tunnel demo accounts to obscure their infrastructure. Security analysts are advised to monitor unusual network activity from Windows Explorer and educate users to verify addresses in File Explorer.

Winsage

February 28, 2026

Skip subscriptions and get Microsoft Office apps for life for less than $5 each

Microsoft Office Professional 2021 for Windows is available for a limited time at a price of .97 for a lifetime license. This license includes access to eight applications: Word, Excel, PowerPoint, Outlook, OneNote, Teams, Access, and Publisher. The license allows users to own the applications outright without ongoing subscription fees. Instant delivery and download instructions are provided upon purchase, and the software is compatible with Windows 10 or 11.