Version 24H2 Archives

Winsage

April 9, 2026

This fake Windows support website delivers password-stealing malware

A phishing campaign has been identified that uses a counterfeit Microsoft support website, microsoft-update[.]support, to trick users into downloading a malicious Windows update disguised as WindowsUpdate 1.0.0.msi. This file, created on April 4, 2026, appears legitimate but contains malware designed to steal sensitive information. The campaign targets French-speaking users, leveraging recent data breaches in France to create convincing scams. The malware, once executed, installs an Electron application that runs a Python interpreter, which then deploys various data theft tools. It employs two persistence mechanisms: modifying the Windows registry and creating a shortcut in the Startup folder. The malware connects to external sites for reconnaissance and data exfiltration, using domains like datawebsync-lvmv.onrender[.]com and store8.gofile[.]io. The malware's components have evaded detection by antivirus tools, with VirusTotal reporting zero detections for the main executable and its launcher. Users are advised to check their registry, remove suspicious files, change passwords, and run a full system scan if they suspect installation of the malicious update. Safe updating practices include using the built-in Windows update feature and being cautious of phishing attempts. Indicators of compromise include specific file hashes, domains associated with the phishing campaign, and file system artifacts related to the malware's installation.

Winsage

April 7, 2026

Windows 11 Version 25H2 is Now Being Pushed to All Eligible PCs

Windows 11 version 25H2 is now available for Home and Pro users, rolling out to all non-managed PCs currently on version 24H2. The upgrade will be automatic for eligible users unless there are compatibility issues. Version 24H2 will reach its end of support on October 13, 2026, while version 25H2 will be supported until October 2027. The upgrade process uses a simple enablement package, and most features are accessible to both versions. However, version 25H2 removes certain legacy features like PowerShell 2.0 and WMIC. Users can choose when to restart or postpone the installation, but it becomes mandatory after a pause time limit. Windows 11 version 26H1 is in development and will debut on new devices with Qualcomm’s Snapdragon X2 Series processors.

Winsage

April 4, 2026

Microsoft to force updates to Windows 11 25H2 for PCs with older OS versions — ‘intelligent’ update system uses machine learning to determine when a device is ready

Microsoft is updating devices running Windows 11 version 24H2 to version 25H2, as support for 24H2 will end on October 13, 2026. The automatic update targets Home and Pro editions, while organizational devices are exempt. An "intelligent" system using machine learning will determine device readiness for the update, though details on the criteria remain unclear. Additionally, Microsoft released an emergency update, KB5086672, to address issues from a previous faulty update, KB5079391, which caused installation failures.

Winsage

April 3, 2026

Microsoft now force upgrades unmanaged Windows 11 24H2 PCs

Microsoft has begun upgrading unmanaged devices running Windows 11 24H2 Home and Pro editions to the latest Windows 11 25H2 version. Support for Windows 11 24H2 will end on October 13, 2026. The 25H2 version rollout started in September and is delivered through compact enablement packages. The update is now available for all unmanaged devices running Windows 11 24H2, and those devices will stop receiving critical updates. Users can manually check for the update or pause it through the settings menu. Microsoft has provided a support document and guide for the upgrade process.

Winsage

March 30, 2026

Microsoft’s March Security Update of High-Risk Vulnerability Notice for Multiple Products

On March 11, NSFOCUS CERT reported the release of Microsoft’s March Security Update, addressing 83 security vulnerabilities in products like Windows, Microsoft Office, Microsoft SQL Server, and Azure. The update includes eight critical vulnerabilities and 75 important ones, with risks such as privilege escalation and remote code execution. Key vulnerabilities include: - CVE-2026-26110: Microsoft Office Remote Code Execution Vulnerability (CVSS score: 8.4) - CVE-2026-26113: Microsoft Office Remote Code Execution Vulnerability (CVSS score: 8.4) - CVE-2026-26144: Microsoft Excel Information Disclosure Vulnerability (CVSS score: 7.5) - CVE-2026-23669: Windows Print Spooler Remote Code Execution Vulnerability (CVSS score: 8.8) - CVE-2026-24294: Windows SMB Server Privilege Escalation Vulnerability (CVSS score: 7.8) - CVE-2026-23668: Windows Graphics Component Privilege Escalation Vulnerability (CVSS score: 7.0) Affected product versions include various editions of Microsoft Office, Windows Server 2012 R2, Windows Server 2016, Windows 10, and Windows 11. Microsoft has released security patches for these vulnerabilities, and users are encouraged to install them promptly.

Winsage

March 11, 2026

Windows 11 keeps forcing unwanted updates with “too many coincidences” — Microsoft’s plan or just user error?

Windows updates in Windows 11 can be rolled out automatically or manually through the Settings app. Users have reported an increase in unsolicited upgrades to the latest version of Windows, prompting concerns and frustrations directed towards Microsoft. IT expert Günther Born noted "too many coincidences" regarding these updates. Microsoft plans to automatically install the latest feature update (25H2) on older versions that have reached their end of service. Speculation suggests that unwanted upgrades may be linked to Microsoft's enablement packages, which facilitate version transitions. A user reported an automatic upgrade from Windows 10 to Windows 11 while they were away. Disabling TPM 2.0 should theoretically prevent automatic upgrades, but this has proven complex. Microsoft will discontinue support for Windows 11 version 24H2 on October 13, 2026, after which users will need to upgrade to version 25H2 for continued security updates.

Tech Optimizer

February 25, 2026

Fix “kernel security check failure”: Step-by-step guide

The "kernel security check failure" error on Windows indicates corruption in critical system memory or internal data structures, triggering a bug check to prevent further damage. It is marked by the Blue Screen of Death (BSOD) displaying the message “KERNELSECURITYCHECK_FAILURE” and stop code 0x139. Causes include outdated or incompatible drivers, corrupted system files, faulty RAM, disk errors, third-party software conflicts, faulty Windows updates, overclocking, and malware threats. Common fixes involve updating Windows and drivers, scanning for corrupted files, using Check Disk (CHKDSK), running Windows Memory Diagnostic, and performing System Restore. If unresolved, a clean installation of Windows may be necessary. Regular updates and avoiding unnecessary software installations can help prevent future occurrences.

Winsage

February 18, 2026

Microsoft details Windows 11 26H1 support cycle, CPU requirements (just Snapdragon X2 for now), and more

Microsoft announced that Windows 11 26H1 will be supported for consumers until March 2028, with rollout starting for PCs with eligible CPUs, specifically the Snapdragon X2 family, which includes Snapdragon X2 Plus, Snapdragon X2 Elite, and Snapdragon X2 Elite Extreme. The official launch occurred on February 10, 2026, alongside its first cumulative update. Users with first-generation Snapdragon Copilot+ PCs cannot upgrade to this version. Windows 11 26H1 is described as a "hardware-optimized release" aimed at enhancing performance and efficiency for Arm-based chips, though it does not promise significant enhancements over version 25H2 or the upcoming 26H2. Enterprise and Education editions will be supported until March 13, 2029, while Home and Pro editions will be supported until March 14, 2028. Windows 11 SE is not supported in 26H1. A new release, Windows 11 26H2, is expected to be available for all users, including those with first-generation Arm-based PCs, and will be the recommended update for broader deployment. Upgrades from version 25H1 to 26H1 are not possible, and all upgrade paths are currently closed, with plans to transition to version 27H2 in the latter half of 2027.

Winsage

February 11, 2026

Windows 11 KB5077181 & KB5075941 cumulative updates released

Microsoft has released cumulative updates KB5077181 and KB5075941 for Windows 11, affecting versions 25H2, 24H2, and 23H2, which include the February 2026 Patch Tuesday security patches. Users can install these updates via Start > Settings > Windows Update or manually from the Microsoft Update Catalog. The build numbers will change to 26200.7840 for 25H2, 26100.7840 for 24H2, and 226x1.6050 for 23H2. Key enhancements include: - Fixed gaming device eligibility issues. - Resolved connectivity issues with WPA3-Personal Wi-Fi networks. - Introduced new Secure Boot certificate targeting data. - New Cross Device Resume feature for continuing activities from Android phones on PCs. - Enhanced MIDI support for musicians with compatibility for MIDI 1.0 and 2.0. - Improved Narrator control over on-screen announcements. - New Device card in Settings for PC specifications. - Ability to toggle Smart App Control without a clean installation. - Revamped Voice Access setup process. - New Wait time setting for Voice Typing commands. - Enhanced sign-in security for Windows Hello with peripheral fingerprint sensors. No new issues have been reported with this month's updates.

AppWizard

January 29, 2026

Windows 11 is getting close to resuming your Android apps like Apple Handoff

Microsoft is enhancing its Cross-Device Resume feature, initially introduced in 2025, which allows users to transition seamlessly between Android devices and Windows PCs. The recent rollout of Windows 11 builds 26100.7701 and 26200.7701 includes significant enhancements to this feature, such as resuming Spotify playback from phone to PC and continuing browsing sessions and work in Microsoft Office applications. Specific Android phone users, including those from Vivo, HONOR, OPPO, Samsung, and Xiaomi, can continue browsing sessions from their respective browsers and edit online files opened in the Microsoft Copilot app on their phones on their PCs. The update also allows toggling Smart App Control without a clean installation and introduces a Device card on the Settings home page.