Version 24H2 Archives

Winsage

May 16, 2025

Microsoft finally squashed a Windows bug that’s been around since last year

Microsoft has resolved a dual-booting issue caused by a patch released in 2024 that incorrectly applied Secure Boot Advanced Targeting (SBAT) settings to custom dual-boot configurations, preventing users from booting into Linux. This issue has been fixed in the May 2025 Windows 11 update (version 24H2), allowing seamless dual-booting. Additionally, Microsoft launched a new 13-inch Surface Laptop, which is the lightest and thinnest laptop the company has produced, weighing 2.7 lbs and featuring enhanced performance and advanced AI capabilities.

Winsage

May 16, 2025

Microsoft just fixed a 9-month-old Windows bug, which is why it’s the perfect time to try Linux

Microsoft has fixed a long-standing bug in Windows 11 that affected dual-booting with Linux, which had persisted since August 2024. The issue arose from a Secure Boot Advanced Targeting (SBAT) setting introduced in a Windows 11 update, which inadvertently disrupted dual-boot configurations by incorrectly applying the SBAT value on certain devices. As of May 2, with the release of Windows 11 version 24H2, users can now successfully dual-boot between Windows 11 and other operating systems, including Linux.

Winsage

May 13, 2025

Windows 11 upgrade block lifted after Safe Exam Browser fix

Microsoft has lifted an upgrade block that prevented certain users of the Safe Exam Browser from installing the Windows 11 2024 Update due to compatibility concerns. The block was initially implemented in September to protect users from issues with Safe Exam Browser version 3.7 or earlier. Users are encouraged to upgrade to Safe Exam Browser version 3.8 or later before proceeding with the Windows 11 24H2 update. If users still encounter the safeguard hold after 48 hours of updating, they should contact Safe Exam Browser Support. The Windows 11 24H2 feature update is now available for all compatible PCs, except those under safeguard holds. Microsoft has resolved issues that previously blocked the update for some users and has removed other compatibility holds for specific devices and applications. However, some upgrade blocks remain due to incompatible hardware and software. Windows 11 24H2 began its rollout in May 2024 for enterprise testing, with a broader release in October.

Winsage

May 13, 2025

Announcing Windows 11 Insider Preview Build 26120.3964 (Beta Channel)

Windows 11 Insider Preview Build 26120.3964 (KB5058496) has been released for the Beta Channel, specifically for Windows 11, version 24H2. Users on version 23H2 can choose to upgrade to version 24H2 with this build. The update introduces a new AI-powered agent in Settings for easier navigation and task automation, currently available for Snapdragon-powered Copilot+ PCs, with support for AMD and Intel PCs coming soon. Enhanced intelligent text actions have been added to Click to Do for AMD and Intel-powered Copilot+ PCs, allowing users to summarize, create bulleted lists, or rewrite text. A dedicated FAQs section has been added to the Settings > System > About page. Several fixes have been implemented, including improvements to the Start menu, File Explorer, and voice access. Known issues include problems with PC reset display and Xbox Controller connectivity. Entra ID support for AI features in Paint and Notepad has been rolled out for IT-managed PCs.

Winsage

May 13, 2025

Announcing Windows 11 Insider Preview Build 26200.5600 (Dev Channel)

Windows 11 Insider Preview Build 26200.5581 (KB5058493) has been released to the Dev Channel. New features include enhanced intelligent text actions in Click to Do for AMD and Intel™-powered Copilot+ PCs, allowing users to Summarize, Create a bulleted list, or Rewrite text. These features are available when the default language is English and at least 10 words are selected. For users with French or Spanish as their primary language, only Summarize, Create a bulleted list, and Refine options are temporarily available. Improvements include the ability to safely remove devices compatible with Dynamic Lighting and the introduction of a FAQs section in Settings to help users find information about their PC. Fixes have been made to the Start menu, File Explorer, Voice Access, Taskbar, Windows Spotlight, and Live captions. Known issues include problems with the PC reset option and Xbox Controller connectivity. Entra ID support for AI features in Paint and Notepad has been rolled out for IT-managed PCs, allowing access to tools like Cocreator and Generative Fill in Paint, and summarization or rewriting in Notepad. Windows Insiders in the Dev Channel receive updates based on Windows 11, version 24H2, and features may evolve or be removed based on feedback.

Winsage

May 12, 2025

Microsoft Defender Discovers Zero-Day Vulnerability in Windows CLFS

The deployment of PipeMagic preceded a sophisticated exploit targeting the Common Log File System (CLFS) kernel driver, initiated from a dllhost.exe process. The exploit began with the NtQuerySystemInformation API, which leaked kernel addresses to user mode. In Windows 11, version 24H2, access to specific System Information Classes within this API was restricted to users with SeDebugPrivilege, rendering the exploit ineffective on this version. The exploit then used a memory corruption technique with the RtlSetAllBits API to overwrite its process token with 0xFFFFFFFF, granting it all available privileges and enabling process injection into SYSTEM-level operations. A CLFS BLF file was created at C:ProgramDataSkyPDFPDUDrv.blf, marking the exploit's activity.

Winsage

May 12, 2025

Do these five important things after installing Windows 11

- After setting up Windows 11, it is recommended to back up your BitLocker key to prevent access issues, as drives are encrypted by default without user notification. - To back up the BitLocker key, sign in to your Microsoft Account, navigate to the "Devices" tab, and manage recovery keys. - Context menus in Windows 11 can be cleaned up by uninstalling unnecessary applications or modifying the system registry to remove unwanted entries. - The "End Task" feature can be enabled by navigating to Settings > System > For developers and toggling on the feature. - To reduce notifications and ads, users can disable various settings in the Personalization and Privacy & Security sections of the Settings app. - OneDrive auto-backup is enabled by default, and users can disable it by accessing OneDrive settings and turning off backup options.

Winsage

May 10, 2025

Best Windows apps this week

Windows 11, version 24H2 has officially rolled out, but some devices may face installation issues due to unresolved problems. This week features discounts on various apps, with users encouraged to check the Store for offers. BleachBit 5.0 has been updated, enhancing its functionality as a temporary file cleaner and secure file deleter, while discontinuing support for Windows 7 and earlier versions and addressing several DLL vulnerabilities. Sucrose is a new open-source wallpaper tool for Windows that allows users to download animated wallpapers or create their own, including transforming websites into dynamic wallpapers. Winhance 5 is a free utility for customizing Windows, allowing changes to system settings and removal of system apps, with a more intuitive graphical user interface compared to its predecessor.

Winsage

May 9, 2025

How to upgrade your ‘incompatible’ Windows 10 PC to Windows 11

On October 14, 2025, Microsoft will stop providing security updates for Windows 10 unless users enroll in the Extended Security Updates program. Upgrading to Windows 11 may be difficult for PCs older than five or six years due to strict compatibility requirements, including a CPU on the approved list and a Trusted Platform Module (TPM) version 2.0. Users may encounter error messages if their hardware does not meet these criteria. There are workarounds for some users, particularly those with PCs designed for Windows 10, but older devices, especially with AMD processors, may face significant challenges. To upgrade, users must ensure their PC is configured to start with UEFI, supports Secure Boot, and has an enabled TPM. A registry edit can allow bypassing CPU checks and accepting older TPM versions. Alternatively, a clean installation of Windows 11 can be performed using installation media, which bypasses CPU compatibility checks but still requires TPM and Secure Boot support. Microsoft has introduced new restrictions with the Windows 11 version 24H2 update, requiring CPUs to support specific instructions (SSE4.2 and PopCnt). For those opting to use the Rufus utility to create installation media, it is essential to use version 4.6 or later to bypass compatibility checks. Users must download the Windows 11 ISO, prepare a USB drive, and follow specific steps to initiate the upgrade process.

Winsage

May 8, 2025

Windows 0-Day Vulnerability Exploited in Wild to Deploy Play ransomware

Threat actors associated with the Play ransomware operation exploited a zero-day vulnerability in Microsoft Windows, identified as CVE-2025-29824, before a patch was released on April 8, 2025. This vulnerability affects the Windows Common Log File System (CLFS) driver, allowing attackers to elevate their privileges to full system access. The Play ransomware group targeted an unnamed organization in the United States, likely gaining initial access through a public-facing Cisco Adaptive Security Appliance (ASA). During this intrusion, no ransomware payload was deployed; instead, the attackers used a custom information-stealing tool named Grixba. Microsoft attributed this activity to the threat group Storm-2460, known for deploying PipeMagic malware. The exploitation affected various sectors, including IT, real estate in the U.S., finance in Venezuela, software in Spain, and retail in Saudi Arabia. The vulnerability received a CVSS score of 7.8 and was addressed in Microsoft's April 2025 Patch Tuesday updates. The attack involved creating files in the path C:ProgramDataSkyPDF, injecting a DLL into the winlogon.exe process, extracting credentials from LSASS memory, creating new administrator users, and establishing persistence. The Play ransomware group has been active since June 2022 and employs double-extortion tactics. Organizations are urged to apply the security updates released on April 8, 2025, especially for vulnerable Windows versions, while Windows 11 version 24H2 is not affected due to existing security mitigations.