Visual Studio Archives

Winsage

May 20, 2025

Securing the Model Context Protocol: Building a safer agentic future on Windows

The Model Context Protocol (MCP) is a lightweight, open protocol functioning as JSON-RPC over HTTP, facilitating standardized discovery and invocation of tools. MCP defines three roles: MCP Hosts (applications accessing capabilities), MCP Clients (initiators of requests), and MCP Servers (services exposing functionalities). Windows 11 will incorporate MCP to enable developers to create intelligent applications leveraging generative AI. An early preview of MCP capabilities will be available for developer feedback. MCP introduces security risks, including cross-prompt injection, authentication gaps, credential leakage, tool poisoning, lack of containment, limited security review, registry risks, and command injection. To address these, Windows 11's MCP Security Architecture will establish security requirements for MCP servers, ensuring user safety and transparency, enforcing least privilege, and implementing security controls like proxy-mediated communication, tool-level authorization, a central server registry, and runtime isolation. MCP servers must comply with security requirements, including mandatory code signing, unchanged tool definitions at runtime, security testing, mandatory package identity, and declared privileges. An early private preview of MCP server capability will be offered to developers post-Microsoft Build for feedback, with a secure-by-default enforcement strategy planned for broader availability. Microsoft aims to enhance defenses continuously and collaborate with partners to bolster MCP's security framework.

Winsage

May 20, 2025

Microsoft Makes “Edit” Command Line Editor Open-Source, WSL Going Open-Source Too

Microsoft announced several open-source initiatives at its Build 2025 developer conference, including the introduction of Edit, a new command-line text editor for Windows, which is open-sourced on GitHub, crafted in Rust, and licensed under MIT. Edit is designed to enhance the user experience in Windows Terminal and is currently in early development, with plans to be included in future Windows releases. Additionally, Microsoft open-sourced GitHub Copilot within Visual Studio Code to improve collaborative coding, and the Windows Subsystem for Linux (WSL) is transitioning to an open-source model, with its source code now available on GitHub.

Winsage

May 14, 2025

WSL is the best feature added to Windows in the last decade

Microsoft introduced the Windows Subsystem for Linux (WSL) in the Windows 10 Anniversary Update in August 2016, initially as a tool for developers. WSL debuted as a beta version with a native-kernel translation layer, allowing Windows to run unmodified Linux ELF binaries. Its early performance was limited, leading users to prefer Linux virtual machines for full compatibility. The launch of WSL2 in May 2020 replaced the translation layer with a lightweight, real Linux kernel running in a Hyper-V utility VM, providing near-native performance and comprehensive syscall coverage. WSL2 has since seen continuous improvements, including GPU-compute and CUDA support in 2021, full GUI support for X11 and Wayland applications in 2022, and systemd support in September 2022. WSL2 approaches the performance of bare-metal Linux while integrating seamlessly with Windows, allowing users to launch a Linux shell easily. It enables developers to access the C drive and interact between Windows and Linux environments without dual-booting. WSL2 enhances productivity for data science workflows, allowing the use of tools like PyTorch with CUDA. It also offers features for non-developers, such as creating aliases for launching Windows applications and running Linux GUI applications. WSL's integration into Windows represents a significant shift, providing opportunities for users across various domains to explore Linux functionalities.

Winsage

May 14, 2025

Microsoft’s ‘Patch Tuesday’ Update Fixes Seven Zero-Day Exploits

Microsoft's latest Patch Tuesday update addresses 72 security vulnerabilities, including five critical zero-day vulnerabilities. Four of these zero-days are elevation of privilege flaws: - CVE-2025-32701 and CVE-2025-32706 target the Windows Common Log File System Driver. - CVE-2025-30400 affects the Microsoft DWM Core Library. - CVE-2025-32709 involves the Windows Ancillary Function Driver for WinSock. These vulnerabilities allow attackers to gain SYSTEM privileges locally. The fifth zero-day, CVE-2025-30397, is a remote code execution vulnerability in the Microsoft Scripting Engine, which can be exploited through malicious links in Microsoft Edge or Internet Explorer. CVE-2025-30397, CVE-2025-32701, and CVE-2025-30400 were discovered by the Microsoft Threat Intelligence Center, while CVE-2025-32706 was disclosed by the Google Threat Intelligence Group and CrowdStrike, and CVE-2025-32709 was reported by an anonymous researcher. Additionally, a publicly disclosed spoofing flaw in Microsoft Defender, CVE-2025-26685, allows unauthenticated attackers with local network access to impersonate another account. The final zero-day, CVE-2025-32702, is a remote code execution vulnerability in Visual Studio.

Winsage

May 10, 2025

I made my Windows Terminal exactly the way I want it, and it’s hard to go back to GUI apps

The author has been using Linux, specifically Ubuntu Server, for over a decade for cloud deployments, game server management, and media streaming. They primarily use a MacBook for daily tasks but also require Windows for gaming on a main PC, utilizing Windows Subsystem for Linux (WSL). The author has configured Windows Terminal to manage multiple command-line shells, including Windows PowerShell, Command Prompt, and WSL, all within a single application. Windows Terminal is pre-installed on Windows 11 version 22H2 or later and can be downloaded from the Microsoft Store for earlier versions. The author's Windows Terminal setup opens a WSL environment by default and includes options for Command Prompt, PowerShell, and Developer Command Prompts. They have customized their experience by removing trailing whitespace when pasting, organizing tab order, hiding the title bar, and using a Dark theme with the Monokai Remastered color scheme and JetBrains Mono font. The WSL configuration is set to access an Ubuntu terminal directly. Windows Terminal allows the author to connect to Proxmox hosts or virtual machines via SSH and supports multiple tabs for managing different systems. It features a "Quake" mode for quick command execution and the ability to create automated tools with keyboard shortcuts. The author plans to explore adding SSH profiles for easier server connections.

Winsage

April 23, 2025

Announcing Windows 11 Insider Preview Build 27842 (Canary Channel)

Windows 11 Insider Preview Build 27842 has been released to the Canary Channel. There are no plans to release SDKs for the 27xxx series builds. Changes include: - Temporary disappearance of enhanced battery iconography. - A new user interface for unexpected restarts is being previewed, appearing as a “green screen” for Insiders on version 24H2 and higher. - The Windows Security app will display additional details about Pluton TPM chips under Device security. Fixes include: - Resolved issues with Windows Update toggle, high CPU usage by lsass.exe, and crashes in ctfmon.exe and DWM. - Improved reliability of explorer.exe and fixed display issues with external graphics cards and JPG images. - Corrected problems with the Smart App Control icon and the Run dialog autocomplete. Known issues include: - Users on new Copilot+ PCs may lose access to Windows Hello PIN and biometrics. - Night light functionality is not working for some Insiders. - Bugcheck issues when using Xbox Controllers via Bluetooth. Insiders in the Canary Channel should note that builds may evolve and features may be removed or never reach general release. A clean installation of Windows 11 is required to exit the Canary Channel.

Winsage

April 22, 2025

These 7 WSL programs changed how I use Windows

Windows users previously faced challenges using Linux tools via virtual machines until the introduction of the Windows Subsystem for Linux (WSL), which was further improved with WSL2. WSL2 integrates a lightweight virtual machine into Windows, allowing users to run Linux applications seamlessly. Runtipi and CasaOS can be easily set up on WSL2 to host self-service applications without complex configurations. Visual Studio Code (VS Code) offers a WSL extension that enables code execution directly in Linux distributions from Windows, enhancing the coding experience. Gigolo is a frontend for managing network shares, which can also be integrated into Windows 11 through WSL2. Ansible can automate the provisioning of virtual machines and containers on WSL2, making it easier for users engaged in DIY projects. Rsync can be installed via WSL2 for efficient file synchronization and backups on Windows. Podman Desktop allows Windows users to explore container runtimes using WSL2, providing a GUI for managing containers. Lastly, WSL2 enables users to access the Linux terminal and run various Linux distributions directly within Windows 11.

Tech Optimizer

April 16, 2025

Transition a pivot query that includes dynamic columns from SQL Server to PostgreSQL

The text discusses the process of migrating workloads from SQL Server to PostgreSQL, specifically focusing on the implementation of the PIVOT function. It highlights the limitations of using CASE WHEN statements in SQL Server for dynamic reports and introduces the crosstab function from PostgreSQL’s tablefunc extension as a more flexible alternative. The solution involves creating a PostgreSQL function called get_dynamic_pivot_data that utilizes crosstab to dynamically generate columns based on query results. To test the function, users need to provision either Amazon Aurora PostgreSQL or Amazon RDS for PostgreSQL and install a PostgreSQL client tool. For those using C#, .NET SDK 8 and Visual Studio Code must be installed. The text provides detailed steps for creating sample tables and stored procedures in SQL Server, along with the equivalent setup in PostgreSQL, including the use of the crosstab function and cursor management. It emphasizes the need for security measures, such as storing database credentials in AWS Secrets Manager. The author encourages sharing experiences related to implementing PIVOT functionality in PostgreSQL.

Winsage

April 5, 2025

Celebrating Microsoft’s 50 years – The Official Microsoft Blog

Satya Nadella, Chairman and CEO of Microsoft, spoke at the company's 50th anniversary, reflecting on its founding by Bill Gates and Paul Allen. He emphasized Microsoft's commitment to empowering individuals through technology, highlighting the importance of the past while focusing on future innovations, particularly in AI. Nadella introduced advancements in Microsoft’s development tools, such as Agent Mode in Visual Studio Code and the Code Review Agent, which enhance the developer experience. He reiterated Microsoft's mission to empower every person and organization, stating that tools like Copilot are designed for a wide range of users. Nadella expressed gratitude to all contributors to Microsoft's success and excitement for future innovations.

Winsage

March 20, 2025

Windows 11 File Explorer is about to get a speed boost

Microsoft has released Windows 11 Build 27818 for users in the Canary Channel, enhancing File Explorer's performance for extracting zip files. The update includes general improvements and fixes, such as displaying additional details about Pluton TPM chips in the Windows Security app. The suggested actions feature for copying phone numbers or future dates is being deprecated. A critical fix addresses a d3d9.dll crash affecting application launches. Other improvements include enhanced performance for unzipping files, fixes for File Explorer Home loading issues, taskbar app window preview corrections, resolution of a ctmon.exe crash impacting typing, fixes for Settings launch errors, graphics performance improvements, resolution of Visual Studio Code installation issues with Admin Protection, and fixes for Remote Desktop freezing issues. Additionally, a fix addresses application opening failures related to a virtual machine component error.