Visual Studio Archives

Winsage

May 14, 2025

WSL is the best feature added to Windows in the last decade

Microsoft introduced the Windows Subsystem for Linux (WSL) in the Windows 10 Anniversary Update in August 2016, initially as a tool for developers. WSL debuted as a beta version with a native-kernel translation layer, allowing Windows to run unmodified Linux ELF binaries. Its early performance was limited, leading users to prefer Linux virtual machines for full compatibility. The launch of WSL2 in May 2020 replaced the translation layer with a lightweight, real Linux kernel running in a Hyper-V utility VM, providing near-native performance and comprehensive syscall coverage. WSL2 has since seen continuous improvements, including GPU-compute and CUDA support in 2021, full GUI support for X11 and Wayland applications in 2022, and systemd support in September 2022. WSL2 approaches the performance of bare-metal Linux while integrating seamlessly with Windows, allowing users to launch a Linux shell easily. It enables developers to access the C drive and interact between Windows and Linux environments without dual-booting. WSL2 enhances productivity for data science workflows, allowing the use of tools like PyTorch with CUDA. It also offers features for non-developers, such as creating aliases for launching Windows applications and running Linux GUI applications. WSL's integration into Windows represents a significant shift, providing opportunities for users across various domains to explore Linux functionalities.

Winsage

May 14, 2025

Microsoft’s ‘Patch Tuesday’ Update Fixes Seven Zero-Day Exploits

Microsoft's latest Patch Tuesday update addresses 72 security vulnerabilities, including five critical zero-day vulnerabilities. Four of these zero-days are elevation of privilege flaws: - CVE-2025-32701 and CVE-2025-32706 target the Windows Common Log File System Driver. - CVE-2025-30400 affects the Microsoft DWM Core Library. - CVE-2025-32709 involves the Windows Ancillary Function Driver for WinSock. These vulnerabilities allow attackers to gain SYSTEM privileges locally. The fifth zero-day, CVE-2025-30397, is a remote code execution vulnerability in the Microsoft Scripting Engine, which can be exploited through malicious links in Microsoft Edge or Internet Explorer. CVE-2025-30397, CVE-2025-32701, and CVE-2025-30400 were discovered by the Microsoft Threat Intelligence Center, while CVE-2025-32706 was disclosed by the Google Threat Intelligence Group and CrowdStrike, and CVE-2025-32709 was reported by an anonymous researcher. Additionally, a publicly disclosed spoofing flaw in Microsoft Defender, CVE-2025-26685, allows unauthenticated attackers with local network access to impersonate another account. The final zero-day, CVE-2025-32702, is a remote code execution vulnerability in Visual Studio.

Winsage

May 10, 2025

I made my Windows Terminal exactly the way I want it, and it’s hard to go back to GUI apps

The author has been using Linux, specifically Ubuntu Server, for over a decade for cloud deployments, game server management, and media streaming. They primarily use a MacBook for daily tasks but also require Windows for gaming on a main PC, utilizing Windows Subsystem for Linux (WSL). The author has configured Windows Terminal to manage multiple command-line shells, including Windows PowerShell, Command Prompt, and WSL, all within a single application. Windows Terminal is pre-installed on Windows 11 version 22H2 or later and can be downloaded from the Microsoft Store for earlier versions. The author's Windows Terminal setup opens a WSL environment by default and includes options for Command Prompt, PowerShell, and Developer Command Prompts. They have customized their experience by removing trailing whitespace when pasting, organizing tab order, hiding the title bar, and using a Dark theme with the Monokai Remastered color scheme and JetBrains Mono font. The WSL configuration is set to access an Ubuntu terminal directly. Windows Terminal allows the author to connect to Proxmox hosts or virtual machines via SSH and supports multiple tabs for managing different systems. It features a "Quake" mode for quick command execution and the ability to create automated tools with keyboard shortcuts. The author plans to explore adding SSH profiles for easier server connections.

Winsage

April 23, 2025

Announcing Windows 11 Insider Preview Build 27842 (Canary Channel)

Windows 11 Insider Preview Build 27842 has been released to the Canary Channel. There are no plans to release SDKs for the 27xxx series builds. Changes include: - Temporary disappearance of enhanced battery iconography. - A new user interface for unexpected restarts is being previewed, appearing as a “green screen” for Insiders on version 24H2 and higher. - The Windows Security app will display additional details about Pluton TPM chips under Device security. Fixes include: - Resolved issues with Windows Update toggle, high CPU usage by lsass.exe, and crashes in ctfmon.exe and DWM. - Improved reliability of explorer.exe and fixed display issues with external graphics cards and JPG images. - Corrected problems with the Smart App Control icon and the Run dialog autocomplete. Known issues include: - Users on new Copilot+ PCs may lose access to Windows Hello PIN and biometrics. - Night light functionality is not working for some Insiders. - Bugcheck issues when using Xbox Controllers via Bluetooth. Insiders in the Canary Channel should note that builds may evolve and features may be removed or never reach general release. A clean installation of Windows 11 is required to exit the Canary Channel.

Winsage

April 22, 2025

These 7 WSL programs changed how I use Windows

Windows users previously faced challenges using Linux tools via virtual machines until the introduction of the Windows Subsystem for Linux (WSL), which was further improved with WSL2. WSL2 integrates a lightweight virtual machine into Windows, allowing users to run Linux applications seamlessly. Runtipi and CasaOS can be easily set up on WSL2 to host self-service applications without complex configurations. Visual Studio Code (VS Code) offers a WSL extension that enables code execution directly in Linux distributions from Windows, enhancing the coding experience. Gigolo is a frontend for managing network shares, which can also be integrated into Windows 11 through WSL2. Ansible can automate the provisioning of virtual machines and containers on WSL2, making it easier for users engaged in DIY projects. Rsync can be installed via WSL2 for efficient file synchronization and backups on Windows. Podman Desktop allows Windows users to explore container runtimes using WSL2, providing a GUI for managing containers. Lastly, WSL2 enables users to access the Linux terminal and run various Linux distributions directly within Windows 11.

Tech Optimizer

April 16, 2025

Transition a pivot query that includes dynamic columns from SQL Server to PostgreSQL

The text discusses the process of migrating workloads from SQL Server to PostgreSQL, specifically focusing on the implementation of the PIVOT function. It highlights the limitations of using CASE WHEN statements in SQL Server for dynamic reports and introduces the crosstab function from PostgreSQL’s tablefunc extension as a more flexible alternative. The solution involves creating a PostgreSQL function called get_dynamic_pivot_data that utilizes crosstab to dynamically generate columns based on query results. To test the function, users need to provision either Amazon Aurora PostgreSQL or Amazon RDS for PostgreSQL and install a PostgreSQL client tool. For those using C#, .NET SDK 8 and Visual Studio Code must be installed. The text provides detailed steps for creating sample tables and stored procedures in SQL Server, along with the equivalent setup in PostgreSQL, including the use of the crosstab function and cursor management. It emphasizes the need for security measures, such as storing database credentials in AWS Secrets Manager. The author encourages sharing experiences related to implementing PIVOT functionality in PostgreSQL.

Winsage

April 5, 2025

Celebrating Microsoft’s 50 years – The Official Microsoft Blog

Satya Nadella, Chairman and CEO of Microsoft, spoke at the company's 50th anniversary, reflecting on its founding by Bill Gates and Paul Allen. He emphasized Microsoft's commitment to empowering individuals through technology, highlighting the importance of the past while focusing on future innovations, particularly in AI. Nadella introduced advancements in Microsoft’s development tools, such as Agent Mode in Visual Studio Code and the Code Review Agent, which enhance the developer experience. He reiterated Microsoft's mission to empower every person and organization, stating that tools like Copilot are designed for a wide range of users. Nadella expressed gratitude to all contributors to Microsoft's success and excitement for future innovations.

Winsage

March 20, 2025

Windows 11 File Explorer is about to get a speed boost

Microsoft has released Windows 11 Build 27818 for users in the Canary Channel, enhancing File Explorer's performance for extracting zip files. The update includes general improvements and fixes, such as displaying additional details about Pluton TPM chips in the Windows Security app. The suggested actions feature for copying phone numbers or future dates is being deprecated. A critical fix addresses a d3d9.dll crash affecting application launches. Other improvements include enhanced performance for unzipping files, fixes for File Explorer Home loading issues, taskbar app window preview corrections, resolution of a ctmon.exe crash impacting typing, fixes for Settings launch errors, graphics performance improvements, resolution of Visual Studio Code installation issues with Admin Protection, and fixes for Remote Desktop freezing issues. Additionally, a fix addresses application opening failures related to a virtual machine component error.

Winsage

March 18, 2025

Bypassing Windows Defender Application Control with Loki C2

Microsoft's Windows Defender Application Control (WDAC) has become a target for cybersecurity researchers, with bug bounty payouts for successful bypasses. IBM's X-Force team reported various outcomes from WDAC bypass submissions, including successful bypasses that lead to potential bounties, those added to the WDAC recommended block list, and submissions without recognition. Notable contributors like Jimmy Bayne and Casey Smith have made significant discoveries, while the LOLBAS Project has documented additional bypasses, including the Microsoft Teams application. The X-Force team successfully bypassed WDAC during Red Team Operations using techniques such as utilizing known LOLBINs, DLL side-loading, exploiting custom exclusion rules, and identifying new execution chains in trusted applications. Electron applications, which can execute JavaScript and interact with the operating system, present unique vulnerabilities, as demonstrated by a supply-chain attack on the MiMi chat application. In preparation for a Red Team operation, Bobby Cooke's team explored the legacy Microsoft Teams application, discovering vulnerabilities in signed Node modules that allowed them to execute shellcode without triggering WDAC restrictions. They developed a JavaScript-based C2 framework called Loki C2, designed to operate within WDAC policies and facilitate reconnaissance and payload deployment. A demonstration of Loki C2 showcased its ability to bypass strict WDAC policies by modifying resources of the legitimate Teams application, allowing undetected code execution. The ongoing development of techniques and tools by the X-Force team reflects the evolving cybersecurity landscape and the continuous adaptation required to counter emerging threats.

Winsage

March 11, 2025

Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws

Microsoft released security updates on March 2025 Patch Tuesday, addressing 57 vulnerabilities, including six classified as critical related to remote code execution. The vulnerabilities are categorized as follows: 23 Elevation of Privilege, 3 Security Feature Bypass, 23 Remote Code Execution, 4 Information Disclosure, 1 Denial of Service, and 3 Spoofing. The updates specifically address six actively exploited zero-day vulnerabilities and one publicly disclosed zero-day vulnerability. The zero-day vulnerabilities include: 1. CVE-2025-24983 - Elevation of Privilege in Windows Win32 Kernel Subsystem. 2. CVE-2025-24984 - Information Disclosure in Windows NTFS. 3. CVE-2025-24985 - Remote Code Execution in Windows Fast FAT File System Driver. 4. CVE-2025-24991 - Information Disclosure in Windows NTFS. 5. CVE-2025-24993 - Remote Code Execution in Windows NTFS. 6. CVE-2025-26633 - Security Feature Bypass in Microsoft Management Console. The publicly disclosed zero-day is: - CVE-2025-26630 - Remote Code Execution in Microsoft Access. A comprehensive list of resolved vulnerabilities includes various CVE IDs and their respective titles and severities, with several vulnerabilities affecting Microsoft Office products, Windows components, and Azure services.