Windows 11 23H2 Archives

Winsage

March 4, 2026

PoC Exploit Released for Microsoft Windows Error Reporting ALPC Privilege Escalation

A proof-of-concept exploit for CVE-2026-20817, a local privilege escalation vulnerability in the Windows Error Reporting (WER) service, has been released by security researcher oxfemale on GitHub. This vulnerability allows low-privileged users to gain SYSTEM-level access through crafted Advanced Local Procedure Call (ALPC) messages. The flaw is located in the WER service's SvcElevatedLaunch method, which fails to validate caller privileges before executing WerFault.exe with user-supplied command line parameters. The CVSS v3.1 base score for this vulnerability is 7.8, indicating a high severity level. It affects unpatched versions of Windows 10, Windows 11, Windows Server 2019, and Windows Server 2022 prior to the January 2026 update. Demonstrations have shown successful exploitation on Windows 11 23H2. Security teams are advised to monitor for unusual processes related to WerFault.exe, investigate missing SeTcbPrivilege in SYSTEM tokens, and review WER-related activities from low-privilege users. Immediate application of the January 2026 security patches is recommended, and a temporary workaround involves disabling the WER service.

Winsage

February 26, 2026

PoC Published for Microsoft Windows Flaw That Allows Low-Privileged Users to Force Irrecoverable BSODs

Security researchers have developed a working Proof of Concept (PoC) exploit for a vulnerability in the Windows kernel, identified as CVE-2026-2636, which allows low-privileged users to induce a Blue Screen of Death (BSoD), resulting in a Denial of Service. This vulnerability is linked to the Windows Common Log File System (CLFS) driver, specifically the CLFS.sys component, and arises from improper handling of invalid or special elements within CLFS (CWE-159). The PoC demonstrates that a non-administrative user can trigger the bug by executing a crafted ReadFile operation on a handle linked to an opened .blf log file without the expected I/O Request Packet (IRP) flags set. This leads to a critical inconsistency in the driver, causing Windows to invoke the kernel routine KeBugCheckEx, which results in a BSoD. The CVE-2026-2636 has a CVSS score of 5.5 (Medium) and poses a high impact on availability, allowing any authenticated user to crash the host reliably. Microsoft addressed this vulnerability in the September 2025 cumulative update, protecting systems running Windows 11 2024 LTSC and Windows Server 2025 by default. However, older or unpatched builds remain vulnerable. Organizations are advised to verify the deployment of the September 2025 updates, prioritize patching multi-user systems, and monitor for unusual spikes in BSoD events.

Winsage

January 28, 2026

‘Windows 11 25H2 edges ahead of Windows 10 in gaming performance’: testing proves newer OS is faster — but there’s an elephant-sized BSOD in the room

Windows 11 version 25H2 has outperformed Windows 10 (22H2) in gaming benchmarks, a shift from earlier assessments where Windows 10 was faster than Windows 11 23H2. The improvements in Windows 11's gaming capabilities were largely due to the 24H2 update. Testing was conducted on high-end hardware, specifically with an AMD Ryzen 9800X3D processor and Nvidia RTX 5090 GPU, and results may vary with different setups. Games like Arc Raiders and Borderlands 4 showed performance increases of 11% and 9% to 13%, respectively, on Windows 11. However, Windows 11 has faced bugs and glitches, including boot failures and sleep mode issues, particularly on older PCs, leading to hesitation among gamers about upgrading from Windows 10, which remains stable with only security updates. The deadline for Windows 10's extended support is October 2026, prompting users to consider upgrades or new purchases.

Winsage

January 20, 2026

Microsoft issues emergency patch for latest Windows bugs

Microsoft released the January Patch Tuesday update on January 13, 2026, addressing over 110 security vulnerabilities. The update introduced bugs affecting Windows 11, Windows 10, and Windows Server. The first issue involves authentication failures when connecting to a Cloud PC via Remote Desktop, primarily affecting Windows 11 25H2, Windows 10 22H2 ESU, and Windows Server 2025. The second issue affects systems with Secure Launch enabled, causing unexpected restarts instead of shutting down or entering hibernation mode, specifically impacting Windows 11 23H2. Microsoft has released emergency patches for the affected versions, which include: - Windows 11, versions 25H2 and 24H2 (KB5077744) - Windows 11, version 23H2 (KB5077797) - Windows 10, version 22H2 ESU and Windows 10 Enterprise LTSC 2021 (KB5077796) - Windows Server 2025 (KB5077793) - Windows Server 2022 (KB5077800) - Windows Server 2019 and Enterprise LTSC 2019 (KB5077795)

Winsage

January 19, 2026

Windows 11 PCs Fail To Shut Down After Update

Some users of Windows 11 have experienced a problem where their PCs reboot instead of shutting down after the Patch Tuesday security update KB5073455. This issue primarily affects devices with Secure Launch on Windows 11 version 23H2. Microsoft has confirmed this behavior, which disrupts the usual power-off sequence and can drain battery life for laptops and complicate remote management processes. An out-of-band update, KB5077797, has been released to restore normal shutdown and hibernation functionalities for affected systems. Users can check for this update in Windows Update or download it from the Microsoft Update Catalog. To determine if they are affected, users should look for immediate restarts when selecting Shut Down or Hibernate and check if Secure Launch is enabled in System Information.

Winsage

January 19, 2026

The Last Windows Security Updates of January 2026 Are Here

Microsoft released its first set of security updates for the Windows operating system and various products in January 2026, addressing over 110 vulnerabilities. The updates are available for all supported versions of Windows, with Windows 10 receiving fixes only through the Extended Security Updates (ESU) program. Windows 11 versions 24H2 and 25H2 are the main consumer releases benefiting from these updates. Approximately 112–114 security updates were released, with around 8 rated as Critical. At least one zero-day vulnerability is actively exploited. The updates include security fixes for Windows, Office, Edge, Azure, and server components. Windows 11 versions 23H2, 24H2, and 25H2, as well as Windows Server 2023 and 2025, have known issues. Windows 11 version 24H2 and 25H2 received security fixes for multiple vulnerabilities, while version 23H2 continues to receive support through enterprise servicing channels. Windows 10 updates are limited to ESU-enrolled systems, with general support ending in October 2025. Windows Server 2016, 2019, 2022, 2023, and 2025 received January security updates, addressing important vulnerabilities without disclosing any critical ones. Microsoft also released updates for Office products and SharePoint Server components. Known issues after the January updates include credential prompt failures and authentication issues in Azure Virtual Desktop and Windows 365, particularly affecting the new Windows App. Workarounds involve using the classic Remote Desktop client or the web-based RDP client. Additionally, devices with Secure Launch enabled may experience shutdown and sleep mode failures. Microsoft has provided out-of-band fixes for certain affected systems as of January 18, 2026. Users can manually install updates through the Windows Update feature, and it is recommended to create a full system backup before proceeding with updates.

Winsage

January 18, 2026

Microsoft Confirms Emergency Updates For Most Windows PCs

Microsoft has released emergency fixes in response to issues arising from January's Patch Tuesday security updates. Users experienced shutdown failures and Remote Desktop login difficulties after the updates. Microsoft has resolved two critical bugs: one related to shutdown failures on Windows 11 version 23H2 and another concerning Remote Desktop connection failures on versions 24H2 and 25H2. However, three issues remain unpatched: a black screen before the cursor appears, a glitch resetting the desktop background to black, and problems with the desktop.ini file in File Explorer. Additionally, there is an unresolved issue with Outlook Classic that may cause it to freeze for users with older POP accounts. Microsoft has provided two emergency updates: KB5077744 for Remote Desktop connection failures on versions 25H2 and 24H2, and KB5077797 for the shutdown issue on version 23H2.

Winsage

January 16, 2026

Sorry Dave, I’m afraid I can’t do that! PCs refuse to shutdown after Microsoft patch

Microsoft's January Patch Tuesday update has caused shutdown and hibernation issues for some Windows 11 23H2 users, with devices refusing to power down despite user commands. The problem is linked to the Secure Launch feature, which prevents shutdown, restart, and hibernation attempts from functioning correctly. Microsoft has suggested a workaround using the command "shutdown /s /t 0" to force shutdown. They have not disclosed how many devices are affected or provided a timeline for a fix. Additionally, there is a separate issue affecting classic Outlook POP account profiles that may freeze or hang after the update.

Winsage

January 1, 2026

Microsoft’s 2026 end-of-support wave includes Windows 11 24H2, Office 2021, and more

Microsoft will discontinue support for Windows 11 24H2 on October 4, 2026. Windows 11 23H2 Enterprise, Education, and IoT Enterprise support ends on November 10, 2026. Office 2021 support will conclude on October 13, 2026. Upgrading from Office 2021 to Office 2024 will require purchasing a new license. The following products will also lose support in 2026: .NET 9 (November 10), .NET 8 (November 10), PowerShell 7.4 (November 10), and Windows Server 2012/2012 R2 (October 13).

Winsage

November 14, 2025

Microsoft begins force upgrading some PCs to Windows 11 25H2, as the roll out expands

Microsoft has expanded the rollout of Windows 11 25H2, making it available to all users who actively seek the upgrade. For users on Windows 11 versions 23H2, 22H2, or 21H1, the upgrade to 25H2 will be auto-installed, especially as version 23H2 has reached its end-of-life on November 11. Windows 10 users will not be forced to upgrade to Windows 11 25H2; they can choose to upgrade when prompted. Windows 11 25H2 is available as an optional upgrade for Windows 10 users, marking a change from previous practices.