Windows 11 23H2 Archives

Winsage

April 8, 2026

Microsoft rolls out fix for broken Windows Start Menu search

Microsoft has implemented a server-side remedy for an issue affecting the Windows Start Menu search functionality on select Windows 11 23H2 devices, which began impacting users on April 6. The problem was linked to a server-side Bing update aimed at improving search performance. Microsoft has rolled back the problematic Bing update and expects search issues to decrease as the fix is deployed. Users have reported blank search results in the Start Menu, but options remain clickable. Microsoft confirmed that the issue will resolve automatically with the rollout of the fix, provided devices are connected to the internet and Web Search is enabled. Additionally, there have been previous Start Menu-related issues, including crashes and error messages, with Microsoft working on permanent solutions for these problems.

Winsage

March 12, 2026

How to Block Windows Upgrade for Good

Recent reports indicate concerns among users about automatic upgrades of Windows PCs, particularly for those who prefer to stay on Windows 10 or a specific feature update. Despite these fears, there is no evidence that Microsoft upgrades PCs without user consent; many users may unintentionally accept upgrade prompts or face bugs that trigger updates. Microsoft's upgrade approach can feel aggressive, especially when feature updates are bundled with regular updates. If the option to receive the latest updates is enabled, automatic installations may occur, particularly when a version reaches its end of service. Users can prevent unwanted upgrades through several methods: 1. Group Policy Editor: For Windows Pro or Enterprise users, they can lock in a specific feature update by accessing the Group Policy Editor and setting the desired OS edition and feature update version. 2. Windows Registry: Windows Home users can modify the Windows Registry to restrict upgrades. This involves creating specific DWORD and String Values to set the target OS edition and feature update version. 3. InControl App: A user-friendly application that allows users to freeze their current OS edition and feature update version, preventing upgrades while still allowing monthly updates. These methods enable users to maintain control over their operating systems and avoid unexpected upgrades.

Winsage

March 4, 2026

PoC Exploit Released for Microsoft Windows Error Reporting ALPC Privilege Escalation

A proof-of-concept exploit for CVE-2026-20817, a local privilege escalation vulnerability in the Windows Error Reporting (WER) service, has been released by security researcher oxfemale on GitHub. This vulnerability allows low-privileged users to gain SYSTEM-level access through crafted Advanced Local Procedure Call (ALPC) messages. The flaw is located in the WER service's SvcElevatedLaunch method, which fails to validate caller privileges before executing WerFault.exe with user-supplied command line parameters. The CVSS v3.1 base score for this vulnerability is 7.8, indicating a high severity level. It affects unpatched versions of Windows 10, Windows 11, Windows Server 2019, and Windows Server 2022 prior to the January 2026 update. Demonstrations have shown successful exploitation on Windows 11 23H2. Security teams are advised to monitor for unusual processes related to WerFault.exe, investigate missing SeTcbPrivilege in SYSTEM tokens, and review WER-related activities from low-privilege users. Immediate application of the January 2026 security patches is recommended, and a temporary workaround involves disabling the WER service.

Winsage

February 26, 2026

PoC Published for Microsoft Windows Flaw That Allows Low-Privileged Users to Force Irrecoverable BSODs

Security researchers have developed a working Proof of Concept (PoC) exploit for a vulnerability in the Windows kernel, identified as CVE-2026-2636, which allows low-privileged users to induce a Blue Screen of Death (BSoD), resulting in a Denial of Service. This vulnerability is linked to the Windows Common Log File System (CLFS) driver, specifically the CLFS.sys component, and arises from improper handling of invalid or special elements within CLFS (CWE-159). The PoC demonstrates that a non-administrative user can trigger the bug by executing a crafted ReadFile operation on a handle linked to an opened .blf log file without the expected I/O Request Packet (IRP) flags set. This leads to a critical inconsistency in the driver, causing Windows to invoke the kernel routine KeBugCheckEx, which results in a BSoD. The CVE-2026-2636 has a CVSS score of 5.5 (Medium) and poses a high impact on availability, allowing any authenticated user to crash the host reliably. Microsoft addressed this vulnerability in the September 2025 cumulative update, protecting systems running Windows 11 2024 LTSC and Windows Server 2025 by default. However, older or unpatched builds remain vulnerable. Organizations are advised to verify the deployment of the September 2025 updates, prioritize patching multi-user systems, and monitor for unusual spikes in BSoD events.

Winsage

January 28, 2026

‘Windows 11 25H2 edges ahead of Windows 10 in gaming performance’: testing proves newer OS is faster — but there’s an elephant-sized BSOD in the room

Windows 11 version 25H2 has outperformed Windows 10 (22H2) in gaming benchmarks, a shift from earlier assessments where Windows 10 was faster than Windows 11 23H2. The improvements in Windows 11's gaming capabilities were largely due to the 24H2 update. Testing was conducted on high-end hardware, specifically with an AMD Ryzen 9800X3D processor and Nvidia RTX 5090 GPU, and results may vary with different setups. Games like Arc Raiders and Borderlands 4 showed performance increases of 11% and 9% to 13%, respectively, on Windows 11. However, Windows 11 has faced bugs and glitches, including boot failures and sleep mode issues, particularly on older PCs, leading to hesitation among gamers about upgrading from Windows 10, which remains stable with only security updates. The deadline for Windows 10's extended support is October 2026, prompting users to consider upgrades or new purchases.

Winsage

January 20, 2026

Microsoft issues emergency patch for latest Windows bugs

Microsoft released the January Patch Tuesday update on January 13, 2026, addressing over 110 security vulnerabilities. The update introduced bugs affecting Windows 11, Windows 10, and Windows Server. The first issue involves authentication failures when connecting to a Cloud PC via Remote Desktop, primarily affecting Windows 11 25H2, Windows 10 22H2 ESU, and Windows Server 2025. The second issue affects systems with Secure Launch enabled, causing unexpected restarts instead of shutting down or entering hibernation mode, specifically impacting Windows 11 23H2. Microsoft has released emergency patches for the affected versions, which include: - Windows 11, versions 25H2 and 24H2 (KB5077744) - Windows 11, version 23H2 (KB5077797) - Windows 10, version 22H2 ESU and Windows 10 Enterprise LTSC 2021 (KB5077796) - Windows Server 2025 (KB5077793) - Windows Server 2022 (KB5077800) - Windows Server 2019 and Enterprise LTSC 2019 (KB5077795)

Winsage

January 19, 2026

Windows 11 PCs Fail To Shut Down After Update

Some users of Windows 11 have experienced a problem where their PCs reboot instead of shutting down after the Patch Tuesday security update KB5073455. This issue primarily affects devices with Secure Launch on Windows 11 version 23H2. Microsoft has confirmed this behavior, which disrupts the usual power-off sequence and can drain battery life for laptops and complicate remote management processes. An out-of-band update, KB5077797, has been released to restore normal shutdown and hibernation functionalities for affected systems. Users can check for this update in Windows Update or download it from the Microsoft Update Catalog. To determine if they are affected, users should look for immediate restarts when selecting Shut Down or Hibernate and check if Secure Launch is enabled in System Information.

Winsage

January 19, 2026

The Last Windows Security Updates of January 2026 Are Here

Microsoft released its first set of security updates for the Windows operating system and various products in January 2026, addressing over 110 vulnerabilities. The updates are available for all supported versions of Windows, with Windows 10 receiving fixes only through the Extended Security Updates (ESU) program. Windows 11 versions 24H2 and 25H2 are the main consumer releases benefiting from these updates. Approximately 112–114 security updates were released, with around 8 rated as Critical. At least one zero-day vulnerability is actively exploited. The updates include security fixes for Windows, Office, Edge, Azure, and server components. Windows 11 versions 23H2, 24H2, and 25H2, as well as Windows Server 2023 and 2025, have known issues. Windows 11 version 24H2 and 25H2 received security fixes for multiple vulnerabilities, while version 23H2 continues to receive support through enterprise servicing channels. Windows 10 updates are limited to ESU-enrolled systems, with general support ending in October 2025. Windows Server 2016, 2019, 2022, 2023, and 2025 received January security updates, addressing important vulnerabilities without disclosing any critical ones. Microsoft also released updates for Office products and SharePoint Server components. Known issues after the January updates include credential prompt failures and authentication issues in Azure Virtual Desktop and Windows 365, particularly affecting the new Windows App. Workarounds involve using the classic Remote Desktop client or the web-based RDP client. Additionally, devices with Secure Launch enabled may experience shutdown and sleep mode failures. Microsoft has provided out-of-band fixes for certain affected systems as of January 18, 2026. Users can manually install updates through the Windows Update feature, and it is recommended to create a full system backup before proceeding with updates.

Winsage

January 18, 2026

Microsoft Confirms Emergency Updates For Most Windows PCs

Microsoft has released emergency fixes in response to issues arising from January's Patch Tuesday security updates. Users experienced shutdown failures and Remote Desktop login difficulties after the updates. Microsoft has resolved two critical bugs: one related to shutdown failures on Windows 11 version 23H2 and another concerning Remote Desktop connection failures on versions 24H2 and 25H2. However, three issues remain unpatched: a black screen before the cursor appears, a glitch resetting the desktop background to black, and problems with the desktop.ini file in File Explorer. Additionally, there is an unresolved issue with Outlook Classic that may cause it to freeze for users with older POP accounts. Microsoft has provided two emergency updates: KB5077744 for Remote Desktop connection failures on versions 25H2 and 24H2, and KB5077797 for the shutdown issue on version 23H2.

Winsage

January 16, 2026

Sorry Dave, I’m afraid I can’t do that! PCs refuse to shutdown after Microsoft patch

Microsoft's January Patch Tuesday update has caused shutdown and hibernation issues for some Windows 11 23H2 users, with devices refusing to power down despite user commands. The problem is linked to the Secure Launch feature, which prevents shutdown, restart, and hibernation attempts from functioning correctly. Microsoft has suggested a workaround using the command "shutdown /s /t 0" to force shutdown. They have not disclosed how many devices are affected or provided a timeline for a fix. Additionally, there is a separate issue affecting classic Outlook POP account profiles that may freeze or hang after the update.