Windows 11 systems

Winsage
June 24, 2026
Windows 11 version 24H2 will reach the end of servicing on October 13, 2026. Enterprises often face version drift, requiring different upgrade strategies for various Windows 11 builds across endpoints. Upgrade methods include enablement packages, ISO-based feature updates, or direct upgrades from Windows 10. Enablement packages are the quickest and least disruptive option for compatible Windows 11 systems. Qualys TruRisk Eliminate can standardize upgrades and minimize version drift on a large scale. Endpoints should be assessed for readiness, categorized by eligibility and current OS status. Enablement packages are recommended for recent Windows 11 builds due to their minimal download size, faster installation, and reduced operational impact. If enablement packages are unavailable, ISO-based feature updates may be necessary. Direct upgrades from Windows 10 to Windows 11 25H2 can be executed without intermediate transitions. Qualys TruRisk Eliminate provides tools for managing these upgrade processes effectively.
Winsage
June 16, 2026
Windows 11 update KB5094126 (Build 26200.8655), released on June 9, 2026, has caused boot failures, blue screens, and BitLocker recovery prompts for users, particularly affecting business devices from HP and Dell, including models like HP EliteBook 840 G10 and Dell Precision 7530. The issues stem from changes in Secure Boot and EFI partition modifications, with insufficient EFI partition space leading to errors. A workaround involves disabling Secure Boot in BIOS. Additionally, users have reported disruptions with OneDrive and Microsoft Word integration, particularly in enterprise environments. Microsoft has not yet acknowledged these problems.
Winsage
June 11, 2026
Microsoft has resolved an issue affecting certain Windows Server 2025 devices that were booting into BitLocker recovery mode after the April 2026 security update. This issue was linked to specific BitLocker Group Policy configurations and required users to input their BitLocker recovery key upon the first restart after the update. However, this key would only need to be entered once for subsequent restarts, provided the group policy configuration remained unchanged. The problem primarily affected enterprise systems rather than personal devices. The issue arose under specific conditions: BitLocker was enabled on the operating system drive, a particular Group Policy was set, the Secure Boot State PCR7 Binding was "Not Possible," the Windows UEFI CA 2023 certificate was present, and the device was not already using the 2023-signed Windows Boot Manager. Microsoft released fixes in the KB5094125 and KB5093998 updates to address this problem, preventing devices with incompatible group policy configurations from installing the 2023-signed Windows Boot Manager. Event ID 1032 in the System event log indicates the issue when Windows updates are installed. For IT administrators unable to deploy the latest updates, it is recommended to remove the Group Policy configuration before installing updates or to implement a Known Issue Rollback (KIR) on affected devices. Additionally, Microsoft had previously addressed similar BitLocker recovery issues in August 2024 and May 2025.
Winsage
June 3, 2026
OpenAI has announced that the Codex desktop's Computer Use feature is now available on Windows 11 systems, previously exclusive to macOS. This feature allows Codex to control applications on a user's computer using a virtual mouse and keyboard, enabling it to autonomously navigate the system and execute tasks. Users can direct Codex by referencing their computer or specific applications in their instructions. The feature is integrated with mobile applications, allowing users to manage tasks on their Windows systems from mobile devices. Currently, it is available across all Codex plans, including free tiers, but access may eventually be limited to premium plans.
Winsage
May 28, 2026
Microsoft has introduced the "Low Latency Profile" (LLP) feature in the KB5089573 update for Windows 11, aimed at optimizing CPU performance for brief intervals of 1 to 3 seconds to enhance user experience. This feature is expected to improve the launch speed of core Microsoft applications, with in-box apps like Edge and Outlook launching approximately 40% faster, and improvements to the Start Menu and context menus yielding speed increases of up to 70%. Users can activate this performance upgrade by installing the KB5089573 update through Settings > Windows Update > Advanced options > Optional updates. The LLP will be activated gradually through a Controlled Feature Rollout (CFR), meaning users may not see immediate changes as the system prepares for full implementation. The LLP allows for short bursts of increased CPU performance, which may lead to slightly higher temperatures during lighter tasks, but aims to provide a seamless experience.
Winsage
May 18, 2026
Microsoft has acknowledged a significant issue with the May 2026 Windows 11 security update, KB5089549, where users are encountering difficulties in installation, specifically the 0x800f0922 error code. This issue is primarily due to insufficient free space on the EFI System Partition (ESP), especially for devices with 10 MB or less available. The installation may fail during the reboot phase at around 35–36% completion, with users receiving notifications like "Something didn't go as planned. Undoing changes." Log entries may indicate insufficient ESP free space, such as "SpaceCheck: Insufficient free space" and "ServicingBootFiles failed. Error = 0x70." Microsoft recommends affected users utilize the Known Issue Rollback feature to reverse problematic updates and advises IT departments to install and configure the relevant Group Policy to address the issue.
Winsage
May 18, 2026
Chaotic Eclipse has unveiled a proof-of-concept (PoC) for a Windows privilege escalation zero-day vulnerability, codenamed MiniPlasma, which targets the "cldflt.sys" component and could grant SYSTEM privileges on fully patched Windows systems. This vulnerability was initially reported to Microsoft by James Forshaw from Google Project Zero in September 2020. Although Microsoft was believed to have resolved it in December 2020 as part of CVE-2020-17103, further analysis indicates that the flaw remains unaddressed. Chaotic Eclipse demonstrated that the original PoC could still spawn a SYSTEM shell reliably on his machines. The vulnerability is believed to affect all versions of Windows, with confirmation that MiniPlasma opens a "cmd.exe" prompt with SYSTEM privileges on Windows 11 systems with the latest May 2026 updates, though it does not function on the latest Insider Preview Canary version. In December 2025, Microsoft addressed a separate privilege escalation flaw in the same component, identified as CVE-2025-62221, which had a CVSS score of 7.8 and was reportedly being exploited by threat actors.
Search