Windows devices Archives

Winsage

May 25, 2026

Thousands of Windows machines are being replaced in schools with MacBook Neo and iPads

The Kansas City Public Schools (KCPS) has acquired over 4,500 MacBook Neo units for students in 8th grade and above, planning to phase out more than 30,000 existing devices. The initiative aims to create a unified Apple-centric ecosystem to enhance collaboration and efficiency in classrooms. The rollout will initially focus on older students, with iPads and existing MacBook Airs serving other grade levels. This move positions Apple to compete against Chromebooks and budget Windows laptops in the educational market. Intel is also working on Project Firefly to keep Windows competitive by offering sub-0 Windows laptops. KCPS's initiative provides Apple an opportunity to showcase its devices in real-world classroom settings, focusing on practical aspects like battery performance and support costs. The success of this transition will depend on managing repair, training, and management expenses as older machines are phased out, potentially influencing other educational institutions to consider the MacBook Neo.

Winsage

May 18, 2026

Microsoft confirms Windows 11 security update install issues

Microsoft has acknowledged a significant issue with the May 2026 Windows 11 security update, KB5089549, where users are encountering difficulties in installation, specifically the 0x800f0922 error code. This issue is primarily due to insufficient free space on the EFI System Partition (ESP), especially for devices with 10 MB or less available. The installation may fail during the reboot phase at around 35–36% completion, with users receiving notifications like "Something didn't go as planned. Undoing changes." Log entries may indicate insufficient ESP free space, such as "SpaceCheck: Insufficient free space" and "ServicingBootFiles failed. Error = 0x70." Microsoft recommends affected users utilize the Known Issue Rollback feature to reverse problematic updates and advises IT departments to install and configure the relevant Group Policy to address the issue.

Winsage

May 18, 2026

Microsoft Changes ‘Most Windows Devices’ In June—Update Yours Now

Microsoft has alerted users that Secure Boot certificates will begin to expire in June, affecting most Windows devices. Users must update these certificates to avoid disruptions, as failing to install the latest Windows update could prevent devices from booting securely. A "one-time restart" will be required after the update to load new certificates. If the update is not installed by June 1, users may see a red stop icon in the Windows Security app. The update issued on May 12 was modified on May 15 to warn that it might fail to install. Microsoft indicates that most users will need to restart their PCs, although this may revert the update. The latest updates will expand the number of devices eligible for new Secure Boot certificates, but users are uncertain about how many PCs will be affected due to a phased rollout approach.

Winsage

May 17, 2026

Microsoft confirms Windows 11 KB5089549 issues due to low storage, says it’s rolling out an emergency patch to fix install errors

Microsoft has acknowledged an issue with the installation of Windows 11’s May 2026 Update (KB5089549), which has been encountering errors such as 0x800f0922, 0x80240069, and 0x80240031. An emergency server-side update is being implemented to resolve these installation hurdles. The KB5089549 update is mandatory and intended to install automatically on compatible PCs, but some users have reported difficulties, including installation stalling around 35-36%, leading to a rollback with a message stating, “something didn’t go as planned. Undoing changes.” Investigations reveal that installation failures are particularly affecting devices with limited EFI partition space, with error code 0x800f0922 indicating insufficient free space and potential conflicts with third-party files. The EFI System Partition (ESP) typically occupies no more than 100MB and can become congested due to leftover files, causing installation failures when available space is low. Users with less than 10MB of free EFI storage may face additional complications. A PowerShell command can be used to check EFI storage status. Microsoft has advised users to consider increasing the size of the ESP by modifying the Windows Registry, although the recent server-side update may have already addressed the issue. The Known Issue Rollback (KIR) has been implemented, automatically propagating the resolution to devices. Users are encouraged to restart their devices to expedite the application of the fix, and there are no additional bugs reported.

Winsage

May 15, 2026

Windows DNS Client Security Flaw Exposes Systems to Remote Code Execution

Windows systems are threatened by a vulnerability in the Windows DNS Client, identified as CVE-2026-41096, which allows remote code execution without user intervention. It has a CVSS base score of 9.8, indicating high severity. The flaw is a heap-based buffer overflow in the dnsapi.dll component, enabling unauthenticated remote attackers to execute arbitrary code. Exploitation requires sending a specially crafted DNS response to a vulnerable system, potentially leading to complete control over the host. Affected systems include supported versions of Windows 11 and Windows Server 2022/2025. Microsoft released security updates on May 12, 2026, and administrators are advised to apply these patches and reboot systems. Despite the severity, Microsoft currently classifies exploitation as “Exploitation Unlikely,” with no known public exploits or in-the-wild attacks.

Winsage

May 14, 2026

Microsoft Fixes Windows Autopatch Bug Installing Restricted Drivers on Windows 11

Microsoft's Windows Autopatch service mistakenly deployed restricted driver updates to some managed Windows devices without proper approval, affecting Windows 11 versions 25H2, 24H2, and 23H2. This led to unexpected restarts and stability issues. Microsoft implemented a server-side fix to address this problem, confirming that only a limited subset of devices in the EU region was impacted and that no client-side action was required. Additionally, some users faced difficulties installing Office on Windows 365 machines due to a configuration change from a recent service update.

Winsage

May 14, 2026

Raising the bar together. Introducing the Driver Quality Initiative at WinHEC 2026

The Windows Hardware Engineering Conference (WinHEC) 2026 took place in Taipei, marking Microsoft's return to the event after a hiatus since 2018. The conference focused on the Driver Quality Initiative (DQI), aimed at improving driver quality, reliability, and security on the Windows platform. The DQI is built on four pillars: Architecture, Trust, Lifecycle, and Quality Measures. Key themes discussed included the importance of collaboration among stakeholders, enhancing Windows 11 quality, and fostering innovation through strong foundational practices. Attendees participated in workshops and hands-on labs to deepen their understanding of driver development and compatibility testing. Partners expressed a shared commitment to improving driver and platform quality, emphasizing the need for transparency and ongoing engagement. Microsoft plans to continue investing in reliability, security, performance, compatibility, and quality in collaboration with its partners.

Winsage

May 14, 2026

Windows on ARM Security: How to Protect ARM-Based Windows Devices Without Gaps

The transition to Windows on ARM devices is increasing across various sectors, with organizations drawn to their performance, efficiency, and battery life. However, there are concerns about securing these devices without introducing vulnerabilities. Windows on ARM security involves safeguarding ARM64-based Windows devices with endpoint security solutions optimized for ARM architecture. The lack of native ARM64 endpoint protection can leave devices vulnerable. Windows on ARM devices operate on ARM64 architecture, differing from traditional x86/x64 systems, which can lead to incomplete protection, performance issues, and compatibility challenges with legacy security tools. This creates security gaps, making ARM-based devices attractive targets for threats like ransomware. To secure ARM-based Windows endpoints effectively, organizations need native ARM64 endpoint protection that ensures optimal performance, consistent protection across all devices, and centralized policy management. Morphisec offers native ARM64 endpoint protection, focusing on preventing threats before execution and providing seamless deployment and management. Without native support, organizations risk fragmented security tools, an expanded attack surface, and operational inefficiencies. Implementing native ARM64 endpoint protection allows for standardized security, simplified processes, and enhanced resilience against advanced threats.

Winsage

May 10, 2026

‘One Time Restart’—Microsoft Changes Windows After 15 Years

Microsoft is implementing changes to Secure Boot certificates for Windows PCs, marking the first expiration since 2011. New certificates must be installed on all devices before a deadline in June. Users can check their status via the Windows Security App. The new certificates will be distributed through regular monthly security updates, with some users already receiving them in April and others expected to see changes in May. Following these updates, users may experience additional restarts on their PCs. The update applies only to PCs eligible for security updates, meaning many Windows 10 PCs will not receive the new certificates, potentially exposing them to risks. Affected users are advised to enroll in Microsoft’s Extended Security Update (ESU) program.

BetaBeacon

May 6, 2026

North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware

North Korean hackers targeted ethnic Koreans in China with a malware disguised as a popular Android mobile game called BirdCall, allowing them to steal personal data from victims.