Windows environments

Winsage
July 24, 2025
Microsoft has resolved an issue causing erroneous Windows Firewall notifications after rebooting Windows 11 24H2 systems, particularly with the June 2025 preview update. This fix is included in the KB5062660 preview cumulative update released on Tuesday and will be more widely available with the August Patch Tuesday updates. The issue, acknowledged on July 3rd, was linked to a new feature in development and resulted in misleading Event Viewer messages (event 2042) indicating 'Config Read Failed.' Microsoft clarified that these messages did not reflect actual problems with Windows Firewall. An apology was issued on July 8th after mistakenly declaring the issue resolved. Additionally, Microsoft has addressed other recent issues, including invalid 0x80070643 failure errors during April 2025 WinRE updates and incorrect BitLocker drive encryption errors affecting managed Windows environments.
Winsage
July 13, 2025
AnduinOS is a Linux distribution created by a former Microsoft engineer, designed to ease the transition from Windows to Linux. It is based on Ubuntu and offers two versions: a Long-Term Support (LTS) release and a short-term release that showcases the latest features. AnduinOS shifts from Snap packages to the Flatpak system for better application access and package management. The interface closely resembles Windows 11, featuring a desktop environment with a taskbar that combines a dock and status bar, a Start menu designed for smoother performance, and customization options for the taskbar and Arc menu. It utilizes GNOME extensions to enhance functionality, including an Extension Manager for easy installation of new features. AnduinOS is positioned as a suitable option for users transitioning from Windows due to its familiar interface and extensive customization capabilities.
Winsage
July 3, 2025
Microsoft has advised customers to ignore certain Windows Firewall notifications, identified as 'Event 2042,' that may occur after installing the June 2025 preview update (KB5060829). These notifications indicate a 'Config Read Failed' warning but do not affect the normal operation of the Windows Firewall on Windows 11 24H2 systems. The company is aware of the issue, which is related to a new feature under development, and is working on a resolution. No action is required from users, and similar past issues have not impacted system functionality.
Winsage
June 16, 2025
Microsoft has acknowledged that the June security update has caused complications for users of Windows Server systems, specifically affecting the Dynamic Host Configuration Protocol (DHCP) service, which is failing and leading to improper functioning of IP refreshes. The issue impacts multiple versions of Windows Server, including 2016 (KB5061010), 2019 (KB5060531), 2022 (KB5060526), and 2025 (KB5060842). Users have reported that the DHCP service may stop responding after installing the update, with one administrator noting their 2016 server crashed shortly after the update was applied. Microsoft is working on a solution and advises affected users to uninstall the update to restore functionality. The company has a history of DHCP-related issues dating back over a decade and has faced other problems with Windows Server updates in the past year, including issues with keyboard and mouse inputs and authentication challenges.
Winsage
June 12, 2025
A critical security vulnerability, designated as CVE-2025-33067, has been identified in the Windows Task Scheduler, allowing attackers to escalate privileges to SYSTEM level access without prior administrative rights. This vulnerability is rated as "Important" with a CVSS score of 8.4 and is due to improper privilege management within the Windows Kernel’s task scheduling component. It affects multiple Windows versions, including Windows 10 (Versions 1607, 1809, 21H2, 22H2), Windows 11 (22H2, 23H2, 24H2), and Windows Server 2016-2025. Microsoft released security updates on June 10, 2025, to address this flaw across 27 different Windows configurations. The vulnerability requires local system access, no prior privileges, and no user interaction, making it particularly dangerous. Security researcher Alexander Pudwill discovered and disclosed the vulnerability.
Winsage
May 31, 2025
A new strain of malware has been operating undetected on Windows systems for several weeks, utilizing advanced evasion techniques that corrupt its Portable Executable (PE) headers to avoid detection. Security researchers discovered this malware embedded in the memory of a compromised system during an investigation, using a 33GB memory dump that revealed its presence in a dllhost.exe process with process ID 8200. The malware, classified as a Remote Access Trojan (RAT) by Fortinet, employs batch scripts and PowerShell commands for its attack and has capabilities for screenshot capture, remote server functionality, and system service manipulation. Its command and control infrastructure uses encrypted communications, complicating detection efforts. The malware's distinctive feature is the deliberate corruption of DOS and PE headers, which hinders reverse engineering and complicates the reconstruction of the executable from memory dumps. Researchers had to manually locate the malware’s entry point and resolve complex import tables for it to function in a controlled environment.
Winsage
May 28, 2025
Microsoft has launched Windows Backup for Organizations, a backup solution for enterprises currently in limited public preview. It allows organizations to back up and restore user Windows settings after device resets or reimaging, aiming to reduce migration overhead, minimize user disruption, and strengthen device resilience. The tool supports both Windows 10 and Windows 11 systems joined to Microsoft Entra. Companies must register and have an active Microsoft Intune test tenant with administrator permissions to participate in the preview. Microsoft advises organizations to enroll Windows 10 endpoints in the Extended Security Updates (ESU) program if they cannot transition to Windows 11 by October 14, 2025, and has announced that home users can also opt for an additional year of security updates through the ESU program for a fee. Additionally, Microsoft introduced a new update orchestration platform to unify the updating system across Windows environments.
Search