Windows Explorer Archives

Winsage

March 23, 2026

PowerToys adds these 8 features that Windows should have had for years

PowerToys is a curated set of utilities created by Microsoft to enhance functionality for power users, evolving from its origins in Windows 95. Users can install PowerToys easily from the Microsoft Store or GitHub. Key features include: - Text Extractor: Captures text from images for easy copying. - Color Picker: Identifies and captures hex codes of colors by pressing Windows + Shift + C. - Command Palette: Allows quick searching of files and launching applications with Windows + Alt + Space. - Awake: Keeps the computer active during long tasks, accessible from the PowerToys menu. - Shortcut Guide: Displays Windows key shortcuts by pressing Windows + Shift + /. - Pixel Ruler: Measures dimensions on the screen by pressing Windows + Ctrl + Shift + M. - File Manager Enhanced Preview: Expands file preview capabilities in Windows Explorer. - PowerRename: Facilitates batch renaming of files with a preview option. These features aim to improve the Windows user experience and may influence future updates to the operating system.

Winsage

March 20, 2026

How I’ve improved Windows 11 with a 30-year-old tool

Microsoft PowerToys is a utility that enhances the Windows experience with additional features. It was first introduced with Windows 95, revived in 2019 as an open-source tool, and is available for free download from the Microsoft Store or GitHub. Key features of PowerToys include: - Pin important windows on top: Users can pin active windows above others using the shortcut Win+Ctrl+T, allowing for better focus on key tasks. - Resize images: The Image Resizer tool allows users to resize images to specific dimensions through right-click options, with presets for Fill, Fit, or Stretch. - Extract text from the screen: The Text Extractor uses Optical Character Recognition (OCR) to copy text directly from anywhere on the screen by selecting the area with Win+T. - Control multiple computers: The Mouse Without Borders feature enables users to control up to four computers with a single set of peripherals and share clipboard and files. - Customize shortcuts: The Keyboard Manager allows users to remap keys and shortcuts, though some keys are reserved for system functions. - Batch rename files: PowerRename enables users to rename multiple files at once through a right-click option, with a preview of changes. - Thumbnail and preview pane previews: PowerToys enhances file previews in File Explorer for additional file types and adds thumbnail support for files that Windows Explorer does not natively generate thumbnails for. - Crop and Lock: This feature allows users to crop application windows to focus on specific content, with two modes: Thumbnail mode for static previews and Reparent mode for functional cropped windows. PowerToys continues to be a valuable tool for enhancing productivity on Windows.

Winsage

March 20, 2026

Microsoft publishes instructions on how to restore access to C: drive in Windows 11 on Samsung laptops

In March, users experienced issues accessing the C: drive on Samsung laptops, initially thought to be caused by an upcoming Windows 11 update. Microsoft clarified that the issue was due to Samsung's Galaxy Connect program. Both companies collaborated to resolve the problem, and Microsoft provided instructions for users to restore access, which typically takes around 15 minutes. Users should log in with an administrator account or contact Samsung support for help. The restoration process involves uninstalling the Samsung app, adjusting drive permissions, creating a restore file, and running it as an administrator. Microsoft's instructions do not require reinstalling Windows or deleting data, except for the Samsung applications. If issues persist, users are advised to contact Samsung technical support.

Winsage

March 2, 2026

RAT Malware Via Windows Explorer Puts Crypto at Risk

Cofense Intelligence reported that threat actors are exploiting Windows File Explorer and WebDAV servers to deliver Remote Access Trojans (RATs) to corporate systems, bypassing browser security measures. This method allows attackers to infiltrate machines without using web browsers, taking advantage of File Explorer's ability to connect to remote WebDAV servers. Despite WebDAV being deprecated by Microsoft in November 2023, it is still supported in Windows, creating a vulnerability. The campaigns began in February 2024, with a significant increase in September 2024, and 87% of these campaigns deliver multiple RATs, including XWorm, Async RAT, and DcRAT. Victims typically receive phishing emails disguised as invoices, containing URL or LNK shortcut files that initiate a WebDAV connection. The attacks often utilize Cloudflare Tunnel for hosting malicious WebDAV servers, making the traffic appear legitimate. Notably, 50% of affected campaigns are in German, while 30% are in English. The report emphasizes the risks posed to individuals holding digital assets, as RATs can access sensitive information, including crypto wallet files. Organizations are advised to monitor network traffic for Cloudflare Tunnel instances and educate users about the risks associated with File Explorer's capabilities.

Winsage

March 1, 2026

Hackers Abuse Windows File Explorer and WebDAV for Stealthy Malware Delivery

Cybercriminals are exploiting a legacy feature in Windows File Explorer, specifically the WebDAV protocol, to distribute malware and bypass traditional security measures. Despite Microsoft deprecating native WebDAV support in November 2023, it remains active on many systems. Attackers use WebDAV to deceive victims into executing malicious payloads by sending links that connect File Explorer directly to remote servers, avoiding web browsers and their security warnings. They employ methods such as direct linking, URL shortcut files, and LNK shortcut files to deliver exploits. The primary objective of these campaigns, which surged in late 2024, is to deploy Remote Access Trojans (RATs), with 87% of Active Threat Reports involving multiple RATs like XWorm RAT, Async RAT, and DcRAT. These campaigns predominantly target corporate networks in Europe, with many phishing emails written in German and English. Attackers use short-lived WebDAV servers hosted on Cloudflare Tunnel demo accounts to obscure their infrastructure. Security analysts are advised to monitor unusual network activity from Windows Explorer and educate users to verify addresses in File Explorer.

Winsage

February 16, 2026

De-Enshittify an Existing Install of Windows 11 ⭐

Win11Debloat is a tool designed to enhance the Windows 11 experience by allowing users to remove unwanted elements while keeping desired features. It operates via a PowerShell script and offers a user-friendly graphical interface. Users can uninstall applications, adjust Windows 11 features, and specify whether changes apply to the current user or all users. Key functionalities include: - Uninstalling applications like Microsoft Edge, OneDrive, and various bundled apps. - Adjusting privacy settings, including disabling telemetry and targeted advertisements. - Modifying Windows Update settings to prevent automatic restarts. - Disabling Bing web search in the Start menu. To use Win11Debloat, users must follow specific instructions on GitHub, execute a script, and navigate through three main screens to make selections. The tool allows for the creation of a system restore point and offers options to apply changes to all users or just the current user. Users are advised to update apps before using Win11Debloat to prevent the Microsoft Store from reinstalling removed applications. If some apps remain after using the tool, they can be uninstalled manually. The tool's changes are reversible, and most removed apps can be reinstalled, except for the Microsoft Store app. Users are encouraged to take their time with the options available and can reapply settings if future updates from Microsoft alter their configurations.

Winsage

February 13, 2026

Microsoft: New Windows LNK spoofing issues aren’t vulnerabilities

Security researcher Wietze Beukema revealed vulnerabilities in Windows LK shortcut files at the Wild West Hackin' Fest, which could allow attackers to deploy harmful payloads. He identified four undocumented techniques that manipulate these shortcut files, obscuring malicious targets from users. The vulnerabilities exploit inconsistencies in how Windows Explorer handles conflicting target paths, allowing for deceptive file properties. One technique involves using forbidden Windows path characters to create misleading paths, while another manipulates LinkTargetIDList values. The most sophisticated method alters the EnvironmentVariableDataBlock structure to present a false target in the properties window while executing malicious commands in the background. Microsoft declined to classify the EnvironmentVariableDataBlock issue as a security vulnerability, stating that exploitation requires user interaction and does not breach security boundaries. They emphasized that Windows recognizes shortcut files as potentially dangerous and provides warnings when opening them. However, Beukema noted that users often ignore these warnings. The vulnerabilities share similarities with CVE-2025-9491, which has been exploited by various state-sponsored and cybercrime groups. Microsoft initially did not address CVE-2025-9491 but later modified LNK files to mitigate the vulnerability after it was widely exploited.

Winsage

January 7, 2026

“Microslop”: Infuriating Video Sums Up How Microsoft Is Ruining Windows With AI

Programmer Ryan Fleury criticized Windows 11's AI-powered search feature in a video, highlighting a suggestion that users ask, “My mouse pointer is too small,” which yielded no results after a ten-second wait. In contrast, a simple search for the word “test” produced three relevant outcomes. Microsoft is committed to enhancing Windows 11 with AI, having ended support for Windows 10 to encourage users to transition to the new system featuring a virtual assistant called Copilot. New features include a Copilot icon on the taskbar and integration into Windows Explorer for generating document summaries. However, security concerns persist due to past incidents where sensitive information was saved in unsecured locations. Discontent with Microsoft's AI direction has grown since the discontinuation of Windows 10, and CEO Satya Nadella's comments against the term “slop” have led to increased use of the term “Microslop” on social media. Fleury's sarcastic remarks about AI's coding capabilities reflect skepticism about the effectiveness of AI in delivering quality results.

Winsage

December 11, 2025

Microsoft fixes Windows Explorer white flashes in dark mode

Microsoft resolved an issue in Windows 11 where users experienced bright white flashes when launching File Explorer in dark mode after installing the KB5070311 update. This glitch affected various actions within the application. The KB5072033 cumulative update fixed this issue, improving the experience in File Explorer. Additionally, the KB5072033 update addressed network connectivity loss on virtual machines and introduced enhancements to Windows PowerShell, including warnings for potentially harmful scripts. Microsoft also acknowledged a bug affecting system components like File Explorer and the Start Menu during the provisioning of Windows 11 24H2 and 25H2 devices. Furthermore, Microsoft is testing a feature to preload File Explorer in the background to enhance performance.

Winsage

December 6, 2025

Linux File Managers Outshine Windows Explorer in Speed and Customization

Windows File Explorer is facing criticism for its speed and features compared to Linux-style file managers like Dolphin, which offers advantages such as dual-pane views, tabbed browsing, and rapid search capabilities. Users have reported that Linux file managers can load directories with thousands of files in under a second, while Windows File Explorer may take several seconds. The growing dissatisfaction with Windows' performance and privacy policies has led to an increase in Linux adoption, with over 3% of the gaming market now using Linux. Additionally, Linux file managers provide high customization options and modularity, appealing particularly to developers. Discussions on social media platforms reflect a preference for Linux alternatives due to their superior performance and user experience.