Windows operating systems Archives

Winsage

April 24, 2025

Microsoft security patch opens up new security vulnerability

Microsoft's recent update aimed at fixing a security vulnerability (CVE-2025-2104) has unintentionally created an "inetpub" folder on the system drive of Windows operating systems. This folder's creation has raised concerns among IT security researchers, particularly Kevin Beaumont, who warns that it could lead to issues with Windows updates. Users can create junctions that redirect to the "inetpub" folder, potentially causing failures in installing updates and leaving systems vulnerable. Microsoft has stated that the "inetpub" folder should not be deleted and that its presence is part of security enhancements.

Winsage

April 16, 2025

I disabled these 5 Windows services to improve my PC performance

Windows operating systems have numerous background services that can consume system resources and slow down performance. Users can improve responsiveness by disabling non-essential services. 1. Windows Search: Indexes files and data for quick searches; can tax CPU and RAM. To disable: press Ctrl + R, type services.msc, locate Windows Search, stop the service, and set Startup type to Disabled or Manual. 2. SysMain (formerly Superfetch): Preloads frequently used applications into memory but can lead to unnecessary disk activity on SSDs. To disable: access services.msc, find SysMain, stop the service, and set Startup Type to Disabled. 3. Windows Update Delivery Optimization: Shares update files with other PCs, consuming bandwidth. To disable: go to Settings -> Windows Update -> Advanced Options and turn it off. 4. Remote Desktop Services: Enables remote connections, which can drain resources and pose security risks. To disable: locate Remote Desktop Services in services.msc, stop it, and set Startup type to Disabled. 5. Connected User Experiences and Telemetry: Collects usage data and can transmit sensitive information. To disable: turn off the service and navigate to Settings -> Privacy & Security -> Diagnostics & Feedback to disable Diagnostic data. Additional services that may be disabled include Print Spooler, Fax, Bluetooth Support, and Windows Error Reporting Service for further performance optimization.

Winsage

April 16, 2025

What does Microsoft’s new ReFS file system mean for Windows?

The NTFS file system has been the default for Windows operating systems for decades, but Microsoft is developing the Resilient File System (ReFS), which has been in use primarily in Windows Server environments since its introduction in 2012. ReFS is designed to enhance system and data resilience, featuring error detection and correction capabilities, a data integrity scanner, and the ability to repair detected corruption using another volume. It supports file and volume sizes up to 35 petabytes and includes advanced features like Block Clone and Sparse VDL, which improve performance in specific scenarios. However, ReFS is not a full replacement for NTFS, as it lacks several critical features such as file system compression, encryption, bootable media support, and support for removable media. Its current limitations make it unsuitable for typical home PC use, and while it may eventually replace NTFS, this transition is not expected to happen soon. ReFS is primarily designed for specialized applications involving large data sets and environments with multiple drives.

Winsage

April 10, 2025

Don’t pay more for Windows Pro’s advanced features. Use these free tools instead

The Windows Home and Pro editions differ primarily in several key features relevant to personal users: - Bitlocker Encryption: Exclusive to the Pro edition, it secures drives, but Windows 11 Home includes device encryption requiring a Microsoft account. - Hyper-V: Available only in Pro, but alternatives like VirtualBox can be used in Home. - Remote Desktop: Pro allows full remote access, while Home offers limited support; third-party tools can provide alternatives. - Group Policies: Primarily for corporate use in Pro, but local group policies can be activated in Home with alternative tools available. Windows 11 24H2 Home includes a new device encryption feature requiring a Microsoft account. Veracrypt is a free alternative for encryption, allowing for encrypted containers and compatibility across multiple operating systems. Upgrading from Windows 11 Home to Pro requires a new product key. VirtualBox offers a free option for creating virtual machines. For remote access, tools like Rustdesk can be used without needing the Pro edition's capabilities.

Winsage

April 9, 2025

Windows Common Log File System 0-Day Vulnerability Exploited in the Wild

A critical zero-day vulnerability in the Windows Common Log File System (CLFS) driver, identified as CVE-2025-29824, is actively exploited, allowing attackers to elevate privileges to SYSTEM level and compromise system integrity. This flaw arises from a use-after-free issue within the CLFS driver, enabling local attackers to execute malicious code. Microsoft is aware of the exploitation and is working on a security update, but no immediate patch is available. The vulnerability affects multiple versions of Windows 10, including x64-based and 32-bit systems, and can lead to privilege escalation, data breaches, operational disruption, and malware deployment. Microsoft has classified this vulnerability as "Important" and urges organizations to apply patches promptly once available.

Winsage

April 1, 2025

Redesigned “Blue Screen Of Death” Being Tested In Windows 11

Microsoft experimented with a black version of the Blue Screen of Death (BSOD) in 2021 but ultimately reverted to the classic blue screen. In the latest versions of Windows 11 (24H2 and beyond) for Windows Insider program participants, the BSOD has changed to a green hue in the Beta, Dev, and Canary Channels.

Winsage

March 26, 2025

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials

A critical vulnerability affecting various Windows operating systems, including Windows 7, Server 2008 R2, Windows 11 v24H2, and Server 2025, allows attackers to capture NTLM authentication credentials through interactions with malicious files in Windows Explorer. Exploitation can occur when users open shared folders, insert USB drives with malicious files, or view downloaded files. The vulnerability is similar to a previously patched flaw (CVE-2025-21377) but has not been fully documented. Security researchers have developed micropatches available for free until Microsoft releases a permanent fix. These micropatches support a wide range of Windows versions, including legacy and currently supported systems. The micropatches have been automatically distributed to affected systems with the 0patch Agent installed.

Winsage

March 26, 2025

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials

A critical vulnerability affects all Windows operating systems from Windows 7 to Windows 11 v24H2 and Server 2025, allowing attackers to capture NTLM authentication credentials through malicious files viewed in Windows Explorer. Exploitation can occur when users open shared folders, insert USB drives with malicious files, or view previously downloaded files. The vulnerability is similar to a previously patched flaw (CVE-2025-21377) but has not been publicly documented. Security researchers have developed micropatches through 0patch to temporarily mitigate the issue, which will be available at no cost until Microsoft releases a permanent solution. The micropatches support various Windows versions, including legacy and currently supported systems, and can be automatically deployed without requiring system reboots.

Winsage

March 26, 2025

0patch releases yet another free fix for yet another 0day vulnerability in Windows that Microsoft has not addressed

0patch has released micropatches for a critical SCF File NTLM hash disclosure vulnerability affecting all Windows versions from Windows 7 to Windows 11 and Windows Server editions from 2008 to 2025. This vulnerability allows attackers to obtain users' NTLM credentials by having them view a malicious file in Windows Explorer. 0patch operates on a subscription model and provides security fixes for unsupported Windows versions, as well as complimentary patches for unaddressed vulnerabilities. Specific details about the vulnerability are currently withheld, pending an official fix from Microsoft.

Winsage

March 26, 2025

Download BleachBit (free) for Windows, macOS and Linux

BleachBit is an open-source system cleaning tool that helps users enhance disk capacity by removing unnecessary files and improving privacy. It permanently deletes files to prevent recovery, making it suitable for users handling sensitive information. The tool offers features such as shredding unused disk space, clearing browser histories, and removing software logs. BleachBit is free to use, lightweight, and compatible with various operating systems, including Windows, Linux, and macOS (with limited functionality). It supports cleaning for multiple applications and provides command-line functionality for advanced users. Additionally, BleachBit can be run from a USB drive without installation. Alternatives to BleachBit include CCleaner, Advanced SystemCare, and DaisyDisk, each offering different functionalities and features.