Windows operating systems Archives

Winsage

June 5, 2025

What changes are European regulations bringing to Windows?

Microsoft is implementing significant changes to its Windows operating systems in response to the European Union's Digital Markets Act (DMA), which took effect in March 2024. Starting in June 2025, Windows 10 and 11 users in the European Economic Area (EEA) will have the option to uninstall pre-installed applications, including the Windows Store. The process for setting third-party browsers, such as Chrome or Firefox, as the default will be simplified, moving away from the default Edge browser. Microsoft will also stop incentivizing users to switch to Edge by removing pop-up prompts. Additionally, users will be able to select alternative news feeds within taskbar widgets. These changes aim to enhance user control and promote competition within the Windows ecosystem.

Winsage

May 29, 2025

Forced E-Waste PCs And The Case Of Windows 11’s Trusted Platform

The process of upgrading Windows operating systems was straightforward until Windows 11, which introduced a new requirement for a Trusted Platform Module (TPM), potentially rendering many capable PCs obsolete. The TPM is used for boot validation and storing biometric data, but it complicates data recovery and may lock out legitimate users. Users have found ways to bypass Windows 11's TPM and CPU restrictions, allowing installation on unsupported hardware. Microsoft’s enforcement of these requirements remains uncertain, raising concerns about system reliability and user access to updates. Many users are opting to stay on Windows 10 while advocating for continued support from developers.

Winsage

May 29, 2025

Microsoft Confirms New Update Failure For Windows Users

Microsoft is investigating issues with Windows 11 versions 22H2 and 23H2 related to the May 13, 2025 security update (KB5058405), which has caused installation failures. Users are encountering a recovery error stating, “Your PC/Device needs to be repaired,” linked to the ACPI.sys driver, with the error code 0xc0000098. This issue affects not only personal computers but also virtual environments, including Azure Virtual Machines and Citrix or Hyper-V hosted machines. Earlier, Microsoft addressed similar problems for Windows 10 users experiencing BitLocker Recovery screens during the installation of the same security update. Microsoft has released the KB5061977 out-of-band update for Windows 11 in response to these ongoing challenges.

Tech Optimizer

May 21, 2025

Defendnot Disarms Windows Defender by Pretending to Be a Friend

A newly developed security program called Defendnot can deceive and disable Windows Defender, even without legitimate antivirus software installed. It alters the system to appear as a genuine antivirus program, allowing hackers to neutralize Windows Defender's protective measures. Defendnot operates through an undocumented API that antivirus software uses to register with the Windows Security Center, causing Microsoft Defender to deactivate. Developed by security researcher es3n1n, Defendnot injects a DLL file into the Taskmgr.exe process, misleading Windows into believing an antivirus is present. Although created for research purposes, it can be misused by cybercriminals. Microsoft Defender recognizes Defendnot as a Trojan and quarantines it upon detection.

Tech Optimizer

May 19, 2025

This new Defendnot trojan can get Windows to disable its own antivirus software

A researcher using the pseudonym es3n1n has created a tool called Defendnot that manipulates Windows operating systems to disable Microsoft Defender, making devices vulnerable to malware. Defendnot simulates the presence of a legitimate antivirus by using an undocumented API in the Windows Security Center, convincing Windows that a valid antivirus is installed. This development raises concerns about cybersecurity, as it undermines the effectiveness of built-in antivirus protections like Windows Defender.

Winsage

May 15, 2025

Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network

Microsoft's May 2025 Patch Tuesday addressed 72 vulnerabilities in Windows Remote Desktop services, including two critical vulnerabilities, CVE-2025-29966 and CVE-2025-29967, which are heap-based buffer overflow issues. These flaws allow unauthorized attackers to execute arbitrary code over a network, posing significant risks. The vulnerabilities have been rated as "Critical" and classified under CWE-122. They affect various versions of Windows operating systems utilizing Remote Desktop services. Although there have been no reported active exploitations, experts warn of the potential dangers, urging users to apply patches immediately. The update also addressed five actively exploited zero-day vulnerabilities in other Windows components. Patches are available through Windows Update, WSUS, and the Microsoft Update Catalog.

Winsage

May 14, 2025

Microsoft fixes Linux boot issues on dual-boot Windows systems

Microsoft addressed a boot issue affecting dual-boot systems running Linux alongside Windows after the August 2024 Windows security updates, which caused Linux systems to fail to boot due to a Secure Boot Advanced Targeting (SBAT) update. This issue impacted various Windows operating systems, including Windows 10, Windows 11, and Windows Server 2012 and later. The problem arose from a detection mechanism that failed to recognize some customized dual-boot setups, leading to error messages such as "Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation." Microsoft confirmed that the boot issues would be resolved with the May 2025 Patch Tuesday security updates and provided a temporary workaround in late August, advising users to delete the SBAT update. On September 19, Microsoft stopped the automatic application of the problematic SBAT update and recommended a command to prevent future SBAT updates. The issue was specific to the August 2024 security and preview updates, and subsequent updates starting with September 2024 did not contain the problematic settings.

Winsage

April 24, 2025

Microsoft security patch opens up new security vulnerability

Microsoft's recent update aimed at fixing a security vulnerability (CVE-2025-2104) has unintentionally created an "inetpub" folder on the system drive of Windows operating systems. This folder's creation has raised concerns among IT security researchers, particularly Kevin Beaumont, who warns that it could lead to issues with Windows updates. Users can create junctions that redirect to the "inetpub" folder, potentially causing failures in installing updates and leaving systems vulnerable. Microsoft has stated that the "inetpub" folder should not be deleted and that its presence is part of security enhancements.

Winsage

April 16, 2025

I disabled these 5 Windows services to improve my PC performance

Windows operating systems have numerous background services that can consume system resources and slow down performance. Users can improve responsiveness by disabling non-essential services. 1. Windows Search: Indexes files and data for quick searches; can tax CPU and RAM. To disable: press Ctrl + R, type services.msc, locate Windows Search, stop the service, and set Startup type to Disabled or Manual. 2. SysMain (formerly Superfetch): Preloads frequently used applications into memory but can lead to unnecessary disk activity on SSDs. To disable: access services.msc, find SysMain, stop the service, and set Startup Type to Disabled. 3. Windows Update Delivery Optimization: Shares update files with other PCs, consuming bandwidth. To disable: go to Settings -> Windows Update -> Advanced Options and turn it off. 4. Remote Desktop Services: Enables remote connections, which can drain resources and pose security risks. To disable: locate Remote Desktop Services in services.msc, stop it, and set Startup type to Disabled. 5. Connected User Experiences and Telemetry: Collects usage data and can transmit sensitive information. To disable: turn off the service and navigate to Settings -> Privacy & Security -> Diagnostics & Feedback to disable Diagnostic data. Additional services that may be disabled include Print Spooler, Fax, Bluetooth Support, and Windows Error Reporting Service for further performance optimization.

Winsage

April 16, 2025

What does Microsoft’s new ReFS file system mean for Windows?

The NTFS file system has been the default for Windows operating systems for decades, but Microsoft is developing the Resilient File System (ReFS), which has been in use primarily in Windows Server environments since its introduction in 2012. ReFS is designed to enhance system and data resilience, featuring error detection and correction capabilities, a data integrity scanner, and the ability to repair detected corruption using another volume. It supports file and volume sizes up to 35 petabytes and includes advanced features like Block Clone and Sparse VDL, which improve performance in specific scenarios. However, ReFS is not a full replacement for NTFS, as it lacks several critical features such as file system compression, encryption, bootable media support, and support for removable media. Its current limitations make it unsuitable for typical home PC use, and while it may eventually replace NTFS, this transition is not expected to happen soon. ReFS is primarily designed for specialized applications involving large data sets and environments with multiple drives.