Windows recovery environment

Winsage
July 7, 2026
Microsoft has rolled out a point-in-time restore feature for Windows 11, available to all client PCs running version 24H2 and later, including Enterprise, Pro, and Home editions. This feature automatically creates local restore points every 24 hours, stored for up to 72 hours and limited to 2% of disk space. It is enabled by default on Windows Home and unmanaged Windows Pro devices with at least 200 GB OS volume, while it is disabled by default on Windows Enterprise, Education, and organization-managed Windows Pro systems. Users can initiate restores locally via the Windows Recovery Environment, but any changes made after the selected restore point will be lost. Microsoft plans to introduce remote initiation capabilities through Intune recovery. The upcoming Windows 11 version 26H2 will maintain a low-disruption update experience, allowing devices on versions 24H2 or 25H2 to transition via a small enablement package. Devices running version 26H1 cannot upgrade directly to 26H2.
Tech Optimizer
July 4, 2026
Windows includes a built-in virus checker called Microsoft Defender Antivirus, which allows users to conduct virus scans. 1. To initiate a scan, open Windows Security, navigate to Virus & threat protection, and select Quick scan for a fast check. 2. Users can check which antivirus is active by going to Who's protecting me? in Windows Security. If a non-Microsoft antivirus is installed, Microsoft Defender will disable itself. 3. Before scanning, it's important to update the security intelligence by checking for updates in Protection updates. 4. A full scan can be executed by selecting Full scan in Scan options, while a custom scan allows users to specify a location to check. 5. For stubborn malware, Microsoft Defender Offline can be used, which requires a restart of Windows. 6. Scan results and quarantined threats can be reviewed in Protection history after any scan. 7. For additional checks, users can utilize VirusTotal for individual files or links, Microsoft Safety Scanner for a one-time scan, or the Malicious Software Removal Tool for specific malware. 8. Outdated tools like the Chrome Cleanup Tool and Norton Power Eraser should be disregarded as they are no longer effective. Users can scan individual files without scanning the entire PC, and results from the Microsoft Defender Offline scan are found in Protection history. The Microsoft Safety Scanner does not replace real-time antivirus protection, and managed devices can be scanned by IT administrators.
Winsage
June 30, 2026
Microsoft has released three optional updates for Windows 11: KB5095186, KB5095615, and KB5102558. - KB5095186 is for Windows 11 26H1 on Snapdragon X2 systems and upgrades the Windows recovery environment (WinRE) to version 10.0.28000.2335. - KB5095615 also improves the WinRE, updating it to version 10.0.26100.8737. - KB5102558 refines Windows setup binaries and related files for feature updates. These updates can be accessed through Windows Update in the Settings app, and no restart is required after installation.
Winsage
June 28, 2026
Microsoft released a preview update identified as C-release under KB5095093, along with new dynamic updates to enhance the Windows experience. Dynamic updates refine the Windows Recovery process and improve the setup experience by updating the Windows Recovery Environment (WinRE) and Setup file binaries. These updates ensure a smoother transition during upgrades and preserve Language Pack (LP) and Features on Demand (FODs) content. The updates include: - KB5095186: Safe OS Dynamic Update for Windows 11, version 26H1, enhancing WinRE to version 10.0.28000.2335. - KB5102558: Setup Dynamic Update for Windows 11, versions 24H2 and 25H2, improving setup binaries and files for feature updates. - KB5095615: Safe OS Dynamic Update for Windows 11, versions 24H2 and 25H2, enhancing WinRE to version 10.0.26100.8737. These updates will be automatically downloaded and installed through the Windows Update channel.
Winsage
June 24, 2026
Point-in-time restore is a new feature for Windows 11 that allows administrators to revert systems to a previous stable state, streamlining recovery from issues like problematic updates or software conflicts. It automatically generates restore points every 24 hours, retaining them for up to 72 hours and using a maximum of 2 percent of disk space. This feature is available on Windows 11 version 24H2 and later across all editions, including Enterprise, Pro, and Home. Administrators can initiate the restore process through the Windows Recovery Environment (Windows RE) by selecting a restore point. Future enhancements will include remote restore capabilities through Microsoft Intune.
Winsage
June 15, 2026
A cybersecurity researcher known as “Nightmare Eclipse” has revealed two zero-day exploits threatening Windows systems: RoguePlanet and GreatXML. RoguePlanet targets Microsoft Defender, allowing attackers to execute privileged actions and gain SYSTEM-level access on Windows machines. It is a local privilege escalation vulnerability that remains effective on fully updated systems. GreatXML claims to bypass BitLocker disk encryption by manipulating the Windows Recovery Environment, potentially granting access to protected files. However, its effectiveness may be overstated, as it might require administrator-level access. Microsoft advises organizations to implement security updates, treat lost or accessible devices as high-risk, enforce stricter policies, and monitor threat intelligence to mitigate exposure to these vulnerabilities.
Winsage
June 14, 2026
Microsoft released Patch Tuesday updates KB5094126 and KB5093998 for Windows 11, and KB5094127 for Windows 10. New Dynamic Update packages were introduced to enhance user experience by preserving Language Pack and Features on Demand content during upgrades. The updates include: - KB5095185: Safe OS Dynamic Update for Windows 11, version 26H1, improving WinRE to version 10.0.28000.2269. - KB5094149: Safe OS Dynamic Update for Windows 11, versions 24H2 and 25H2, enhancing WinRE to version 10.0.26100.8655. - KB5095971: Setup Dynamic Update for Windows 11, version 23H2, refining setup binaries for feature updates. - KB5094156: Safe OS Dynamic Update for Windows 11, version 23H2, improving WinRE to version 10.0.22621.7219. - KB5098815: Windows Recovery Environment update for Windows 10, versions 21H2 and 22H2, applying Safe OS Dynamic Update (KB5094154) to WinRE. - KB5094154: Safe OS Dynamic Update for Windows 10, versions 21H2 and 22H2, enhancing WinRE to version 10.0.19041.7417. - KB5094153: Safe OS Dynamic Update for Windows 10, version 1809 and Windows Server 2019, improving WinRE to version 10.0.17763.8880. - KB5094152: Safe OS Dynamic Update for Windows 10, version 1607 and Windows Server 2016, enhancing WinRE to version 10.0.14393.9234. These updates will be automatically downloaded and installed via the Windows Update channel.
Search