Windows security Archives

Winsage

April 30, 2025

Microsoft acknowledges problem with Windows 11 24H2 update

Windows 11 version 24H2 has been facing rollout challenges due to compatibility issues, leading Microsoft to implement a new block identified by protection number 56318982. The removal of such blocks can take time, similar to the previous ID 52754008 case. Current problems with Windows Server Update Services (WSUS) are preventing devices on Windows 11 versions 23H2 and 22H2 from accessing the 24H2 update. Users attempting to download version 24H2 may encounter error code 0x80240069, attributed to the April 2025 security update (KB5055528). This error obstructs the download process, and there is no temporary workaround available from Microsoft at this time. The issue is also affecting the System Center Configuration Manager (SCCM). Error code 0x80240069 is not documented in Microsoft's resources.

Tech Optimizer

April 30, 2025

5 Free Antivirus Programs To Eliminate Malware and Viruses (2025)

Users are increasingly seeking effective malware protection without the cost of premium software, leading to the emergence of free antivirus programs that offer robust security features. This trend is particularly beneficial for Windows 11 users who want real-time protection while staying within budget. Several leading cybersecurity firms provide free antivirus solutions equipped with advanced features such as real-time scanning, phishing defenses, cloud-based malware detection, and system optimization tools. These free programs can adequately protect a diverse audience, including gamers, remote workers, students, and casual users. Top free antivirus programs for Windows 11 in 2025 include: 1. Bitdefender Antivirus Free: Utilizes the same malware engine as its paid version, offers real-time detection, anti-phishing protection, and is ultra-light on system resources. 2. Microsoft Defender Antivirus: Integrated into Windows 11, provides cloud-delivered protection and built-in ransomware mitigation without ads. 3. Avast Free Antivirus: Offers additional tools like network scanning and a Do Not Disturb mode for gaming. 4. AVG AntiVirus Free: Features a simpler interface, link and attachment protection, and fewer pop-ups. 5. TotalAV Free Antivirus: A newer option with a clean interface, real-time protection, and a junk file cleaner. Key factors to consider when selecting free antivirus software include real-time protection, low resource usage, minimal intrusion, and extra security tools. While free solutions are suitable for most users, premium protection may be necessary for small businesses or those handling sensitive data. For gamers, Bitdefender and Avast are recommended for their low system impact and gaming modes. For remote workers, Microsoft Defender and TotalAV are highlighted for their ease of use and integrated protections. Essential features of effective antivirus programs include robust virus protection, real-time scanning, and a behavior shield to detect new threats. Performance should not significantly slow down the system, and the interface should be user-friendly. Experts recommend Windows Defender for basic protection, with AVG and Avast receiving endorsements for their feature balance, while Bitdefender Free is noted for its detection rates and minimal system impact. Free antivirus programs may lack advanced features and technical support compared to paid versions.

Winsage

April 29, 2025

Microsoft teases pay-to-patch plan for Windows Server 2025

Microsoft plans to transition its hotpatching feature for on-premises Windows Server 2025 into a paid subscription service starting in July, priced at [openai_gpt model="gpt-4o-mini" prompt="Summarize the content and extract only the fact described in the text bellow. The summary shall NOT include a title, introduction and conclusion. Text: Microsoft has unveiled plans to transition its hotpatching feature for on-premises Windows Server 2025 into a paid subscription service starting in July. This innovative capability allows administrators to implement software updates without the need for system reboots, a significant advantage that streamlines the update process. Hotpatching: A Game Changer for Administrators Hotpatching is not a novel concept; it has been a staple in various environments, including the Linux kernel, VMware products, and the Xen hypervisor. The primary appeal lies in its ability to facilitate security updates without the disruption of reboots, enabling IT teams to maintain operational continuity without the hassle of scheduling downtime. This feature will be a game changer; you may finally get to see your family on the weekends. Currently, Microsoft offers hotpatching for its Windows Server: Azure Edition and version 2022 within its Azure cloud infrastructure. The company has highlighted that its Xbox team has been a significant user of this feature. In August 2024, a preview of hotpatching for Windows Server 2025 running in Azure was announced, followed by a subsequent preview for on-premises implementations managed through the Arc hybrid-and-multicloud management tool. With this latest update, hotpatching is now available for both the Standard and Datacenter editions of Windows Server 2025, allowing on-premises users to benefit from this functionality. Hari Pulapaka, Microsoft’s general manager of Windows Server, emphasized the transformative potential of hotpatching, noting, “This feature will be a game changer; simpler change control, shorter patch windows, easier orchestration.” He humorously added that it might even allow professionals to enjoy more time with their families on weekends. As of last Thursday, Microsoft announced that the current preview will conclude on June 30, transitioning into a subscription model priced at .50 per core per month. Traditional non-hotpatch updates will remain available at no cost. In a detailed explanation, Janine Patrick, Windows Server Product Marketing Manager, and Artem Pronichkin, Senior Program Manager, outlined the service's structure, which aims to deliver eight hotpatches annually. This schedule follows a three-month cycle: the first month serves as a baseline month (monthly cumulative update), followed by two months dedicated to hotpatches. During baseline months—January, April, July, and October—reboots will be necessary. They also noted that, on rare occasions, a non-hotpatch update may be required during a hotpatch month for security reasons, which would also necessitate a reboot. However, the goal remains to provide up to eight hotpatches each year. The benefits of hotpatching are clear, as it can significantly reduce the 'window of vulnerability' that often occurs when administrators delay updates and restarts following a Windows security update. Additionally, it alleviates the traditional burdens associated with 'Patch Tuesday' updates. Importantly, adoption of hotpatching remains optional; Microsoft will continue to provide software updates according to its existing schedule. However, the company anticipates that many Windows Server 2025 users will find value in the ability to minimize downtime through this subscription service. While Windows Server 2025 machines will need to be managed by Arc to utilize hotpatching, there will be no additional costs associated with using Arc for this new offering. Users currently testing the hotpatching preview will automatically transition to the subscription model starting July 1, unless they choose to disenroll before June 30. Notably, Azure Editions of Windows Server will continue to receive hotpatching at no charge. As this new subscription service approaches, the question remains: Will users embrace the opportunity to pay for the promise of non-disruptive patches? The conversation is open for your thoughts." max_tokens="3500" temperature="0.3" top_p="1.0" best_of="1" presence_penalty="0.1" frequency_penalty="frequency_penalty"].50 per core per month. Hotpatching allows administrators to implement software updates without system reboots, enhancing operational continuity. Currently, hotpatching is available for Windows Server: Azure Edition and version 2022 within Azure. A preview for Windows Server 2025 running in Azure was announced in August 2024, followed by a preview for on-premises implementations managed through the Arc hybrid-and-multicloud management tool. The feature will be available for both the Standard and Datacenter editions of Windows Server 2025, with a goal of delivering eight hotpatches annually. Baseline months will require reboots, while hotpatch months will not, unless a non-hotpatch update is necessary. Adoption of hotpatching is optional, and traditional updates will continue to be available at no cost. Users testing the hotpatching preview will automatically transition to the subscription model starting July 1, unless they disenroll before June 30. Azure Editions of Windows Server will continue to receive hotpatching at no charge.

Winsage

April 29, 2025

Microsoft Confirms $1.50 Windows Security Update Fee Starts July 1

Microsoft has introduced a subscription model for no-reboot security "hotpatch" updates, which will be available for Windows 11 Enterprise, version 24H2, and Windows Server 2025. Users must operate on Windows Server 2025 Standard or Datacenter, connected to Azure Arc, to access these updates. Starting July 1, 2025, there will be a charge of [openai_gpt model="gpt-4o-mini" prompt="Summarize the content and extract only the fact described in the text bellow. The summary shall NOT include a title, introduction and conclusion. Text: In the realm of operating systems, security updates are paramount, especially when they pertain to software utilized by billions globally. However, Microsoft has recently found itself in a challenging spotlight following a controversial Windows security patch that inadvertently introduced a mysterious folder, sparking a wave of confusion and concern among users. Social media commentators hastily advised users to delete this folder, only for Microsoft to counter with a warning that such actions could leave systems vulnerable to attacks. This incident has now unveiled a broader issue within the Windows security update framework, particularly surrounding the introduction of a subscription model for no-reboot security “hotpatch” updates. What Is Windows Hotpatching, And Who Needs To Pay The .50 A Month Fee? As previously reported, Microsoft is advancing towards a system where hotpatching will eliminate the need for users to reboot their Windows systems after a security update. This innovative feature allows security fixes to be downloaded and installed seamlessly in the background, integrating directly into the in-memory code of processes that are already running. Initially, this functionality is set to be available for a specific segment of users: those operating Windows 11 Enterprise, version 24H2, on x64 (AMD/Intel) CPU devices managed through Microsoft Intune. Recent confirmations from Janine Patrick, Windows Server product marketing manager, and Artem Pronichkin, a senior program manager at Microsoft, indicate that the hotpatching system for Windows Server 2025, which has been in preview since 2024, will transition to a subscription-only model starting July 1. To utilize the no-reboot hotpatch security updates, users must operate on “Windows Server 2025 Standard or Datacenter,” with an essential requirement of being connected to Azure Arc. The noteworthy and contentious aspect of this announcement is the introduction of a subscription fee for the Hotpatch service. While hotpatching has long been available for Windows Server Datacenter: Azure Edition at no cost, users of Windows Server 2025 will incur a charge of .50 per CPU core each month for these security updates. Microsoft emphasizes that while hotpatching will significantly reduce the frequency of required reboots—approximately four times a year for baseline updates—this new approach aims to alleviate the traditional inconveniences associated with Patch Tuesday." max_tokens="3500" temperature="0.3" top_p="1.0" best_of="1" presence_penalty="0.1" frequency_penalty="frequency_penalty"].50 per CPU core each month for the hotpatch service, which aims to reduce the frequency of required reboots to approximately four times a year for baseline updates.

Winsage

April 27, 2025

New Security Warning After 1 Billion Windows Users Told Do Not Delete

Microsoft's recent security update for Windows has raised concerns among users due to the introduction of a new vulnerability. The update, intended to address the CVE-2025-21204 vulnerability, inadvertently created a folder named inetpub, which Microsoft claims is essential for user protection. Security researcher Kevin Beaumont has warned that this update has introduced a denial of service vulnerability that allows non-admin users to halt future Windows security updates. Microsoft has classified the issue as moderate in severity and suggested that deleting the inetpub symlink and retrying the update may resolve the problem. The report has been forwarded to the Windows security team for potential further action.

Winsage

April 26, 2025

Windows 11 KB5055627 update released with 30 new changes, fixes

Microsoft has released the KB5055627 preview cumulative update for Windows 11 24H2, which introduces new features and bug fixes. This update is part of optional non-security preview updates and does not include security updates. Users can install it via Settings under Windows Update or download it directly from the Microsoft Update Catalog. The update elevates Windows 11 24H2 systems to build 26100.3915 and includes features such as Recall (preview), Click to Do (preview), improved Windows Search, Narrator enhancements, Phone Link, interactive Widgets, curated views in File Explorer, updated Settings for app recommendations, and Windows Studio Effects. It also addresses bugs related to blue screen errors, DHCP Client connectivity issues, Windows Hello functionality, and provides estimated offline times for updates. Notable issues include potential installation blocks for Citrix components and download issues for Roblox players on Windows Arm devices, with workarounds available.

Winsage

April 24, 2025

Microsoft fixes bug causing incorrect 0x80070643 WinRE errors

Microsoft has resolved a known issue causing 0x80070643 installation failure errors during the deployment of the April 2025 Windows Recovery Environment (WinRE) updates. This issue affected the KB5057588 update for Windows Server 2022 and the KB5057589 update for Windows 10, versions 22H2 and 21H2. The error message was misleading, as it did not reflect the actual status of the update or the device's performance. The error typically occurred when a device attempted to install the WinRE update while another update was pending a reboot. Microsoft confirmed that users will no longer see the incorrect error message after installing the affected updates. Additionally, in August of the previous year, Microsoft retired the January 2024 Windows security updates that also triggered 0x80070643 errors during WinRE updates. During that time, fraudulent IT support websites promoted malicious PowerShell "fixes" for these errors, leading to malware infections among users.

Winsage

April 24, 2025

Windows 11’s crucial new ‘inetpub’ folder is laughably easy to hack

A new folder named "inetpub" appeared on many Windows PCs after an April update, initially thought to be a glitch. Microsoft later stated that this folder was introduced to enhance Windows security by addressing the CVE-2025-21204 vulnerability. However, security researcher Kevin Beaumont revealed that the inetpub folder could allow attackers to bypass critical security updates. Beaumont proposed creating a junction point in the C: directory to prevent the inetpub folder's creation, which would also block the installation of the April update and subsequent security updates, leaving PCs vulnerable. This situation could lead to error messages and failed update rollbacks, with attackers able to exploit these issues without elevated privileges. Beaumont has informed Microsoft about the problem, but a response has not yet been received.

Winsage

April 23, 2025

Announcing Windows 11 Insider Preview Build 27842 (Canary Channel)

Windows 11 Insider Preview Build 27842 has been released to the Canary Channel. There are no plans to release SDKs for the 27xxx series builds. Changes include: - Temporary disappearance of enhanced battery iconography. - A new user interface for unexpected restarts is being previewed, appearing as a “green screen” for Insiders on version 24H2 and higher. - The Windows Security app will display additional details about Pluton TPM chips under Device security. Fixes include: - Resolved issues with Windows Update toggle, high CPU usage by lsass.exe, and crashes in ctfmon.exe and DWM. - Improved reliability of explorer.exe and fixed display issues with external graphics cards and JPG images. - Corrected problems with the Smart App Control icon and the Run dialog autocomplete. Known issues include: - Users on new Copilot+ PCs may lose access to Windows Hello PIN and biometrics. - Night light functionality is not working for some Insiders. - Bugcheck issues when using Xbox Controllers via Bluetooth. Insiders in the Canary Channel should note that builds may evolve and features may be removed or never reach general release. A clean installation of Windows 11 is required to exit the Canary Channel.

Winsage

April 22, 2025

Announcing Windows 11 Insider Preview Build 26200.5562 (Dev Channel)

Windows 11 Insider Preview Build 26200.5562 (KB5055642) has been released to the Dev Channel, introducing new features and improvements. Key updates include: - New Text Actions in Click to Do: - "Practice in Reading Coach" allows users to enhance reading fluency and pronunciation. - "Read with Immersive Reader" offers a distraction-free reading environment with customizable text options. - Finding Photos Saved in the Cloud via Windows Search: Users in the European Economic Area can search for cloud-stored photos directly from the taskbar by describing them. - Improvements for Voice Access: Users can add custom words to the voice access dictionary and discover new features through an immersive experience. - Improved Windows Search: Users can disable cloud content searching via settings. - File Explorer Changes: Folders opened from outside File Explorer will default to opening in a new tab if an existing window is open. - Widgets Improvements: Notification settings can be controlled per feed or dashboard. - Windows Security Update: Additional details for Pluton TPM chips will be displayed in the Windows Security app. - Settings Update: The printer renaming dialog has been updated to align with Windows 11 visuals. - Fixes: Resolved issues include Start menu crashes, color display issues in snap layouts, slow loading times for search, and voice typing issues in the Chinese layout. - Known Issues: Some apps may not install from the Microsoft Store, and Windows Recovery Environment may not function properly after the update. - Reminders: Users can remove Recall at any time, and updates in the Dev Channel are based on Windows 11, version 24H2.