Windows security updates Archives

Winsage

January 19, 2026

The Last Windows Security Updates of January 2026 Are Here

Microsoft released its first set of security updates for the Windows operating system and various products in January 2026, addressing over 110 vulnerabilities. The updates are available for all supported versions of Windows, with Windows 10 receiving fixes only through the Extended Security Updates (ESU) program. Windows 11 versions 24H2 and 25H2 are the main consumer releases benefiting from these updates. Approximately 112–114 security updates were released, with around 8 rated as Critical. At least one zero-day vulnerability is actively exploited. The updates include security fixes for Windows, Office, Edge, Azure, and server components. Windows 11 versions 23H2, 24H2, and 25H2, as well as Windows Server 2023 and 2025, have known issues. Windows 11 version 24H2 and 25H2 received security fixes for multiple vulnerabilities, while version 23H2 continues to receive support through enterprise servicing channels. Windows 10 updates are limited to ESU-enrolled systems, with general support ending in October 2025. Windows Server 2016, 2019, 2022, 2023, and 2025 received January security updates, addressing important vulnerabilities without disclosing any critical ones. Microsoft also released updates for Office products and SharePoint Server components. Known issues after the January updates include credential prompt failures and authentication issues in Azure Virtual Desktop and Windows 365, particularly affecting the new Windows App. Workarounds involve using the classic Remote Desktop client or the web-based RDP client. Additionally, devices with Secure Launch enabled may experience shutdown and sleep mode failures. Microsoft has provided out-of-band fixes for certain affected systems as of January 18, 2026. Users can manually install updates through the Windows Update feature, and it is recommended to create a full system backup before proceeding with updates.

Winsage

January 3, 2026

5 Free Tools To Keep Your Windows 10 PC Secure Without Further Microsoft Support

Millions of users are unable to transition to Windows 11 due to stringent hardware requirements, leaving many Windows 10 PCs vulnerable to malware threats. Microsoft has introduced Extended Security Updates (ESU) for Windows 10 Home users, available for a year at a cost. Users can enhance their Windows 10 security with various tools: - 0patch: Micropatches vulnerabilities without requiring a restart, supported until 2030. The free version addresses zero-day vulnerabilities, while the pro version offers more comprehensive protection. - TinyWall: Simplifies firewall management using the Windows Filtering Platform, allowing users to control app connections without constant pop-ups. - Patch My PC Home Updater: Automates the updating of outdated applications to enhance security. - Sandboxie Plus: Allows users to run applications in an isolated environment to prevent changes from affecting the system. - Panda Dome Free: A free antivirus solution providing real-time protection against malware, with features like USB Protection and Process Monitor.

Winsage

November 26, 2025

Do Not Click—This Porn Site Installs Malware On Your Device

Attackers are using malicious emails with links to adult websites to exploit human curiosity and urgency, leading to the installation of harmful malware through deceptive update processes. Acronis has identified these "JackFix" attacks, which use screen hijacking techniques combined with ClickFix methods, presenting victims with fake Windows Update screens that claim to deliver critical security updates. This campaign leverages counterfeit adult websites as phishing mechanisms, increasing psychological pressure on victims to comply with prompts to install updates. The attack takes over the victim's screen and displays a convincing update interface, occurring entirely within the browser. Acronis advises users to avoid accessing adult sites through links in emails or messages and to navigate directly to these sites for safer browsing.

Winsage

November 25, 2025

Do Not Download These Windows Security Updates, Experts Warn

Security experts at Huntress have confirmed that hackers are using ClickFix malware to distribute fake Windows security updates, deceiving users into executing harmful commands. Over the past year, these attacks have increased, with both state-sponsored actors and cybercriminal organizations employing this tactic. Microsoft has indicated that ClickFix is the most frequently used method for gaining initial access, representing 47 percent of attacks noted in Microsoft Defender notifications. A report released on November 24 revealed a new wave of ClickFix attacks utilizing realistic Windows Security Update screens to deploy credential-stealing malware. The campaign employs steganography to conceal malware within PNG images, embedding harmful code directly within the pixel data. Windows users are advised to remain vigilant and recognize that legitimate updates will never request users to cut and paste commands into the Windows run prompt from a web page.

Winsage

November 25, 2025

ClickFix attack uses fake Windows Update screen to push malware

Recent observations have identified ClickFix attack variants where cybercriminals use deceptive Windows Update animations on full-screen browser pages to hide malicious code within images. Victims are misled into executing harmful commands through specific key sequences that copy and execute commands via JavaScript. Security researchers have documented these attacks since October, noting the use of LummaC2 and Rhadamanthys information stealers. Attackers utilize steganography to embed malware payloads within PNG images, reconstructing and decrypting them in memory using PowerShell and a .NET assembly called the Stego Loader. A dynamic evasion tactic known as ctrampoline complicates detection by initiating calls to numerous empty functions. The shellcode extracted from the encrypted image can execute various file types directly in memory. Following a law enforcement operation on November 13, the Rhadamanthys variant's payload delivery through fake Windows Update domains ceased, although the domains remain active. Researchers recommend disabling the Windows Run box and monitoring suspicious process chains to mitigate risks.

Winsage

November 5, 2025

Microsoft: October Windows updates trigger BitLocker recovery

Microsoft has warned that after installing the October 2025 Windows security updates, users may experience their systems booting into BitLocker recovery mode, particularly affecting Intel devices with Connected Standby support. This issue arises typically after hardware changes or TPM updates, requiring users to enter their recovery key to regain access to encrypted drives. The affected platforms include Windows 11 versions 24H2 and 25H2, as well as Windows 10 version 22H2. IT administrators can use a group policy through Known Issue Rollback (KIR) to mitigate the problem, and users are advised to contact Microsoft Support for assistance. Similar issues have occurred in the past, prompting emergency updates from Microsoft to address BitLocker recovery prompts after previous security updates.

Winsage

October 26, 2025

Microsoft admits File Explorer Preview pane won’t work in Windows 11 25H2 for internet files by default

Microsoft has disabled the preview feature for files downloaded from the internet in the File Explorer Preview pane for Windows 11 versions 25H2 and 24H2, as well as in the latest Windows 10 update, due to security concerns. Users can still preview locally created files, but attempting to preview internet-downloaded files will trigger a warning message. The decision to disable previews for these files is intended to prevent potential security vulnerabilities, specifically a risk of NTLM hash leaks. Files marked with a “Mark of the Web (MotW)” tag, which indicates they were downloaded from various sources, will be blocked from previewing. Users can unblock previews for trusted files by right-clicking the file, selecting Properties, and checking the ‘Unblock’ option. A PowerShell script is also available to unblock all files in a specific directory. This update is part of the Windows October 2025 Patch Tuesday.

Winsage

October 20, 2025

Microsoft fixes Windows Server Active Directory sync issues

Microsoft is addressing an issue with Active Directory functionalities for certain Windows Server 2025 systems after the installation of the September 2025 security update (KB5065426). The problem affects applications using Active Directory directory synchronization (DirSync), particularly for large security groups exceeding 10,000 members, resulting in incomplete synchronization. To resolve this, IT administrators can implement the Known Issue Rollback (KIR) Group Policy on affected devices. For non-managed devices, a temporary fix involves adding a registry key at the specified path with a specific name, type, and value. Additionally, Microsoft is working on resolving a bug affecting Windows updates on Windows 11 24H2 and Windows Server 2025, as well as addressing smart card authentication issues and HTTP/2 localhost connection disruptions following recent security updates.

Winsage

October 18, 2025

Microsoft fixes Windows bug breaking localhost HTTP connections

Microsoft has identified a bug affecting HTTP/2 localhost connections and IIS websites after recent Windows security updates, specifically the Windows 11 KB5066835 Patch Tuesday update and the September KB5065789 preview update. Users have reported connection reset errors, such as ERRCONNECTIONRESET and ERRHTTP2PROTOCOL_ERROR, impacting applications like the Duo Desktop app and Visual Studio debugging. The issue is linked to a bug in the HTTP.sys web server used by ASP.NET Core, which can be triggered by various factors including device restarts and update installations. Microsoft has provided steps for resolution, including checking for updates and restarting devices. For non-managed devices, an automatic resolution through Known Issue Rollback (KIR) is available, while enterprise-managed devices require IT administrators to implement KIR group policies. A permanent fix is expected in a future Windows update.

Winsage

September 24, 2025

Simple Ways to Find Out Your Windows Version

To determine the version of Windows your device is running, you can use several methods: 1. Settings Menu: - Open the Start menu. - Click on the gear icon for Settings. - Navigate to System, then select About to find your edition, version, and build number. 2. Run Dialog Box: - Press Win + R. - Type "winver" and press Enter to see a pop-up with your build number, edition, and version. 3. Command Prompt or PowerShell: - Right-click on Start and select either PowerShell or Command Prompt. - Type "systeminfo" and press Enter for a detailed system report. Understanding your Windows version, edition, and build number is important for software compatibility, security updates, and accessing new features. To verify if you are on the latest release, compare your Windows build number with Microsoft’s Release Health page. If your version is outdated, you can either install updates through Windows Update or consider a hardware upgrade if compatibility issues arise.