Windows security Archives

Winsage

April 15, 2026

Microsoft releases Windows 10 KB5082200 extended security update

Microsoft has released the Windows 10 KB5082200 extended security update, addressing vulnerabilities from the April 2026 Patch Tuesday, including two critical zero-day flaws. The update enhances security with new protections against phishing attacks using Remote Desktop Protocol (.rdp) files and provides updated indicators in Windows Security for new Secure Boot certificates. Users can install the update by checking for updates in the Windows Update settings. After installation, Windows 10 will upgrade to build 19045.7184, and Windows 10 Enterprise LTSC 2021 will transition to build 19044.7184. The update resolves a total of 167 vulnerabilities, including two significant zero-day issues, and includes fixes for signing into Microsoft apps, enhanced Remote Desktop security, dynamic Secure Boot status reporting, and issues affecting Intel-based devices with Connected Standby. Microsoft is also rolling out new Secure Boot certificates to replace older ones expiring in June 2026, with no known issues reported for this update.

Winsage

April 15, 2026

Windows Update Warning: Fake Windows 11 24H2 Site Pushes Password-Stealing Malware

A sophisticated fake Windows update site has emerged, designed to mimic Microsoft’s branding to distribute malware, specifically targeting individuals seeking early access to Windows 11 version 24H2. The fraudulent site resembles a legitimate cumulative update download page, using familiar design elements to evade detection. The malware operates as an information-stealing entity, targeting saved passwords and browser sessions, potentially bypassing two-factor authentication. It transmits stolen credentials through encrypted channels to external servers. The installer uses legitimate packaging tools to minimize detection and employs obfuscated scripts within legitimate software components. The campaign modifies system startup entries and creates disguised shortcuts to maintain persistence. Researchers noted the use of a typosquatted domain and meticulously spoofed file properties. As of April 2026, Microsoft has not released Windows 11 version 24H2 to the public, and legitimate updates are only available through Windows Update. Users are advised to obtain updates exclusively through official channels and keep security features updated.

Winsage

April 14, 2026

Windows 11 cumulative updates KB5083769 & KB5082052 released

Microsoft has released cumulative updates KB5083769 and KB5082052 for Windows 11 versions 25H2, 24H2, and 23H2, incorporating the April 2026 Patch Tuesday security patches. Users can install these updates automatically or manually via the Microsoft Update Catalog. The build numbers will be updated to 26200.8246 for 25H2, 26100.8246 for 24H2, and 22631.6936 for 23H2. Key features include the ability to modify Smart App Control without reinstalling Windows 11, improved Narrator functionality, enhancements in Account Settings for Microsoft 365 Family subscribers, refined Pen settings, a redesigned About page in Settings, and various reliability improvements across File Explorer, Display, Printing, Safe mode, Voice Access, Start menu, Remote Desktop, and Audio. No new issues have been reported from this update, and Microsoft is planning a significant quality update for Windows 11 in 2026.

Tech Optimizer

April 14, 2026

Fake Windows 11 24H2 Update Site Distributes Password-Stealing Malware

A recent discovery by Malwarebytes has identified a cyber threat involving a typosquatted domain that mimics official Microsoft support pages. This site uses authentic branding and KB-style reference numbers to deceive users into downloading what appears to be a legitimate cumulative update. The malware, once installed, operates stealthily, stealing passwords from browsers and active sessions, which allows attackers to bypass two-factor authentication. The stolen data is sent to external servers through encrypted channels. Initial scans showed zero detections by multiple antivirus engines due to the malware's obfuscated scripts. It also modifies system startup entries and creates disguised shortcuts for persistence. Microsoft has not yet released Windows 11 version 24H2 to general users, and updates should only be obtained through official channels to avoid potential threats.

Winsage

April 13, 2026

Stealthy Malware Campaign Uses Fake Windows Update Site To Infect PCs

A new malware campaign targets Windows users by using a fraudulent clone of a Microsoft website to steal sensitive information. Victims are directed to a typo-squatted web address that resembles an official site, where they are prompted to download a file named WindowsUpdate 1.0.0.msi. This file uses a legitimate open-source installer framework and incorporates Electron, JavaScript, and Python, making it difficult to detect; VirusTotal showed zero detections across 69 engines. The malware maintains persistence by modifying the Windows registry and placing a shortcut named Spotify.lnk in the startup folder. Currently, the campaign primarily targets French-speaking users, but similar tactics may spread to other regions. Users are advised to apply updates only through the Windows Update feature in the Settings menu.

AppWizard

April 12, 2026

Denuvo properly cracked in Resident Evil: Requiem, bypasses become plug-and-play — cracked version runs faster, smoother, and uses way less VRAM and RAM

Denuvo's DRM has been successfully bypassed for Resident Evil: Requiem, which was released over 40 days ago, by the cracker voices38. The cracked version improves performance by approximately 5% in frames per second (FPS) and reduces resource consumption, with a decrease of 1.5 to 2 GB in VRAM usage and nearly 1 GB in system memory requirements. Initial tests on a high-end system show fewer CPU usage spikes and improved frametimes. Additionally, a new version of the hypervisor-based bypass (HV) is being developed to allow use without disabling Windows security features. Irdeto, Denuvo's parent company, is facing challenges as it promises enhancements to its software.

Winsage

April 11, 2026

Announcing Windows 11 Insider Preview Build for Canary Channel 29565.1000

Windows Insider Preview Build 29565.1000 has been released in the Windows 11 Insider Canary Channel. Key updates include improved performance for the Bubbles screensaver on high refresh rate monitors, refinements to the drag tray based on user feedback, and enhancements to the Windows Security app, which now features color-coded icon badges for Secure Boot status. The Feedback Hub has also received updates, including a new default window size that remembers dimensions, mouse back button navigation, and improved visibility for community feedback. Canary Channel builds may be unstable and are subject to change. Users can enable a toggle in Settings to access new features gradually. A clean installation of Windows 11 is required to exit the Canary Channel.

Tech Optimizer

April 11, 2026

Antivirus protection built into Windows

Windows 11 includes Microsoft Defender Antivirus, which is active from the moment the device is powered on and integrated into the operating system. It continuously updates to protect against various threats, including malicious files and unsafe links. Microsoft Defender SmartScreen evaluates the safety of websites and downloads, providing warnings for dubious content. Smart App Control prevents untrusted applications from executing, while Controlled folder access protects personal files from unauthorized modifications. Users can verify the operational status of Microsoft Defender Antivirus through Windows Security settings. Best practices for maintaining security include keeping the antivirus updated, using a single real-time antivirus engine, and enhancing security habits. Microsoft Defender Antivirus is generally sufficient for everyday risks, but additional third-party antivirus solutions may be considered based on individual needs.

Winsage

April 11, 2026

Announcing Windows 11 Insider Preview Build 26220.8165 (Beta Channel)

Windows 11 Insider Preview Build 26220.8165 (KB 5083635) has been released to the Beta Channel, featuring several updates: - The FAT32 volume formatting size limit has increased from 32GB to 2TB. - Performance improvements for navigating large volumes in Storage settings. - Reduced frequency of UAC prompts on the Storage page. - Resolution of unrealistic data usage values in Network settings. - Enhancements to the Windows Security app's Secure Boot experience, including color-coded icon badges and updated certificates. - A revamped Feedback Hub with a modernized experience, simpler feedback submission, easier navigation, a new compliment feedback type, and improved screenshot capture tools. - Updates are based on Windows 11, version 25H2, and features are gradually rolled out using Controlled Feature Rollout technology. - A desktop watermark appears in Insider pre-release builds. - Features may not be released beyond Windows Insiders and may evolve or be removed.

Winsage

April 11, 2026

Announcing Windows 11 Insider Preview Build 26300.8170 (Dev Channel)

Windows 11 Insider Preview Build 26300.8170 (KB 5083632) has been released to the Dev Channel. Key changes include: - The FAT32 volume formatting size limit has increased from 32GB to 2TB. - Performance improvements for navigating large storage volumes in Settings. - A UAC prompt for accessing temporary files is now only shown when entering that specific section. - An issue with unrealistic data usage values in the Network settings has been fixed. - Enhancements to the Windows Security app include color-coded icon badges and updated text in the Secure Boot section, with updates to Secure Boot certificates being rolled out. - Feedback Hub version 2.2604.101.0 is being rolled out, featuring design improvements, improved default window size, mouse back button navigation, and corrected upvote buttons for Chinese display language users. Updates are based on Windows 11, version 25H2, and features are rolled out using Controlled Feature Rollout technology. The desktop watermark is present in Insider pre-release builds. Features may not be released to the public and could evolve or be removed based on feedback.