Windows system Archives

Winsage

January 15, 2026

Microsoft updates Windows DLL that triggered security alerts

Microsoft has resolved an issue where third-party security applications mistakenly flagged the WinSqlite3.dll component of the Windows operating system as vulnerable. This issue affected various systems, including Windows 10, Windows 11, and Windows Server 2012 through 2025. The flagged vulnerability was linked to a memory corruption issue (CVE-2025-6965). Microsoft released an update to the WinSqlite3.dll component in updates from June 2025 and later, advising users to install the latest updates for their devices. WinSqlite3.dll is a core component of Windows, distinct from sqlite3.dll, which is not part of the operating system. Microsoft had previously addressed other false positive issues affecting its Defender for Endpoint platform.

Winsage

January 14, 2026

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

On Tuesday, Microsoft released its first security update for 2026, addressing 114 vulnerabilities, including eight classified as Critical and 106 as Important. The vulnerabilities include 58 related to privilege escalation, 22 concerning information disclosure, 21 linked to remote code execution, and five categorized as spoofing flaws. A notable vulnerability, CVE-2026-20805, involves information disclosure within the Desktop Window Manager (DWM) and has a CVSS score of 5.5. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this flaw to its Known Exploited Vulnerabilities catalog, requiring federal agencies to implement fixes by February 3, 2026. Additionally, Microsoft announced the expiration of three Windows Secure Boot certificates issued in 2011, effective June 2026, urging customers to transition to newer certificates to avoid disruptions. The update also removed vulnerable Agere Soft Modem drivers due to a local privilege escalation flaw (CVE-2023-31096) and addressed another critical privilege escalation flaw in Windows Virtualization-Based Security (CVE-2026-20876) with a CVSS score of 6.7. Other vendors, including Adobe, Amazon Web Services, and Cisco, have also released security patches for various vulnerabilities.

Winsage

January 12, 2026

Windows 11 has a hidden feature that barely anyone knows exists, and Microsoft just made a crucial update that could actually make it useful | Attack of the Fanboy

Windows 11 introduces a feature called Resume, or Cross Device Resume (XDR), which allows users to switch from an app on their phone to their Windows PC. The feature currently has limited app support, mainly functioning with Spotify and Microsoft 365. Microsoft is working to enhance this feature by allowing a broader range of Android applications to utilize Windows Resume. An update has introduced an alternative method for developers to connect their applications to Resume using the Windows Push Notification Service (WNS), addressing previous limitations. Developers must submit a request to Microsoft to enable Resume for their applications, and the app must be available on both Windows and Android for the feature to work effectively.

Winsage

December 4, 2025

Your Windows on ARM laptop could someday play real PC games

The Lisuan 7G106 is the first discrete graphics card to operate on Windows on ARM, successfully executing the 3DMark Time Spy benchmark. This marks a significant milestone for the ARM ecosystem, confirming real discrete GPU driver support. The demonstration indicates essential rendering, driver, and API support are operational, suggesting potential for ARM PCs to cater to gaming laptops and high-performance desktops. This development challenges major graphics companies like NVIDIA, AMD, and Intel to consider entering the Windows on ARM market. While the Lisuan GPU is not yet market-ready, it serves as a crucial proof-of-concept for future advancements in ARM computing.

Winsage

November 23, 2025

Windows: New “Digital Signage Mode” Ends Bluescreens

The new Digital Signage Mode introduced by Microsoft allows Windows to display system error messages, such as the Blue Screen of Death, for only 15 seconds before turning the screen black. This feature aims to prevent public visibility of technical errors on digital signage while still allowing support teams to address issues. The mode also applies to other disruptive Windows dialogs, but it is specifically designed for non-interactive public displays and does not extend to kiosks, which require direct user interaction. The mode can be enabled through the Windows Settings app or a registry key.

Winsage

November 4, 2025

Hackers Use Hyper-V to Deploy Linux Malware on Windows Systems

The Russian-aligned APT group Curly COMrades has been using hidden Alpine Linux virtual machines (VMs) on compromised Windows hosts via Microsoft Hyper-V to evade detection and maintain covert access. This technique was uncovered in mid-2025 through an investigation by Bitdefender and the Georgian CERT, which traced suspicious activities to a compromised Georgian website. The attackers activated Hyper-V on the infected machines, downloaded a disguised VM image, and named it “WSL.” The VM, operating on Alpine Linux, had a small disk footprint and low RAM usage, minimizing alerts from security systems. Within this environment, they deployed two malware implants: CurlyShell, a reverse shell for command execution, and CurlCat, a reverse proxy tool for SSH traffic. Both implants were designed to maintain a low forensic footprint. The attackers also used a PowerShell script to inject encrypted Kerberos tickets into LSASS for lateral movement and employed various tunneling tools for communication. Artifacts from their operations were stored in directories that blended with legitimate Windows files. Security teams are advised to audit Hyper-V usage, monitor for hidden VMs, and enable host-based network inspection.

Winsage

October 31, 2025

Force enable new Start menu in Windows 11 25H2 and 24H2 if it doesn’t turn on automatically

Windows 11 has introduced a redesigned Start menu with a new categories layout and a revamped Phone Link panel. This update is part of Windows 11 Build 26200.7019 or newer and is being rolled out gradually. Users can enable the new Start menu by downloading Windows 11 KB5067036 or newer, using the ViVeTool package, and executing specific commands in the Command Prompt. The new Start menu features a single-page layout with a collapsible Pinned apps section, a Recommended section that can be hidden, and an All apps section with multiple layout options including Category, Grid, and List. The Category layout organizes apps into niches like Productivity and Tools, although users cannot currently create new categories.

Winsage

October 22, 2025

Patching required for exploited Windows vulnerability

Microsoft is facing a significant security vulnerability in the Windows Server Message Block (SMB) client, which has been added to the US Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog. Despite a patch being released, the flaw, designated as CVE-2025-33073 and rated with a CVSS score of 8.8, remains a target for exploitation. The vulnerability allows attackers to connect a Windows system to a malicious SMB server, enabling remote execution of plans with elevated access privileges. CISA has mandated that all federal agencies must install the update by November 10, 2025, and encourages private organizations to assess their patch status and consider temporary measures if immediate updates are not possible.

Winsage

October 22, 2025

CISA urges immediate patching of exploited Windows SMB client vulnerability

The U.S. Cybersecurity and Infrastructure Agency (CISA) has issued a warning about a high-severity vulnerability, CVE-2025-33073, affecting unpatched versions of Microsoft Windows, including Windows 10, Windows 11, and Windows Server. This vulnerability targets the Windows Server Message Block (SMB) client, crucial for file and printer sharing. It was initially addressed by Microsoft in June 2025, but not all installations received the updates, leading to active exploitation. Attackers can exploit this vulnerability by tricking a Windows client into connecting to a malicious SMB server, allowing them elevated access privileges. CISA has mandated that federal civilian agencies implement the security update by November 10 and is encouraging private organizations to ensure patch compliance. Recommendations for organizations include restricting SMB access, segmenting internal networks, and monitoring for unusual outbound SMB traffic.

Winsage

October 20, 2025

As Windows 10 Support Ends, Majority Of Users Are Migrating To Linux

Microsoft has ceased support for Windows 10, affecting approximately 40% of Windows users. Many are migrating to Linux, with Zorin OS 18, based on the Gnome desktop environment, receiving 200,000 downloads in two days, 72% of which are from former Windows users. Zorin OS 18 offers a user-friendly design that mimics familiar operating systems and can run Windows applications via Wine 10. Users remaining on Windows 10 face security risks without updates, although Microsoft offers an Extended Security Update for an annual fee. Transitioning to Windows 11 is challenging due to its hardware requirements, affecting an estimated 200 million users, leading them to consider alternatives like Linux or downgrading to Windows 7.