Windows systems

Winsage
July 14, 2026
Microsoft has revised its guidance on Windows updates, urging users to install them within three days due to the rise of AI-driven cyber threats. Jeremy Chapman from Microsoft 365 emphasized the need for timely updates, recommending a maximum deferral period of two days for quality updates. In June, Microsoft patched 206 vulnerabilities, highlighting the importance of these updates to avoid significant risks. AI can help attackers exploit vulnerabilities quickly, making the practice of delaying updates obsolete. Microsoft has also developed an AI tool, MDASH, to identify vulnerabilities in Windows code.
Winsage
July 14, 2026
Microsoft has introduced a point-in-time restore feature on its Microsoft Learn platform, allowing users to revert Windows systems to a previous state to protect against data loss and system errors. The company is also addressing critical security vulnerabilities, including CVE-2026-20833 and CVE-2026-50656, by working on patches and updates to enhance security.
AppWizard
July 12, 2026
Many leading gaming brands are now offering USB-cable versions of controllers for better compatibility. Nintendo's Switch 2 features a controller that connects to Windows systems via cable or Bluetooth with a dedicated PC application. The original GameCube controller requires an external adapter for PC use, as it lacks a USB connection. To use a GameCube controller on a PC, an adapter is necessary, with popular options including the official Wii U adapter and various Mayflash models. The adapter must be set to the correct mode for the games being played, particularly for emulated GameCube titles. As of late 2025, Steam supports GameCube controllers natively, including rumble support, and recognizes both original controllers with adapters and third-party alternatives. The GameCube controller designed for the Switch 2 is also compatible with Steam. Users should ensure their Steam client is updated and can customize controls using Steam Input. While the GameCube controller is effective for games designed for it, it may not perform optimally for modern games.
Winsage
June 30, 2026
A race condition vulnerability in Windows Defender, known as BlueHammer, has been exploited by the hacker Nightmare Eclipse, allowing attackers to gain SYSTEM user access. Microsoft released a patch for this vulnerability on April 14, but the Cybersecurity and Infrastructure Security Agency (CISA) has flagged it as actively exploited in ransomware campaigns. The average time to apply critical OS patches across Windows 10 and 11 is now 127 days, with enterprise environments averaging 76 days. Estimates suggest that 15% to 26% of Windows 10 machines remain unpatched, with a conservative estimate of 20% translating to one in five machines being vulnerable. Microsoft has extended security updates for Windows 10 until October 14, 2027, but public awareness of the updates remains low.
Winsage
June 19, 2026
Microsoft is collaborating with Adobe to enhance the performance of Photoshop, a widely used image editing software. The partnership focuses on optimizing operations within Photoshop, which is primarily developed in C++ and compiled using Microsoft’s Visual C++ (MSVC) compiler. Microsoft aims to improve performance for CPU-intensive tasks, particularly those that are latency-sensitive, such as brush responsiveness and file-opening tasks. The engineering team activated MSVC’s "peak-performance" compilation mode and explored profile-guided optimization (PGO) to refine executables. However, due to the complexity PGO introduced, they shifted to Sample-based Profile Guided Optimizations (SPGO), which uses hardware performance samples from actual release binaries. This method allows for greater flexibility in data collection and typically yields performance improvements of 5% to 15%. By combining MSVC’s peak-performance mode with SPGO, the teams achieved a 20% performance boost on x64 Windows systems and a 13% enhancement on Arm architecture. These optimizations resulted in improved responsiveness for critical tasks in Photoshop, enhancing the user experience in professional creative workflows.
Winsage
June 18, 2026
Microsoft resolved an installation issue affecting the June 2026 security updates (KB5094122) on Windows Server 2016 systems that had not previously installed the KB5087537 update, which was a prerequisite. Users had encountered 0x80070002 or FILENOTFOUND errors. Microsoft acknowledged the problem and confirmed that affected devices should no longer experience installation failures for the June 2026 update. Additionally, Microsoft fixed a similar issue with the May 2026 Windows 11 security update (KB5089549) that resulted in 0x800f0922 errors due to insufficient space on the EFI System Partition. They also warned users about potential installation issues with error codes 0x80073712 or 0x800f0993 on devices upgraded to Windows 11 24H2 or 25H2. Furthermore, Microsoft addressed a boot issue for Windows Server 2025 devices after the April 2026 update and a bug affecting installation failures for updates since May 2025 using the Windows Update Standalone Installer (WUSA). Lastly, they are investigating a separate issue preventing third-party applications from launching essential Office programs after the June 2026 updates.
Winsage
June 17, 2026
The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.
Winsage
June 15, 2026
A cybersecurity researcher known as “Nightmare Eclipse” has revealed two zero-day exploits threatening Windows systems: RoguePlanet and GreatXML. RoguePlanet targets Microsoft Defender, allowing attackers to execute privileged actions and gain SYSTEM-level access on Windows machines. It is a local privilege escalation vulnerability that remains effective on fully updated systems. GreatXML claims to bypass BitLocker disk encryption by manipulating the Windows Recovery Environment, potentially granting access to protected files. However, its effectiveness may be overstated, as it might require administrator-level access. Microsoft advises organizations to implement security updates, treat lost or accessible devices as high-risk, enforce stricter policies, and monitor threat intelligence to mitigate exposure to these vulnerabilities.
Search