Windows tools Archives

Winsage

July 4, 2025

I made Windows 11 look like 10 without tools

Many users wish to replicate the aesthetics of Windows 10 while using Windows 11. Adjustments can be made using built-in settings without additional software: - Start menu alignment: Users can change the Start menu from center to left by navigating to Settings -> Personalization -> Taskbar -> Taskbar behaviors. - Classic File Explorer: Users can access the classic File Explorer interface by pressing the Windows key and searching for Windows Tools, then clicking on Home or This PC. - Return app labels: Users can enable app labels on the taskbar by going to Settings -> Personalization -> Taskbar -> Taskbar behaviors and selecting Never next to “Combine taskbar buttons and hide labels.” - Always show scrollbars: Users can make scrollbars always visible by navigating to Settings -> Accessibility -> Visual Effects and toggling on the “Always show scrollbars” option. - Change the color scheme: Users can modify the color scheme by going to Settings -> Personalization -> Colors, selecting Custom for “Choose your mode,” and opting for Dark for “Choose your Windows mode.” - Desktop icons: Users can restore legacy desktop icons by navigating to Settings -> Personalization -> Themes and clicking on Desktop icon settings. These adjustments help create a Windows 10-like experience within Windows 11.

Winsage

June 24, 2025

Bring the “Windows 10 look” back to Windows 11 — Everything I changed to restore the desktop UI experience

Many users transitioning from Windows 10 to Windows 11 find the new design and interface changes challenging. Windows 11 features a centered Taskbar, a simplified Start menu, and an updated File Explorer and Settings app. Users can customize their Windows 11 experience to resemble Windows 10 by making several adjustments. To align the Taskbar and Start menu to the left, users can go to Settings > Personalization > Taskbar > Taskbar behaviors and select "Left" for Taskbar alignment. To show app labels in the Taskbar, users need to select "Never" for the "Combine taskbar buttons and hide labels" setting in the same menu. For those preferring the classic File Explorer, they can access it by searching for Windows Tools in the Start menu and selecting Home or This PC. Users can also change the color scheme by going to Settings > Personalization > Colors and selecting "Custom" mode, choosing a dark theme, and enabling accent colors for the Start and taskbar. To display classic desktop icons, users can go to Settings > Personalization > Themes > Desktop icon settings and check the desired icons. In Notepad, users can disable new features by adjusting settings in the app to revert to a more classic experience. For further customization, third-party tools like ExplorerPatcher and Windhawk can be used. ExplorerPatcher allows users to restore various interface elements from earlier Windows versions, while Windhawk provides a framework for modifying Windows 11 with community-created mods. Both tools can be installed via the Windows Package Manager and offer options to revert to classic aesthetics.

Winsage

June 10, 2025

APT Hackers Exploited WebDAV 0-Day RCE Vulnerability in the Wild to Deploy Malware

A cyberattack campaign by the advanced persistent threat group Stealth Falcon targeted a prominent Turkish defense company using a zero-day vulnerability identified as CVE-2025-33053. This vulnerability allowed attackers to manipulate the working directory of legitimate Windows tools to execute malware from their WebDAV servers. The attack was initiated through a spear-phishing email containing a malicious .url file that directed the system to a legitimate Internet Explorer utility, which was then exploited to execute malicious files. The attackers employed process hollowing to bypass traditional defenses. Stealth Falcon, also known as FruityArmor, has been conducting cyber espionage since at least 2012, targeting government and defense sectors in Turkey, Qatar, Egypt, and Yemen. The attack involved a multi-stage infection chain leading to the deployment of "Horus Agent," a custom implant designed for advanced reconnaissance and equipped with anti-analysis techniques. Researchers identified additional custom tools used by Stealth Falcon, including a DC Credential Dumper and a custom keylogger. The group utilizes repurposed legitimate domains to blend their infrastructure with legitimate traffic, complicating detection efforts.

Tech Optimizer

April 16, 2025

Hackers find a way around built-in Windows protections

Windows Defender Application Control (WDAC) is a built-in security feature on Windows PCs that restricts the execution of unauthorized software by allowing only trusted applications. However, hackers have discovered multiple methods to bypass WDAC, exposing systems to malware and cyber threats. Techniques for bypassing WDAC include using Living-off-the-Land Binaries (LOLBins), DLL sideloading, and exploiting misconfigurations in WDAC policies. Attackers can execute unauthorized code without triggering alerts from traditional security solutions, enabling them to install ransomware or create backdoors. Microsoft operates a bug bounty program to address vulnerabilities in WDAC, but some bypass techniques remain unpatched for long periods. Users can mitigate risks by keeping Windows updated, being cautious with software downloads, and using strong antivirus software.

Winsage

April 3, 2025

6 features worth enabling God Mode in Windows 11 for

God Mode in Windows grants access to over 200 settings and functionalities, many of which are typically hidden. Users can pin the God Mode folder to the Start menu or Quick Access in File Explorer for easy access. Key features include: - BitLocker: A disk encryption tool that protects data on drives using AES encryption, accessible via password, PIN, or Windows Hello. - Network Management: Simplifies access to network settings for connecting, checking status, and troubleshooting connectivity issues. - Power Management: Allows quick adjustments to power plans, battery settings, and actions for closing the laptop lid or pressing power buttons. - Accessibility: Offers extensive settings for users with disabilities, including tools like Narrator and Magnifier. - File Type Options: Enables users to manage file type associations and visibility of files and folders. - Windows Tools: Centralizes access to built-in maintenance tools like Disk Cleanup and Task Scheduler. God Mode enhances the user experience by providing a more efficient way to navigate system features compared to the traditional Control Panel.

Winsage

March 26, 2025

Auth bypass CVE-2025-22230 impacts VMware Windows Tools

Broadcom has addressed a critical authentication bypass vulnerability, CVE-2025-22230, affecting VMware Tools for Windows, rated with a CVSS score of 9.8. This vulnerability allows low-privileged local attackers to escalate their privileges within vulnerable VMs, potentially leading to unauthorized access. It affects VMware Tools versions 12.x.x and 11.x.x across Windows, Linux, and macOS platforms. VMware Tools version 12.5.1 has been released to fix this issue. Additionally, Broadcom issued updates for three zero-day vulnerabilities in VMware ESX products (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226), which were confirmed to be actively exploited and represent a "VM Escape" scenario.

Winsage

March 25, 2025

5 Windows tools and apps you can’t find on other operating systems

Certain features remain exclusive to the Windows operating system, offering unique functionalities not available on Mac or Linux. Microsoft has developed tools like PowerToys, which includes nearly 20 utilities enhancing Windows functionality, and Windows Sandbox, providing a secure environment for testing applications. Windows Notepad serves as a basic note-taking and coding app with features like spellcheck and autocorrect. The Snipping Tool allows users to capture screenshots and extract text from images, while the Windows Subsystem for Linux (WSL) enables seamless access to both Windows and Linux environments. These tools are designed to enhance productivity and provide significant advantages for Windows users.

Winsage

March 17, 2025

Invisible Windows Rootkit Hides Dangerous Files Using This Prefix

Obscure#Bat is a malware campaign targeting Windows users that uses obfuscated batch scripts to deploy a user-mode rootkit, which can hide its activities from standard security measures. It stores hidden scripts in the Windows Registry and can conceal files, registry entries, and running processes through application programming interface hooking. The malware can embed itself within legitimate Windows processes, making it undetectable by conventional security methods, and is capable of deleting evidence of its activity. Attackers use social engineering tactics, such as fake CAPTCHA tests and legitimate software tools, to lure victims into executing the malicious batch file. The rootkit obscures files, processes, or registry keys that begin with the “$nya-” prefix and is identified as an open-source ring-3 rootkit known as r77. It avoids kernel modifications and relies on registry and scheduled tasks for persistence, allowing it to evade detection by traditional kernel-based security tools. Windows users are advised to be cautious of social engineering tactics and to inspect batch files in a text editor before execution.

Winsage

March 7, 2025

Announcing Windows 11 Insider Preview Build 22635.5025 (Beta Channel)

Windows 11 Insider Preview Build 22635.5025 (KB5053661) has been released to the Beta Channel for users who have not transitioned to Windows 11, version 24H2. New features include recommended files in File Explorer, which displays frequently used and recently downloaded files, and a feature in the Start menu that recommends snap groups of apps. Enhanced support for web search providers in Windows Search for the EEA has also been implemented. Fixes include resolving an issue causing File Explorer to close slowly. Known issues involve delays in displaying app icons in the Start menu and the organization of Windows Tools related apps. Windows Insiders in the Beta Channel will receive updates based on Windows 11, version 23H2, and features may evolve or be removed based on feedback.

Winsage

March 7, 2025

Windows 11 KB5053661 beta brings a new Start menu feature that snaps apps together

Microsoft has released build 22635.5025 for Windows 11 23H2 in the Beta channel for Insiders, identified under KB5053661. This update introduces a Recommended files feature in File Explorer, accessible to Insiders with personal or local Microsoft accounts, showcasing relevant files based on user activity. Users with work or school accounts will receive additional recommendations, though this feature is not yet available in the European Economic Area. The Start menu now suggests snap groups of recommended apps for improved multitasking. A fix has been implemented to address lag issues in File Explorer when closing the application. Known issues include delays in app icon appearance in the Start menu and the organization of Windows Tools related apps into folders. Users can provide feedback through the Feedback Hub.