Windows Archives

Winsage

May 14, 2026

Dell SupportAssist is crashing some Windows 11 PCs, causing them to enter reboot loops. Here’s how to stop it.

Dell users on Windows 11 are experiencing frequent blue screens and reboot loops after updating the Dell SupportAssist Remediation software to version 5.5.16.0, released on April 30. This issue particularly affects models like the XPS 15 9530, with crashes occurring approximately every thirty minutes and a common error message being "CRITICALPROCESSDIED." The problem has been traced to the DellSupportAssistRemediationService.exe, which is pre-installed on many Dell systems and designed to manage diagnostics, driver updates, and recovery tools. Users are advised to uninstall or disable the software to restore normal functionality. Dell has acknowledged the issue and is working on a resolution. Temporary workarounds include disabling the service via Command Prompt or fully uninstalling the SupportAssist components through the Settings app. However, uninstalling may result in the loss of system repair points created by the service.

Winsage

May 14, 2026

I hit the Windows 11 emoji picker bug that hides search and found a quick fix

Windows 11 users have experienced an issue with the emoji picker where the search box disappears unexpectedly. This problem has been noted by multiple users, including a colleague from Android Central. A simple solution to restore the search function involves opening Task Manager by pressing Ctrl + Shift + Esc, locating Windows Explorer in the list of processes, right-clicking on it, and selecting Restart. This action reloads the user interface elements and effectively restores the emoji search feature until a permanent fix is provided by Microsoft.

Winsage

May 14, 2026

Microsoft MDASH finds Windows security flaws with AI | ETIH EdTech News

Microsoft has developed an AI security system called MDASH that has identified 16 vulnerabilities in Windows networking and authentication frameworks, with four classified as Critical, allowing for remote code execution. MDASH uses over 100 specialized AI agents to analyze code from multiple perspectives, improving the accuracy of vulnerability detection. The system has successfully detected all 21 planted vulnerabilities in a private testing environment without false positives, achieving a 96 percent recall rate against historical cases and an 88.45 percent success rate on the CyberGym benchmark. The identified vulnerabilities include issues in tcpip.sys and IKEEXT, which can be exploited remotely without needing credentials.

Winsage

May 14, 2026

Microsoft is improving the responsiveness of Windows 11 with WinUI 3

Microsoft is advancing its Project K2 initiative to improve the Windows 11 user experience by addressing performance issues, AI features, updates, and storage use. A key aspect of this project is transitioning Windows 11 components like the Start menu and File Explorer to WinUI 3, with a focus on optimizing performance. Recent updates show that File Explorer has achieved a 41% reduction in memory allocations, a 63% decrease in transient allocations, a 45% drop in function calls, and a 25% reduction in execution time for WinUI code during launches. These enhancements are expected to be integrated into the winui3/main development branch and WinAppSDK 2.x, with some optimizations requiring applications to opt in. Microsoft is also working with various Windows teams to ensure comprehensive performance gains and has introduced a Low Latency Profile feature to boost CPU performance temporarily during application launches.

Winsage

May 13, 2026

Disgruntled researcher releases two more Microsoft zero-days

An anonymous researcher known as Nightmare-Eclipse has revealed two new vulnerabilities affecting Windows systems, named YellowKey and GreenPlasma, shortly after Microsoft's latest Patch Tuesday update. YellowKey is a "BitLocker bypass" that allows attackers with physical access to gain unrestricted shell access to protected machines. Experts have expressed concerns about YellowKey's potential to transform laptop theft into a serious breach notification scenario, and suggested mitigations such as implementing a BitLocker PIN and a BIOS password lock. Nightmare-Eclipse has also hinted that YellowKey could function as a backdoor allegedly introduced by Microsoft, although this claim remains unsubstantiated. GreenPlasma is a privilege escalation flaw for which partial exploit code has been released, but it currently triggers a User Account Control (UAC) consent prompt, requiring attackers to invest time in weaponizing it. There is no known mitigation for GreenPlasma, making it crucial for organizations to patch their systems promptly once Microsoft addresses the issue. Nightmare-Eclipse has previously disclosed five zero-day vulnerabilities this year, including BlueHammer, and has characterized their actions as a response to a perceived violation of trust. The researcher has indicated the existence of a "dead man's switch," suggesting that more disclosures could follow if their demands are not met.

Winsage

May 13, 2026

Windows Update is getting better at saving your PC from buggy drivers

Microsoft has introduced Cloud-Initiated Driver Recovery, a feature that allows the company to replace problematic drivers on affected devices directly from the cloud, without requiring manual intervention from users or hardware partners. This aims to enhance system reliability and performance while reducing user burden in managing driver issues.

Winsage

May 13, 2026

Former Windows boss reveals why modern Windows 11 apps feel slower, says Microsoft once gave every engineer a stopwatch

Steven Sinofsky, former head of the Windows Division at Microsoft, discussed the company's engineering culture and its focus on resource management from 1980 to 2000, where every engineer was given a physical stopwatch to measure various performance metrics. This practice emphasized optimizing software for speed and efficiency, a stark contrast to modern applications that consume significant RAM due to shifts in market dynamics and hardware advancements. The current trend prioritizes rapid feature deployment over optimization, leading to performance issues in applications. Microsoft is responding to criticism by enhancing the performance of Windows 11, focusing on native desktop applications and optimizing core components, including the Start menu and File Explorer. They are also testing new CPU scheduling profiles to reduce micro-lags during user interactions.

Winsage

May 13, 2026

Windows Update Gets Cloud‑Based Driver Recovery to Fix Faulty Updates

Microsoft has introduced a cloud-based solution called Cloud-Initiated Driver Recovery to address driver update issues for Windows users. This feature automatically detects and fixes driver-related problems by rolling back faulty drivers without user intervention. It operates within Windows Update, replacing problematic drivers with stable versions or approved alternatives. The recovery process will only activate if a validated driver version is available, and Microsoft will manage it independently of hardware partners. Manual validation and testing will occur from May to August 2026, with full deployment expected by September 2026.

Winsage

May 13, 2026

Windows BitLocker zero-day gives access to protected drives, PoC released

A cybersecurity researcher known as Chaotic Eclipse has released proof-of-concept exploits for two unpatched vulnerabilities in Microsoft Windows: YellowKey, a BitLocker bypass, and GreenPlasma, a privilege-escalation flaw. The YellowKey vulnerability affects Windows 11 and Windows Server 2022/2025, allowing unauthorized access to BitLocker-protected volumes by exploiting the Windows Recovery Environment. The exploit can be executed using specially crafted 'FsTx' files on a USB drive or directly on the EFI partition. Independent researcher Kevin Beaumont has validated the exploit, which can bypass BitLocker protections even in a Trusted Platform Module (TPM) environment. The GreenPlasma vulnerability allows unprivileged users to create arbitrary memory-section objects, potentially leading to privilege escalation. Chaotic Eclipse has expressed dissatisfaction with Microsoft's handling of bug reports, prompting the public disclosure of these vulnerabilities. Microsoft has stated its commitment to investigating security issues and updating affected devices.

Winsage

May 13, 2026

Microsoft’s MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

Microsoft has introduced a multi-model AI system called MDASH, designed to enhance vulnerability discovery and remediation processes. Currently in limited private preview testing with select customers, MDASH employs over 100 specialized AI agents for various classes of vulnerabilities, enabling autonomous discovery, validation, and demonstration of exploitable defects in complex codebases. The system operates through a structured pipeline that analyzes source code, constructs threat models, and validates findings using auditor and debater agents. MDASH has successfully identified 16 vulnerabilities in its initial tests, including two critical flaws affecting Windows networking and authentication: 1. CVE-2026-33824 (CVSS score: 9.8) - A double-free vulnerability in "ikeext.dll" allowing remote code execution via specially crafted packets. 2. CVE-2026-33827 (CVSS score: 8.1) - A race condition vulnerability in Windows TCP/IP ("tcpip.sys") enabling remote code execution through specially crafted IPv6 packets.