NewApp Digest
search bot

Windows

Dell confirms its SupportAssist software causes Windows BSOD crashes
Winsage
May 14, 2026

Dell confirms its SupportAssist software causes Windows BSOD crashes

Dell's SupportAssist software is causing blue-screen crashes on certain Windows systems, attributed to a recent update to the SupportAssist Remediation service, specifically version 5.5.16.0. Users experiencing these crashes are advised to uninstall or disable the service to resolve the issue. Dell has acknowledged the problem and is working on a solution. Uninstalling the service may result in the loss of system repair points created by Dell OS SupportAssist Recovery. Users still facing issues after uninstallation should contact Dell support. This incident follows previous software challenges faced by Dell, including blue screens from earlier SupportAssist versions and BIOS updates that prevented some laptops from booting. Additionally, vulnerabilities have been identified in the BIOSConnect feature of Dell SupportAssist, posing security risks.
Microsoft Announces Driver Quality Initiative for Windows
Winsage
May 14, 2026

Microsoft Announces Driver Quality Initiative for Windows

Microsoft has launched the Driver Quality Initiative (DQI) to improve the quality and reliability of drivers for its Windows platform. This initiative focuses on enhancing driver development and management, influenced by insights from the Windows Resiliency Initiative. The DQI is based on four pillars: Architecture, Trust, Lifecycle, and Quality measures. Microsoft plans to invest in kernel mode drivers, transitioning third-party kernel mode drivers to user mode drivers or Microsoft-authored class drivers. The initiative aims to improve driver lifecycle management and expand metrics for assessing driver quality, including stability, functionality, performance, and power impact. Feedback from partners has been positive regarding the initiative's approach to driver quality metrics and lifecycle states. Microsoft aims to enhance reliability, security, performance, compatibility, and overall quality in the Windows ecosystem.
Microsoft Fixes Windows Autopatch Bug Installing Restricted Drivers on Windows 11
Winsage
May 14, 2026

Microsoft Fixes Windows Autopatch Bug Installing Restricted Drivers on Windows 11

Microsoft's Windows Autopatch service mistakenly deployed restricted driver updates to some managed Windows devices without proper approval, affecting Windows 11 versions 25H2, 24H2, and 23H2. This led to unexpected restarts and stability issues. Microsoft implemented a server-side fix to address this problem, confirming that only a limited subset of devices in the EU region was impacted and that no client-side action was required. Additionally, some users faced difficulties installing Office on Windows 365 machines due to a configuration change from a recent service update.
Microsoft pits more than 100 AI agents against each other to find Windows vulnerabilities
Winsage
May 14, 2026

Microsoft pits more than 100 AI agents against each other to find Windows vulnerabilities

Microsoft has introduced MDASH (Multi-Model Agentic Scanning Harness), a security solution that uses over 100 specialized AI agents to identify software vulnerabilities. On May 12, 2026, MDASH identified 16 new vulnerabilities (CVEs) in the Windows networking and authentication stack, four of which were critical, including remote code execution vulnerabilities in tcpip.sys, ikeext.dll, netlogon.dll, and dnsapi.dll. Ten of these vulnerabilities can be accessed over the network without authentication. MDASH operates through a four-stage pipeline: analyzing source code, scrutinizing for suspicious elements, debating the exploitability of issues, and attempting to exploit vulnerabilities. The system is model-agnostic and allows integration of new models and domain-specific knowledge. MDASH scored 88.45 percent on the CyberGym benchmark, ranking first among competitors, although the comparison may not be entirely fair as it contrasts a comprehensive framework with individual models. The models used to achieve this score are not specified. MDASH is supported by Microsoft's Autonomous Code Security Team and is currently in a limited private preview for select customers.
Windows Update will soon automatically roll back faulty drivers
Winsage
May 14, 2026

Windows Update will soon automatically roll back faulty drivers

Microsoft is introducing a feature in Windows 11 that allows users to pause updates indefinitely, enhancing user control over their systems. Additionally, they are rolling out a "Cloud-Initiated Driver Recovery" feature that enables automatic reversion of problematic drivers installed via Windows Update, allowing Microsoft to replace faulty drivers directly from the cloud without user intervention. This updated Windows Update experience is currently being tested with hardware partners and is expected to begin a gradual rollout in September. Users will also gain the ability to extend pause dates, skip updates during device setup, and restart or shut down their PCs without needing to install pending updates.
Raising the bar together. Introducing the Driver Quality Initiative at WinHEC 2026
Winsage
May 14, 2026

Raising the bar together. Introducing the Driver Quality Initiative at WinHEC 2026

The Windows Hardware Engineering Conference (WinHEC) 2026 took place in Taipei, marking Microsoft's return to the event after a hiatus since 2018. The conference focused on the Driver Quality Initiative (DQI), aimed at improving driver quality, reliability, and security on the Windows platform. The DQI is built on four pillars: Architecture, Trust, Lifecycle, and Quality Measures. Key themes discussed included the importance of collaboration among stakeholders, enhancing Windows 11 quality, and fostering innovation through strong foundational practices. Attendees participated in workshops and hands-on labs to deepen their understanding of driver development and compatibility testing. Partners expressed a shared commitment to improving driver and platform quality, emphasizing the need for transparency and ongoing engagement. Microsoft plans to continue investing in reliability, security, performance, compatibility, and quality in collaboration with its partners.
Windows on ARM Security: How to Protect ARM-Based Windows Devices Without Gaps
Winsage
May 14, 2026

Windows on ARM Security: How to Protect ARM-Based Windows Devices Without Gaps

The transition to Windows on ARM devices is increasing across various sectors, with organizations drawn to their performance, efficiency, and battery life. However, there are concerns about securing these devices without introducing vulnerabilities. Windows on ARM security involves safeguarding ARM64-based Windows devices with endpoint security solutions optimized for ARM architecture. The lack of native ARM64 endpoint protection can leave devices vulnerable. Windows on ARM devices operate on ARM64 architecture, differing from traditional x86/x64 systems, which can lead to incomplete protection, performance issues, and compatibility challenges with legacy security tools. This creates security gaps, making ARM-based devices attractive targets for threats like ransomware. To secure ARM-based Windows endpoints effectively, organizations need native ARM64 endpoint protection that ensures optimal performance, consistent protection across all devices, and centralized policy management. Morphisec offers native ARM64 endpoint protection, focusing on preventing threats before execution and providing seamless deployment and management. Without native support, organizations risk fragmented security tools, an expanded attack surface, and operational inefficiencies. Implementing native ARM64 endpoint protection allows for standardized security, simplified processes, and enhanced resilience against advanced threats.
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
Winsage
May 14, 2026

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

An anonymous cybersecurity researcher disclosed two new zero-day vulnerabilities affecting Microsoft systems: YellowKey and GreenPlasma. YellowKey is a BitLocker bypass that operates as a backdoor within the Windows Recovery Environment, impacting Windows 11 and Windows Server 2022/2025. Exploiting YellowKey involves copying specially crafted files to a USB drive, connecting it to a Windows computer, and rebooting into WinRE. The researcher expressed skepticism about Microsoft's response time to this vulnerability, noting that using TPM+PIN does not mitigate the risk. GreenPlasma is a privilege escalation vulnerability that allows an unprivileged user to obtain a shell with SYSTEM permissions through arbitrary section creation in Windows CTFMON. The proof-of-concept for this exploit is incomplete but indicates potential manipulation of trusted privileged services or drivers. Additionally, a related attack against BitLocker was detailed by French cybersecurity firm Intrinsec, which exploits a boot manager downgrade using CVE-2025-48804 to bypass encryption protections on fully patched Windows 11 systems. This method allows attackers to boot from a controlled WIM while the boot manager checks the legitimate one, executing with the decrypted BitLocker volume. Despite Microsoft releasing fixes for this defect in July 2025, a flaw in Secure Boot verification allows a vulnerable boot manager to bypass BitLocker safeguards. To mitigate these risks, enabling a BitLocker PIN at startup and migrating to a new boot manager certificate is recommended.
Microsoft unveils MDASH, its AI agent-driven security platform — and it's already spotted a host of new Windows flaws
Winsage
May 14, 2026

Microsoft unveils MDASH, its AI agent-driven security platform — and it’s already spotted a host of new Windows flaws

Microsoft has introduced MDASH, a platform that enhances vulnerability discovery using artificial intelligence, developed by the Autonomous Code Security Team and the Windows Attack Research and Protection group. MDASH has identified 16 previously unknown vulnerabilities in various Windows components, including four critical remote code execution vulnerabilities (CVE‑2026‑33827 and CVE‑2026‑33824). The platform achieved zero false positives during testing and is currently used internally at Microsoft and in a private preview for select partners.
Windows 11 Emoji Picker Search Box Disappears in Some Builds, Restarting Explorer Restores It
Winsage
May 14, 2026

Windows 11 Emoji Picker Search Box Disappears in Some Builds, Restarting Explorer Restores It

A glitch in Windows 11 has caused the search box in the emoji picker to disappear, affecting users' ability to search for emojis by name. This issue has been reported by multiple users and confirmed by Windows Central in the Insider Beta channel, but Microsoft has not acknowledged it or provided a fix. A temporary solution involves restarting Windows Explorer through Task Manager, which can restore the search box functionality. The bug's prevalence varies among users, and it is unclear if it affects stable releases of Windows 11.
Search