windows
Microsoft: Some Windows servers enter reboot loops after April patches
Microsoft has confirmed that some Windows domain controllers are entering restart loops due to Local Security Authority Subsystem Service (LSASS) crashes after installing the April 2026 security updates. The company also warned that Windows admins may encounter this issue when setting up new domain controllers, or even on existing ones, if the server processes authentication […]
Recently leaked Windows zero-days now exploited in attacks
Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions. Since the start of the month, a security researcher known as “Chaotic Eclipse” or “Nightmare-Eclipse” has published proof-of-concept exploit code for all three security issues in protest to how Microsoft’s Security Response Center (MSRC) handled […]
Microsoft: April Windows Server 2025 update may fail to install
Microsoft is investigating an issue causing this month’s KB5082063 security update to fail to install on some Windows Server 2025 systems. On affected systems, users are also reporting seeing 0x800F0983 install errors when trying to deploy the April 2026 cumulative updates. “Microsoft is monitoring diagnostic data reports on update installation failures and has observed a […]
CISA flags Windows Task Host vulnerability as exploited in attacks
CISA warned U.S. government agencies to secure their systems against a Windows Task Host privilege escalation vulnerability that could allow attackers to gain SYSTEM privileges. Task Host is a core Windows system component that serves as a container for DLL-based processes, allows them to operate in the background, and ensures they close properly during shutdown […]
Microsoft: April updates trigger BitLocker key prompts on some servers
Microsoft confirmed on Tuesday that some Windows Server 2025 devices will boot into BitLocker recovery after installing the April 2026 KB5082063 Windows security update. BitLocker is a Windows security feature that encrypts storage drives to prevent data theft. Windows computers typically enter BitLocker recovery mode after hardware changes or events such as TPM (Trusted Platform […]
Microsoft fixes bug behind Windows Server 2025 automatic upgrades
Microsoft has finally fixed a known issue that was causing systems running Windows Server 2019 and 2022 to “unexpectedly” upgrade to Windows Server 2025. The issue was first acknowledged by Microsoft in September 2024, following widespread reports from Windows admins regarding servers that had been automatically upgraded overnight to a Windows Server version for which they didn’t even have a license. […]
Microsoft April 2026 Patch Tuesday fixes 167 flaws, 2 zero-days
Today is Microsoft’s April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities. This Patch Tuesday also addresses eight “Critical” vulnerabilities, 7 of which are remote code execution flaws and the other is a denial of service flaw. The number of bugs in each vulnerability category is listed below: When GeekFeed reports on […]
Microsoft rolls out fast-track to reinstate Windows hardware dev accounts
Microsoft has rolled out a fast-track process to help developers regain access to accounts recently suspended from its Windows Hardware Program, following widespread complaints that they were locked out without warning. Last week, the company suspended Windows Hardware Developer accounts used to publish Windows drivers and updates for widely used tools like WireGuard, VeraCrypt, MemTest86, and Windscribe. The suspensions […]
Google Chrome adds infostealer protection against session cookie theft
Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to block info-stealing malware from harvesting session cookies. macOS users will benefit from this security feature in a future Chrome release that has yet to be announced. The new protection has been announced in 2024, and it works by cryptographically linking […]
Microsoft suspends dev accounts for high-profile open source projects
Microsoft has suspended developer accounts used to maintain multiple high-profile open-source projects without proper notification and no way to quickly reinstate them, effectively blocking them from publishing new software builds and security patches for Windows users. The list of affected projects includes, but is not limited to, Virtual Private Network (VPN) software WireGuard, on-the-fly encryption […]