windows
EDR killer tool uses signed kernel driver from forensic software
Hackers are abusing a legitimate but long-revoked EnCase kernel driver in an EDR killer that can detect 59 security tools in attempts to deactivate them. An EDR killer is a malicious tool created specifically to bypass or disable endpoint detection and response (EDR) tools, along with other security solutions. They typically use vulnerable drivers to unhook […]
Microsoft rolls out native Sysmon monitoring in Windows 11
Microsoft has started rolling out built-in Sysmon functionality to some Windows 11 systems enrolled in the Windows Insider program. Microsoft first revealed plans to integrate Sysmon natively into Windows 11 and Windows Server in November, when it also confirmed that it will soon release detailed documentation. Sysmon (short for System Monitor) is a free Microsoft Sysinternals tool […]
Microsoft: January update shutdown bug affects more Windows PCs
Microsoft has confirmed that a known issue preventing some Windows 11 devices from shutting down also affects Windows 10 systems with Virtual Secure Mode (VSM) enabled. VSM is a Windows security feature that creates an isolated, protected memory region separate from the normal operating system (known as the “secure kernel”), using hardware virtualization that is extremely […]
Microsoft fixes bug causing password sign-in option to disappear
Microsoft has fixed a known issue that was causing the password sign-in option to disappear from the lock screen options after installing Windows 11 updates released since August 2025. The password icon appears on the lock screen only if multiple sign-in options (e.g., PIN, password, security key, fingerprint) are available. However, if you use only […]
Microsoft to disable NTLM by default in future Windows releases
Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks. NTLM (short for New Technology LAN Manager) is a challenge-response authentication protocol introduced in 1993 with Windows NT 3.1 and is the successor to the LAN Manager (LM) protocol. Kerberos has superseded NTLM and […]
Windows 11 KB5074105 update fixes boot, sign-in, and activation issues
Microsoft has released the KB5074105 preview cumulative update for Windows 11 systems, which includes 32 changes, including fixes for sign-in, boot, and activation issues. KB5074105 is an optional update that delivers updates at the end of each month, allowing admins to test Windows bug fixes, new features, and improvements that will be generally available during next month’s Patch […]
Microsoft shares workaround for Outlook freezes after Windows update
Microsoft shared a temporary workaround for customers experiencing Outlook freezes after installing this month’s Windows security updates. As explained one week ago, when Microsoft acknowledged the issue, the bug causes the classic Outlook desktop client to hang for users with POP email accounts who have deployed the KB5074109 security update on Windows 11 25H2 and 24H2 systems. Other […]
Microsoft releases OOB Windows updates to fix shutdown, Cloud PC bugs
Microsoft has released multiple emergency, out-of-band updates for Windows 10, Windows 11, and Windows Server to fix two issues caused by the January Patch Tuesday updates. The first issue impacts Windows 11, Windows 10, and Windows Server and blocks access to Microsoft 365 Cloud PC sessions. After installing the January 2026 security updates, some users […]
Microsoft: Windows 11 update causes Outlook freezes for POP users
Microsoft is investigating widespread reports that a January Windows 11 security update is causing the classic Outlook desktop client to freeze and hang for users with POP email accounts. POP (Post Office Protocol) is an email retrieval protocol used for downloading emails from a server to a local device. While POP isn’t as widely used […]
Microsoft: Some Windows PCs fail to shut down after January update
Microsoft has confirmed a new issue that prevents Windows 11 23H2 devices with System Guard Secure Launch enabled from shutting down. System Guard Secure Launch is a Windows security feature designed to protect the boot process from firmware-level attacks and malware such as rootkits. According to a release health dashboard update on Thursday, this known […]