bleepingcomputer[.]com/news/microsoft/microsoft-june-2026-patch-tuesday-fixes-6-zero-days-200-flaws/

bleepingcomputer[.]com/news/microsoft/windows-11-kb5094126-and-kb5093998-cumulative-updates-released/

bleepingcomputer[.]com/news/microsoft/microsoft-releases-windows-10-kb5094127-extended-security-update/

This is already a problem update -- no telling how many more problems will be reported later on. To start with it may not install. The problem effects *some* copies of of Windows that have been upgraded to Win11 25H2, and the resolution *may* be automatic or it may be involved -- it didn't seem entirely clear to me in the article, and the referenced Microsoft site would not display for me. At the same time, the Bleeping Computer site is currently down.

bleepingcomputer[.]com/news/microsoft/microsoft-some-upgraded-windows-pcs-fail-to-install-monthly-updates/

2nd on the list, Microsoft hardened the way that Windows treats desktop.ini files. This will effect shortcuts, folders, icons etc. for sources that are not automatically trusted, e.g., network shares.

neowin[.]net/news/microsoft-windows-11-kb5094126-kb5093998-finally-stops-trusting-a-critical-system-threat/

3rd, Microsoft is pushing out an update called AudioProcessingObject Driver Update. It **may** have already been installed -- 2 of my copies of Win11 show it installed in April -- you can check Update history in the Drivers section. If not, your results may vary -- since Win10 Windows behavior is a coin toss. The update may install along side this month's update, not showing up in the list of updates to be downloaded and installed, and it may fail, and all you'll see is that there was an error with the main update, no error code etc. If you check for updates after this month's updates have been installed -- always a good idea -- it'll show up if it's not yet installed, and it will take a good while to download and then likely fail. Retrying will work almost instantly. That said, you may not want it, as some have reported audio problems afterwards.

windowsforum[.]com/threads/re-microsoft-corporation-audioprocessingobject-driver-update-1-0-3-56670.423547/

There's almost no info available, so I asked Google's AI:

An **Audio Processing Object (APO)** driver update is a component delivered through Windows Update that handles digital signal processing for your computer’s audio. Instead of being the core audio driver itself (like Realtek or Intel Smart Sound), an APO driver acts as a software plug-in that provides specialized post-processing and audio enhancements.

Here is a breakdown of what this update is, why you are seeing it, and what to do if it causes problems.

---

### What Does the Update Actually Do?

When you see **Microsoft Corporation AudioProcessingObject Driver Update** (often versions like


r

or


r

), it is usually handling background system features for your microphone and speakers. Key tasks include:

* **Voice Clarity:** Powering Windows 11’s built-in AI voice processing to clear up background noise during video calls.
* **Acoustic Processing:** Managing beamforming, echo cancellation, and microphone array tuning.
* **Spatial Sound:** Processing spatial or surround sound effects.

*Note: While labeled "Microsoft Corporation," Windows Update often uses this generic naming convention to deploy specialized APO software blocks that interact directly with third-party chips like Realtek or DTS.*

---

### Why Am I Seeing This Now?

Microsoft frequently pushes these updates to maintain compatibility with major Windows 11 builds (like 24H2 or 25H2).

However, user reports from early 2026 highlight that a few specific versions of this Microsoft APO update accidentally bricked or disabled the built-in microphone drivers on several laptop models. If you are seeing it queued up now, it is highly likely a **hotfix patch** designed to repair those broken microphone communication pipelines.

---

### What Should You Do?

#### 1. If Your Audio Is Working Fine

**Let it install.** If your sound and microphone are behaving normally, there is no need to block it. It will install silently in the background and keep your system's multimedia features up to date.

#### 2. If the Update Broke Your Audio or Microphone

If your sound started crackling, your microphone stopped responding, or your audio device vanished after this update, you can easily revert it using these steps:

* **Turn off Audio Enhancements temporarily:**
1. Go to **Settings > System > Sound**.
2. Click on your active output or input device.
3. Find **Audio enhancements** and toggle it to **Off**. Test your sound.

* **Roll back the driver:**
1. Right-click the Windows Start menu and select **Device Manager**.
2. Expand **Sound, video and game controllers**.
3. Right-click your primary audio controller (e.g., *Realtek Audio*) and choose **Properties**.
4. Go to the **Driver** tab and click **Roll Back Driver** (if available).

* **Reinstall the manufacturer driver:** If rolling back doesn't fix it, your best bet is to go directly to your laptop or motherboard manufacturer’s official support page (HP, Dell, Lenovo, ASUS, etc.), download the latest dedicated audio driver package for your specific machine model, and install it over the Windows Update version.

Finally, if Microsoft decides or believes that your device is incompatible with their fix updating the Secure Boot certificates, it may tell you that. You may see a warning on the Security icon in the notification area. Click the icon, and Device Security will show a warning. Click that and the secure boot listing will tell you it's incompatible. Click Dismiss to get rid of the warning.

A UPS [Uninterruptible Power Supply] uses one or more batteries that supply electricity to a PC or other electrical/electronic device(s) if/when there's a power outage. The basic idea with a PC is it gives you time to save your work and shut down gracefully, and they're also handy for brief power interruptions, e.g., when the lights flicker, so the PC keeps running rather than shuts down.

One problem however is that there's no great way to judge if the battery [or batteries] in a UPS are still good. In my case I use the CyberPower app on this PC, and checking the app after a couple of very brief outages -- 6 & 3 seconds per the in-app log -- the batteries were down to 40%! Based on the measured load the app estimated that I'd have ~45 minutes if the batteries were fully charged & in good shape. It was a lucky power outage BTW, since the extended warranty was up next month. The app's self test Did Not show anything wrong, so it's obviously useless in this case.

So, rather than wait for an outage, &/or if you don't have/use a monitoring app like CyberPower's PowerPanel Personal, it might be a good idea to, with the PC [or whatever] running, unplug the UPS from the wall and see how long it lasts, making sure the battery's still good. If you don't want to risk running Windows when it does shut off, boot to a USB stick for backup software or similar.

On a quick note, the latest PowerPanel Personal download is here -- checking for updates in-app did not show there was a newer version, and it had to be uninstalled first before the newer version would install.

cyberpowersystems[.]com/products/software/power-panel-personal/

zdnet[.]com/article/easy-way-to-exclude-ai-from-search-results-in-every-browser/

The article walks you through adding a new option to search using Google minus any AI overviews etc.

windowscentral[.]com/microsoft/windows-11/hp-laptop-bios-bug-leaving-windows-11-pcs-stuck-in-bitlocker-recovery-loop

If you own an HP laptop — particularly a high-end model, including HP EliteBooks, ProBooks, and ZBook workstations — there’s a strong chance you may encounter a buggy BIOS firmware update delivered through automatic Windows Update.

The flaw can cause your PC to freeze during boot or display the Blue Screen of Death, rendering it unusable until a fix is applied.

Some users have reported that their devices boot directly to the BitLocker recovery screen as early as April 2026. Even after entering the correct recovery key to access the desktop, Windows 11 fails to recognize the change, triggering the same BitLocker recovery loop.

While speaking to The Register earlier this week, HP indicated it's "aware of purported BIOS issues and is looking into the matter." And now, in a new support document — spotted by Windows Latest — HP indicated that:

"Microsoft’s 2023 certificates may fail to properly apply on the computer when this BitLocker issue occurs. To verify the status of this process, check the UEFICA2023Status and UEFICA2023Error registry values. If the UEFICA2023Status registry value remains in an "In Progress" state over time and the UEFICA2023Error registry value shows any number higher than 0, then the update process has failed."

amd[.]com/en/support/download/drivers.html

I don't normally post about these because it's usually a ho hum affair -- having the latest drivers means you'll usually see no difference in anything at all. BUT, I believe the last AMD chipset drivers were/are buggy, because I was getting random CPU spikes in usage & corresponding temps. And those temp spikes were high enough that I think some people would have experienced CPU throttling, where the power was reduced to prevent damage to the CPU. I have not seen that with these latest drivers.

Ashampoo UnInstaller 15 is on GOTD today, so I thought this might be a good time for a reminder -- often the Only way to put Windows back the way it was before installing whatever app is by restoring an image backup. That's why some folks use VMs [Virtual Machines] and Sandbox software, e.g., Sandboxie. That's Not to say there's anything wrong with Ashampoo's Uninstaller apps, or Revo for that matter. They *may* *sometimes* go a bit further than an apps own uninstaller, and if you let them search &/or clean Windows registry you may get rid of a bit more junk, though at the same time you may also break something, including Windows. Some changes are not easily reversible, while others may be near impossible to undo. Deleting some files and/or registry keys or entries may not always be 100% safe, so an uninstaller app will not even give you that option.

Sometimes an app will use Windows Installer [.msi file] and use that same file for uninstall, but since that file controls the uninstallation process, it's left behind. A 3rd party uninstaller may or may not find that file. Sometimes files are added and registered with Windows, so that afterwards they're effectively a part of Windows. And sometimes files are added that take over whatever functions were previously performed by files that came with Windows. Complicating matters further, software you installed afterwards may now depend on that, so reversing those changes would cause it to also break. The same sort of thing applies to Windows registry, since a software installation routine can rewrite portions of it -- to undo an installation would require restoring registry keys &/or entries that no longer exist.

There really is no perfect [or near perfect] solution. Adding software, even if it's *supposed* to be portable, means accepting some risk, though you can mitigate it by using a VM or Sandbox to at least check out an app before committing your regular copy of Windows. You can accept the fact that installing software changes Windows itself in ways that may well be irreversible, and that the hype used to market uninstalling software is just that, hype, and some of it will be false. You can set a restore point beforehand, though restoration may or may not work. You can perform an image backup, which will work, with the caveat that restoring that backup will reverse Every change made since that backup, so everything from recent emails to any software or updates added later will be gone.

Myself, I use an old app that barely works anymore called InstallWatch Pro in a VM to monitor file changes made during installation. At the same time I use another old app called Regshot2 to record every change made to the registry. That allows me to see if an apps impact on Windows IMHO exceeds its utility -- if it's worth it -- and if I go ahead and add it to may regular copy of Windows, what I'll need to do to fully remove it. But that's admitted overkill.

msrc.microsoft[.]com/update-guide/vulnerability/CVE-2026-45585

Microsoft has released a script to mitigate the vulnerability by removing autofstx.exe from WinRE, the recovery environment stored on the Recovery partition.

This script is an interim security fix that helps to reduce the risk of exploitation of the vulnerability.

The script is for WinRE and removes autofstx.exe from the BootExecute registry value. Since BootExecute runs programs very early in boot (even in recovery mode), removing this entry prevents that executable from running in a high‑privilege environment, reducing risk.

It works by mounting the WinRE image, editing its offline SYSTEM registry to remove the entry if present, then safely committing changes and re‑sealing WinRE so BitLocker trust remains intact.

It’s designed to be safe—if the autofstx.exe entry isn’t there, it exits without making changes.

neowin[.]net/news/mozilla-explains-firefox-crashes-on-intel-13th-14th-gen-raptor-lake-systems/

Mozilla's engineers have been trying to figure out the problem with Firefox crashing on Intel Raptor Lake 13th & 14th gen. CPUs for about a year.

Mozilla engineers traced them down to failures in a zlib-rs compression routine where a 16-bit dist value appeared incorrect which consequently led to index out-of-bounds crashes. However, the team suspected the underlying cause involved Intel Raptor Lake CPU bugs specifically the RPL050 and RPL060 issues related to incorrect load behavior. Mozilla noted however that Intel’s newer 0x12c microcode appeared to reduce the crashes greatly.

Well, my *guess* appears to be wrong. One of my tablets, that does Not use secure boot, seems to have suffered from the bug in this month's patch, restarting with a brief error message on a black screen after Win11 shut down at 99%+ installation. The message was too brief to read more than something about Windows had a problem, then it displayed a message that Windows is being updated, eventually winding back up in Win11. Once in Win11, Windows Update was already in the process of downloading the patch [again], so as fast as I could I entered the command in my earlier post to add the key to the registry [huge fun on a minuscule touch screen keyboard]. Installing the patch the 2nd time took a small fraction of the time it took originally, and that 2nd try worked.

They Should have included a check in the update, and added the key as part of that update when necessary, but the fact they didn't points to a larger problem with Microsoft. Every mid to large sized company has employees who are lazy, incompetent, could care less etc., and it's management's job to catch their goof-ups, but it seems Microsoft's management suffers from the same problems.

*To me* it seems like Microsoft's actively trying to destroy what little trust anyone still has in the company. When I read people that *should* know better write that Defender is good enough, I have to ask: "For What?" And I generally ignore the fanboys when they buy into Microsoft's claims that they're gonna fix Windows. Windows is a HUGE collection of old code, some dating back to Windows 3.1. Every time they could have modernized some of the core parts over the years, they said nah, we'll make something look different and that'll be good enough. So now they've still got a HUGE amount of old code from the days of 286/386 processors, plus a HUGE amount of slightly less old code patching things on top of it, and then the newer Win10 & 11 stuff that was slapped on haphazardly... Every time Microsoft comes out with a new design language they say they're going to implement it across Windows, but they never have. Long story short, when you use Win11, you're also using Win3.1, Win95, Win98, Win98SE, WinME, XP, Vista, Win7, Win8, Win8.1, Win10, & Win11. Parts of each and every one of those versions is still there. Fixing Windows would be a monumental exercise, *IF* you didn't persist in laying off several thousands of people at a time to pay for AI.

bleepingcomputer[.]com/news/microsoft/microsoft-may-2026-patch-tuesday-fixes-120-flaws-no-zero-days/

bleepingcomputer[.]com/news/microsoft/windows-11-kb5089549-and-kb5087420-cumulative-updates-released/

bleepingcomputer[.]com/news/microsoft/microsoft-releases-windows-10-kb5087544-extended-security-update/

This update may fail to install -- per Microsoft: "This issue occurs on devices that have limited free space on the EFI System Partition (ESP), especially if it has 10 MB or less available." They post that the workaround is either to use Known Issue Rollback, or enter the following command at the Command Prompt running as Admin. and restart: reg add “HKLM\SYSTEM\CurrentControlSet\Control\Bfsvc /v EspPaddingPercent /t REG_DWORD /d 0 /f”​​​​​​​

That's certainly easier than enlarging the boot partition or creating a new one that's larger, though I can't help but speculate that those effected may wind up doing just that at some time in the future. My *guess* is that Microsoft is adding stuff related to the newer Secure Boot certificate to that partition.

neowin[.]net/news/windows-11-kb5089549-reportedly-failing-to-install-slowing-internet-down-on-certain-systems/

support.microsoft[.]com/en-us/topic/may-12-2026-kb5089549-os-builds-26200-8457-and-26100-8457-28ec2a99-4bbe-481d-a340-5c6cf18d9acb

Today is Microsoft's May 2026 Patch Tuesday, with security updates for 120 flaws and no zero-days disclosed.

This Patch Tuesday addresses 17 "Critical" vulnerabilities, 14 of which are remote code execution, 2 are elevation of privilege, and 1 is an information disclosure flaw.

The number of bugs in each vulnerability category is listed below:

61 Elevation of Privilege Vulnerabilities
6 Security Feature Bypass Vulnerabilities
31 Remote Code Execution Vulnerabilities
14 Information Disclosure Vulnerabilities
8 Denial of Service Vulnerabilities
13 Spoofing Vulnerabilities

bleepingcomputer[.]com/news/software/dell-confirms-its-supportassist-software-causes-windows-bsod-crashes/

Dell has confirmed the problem and is working on a fix.

tomshardware[.]com/tech-industry/cyber-security/microsoft-bitlocker-protected-drives-can-now-be-opened-with-just-some-files-on-a-usb-stick-yellowkey-zero-day-exploit-demonstrates-an-apparent-backdoor

bleepingcomputer[.]com/news/security/windows-bitlocker-zero-day-gives-access-to-protected-drives-poc-released/

I say *possible* because *to me* it does not seem it would be immediately useful to cyber criminals, though they might be able to build on it, taking the exploit further. To perform the exploit as published you copy the FsTx folder to the System Volume Information on a USB stick, cause the system to reboot into the Recovery Environment, then hold down the Control key until it reboots. When it restarts you'll be at the Command Prompt with full access to the encrypted drive.

Of course, if you are in the running copy of Windows, which is necessary to pull this off, you already have access to the files on the BitLocker encrypted system disk, so while I may be missing something here, what is the point?

neowin[.]net/news/dell-pcs-are-running-into-constant-bsod-reboot-loops-and-windows-11-isnt-the-culprit/

... affected users are finding themselves faced with a PC that constantly reboots after hitting a blue screen of death (BSOD). The problem has been experienced by several people including one of Neowin's long-time forum members, polo69, who says they have been hitting BSODs every 30 mins or so after a new Dell software update.

The day after posting this Chrome's AI model was still there, so I deleted it. *So far* it hasn't come back, but I should add that I don't regularly use the Chrome browser, so mileage may vary.

tomshardware[.]com/networking/routers/fcc-reverses-course-allows-software-updates-for-foreign-made-drones-and-routers-until-2029-agency-says-blocking-security-patches-could-create-cybersecurity-risks

I guess the folly of trying to enforce a ban on router software updates [by a US agency that HAS NOTHING TO DO WITH SUCH THINGS] finally occurred to the FCC's chief A******, so he took a few minutes off from his new war on Disney/ABC and issued an official statement that those software updates would in fact be allowed until January 1, 2029 [when he'll have at most 20 days left in office]. How generous of him.

neowin[.]net/news/official-windows-11-registry-mod-blocks-automatic-download-of-4gb-ai-model-on-google-chrome/

Both Chrome & Edge can download AI models for local AI processing by the browser. I 1st became aware of Chrome doing this scanning the drive with WizTree -- Chrome stores ~4GB in Users\ [UserName]\ AppData\ Local\ Google\ Chrome\ User Data\ OptGuideOnDeviceModel\. If Edge has done similar I don't know where it's stored. From what I've read there's no switch in Chrome to turn this off, and it replaces the files if you delete them. Neowin writes that there's a registry entry that prevents Edge from downloading AI models, and will cause it to delete any that it's already downloaded. They also include a version of the same policy setting for Chrome.

Does it work? I've no idea yet, but after a few hours the Chrome model's still there. If it doesn't go away on its own I'll try deleting it, and see if it returns. I'll let you know.

mindgard[.]ai/blog/claude-offers-up-instructions-to-make-explosives

Ever since ChatGPT arrived folks have been trying to get it to break its own rules. And that's where the companies behind various LLMs [AI] have focused their guardrails. You ask it about a topic like making explosives and it won't comply. BUT. When they design/create these models they include stuff to make it feel more human, which means they're vulnerable to human frailties like flattery and gaslighting. This [to me fascinating] article tells how the author was able to get the Claude model from Anthropic to cheerfully volunteer to provide instructions for making explosives, providing the programming code for malware and so on. All because he subjected the model to *psychological manipulation* techniques, as if it was human. FWIW, seems Grok is worse.

bleepingcomputer[.]com/news/security/cloudz-malware-abuses-microsoft-phone-link-to-steal-sms-and-otps/

Windows Phone Link can access your phone to do everything from make calls and send texts to copying pictures you've taken, and as shown with the CloudZ malware, that also means stuff like sensitive messages, texts, & one time passwords. That's another potential weakness to think about before you use Phone Link.

windowscentral[.]com/microsoft/microsoft-edge-will-load-all-your-passwords-into-memory-in-plaintext-but-microsoft-says-its-not-a-security-concern

Edge stores your passwords in system memory in the same format as a plain text file created in Notepad, making it easy for software to dump & save the contents. Microsoft doesn't consider this a vulnerability worth fixing, because to actually grab those passwords someone would already have to have access to your PC/laptop, e.g., you'd already have to be infected with some sort of malware (!). Of course there are different degrees of compromise -- malware with easier to gain user privileges can't steal as much or create as much havoc as malware running as admin., so you want to make it harder to do bad stuff &/or harder to escalate to admin. privilege level. But apparently Microsoft takes the stance that any access means Game Over, you're on your own. And if that's their official stance, I guess it makes perfect sense to disable their driver blocklist, as installing a driver is rarely if ever the 1st step in an exploit. So why bother making sure that list is accurate?

It's looking *to me at least* like Microsoft screwed up regarding the Macrium Reflect driver. Some overpaid idgit likely, and potentially semi-randomly, picked a bunch of drivers to create an updated blocklist. After all, that was Far easier than trying to fix some of Microsoft's & Windows' glaring security lapses.

Out of curiosity I installed Macrium Reflect v8.0.7279 Free -- the last version available before it was removed from their site -- in a VM. The driver file in question, psmounterex.sys, was v.7.2.4058, and it immediately triggered BitDefender when I copied it to the host or main copy of Win11 I'm using. As Neowin reported, it was later patched to v.8.0.7662.0, which gets an All Clear from Virus Total. Whatcha wanta bet some lazy idgit found that filename in an old security alert, never bothering to see if it was ever patched, and used it, likely along with several other innocent files, to make it look like they'd been productive? I worry now about what other devices or components will stop working because of the same scattershot, make-work BS.

virustotal[.]com/gui/file/16c6a5db7819622cc568aea78a2d4e74c2465b9fc3797923d58d4c84fe35a24b

oo-software[.]com/en/diskimage-backup-your-data

shop.oo-software[.]com/36/purl-may4th?

Macrium Reflect *was* arguably the best image backup solution for home & biz, though there were better solutions IMHO for large corporations using the cloud. It was somewhat expensive, though once or twice a year it went on sale for ~$35, and they had a free version that was almost as good as the paid. Then they got a new CEO, an incompatible new version sold using subscriptions, and the free version was abandoned. Now that Microsoft has blocked the driver Macrium Reflect 8 used to mount backup images, so you could copy individual files/folders, someone could do the right thing and fix it, but popular public opinion right now doesn't think that'll happen. And so a bunch of people are looking for replacement software.

I suggest O&O DiskImage because it's almost as capable as Macrium Reflect -- MR has a few tricks like booting to a backup archive that DiskImage does not offer -- and it's very reasonably priced on sale, especially the 5 license pack if you've got more than one PC/laptop. The email I received today said the sale prices [2nd link] were good until May 9th.

As far as free software goes, AOMEI Backupper is still the champ IMHO. The free & paid versions are not as capable as DiskImage, but they're close enough. The Pro version is a worthwhile upgrade, but unless you take advantage of their yearly GOTD offer, the price is not competitive with the more capable DiskImage when it's on sale.

aomeitech[.]com/ab/comparison.html

Hasleo is getting a LOT of mention online as an alternative, but I'm not impressed with the app. I suspect that Hasleo gives it away for free while they continue to develop the app to a level that they can more easily sell, but I of course could be wrong.

neowin[.]net/software/hasleo-backup-suite-free-5820/

tomshardware[.]com/software/a-suspected-youtube-interface-bug-spikes-ram-usage-above-7-gigabytes-users-report-severe-lag-and-frozen-tabs-bug-might-be-trapping-browsers-in-an-endless-layout-loop

Reports of YouTube freezing browsers and consuming enormous amounts of RAM began spreading across Reddit and browser forums late last week, with developers now pointing to a bug in the platform's interface code that may be trapping browsers in an endless layout recalculation loop. What's emerging is that there is a runaway interface bug buried inside the platform's video controls.

Users across multiple browsers, including Firefox, Brave, and Microsoft Edge, have described videos stuttering, tabs becoming unresponsive, and systems slowing to a crawl while watching YouTube. Some users reported the individual YouTube tabs consuming more than 7GB of RAM.

neowin[.]net/news/microsoft-windows-11-kb5083769-kb5083631-block-backup-apps-like-macrium-heres-why/

I was wrong - the new policy started with the April update, and is continued in the optional one. And it's had its 1st widely reported casualty, blocking the driver that Macrium Reflect 8 & earlier use to mount backups. Per Neowin this is likely a Microsoft screwup, since there *was* a vulnerability and it was patched. It's unknown if Microsoft or Paramount, the company behind Macrium Reflect, will fix this or not, since version 8 has officially been put out to pasture. Rolling back individual files, or the entire Windows\ System32\ CodeIntegrity\ folder & its contents to what was there in March caused Win11 to fail to start. Likewise attempting to edit the driversipolicy.p7b had the same effect. Changing the hash of the driver file, PSMounterEx.sys, had no effect. The only cure at the moment seems to be turning off the vulnerable driver blocklist, which is done with a registry entry:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Config]
"VulnerableDriverBlocklistEnable"=dword:00000001

IMHO turning off the blocklist is not like handing over your signin or some control of Windows. During its installation malware may try to install a vulnerable driver that may or may not be included in Windows blocklist. If it is included and the blocklist is on, it will stop just that part of the malware installation. That installation had to be started, e.g., you clicked to run an infected app, and it had to get by your anti virus software before it got to that point, and just because the driver's blocked dose not mean the malware is not functional. IOW, there's some chance it *may* help someday, and if you don't have any problems it has zero cost, so why not have it on, but if you need to turn it off it's not the end of the world by any means. And if you're in the habit of running untrusted apps, you're probably infected already.

You can create a couple of .reg files to turn the blocklist on/off -- double clicking a .reg file adds its contents to the registry. Afterward you'll have to restart Windows for it to take effect. Copy the following into plain text file [.txt] using Notepad or similar, then name the files [SomeName].reg, e.g., CodeIntegOff.reg.

To turn it off:
-----------------

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Config]
"VulnerableDriverBlocklistEnable"=dword:00000000

---------------

To turn it on:
-------------

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CI\Config]
"VulnerableDriverBlocklistEnable"=dword:00000001

---------

neowin[.]net/news/windows-11-gets-big-feature-update-with-xbox-mode-new-file-explorer-features-and-more/

The headline feature of KB5083631 is the *slowly rolling out* new Xbox mode, which replaces the desktop with a controller friendly screen, as when using an Xbox. The part that worries me a little is below. Microsoft is trying to tighten security around drivers, which is good since using a driver with known vulnerabilities is a favorite trick of malware -- it'll install such a driver, then use it to make sure the exploit starts early in the Windows startup process. The bad part is that some drivers will wind up being blocked -- probably less common ones from less common sources, so it may be unlikely you'll find an alternative or newer version. I'm thinking things like Bluetooth, WiFi, Touchpads, Touch screens etc., since even big brands can use parts from small, less known companies to save costs, and/or there are a ton of low cost dongles for things like WiFi & Bluetooth out there.

[Windows Driver Policy update] New! This update improves Windows security by changing how the Windows kernel trusts third‑party drivers. Default trust for cross‑signed drivers is removed, while drivers from the Windows Hardware Compatibility Program (WHCP) and an allow list of trusted legacy drivers remain allowed. Windows audits driver compatibility for at least 100 hours and three reboots before enabling enforcement. After enforcement, a small number of cross‑signed drivers might be blocked. For more information, see the Windows driver policy and the Advancing Windows driver security blog.​​​​​​​

askwoody[.]com/newsletter/ms-defcon-3-kb5083769-causes-backup-issues/

bleepingcomputer[.]com/news/microsoft/april-kb5083769-windows-11-update-causes-backup-software-failures/

While I haven't seen a problem using Macrium Reflect 7 and 8, there are reports that the VSS shadow copy service is having problems: "... causing backup operations to fail with the error "The backup has failed because Microsoft VSS has timed out during the snapshot creation""

Because you can't make a copy of a file that's actively being used, VSS makes a momentary snapshot that used when you create a restore point, do a backup etc. Problems have been reported with Macrium, Acronis, NinjaOne, UrBackup Server, though the Macrium report *may* just be a single incident based on the article's link.

Background... I've found Very little concrete info on how this will all work out. Microsoft has published that PCs/laptops that do not get the updated secure boot certificate will still work with Secure Boot turned on, but if Microsoft updates the boot loader &/or secure boot related files in the future, those devices will not get those updates. The newer secure boot certificates must be stored in the BIOS, which is the firmware that manages all the components so the box of connected parts actually boots into Windows [or Linux]. Microsoft's secure boot update software apparently can store the newer certificate in the BIOS, **Sometimes**, e.g., as evidenced with our older Lenovo laptop. When that does not work A) nothing will happen, or B) it ***might*** mess up Windows or the BIOS -- I had to restore a backup image of Win11 on our old AIO after running the secure boot update test procedure Microsoft published. Microsoft is collecting data on which devices can be successfully updated to the newer certificate, with the assumed goal of not trying to update incompatible PCs, avoiding that sort of problem. But of course this is Microsoft, so S*** will happen. Depending on the BIOS -- the options offered in individual BIOS settings menus vary -- you may be able to update the secure boot certificate stored in the BIOS itself.

h30434.www3.hp[.]com/t5/Business-Notebooks/Enabling-new-UEFI-2023-CA-certificates-in-pre-2018-HP/td-p/9628370

Now, when it comes to the bootable USB sticks created with backup & partitioning apps, Windows setup etc., boot files that recognize the newer certificate will *probably* be needed to boot devices that have received the secure boot certificate update. Creating those USB sticks after that certificate update has been applied will **probably** add whatever is needed to that USB stick, since the files responsible for booting are *usually* copied from the Windows folder itself. It will *probably* be possible to copy the necessary files from the Windows folder to the USB stick rather than recreating the USB stick, or when the app you're using does not copy those files from Windows. There is also a PowerShell script [without documentation] to create bootable USB sticks/drives on Microsoft's secure boot GitHub page.

github[.]com/microsoft/secureboot_objects/releases

Where it's likely to get iffy is for folks like me that have newer PCs with the new certificate and older PCs without it. A bootable USB stick with the certificate update might not boot devices without it, and those USB sticks without the update might not boot PCs that have received it, meaning that I may now need 2 versions of each bootable USB stick I have & might use. I have not found a guaranteed, definitive answer, so I'm making sure I have disk image backups of each & every one, since the only way to create the older version would be using a PC/laptop without the update. Anyway, maybe something to think about.

pcmag[.]com/news/fccs-foreign-made-router-ban-expands-to-portable-wi-fi-hotspot-devices

The US ban on foreign-made Wi-Fi routers also affects portable Wi-Fi hotspot devices, according to an update from the Federal Communications Commission.

On Wednesday, the FCC updated its FAQ on the ban, clarifying which consumer-grade routers are subject to the restrictions.

Portable Wi-Fi hotspots are usually considered a separate category from Wi-Fi home routers. Both offer internet access, but portable Wi-Fi hotspots use a SIM card to connect to a cellular network rather than an Ethernet cable inside a residence. However, the FCC’s FAQ now specifies that “consumer-grade portable or mobile MiFi Wi-Fi or hotspot devices for residential use” are covered under the ban.

Amazon, which has made efforts to be *friendly* with the current US admin [huge donations, mass firings by Bezos at the Washington Post, which the pres hates etc.] has now made the exclusion list.

The US FCC actually has very little to do with anything tech -- they only make sure that electronic / electrical devices don't interfere with radio or TV broadcast. The idgit in charge simply says they won't check any new routers for broadcast airwave interference unless they're on his approved list, and without that check they can't be sold. Obviously that has nothing to do with any firmware updates, so it's very uncertain how he would go about preventing them, though they are included in his BS order.

neowin[.]net/news/microsoft-windows-11-kb5083769-kb5082052-updates-causing-remote-desktop-issues/

Microsoft has confirmed another bug, this time with Remote Desktop, but it *probably* won't effect most folks.

This issue can occur when you use more than one monitor with different display scaling settings (for example, one display set to 100% and another set to 125%). When this happens, the warning window might show overlapping text or partially hidden buttons, which can make the message difficult to read or interact with.

The workaround is to set the display scaling the same.

zdnet[.]com/article/how-indirect-prompt-injection-attacks-on-ai-work-and-6-ways-to-shut-them-down/

unit42.paloaltonetworks[.]com/ai-agent-prompt-injection/

forcepoint[.]com/blog/x-labs/indirect-prompt-injection-payloads

When ChatGPT 1st arrived you saw all sorts of stories online about people having fun jail breaking the LLM, figuring out prompts that made it forget about its rules and misbehave. Artificial Intelligence was and is solely a marketing term after all, and it's still dumb enough to get easily fooled. One way to fool it is to insert hidden instructions in a link so the AI will behave maliciously. Another, IMHO more dangerous way to feed AI malicious instructions is to hide them on a web page. Then when an LLM parses that page, digesting whatever info it contains, it can read those instructions and follow them. So, when you ask a chatbot something, if it scours the web for answers, and happens to come across a web page containing malicious instructions, you could possibly be toast.

At the very least, when you do a Google search, and their AI response is up top, Do Not click any of its reference links -- try to find whatever site in another browser window on your own.

blip[.]net/

There are a Bunch of apps & methods to transfer files from phone <-> PC, PC <-> PC etc., and many [maybe most?] are a PITA. It's often quicker/easier to carry a USB stick/drive from one PC to another rather than deal with file sharing in Windows. Windows Phone Link can work, *If* you get it working, & if it always works, but for something that's supposed to be easy & intuitive per Microsoft's docs, I'm still angry over the hours I've wasted. Yesterday's GOTD, Coolmuster Mobile Transfer 4.1.12, isn't better IMHO -- install software -> connect your phone via USB -> enable USB debugging on Android phone etc.

Blip has an app in the Windows, Google Play, & Apple stores [Linux on the way]. Once the app is installed you enter an email address, then enter the code they email to you, done. Then just send what you want from Blip on one device to another. From their FAQ:

How fast is Blip?
Really fast. Blip’s fast relay supports multi-gigabit speeds, even over long distances where other services slow down.

Because there are no separate “upload” and “download” steps, sending with Blip can be at least twice as fast as many other services. The recipient will start receiving right away rather than having to wait for you to finish uploading.

Now, Blip might seem like magic, but it can’t break the laws of physics! Performance will be affected by the upload speed of the sender’s internet plan and the download speed of the recipient’s internet plan.

We built “LAN direct connect” into Blip to boost speeds when both devices are connected to the same network, e.g. between devices in the same building on the same Wi-Fi network. These transfers will be unconstrained by your internet plan.

Is Blip Safe?
Blip is designed with security in mind.

Files are sent directly to the person you choose, without being uploaded to a public website where anyone with the link can get to them.

Files are also encrypted in-transit with latest TLS 1.3 protocol, to protect your sharing from nosy neighbours.