Microsoft urges windows users to run

As Microsoft faces the challenge of transitioning users from Windows 10 to Windows 11, recent data indicates a troubling slowdown in adoption rates. Despite eight months of steady progress, a sudden shift has emerged, particularly in the U.S. market, where Windows 11’s market share fell sharply, while Windows 10 saw an unexpected uptick. According to Statcounter, while global Windows 10 market share increased slightly from 61% to 62%, in the U.S. it rose from 58% to 61%, with Windows 11 dropping from nearly 40% to below 37%.Microsoft Urges Windows 10 Users: Upgrade Now or Face RisksThis trend reversal is concerning as it suggests that Microsoft’s strategy to encourage upgrades is faltering at a crucial time. With the end-of-support for Windows 10 looming next October, the stakes are high for Microsoft to persuade its user base to switch to the more secure and modern Windows 11.Microsoft’s Extended Support Offer: A Temporary Solution?In a recent announcement, Microsoft confirmed a 12-month extended support option for Windows 10 users, effective from next October, priced at $30 per PC. This decision may offer temporary relief for users hesitant to upgrade. However, it raises questions about the long-term viability of Microsoft’s upgrade strategy. The extended support may indeed be a catalyst for some users to delay their transition, maintaining their current systems with security updates through until October 2026.400 Million PCs at Risk as Windows 11 Upgrade StallsThe Hardware Dilemma: A Barrier to UpgradeThe reluctance to upgrade to Windows 11 isn’t just about software. Approximately 400 million users are currently on hardware that does not meet the new system requirements for Windows 11, which includes TPM 2.0 for enhanced security measures. Microsoft has been clear in its communications, stating that upgrading on non-compatible hardware could end support and void warranties, positioning TPM 2.0 as a critical

What kind of scam is "Trojan:Slocker"?While investigating deceptive websites, our researchers discovered the "Trojan:Slocker" technical support scam. It warns that the visitor's device has been infected with trojan/ransomware and urges them to call the provided helpline. Note that this scheme may be preceded by the "Ransomware EXE.01092-1_Alert" pop-up.It must be stressed that the infection claims are fake, and this content is in no way associated with the Microsoft Corporation or any of its products/services."Trojan:Slocker" scam overviewThe website promoting this scam is presented as Microsoft's official website. The scheme displays multiple pop-up windows, one of which can be "Ransomware EXE.01092-1_Alert".The topmost pop-up claims that the device is infected with "Trojan:Slocker", which endangers personal and financial data. The alert urges to call "Microsoft Support" to eliminate the ransomware.As previously mentioned, all the information provided by this scam is false, and it is not associated with Microsoft or any of its products/services.The scheme is triggered by calling the fake helpline and may take place entirely over the phone. Scammers, while pretending to be "support", "Microsoft-certified technicians", etc., can trick victims into disclosing sensitive data, making monetary transactions, downloading/installing malware, etc.Most tech support scams involve cyber criminals accessing users' devices remotely. This can be facilitated through legitimate software like AnyDesk, UltraViewer, TeamViewer, or others.Threats posed by tech support scammersTech support scammers can cause various severe issues once connected to users' devices, e.g., disable/remove genuine security tools, install fake anti-viruses, extract information and/or funds, infect the system with malware (e.g., trojans, ransomware, cryptominers, etc.), and so on.Data of interest may include log-in credentials (e.g., emails, social networking/media, e-commerce, online banking, cryptowallets, etc.), personally identifiable details, and finance-related information (e.g., banking account details, credit card numbers, etc.)Cyber criminals can acquire information over the phone, deceive victims into providing it to phishing sites/files, or extract it with stealer-type malware.Furthermore, the "services" of scammers (e.g., fake malware removal, security software installation, etc.) cost exorbitant sums.Criminals use difficult-to-trace methods to obtain money, as that diminishes the chances of persecution and victims retrieving their funds; some examples include cryptocurrencies, pre-paid vouchers, gift cards, as well as cash hidden in packages and shipped. What is more, successfully scammed victims are often targeted repeatedly.In summary, by trusting a scam like "Trojan:Slocker" – users can experience system infections, data loss, severe privacy issues, financial losses, and identity theft.Should it be impossible to exit a deceptive webpage – use Windows Task Manager to end

Ransomware gangs are using the BioNTdrv.sys driver of Paragon Partition Manager to escalate privileges even on systems without the software. Windows is now blocking the vulnerable driver, and Paragon urges users to update software to the latest version.Microsoft has included Paragon Partition Manager's BioNTdrv.sys driver, versions prior to 2.0, to its Vulnerable Driver Blocklist. However, this security feature is not enabled by default on all systems. The software must be updated to continue to work.The driver was found to contain five zero-day vulnerabilities that enable attackers with local access to a computer to escalate privileges or cause a denial-of-service (DoS) scenario. The flaws affect a wide range of Paragon’s software, including Hard Disk Manager, Partition Manager, Backup & Recovery (versions 15-17), Drive Copy, Disk Wiper, and Migrate OS to SSD.Paragon develops a widely used software that helps manage computer storage drives. The affected driver was Microsoft-signed, which allowed attackers to leverage it in Bring Your Own Vulnerable Driver (BYOVD) attacks to exploit systems even if the Partition Manager was not installed.“Microsoft has observed threat actors exploiting this weakness in BYOVD ransomware attacks,” the CERT/CC, operated by Carnegie Mellon University, said in a vulnerability note. For hackers, the most valuable flaw is an insecure kernel resource access vulnerability in the latest software versions, labeled CVE-2025-0289. This flaw allows attackers to compromise the affected service. It is caused by a failure to validate a certain pointer called MappedSystemVa before using it to make a call to the firmware.The other four flaws enable attackers to write arbitrary kernel memory, execute arbitrary kernel code, and achieve privilege escalation.Paragon Software has updated Partition Manager and released a new driver, BioNTdrv.sys version 2.0.0, which addresses the flaws.The software without a new driver has stopped working and needs to be updated “in order to comply with changed Microsoft security guidelines and to exclude any security risk related to the presence of the old driver version,” Paragon said.A fixed version (2.0.0) of the BioNTdrv.sys driver which is included in new program updates (17.45.0) of all current editions of Paragon Hard Disk Manager 17. However, some older systems won’t accept the new driver.“The fixed version of the BioNTdrv.sys driver cannot be installed under Windows 7-8.1 resp. Windows Server 20008 R2-2012 due to Microsoft's driver signature policy. (But these OS aren't safe anyway.)” Paragon noted.Windows 11 has the Vulnerable Driver Blocklist enabled by default, and users should be protected from potential exploitation. However, Paragon urges them to “Improve Windows 11 security by downloading Security Update.” *{padding:0;margin:0;overflow:hidden}html,body{height:100%}img{position:absolute;width:100%;top:0;bottom:0;margin:auto}span{height:48px;width:68px;position:absolute;left:50%;top:50%;margin:-24px 0 0 -34px}#bg{fill:#212121;opacity:.8}body:hover #bg{fill:#ed1d24;opacity:1}">

Will never interact with Windows Server 2008 environment. In addition, if windows updates are running on your PC (as it is by default) then you wont need this cumulative update. After all no one wants to tinker with their machines if it working fine. But the Service Pack 3 really comes in handy if you are an administrator and have multiple operating systems on your LAN. In an office environment it is best to upgrade the XP version on workstations to sp3 release. To ensure proper functioning with servers on the network and other Vista workstations you would eventually need to install sp3. This update will be of great benefit if you are installing or re-installing XP. In this scenario let’s consider you just did a fresh install of Windows XP. Now instead of spending countless hours installing 100 or so windows updates you can take advantage of XP Service Pack 3. No more waiting for downloading and installing all the individual updates. SP3 is an all-in-one update in this case. more Brian Osborne interprets: This will be an important service pack for end users, but more importantly for enterprise customers. Enterprise customers will be able to take advantage of some of the security features of Vista without having to go through a massive deployment to introduce them. In the end, SP3 is just ensuring further longevity of Windows XP. Unknowingly, Microsoft may be giving customers yet another reason not to upgrade to Vista yet. more Gordon Kelly agrees: Unlike the teething problems in Vista’s first Service Pack … [XP SP3] is expected to be a straightforward upgrade which improves security and overall system performance. In fact, independent tests have shown productivity speed boosts by as much as 10 per cent – something Microsoft has actually tried to keep quiet so as not to harm sales of resource heavy Vista … Expect there to be the odd XP3 induced grumbles from extreme legacy hardware and software users here and there – but the feedback I have had from XP3 RC2 testers is it has been pretty much plain sailing and systems do indeed feel snappier … SP3 will become an automatic update for all XP users in a resistance-is-futile kinda way. Not that resistance should be mounted in this case … Toying with upgrading to Vista? Here’s another reason not to. more But the very wonderful Larry Seltzer urges caution: There’s no official word from Microsoft … [on] the schedule … XP SP3 adds nothing substantial for security or features; it is mostly a vast rollup of previous updates. It would therefore be a good idea not to go install it as soon as it is available, at least not

EXE C:\WINDOWS\system32\compattelrunner.exe SYSTEM No Microsoft Corporation Collects program telemetry information if opted-in to the Microsoft Customer Experience Improvement Program. Microsoft Corporation NT AUTHORITY\SYSTEM 7 0 Microsoft-Windows-DiskDiagnosticDataCollector Ready Yes 267011 Yes No No No No No No No Ignore New 0 \Microsoft\Windows\DiskDiagnostic Run EXE C:\WINDOWS\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART SYSTEM No Microsoft Corporation The Windows Disk Diagnostic reports general disk and system information to Microsoft for users participating in the Customer Experience Program. Microsoft Corporation NT AUTHORITY\SYSTEM 7 0 Microsoft-Windows-DiskDiagnosticResolver Disabled Yes 267011 Yes Logon No Yes No No No No No Parallel 0 \Microsoft\Windows\DiskDiagnostic Run EXE C:\WINDOWS\system32\DFDWiz.exe Users Yes Microsoft Corporation The Microsoft-Windows-DiskDiagnosticResolver warns users about faults reported by hard disks that support the Self Monitoring and Reporting Technology (S.M.A.R.T.) standard. This task is triggered automatically by the Diagnostic Policy Service when a S.M.A.R.T. fault is detected. Microsoft Corporation NT AUTHORITY\SYSTEM 7 0 MNO Metadata Parser Ready Yes 267011 Yes Event No No No No No No Queue 0 \Microsoft\Windows\Mobile Broadband Accounts Run EXE C:\WINDOWS\System32\MbaeParserTask.exe SYSTEM No Microsoft Mobile Broadband Account Experience Metadata Parser Microsoft Windows Mbae Parser NT AUTHORITY\SYSTEM 7 0 MobilityManager Ready Yes 267011 Yes Event No No *[System[Provider[@Name='RasClient'] and (Level=4 or Level=0) and (EventID=20281)]] No No No No Parallel 0 \Microsoft\Windows\Ras COM Handler C:\WINDOWS\system32\rasmbmgr.dll RasMobilityManager {C463A0FC-794F-4FDF-9201-01938CEACAFA} LOCAL SERVICE No Microsoft Corporation Provides support for the switching of mobility enabled VPN connections if their underlying interface goes down. NT AUTHORITY\SYSTEM 7 0 MsCtfMonitor Ready Yes 0 20/03/2019 11:23:05 Yes Logon No Yes No No No No No Parallel 0 \Microsoft\Windows\TextServicesFramework COM