-
Posts
-
By hellowalkman · Posted
Microsoft: Windows 11 KB5094126, KB5093998 finally stops trusting a critical system threat by Sayan Sen This week Microsoft released the Patch Tuesday updates for June 2026 with KB5094126 on Windows 11 25H2, 24H2, and KB5093998 on Windows 11 23H2. On Windows 10 22H2 it's under KB5094127. Alongside the announced release notes for the new builds, Microsoft has revealed another change that is coming to Windows with these new releases. It has been confirmed that custom folders are getting a significant change with the June 2026 updates as such folders or folder names defined by desktop.ini will no longer appear after this update is successfully installed. While you may inititally think this is a bug with the new release, Microsoft has stated that this is in fact "expected behaviour" in its new support article regarding this which Neowin spotted today while browsing. Essentially it's a security hardening measure such that custom folder presentations are treated as potentially unsafe whenever Windows is not sure about their origin and whether that desktop.ini folder can be trusted or not. Here is list of such untrusted files and folders: Files downloaded from the internet that carry Mark-of-the-Web (MOTW). Files copied from certain remote locations, such as some WebDAV or HTTP-based locations. Files on network paths that are not classified as intranet or trusted by zone policy. For those who may not be familiar, Desktop.ini is a special configuration file used by Windows to customize the appearance and behavior of individual folders. Basically Windows can read specific instructions stored in Desktop.ini instead of displaying every folder with the same default settings. This can be used to apply custom icons, thumbnail images, localized folder names, and such informational tooltips (infotip). The file can also influence certain folder-specific behaviors and properties. It is typically stored as a hidden system file within a folder that has been designated to support Desktop.ini customization. However, because Windows Shell automatically reads and applies these attributes whenever a customized folder is opened, they have historically (since the Windows XP days) presented an attack surface as a result of an unchecked buffer in the Shell component responsible for extracting custom attributes from Desktop.ini files. As such an attacker could create a specially crafted Desktop.ini containing a malicious or corrupted attributes and place it on a network share. So if a user were to browse that folder, Windows would automatically process the file, potentially triggering a buffer overflow. This could allow arbitrary code to run with the same permissions as the logged-in user. Hence a seemingly harmless folder could become a security risk when their contents are not properly validated. For admins and users alike looking to manage this behaviour, Microsoft has shared a few ways. One of them is to assign a trusted mark on the folder in case you are sure of its source. Secondly a policy can be used to revert back to the previous state. Finally, the MOTW can be removed too to indicate to Windows that this is a safe file. The company explains: Option 1: Add the source to Trusted Sites (Recommended) If the affected content is stored on a known internal or managed source, add that source to the Trusted Sites list. Once the source is treated as trusted, Windows processes desktop.ini from that source normally. This keeps the protection in place for other locations and is the lower-risk option. Option 2: Use policy to restore previous behavior Organizations that need broader compatibility can enable the policy Allow the use of remote paths in file shortcut icons.Enabling this policy restores the pre-June 2026 behavior for affected remote or untrusted scenarios. Option 3: Check for and remove the Mark of the Web (MotW) If the desktop.ini file has a Mark of the Web (MotW), Windows may treat it as coming from an untrusted source and block customization. Verify whether MotW is present and, if appropriate, remove it from the desktop.ini file. This can restore expected behavior, but should only be done for trusted content, as it removes the associated security protection. To remove the MotW tag, open PowerShell and run one of the following commands: For a single desktop.ini file: Unblock-File "C:\Your\Folder\Path\desktop.ini" For all desktop.ini files in a folder: Get-ChildItem "C:\Your\Folder\Path" -Recurse -Filter desktop.ini -Force | Unblock-File Microsoft has warned though against using a broad opt-out using the provided policy as it reduces protection against potentially malicious remote folder-customization content. As such the tech giant recommends trusting only controlled internal sources and keeping trust settings as strict as possible. You can check out the official support article here on Microsoft's website. -
By Copernic · Posted
LAV Filters 0.82.0 by Razvan Serea LAVFSplitter is a multi-format media splitter that uses libavformat (the demuxing library from ffmpeg) to demux all sorts of media files. LAV Splitter is a Souce Filter/Splitter required to demux the files into their separate elementary streams. LAV Audio and Video Decoder are powerful decoders with a focus on quality and performance, without any compromises. Supported Formats: MKV/WebM, AVI, MP4/MOV, MPEG-TS/PS (including basic EVO support), FLV, OGG, and many more that are supported by ffmpeg! LAV Filters are based on ffmpeg and libbluray and is aimed to offer a all-around solution to perfect playback of file-based Media as well as Blu-rays. LAV Filters 0.82.0 changelog: LAV Splitter NEW: Support for demuxing Dolby Vision Enhancement Layer streams NEW: Support for Animated WebP images Changed: When demuxing Blu-ray discs, Dolby Vision metadata is available on the primary video stream LAV Video NEW: Support for Animated WebP images Changed: Hardware decoding support for DVDs has been removed Download: LAV Filters 0.82.0 | 15.5 MB (Open Source) View: LAV Filters Website | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware -
By hellowalkman · Posted
what was the right topic? -
By davesickofenshittification · Posted
the very thing im sick of :-) -
.thumb.jpg.97db76d73f0f840ec31db7c170de109d.jpg)
By monterxz · Posted
For some reason when EU forced Microsoft to allow users to change the default browser and search provider in Windows (also no ads for Office and the likes) - it was good. But when it comes to Apple - then it's bad. BTW, Apple would have gone out of business if Microsoft wasn't pressed by US government several decades ago. 😉
-
-
Recent Achievements
-
Sopa flores earned a badge
One Month Later
-
StaticMatrix earned a badge
First Post
-
StaticMatrix earned a badge
Week One Done
-
lamborghiniv10 went up a rank
Rookie
-
pinnclepd earned a badge
One Month Later
-
-
Popular Contributors
-
Tell a friend
.thumb.jpg.97db76d73f0f840ec31db7c170de109d.jpg)
.thumb.png.b7089ebbdf00d96b3b92dddbd04bac02.png)
Recommended Posts