When Microsoft introduced the two-tier context menu of Windows 11 it claimed that one reason for the change was to streamline the context menu of the operating system. This did not turn out too well, considering that users juggle between the new and the classic menu regularly since the release of Windows 11.
Apps may still add entries to the Windows context menu and since there is no central editor to manage all entries, it is either done through the app itself — if it offers such an option — or the Registry Editor.
Windows 11 Context Menu Manager is a free open source tool that offers another option. It focuses on items added by apps and not the Microsoft entries.
When you launch it, you see all context menu items in a list. The default scenario is to remove them for the user. You can also remove them machine-wide, but that requires running the app with elevated rights.
Each entry is listed with its name and some information. To be honest, this is not super useful, but it becomes useful when you expand the entry. There, you find information about file types.
To give you one example. The program listed two entries for Adobe Acrobat Reader. One was for PDF files, the other for any other file type that Acrobat Reader supported.
Even this advanced view is limited. The seven OneDrive entries did not reveal any information about their purpose when I expanded them. They were labeled command0, command1 and so on, and listed a wildcard under file and no directory.
With that in mind, you get an option to toggle the items off or on again. Other actions become available when you expand an item. There you find options to uninstall, open the file location, the settings of the app, or the Microsoft Store.
With those caveats, it is still a handy tool to hide certain items from the Windows 11 context menu, especially if the app does not provide options to do so in its preferences. (via Deskmodder)
If March 2026 was a marathon of infrastructure updates, April is a massive avalanche of patches.
Microsoft’s fourth Patch Tuesday of 2026 has arrived, addressing a massive 165 vulnerabilities in total. The sheer volume demands attention. It contains two 0-day vulnerabilities — one of which is actively exploited in the wild — and eight critical flaws affecting a wide range of products, including Office, SharePoint, Microsoft Defender, and Azure.
Here is the breakdown of what you need to know, what to patch first, and what might break.
The April 2026 Patch Day overview
Executive Summary
Release Date: April 14, 2026
Total Vulnerabilities: 165
Critical Vulnerabilities: 8
Zero-Days: 2 (SharePoint [Actively Exploited], Microsoft Defender [Publicly Disclosed])
Key Action Item: Administrators must prioritize patching internet-facing SharePoint servers due to the actively exploited spoofing zero-day. Simultaneously, network infrastructure and Active Directory components need immediate updates to mitigate several highly critical Remote Code Execution vulnerabilities.
Important Patches
CVE-2026-32201 — Microsoft Office SharePoint Spoofing Vulnerability
CVE-2026-33825 — Microsoft Defender Elevation of Privilege Vulnerability
CVE-2026-33824 — Windows Internet Key Exchange (IKE) Extension Remote Code Execution Vulnerability
CVE-2026-33827 — Windows TCP/IP Remote Code Execution Vulnerability
CVE-2026-33826 — Windows Active Directory Remote Code Execution Vulnerability
Security updates addressing OS-level RCEs in TCP/IP, IKE, and Active Directory components. Also resolves numerous Elevation of Privilege (EoP) flaws across Windows Kernel, Boot Loader, and BitLocker.
Microsoft SharePoint Server
Patches for SharePoint 2016, 2019, and Subscription Edition to address the actively exploited CVE-2026-32201 spoofing flaw.
Microsoft Office
Security updates addressing multiple Critical Use-After-Free and Untrusted Pointer Dereference vulnerabilities resulting in local code execution
Deep Dive: The Critical Vulnerabilities
Microsoft confirmed that it patched two 0-day vulnerabilities this Patch Day and several critical remote code execution flaws.
This actively exploited zero-day allows an unauthorized attacker to perform spoofing over a network due to improper input validation in Microsoft Office SharePoint. An attacker who successfully exploits this can view sensitive information and make changes to disclosed information.
CVE-2026-33825 (Microsoft Defender Elevation of Privilege Vulnerability)
A publicly disclosed zero-day flaw in Microsoft Defender that allows privilege escalation to SYSTEM privileges. Microsoft has addressed the flaw in the Microsoft Defender Antimalware Platform update version 4.18.26050.3011, which should be downloaded to (most) systems automatically.
CVE-2026-33824 (Windows Internet Key Exchange (IKE) Extension RCE)
A critical double-free vulnerability in the Windows IKE extension. An unauthenticated attacker can send specially crafted packets to a Windows machine with IKE version 2 enabled to potentially achieve remote code execution. If IKE is not in use, blocking inbound traffic on UDP ports 500 and 4500 acts as a mitigation.
A critical race condition vulnerability in Windows TCP/IP that can result in remote code execution. An unauthenticated actor can send specially crafted IPv6 packets to a Windows node where IPSec is enabled to potentially achieve RCE.
CVE-2026-33826 (Windows Active Directory Remote Code Execution)
A critical improper input validation flaw in Windows Active Directory. It allows an authenticated attacker to execute code over an adjacent network.
If you’ve ever felt completely lost in the web of Windows testing tiers or frustrated by slow A/B feature rollouts, relief may finally have arrived.
Microsoft announced a big overhaul of the Windows Insider Program this week designed to simplify how users test development builds of the operating system.
The company is cutting down the channel list to just two primary ones — Beta and Experimental — and is finally changing how experimental features land on test systems.
Here is a breakdown of the major changes:
Two Streamlined Channels: The previously confusing multi-tier system is being condensed into just two primary tracks: Experimental (which replaces the Dev and Canary channels) and Beta (for features that are closer to being ready for the public).
The End of A/B Testing: Microsoft is officially dropping its Controlled Feature Rollout (CFR) system for Beta channel participants. This means no more waiting in the dark while other testers randomly receive new features before you do.
Manual Feature Flags: You are finally getting direct control over your testing experience. Moving forward, Insiders can manually toggle new features on or off directly within Windows Settings as soon as they are documented in the changelogs.
No More “Clean Install” Trap: Historically, leaving the Insider program or dropping down to a more stable channel often required a complete, data-wiping OS reinstall. Microsoft is fixing this by allowing in-place upgrades (IPU), meaning you can transition channels or exit the program while keeping your files and apps intact.
Clearer Communication: Release notes and documentation will be much more explicit about who features are for and which channel they belong to, giving IT admins, developers, and enthusiasts a much more transparent roadmap of what to expect.
From a testing perspective, Microsoft is launching several improvements. First, Beta users get access to features directly. No more waiting or using of third-party tools like ViVeTool to enable them.
Second, users in the experimental channel get options to turn certain features on, if they are not already enabled.
Third, switching between channels should get easier and less cumbersome.
Last but not least, more documentation is always welcome, as Microsoft’s attempts have been lackluster at best until now.
While the announcement may instill hope in Windows testers who have been disappointed by Microsoft so far, it is clear that Microsoft has to deliver. If the company does, it could improve its Windows Insider program significantly in the process.
VeraCrypt is a popular cross-platform encryption software that is available for Windows, Linux and macOS. It is one of the successors of TrueCrypt and can be used to encrypt hard drives, including system drives, and to create data containers on drive that are encrypted.
The developer of the application, Mounir Idrassi, published a project update on Sourceforge a few days ago. There, he explained why the project had been silent for the past few months.
According to his description, Microsoft terminated the account that he used to sign Windows drivers and the bootloader. This affects the Windows version of the encryption software, as updates can’t be signed anymore because of this. The Linux and macOS versions of the software are not affected by this.
To make matters worse, a screenshot with a message by Microsoft suggests that an appeal is not available. It is unclear what that means for the project. While a solution may be found eventually, likely through enough outside pressure to get a Microsoft representative to look at the case, it is certainly problematic when a company that operates its own encryption software — Microsoft with BitLocker — is blocking a competitor from releasing updates for his.
The next Windows Patch Day is just a week away and it is unclear whether it will include a fix for a recently disclosed 0-day vulnerability.
The new security vulnerability has been disclosed on GitHub, including proof of concept code to exploit the issue. However, there is no explanation how the issue works.
Well-known security researcher Will Dormann commented on the issue and confirmed that it is working. He admitted that it “may not be 100%” reliable though. It seems that frustration with MSRC, the Microsoft Security Research Center, and how it operates, was the reason for the public disclosure of the vulnerability. Whether that is true or not can’t be verified though.
So, what do we know about the vulnerability so far?
What it is: “BlueHammer” is an unpatched zero-day Local Privilege Escalation (LPE) vulnerability affecting Microsoft Windows.
Impact: It allows a local attacker with limited, low-level user access to escalate their permissions to SYSTEM or elevated administrator rights. This effectively grants the attacker full control over the compromised machine.
Current Status: Microsoft has not yet released an official patch or mitigation, making it a true zero-day.
Security experts (such as Will Dormann) describe it as a flaw that combines a TOCTOU (Time-of-Check to Time-of-Use) vulnerability with path confusion. At a high level, it appears to weaponize Windows Defender-related interfaces (the leaked source code contains files like windefend.idl and windefend_c.c). By bypassing the system’s original validation, a local attacker can gain access to the Security Account Manager (SAM) database, which stores local account password hashes, ultimately allowing them to spawn SYSTEM-level shells.
Good news is that the flaw is a local privilege escalation, which means that attackers can’t exploit it to hack into Windows PCs remotely. However, if they were to gain access to a Windows system, they could use it to expand access or even take over a system completely.
File archives serve plenty of purposes. They compress one or multiple files and folders and make them available as a single file; ideal for distribution and storage.
Many backup tools, for instance, support compressing backups to save storage space.
But how do you ensure that the archives are not corrupt? There are several options, including generating hashes and running verifiers.
However, if you have not created hashes in first place or find this too time consuming or unmanageable, you could test the archives directly using archivers.
PeaZip is an open source archiver for several operating systems. Version 11.0 was released recently and it includes a batch testing option.
Throw any number of support archive formats at the app and it will check each archive. It does so automatically and the only exception to that is when it encounters a password protected archive, as it will prompt for the password in that case.
You get a full list of results in the end that you can go through to find any archives that are damaged.
PeaZip supports all major archive formats. To name a few: ZIP, 7z, BR, TAR, ZipX, RAR, APK, CAB, ISO, and ACE.
Here is how you run the test:
Download and install the latest version of the archiver. You can download a portable version or use winget install -e peazip to install it from the command line.
Open the application and use the file manager to navigate to the folder with the archives that you want to test.
Select them all, for instance by holding down Ctrl and left-clicking on each archive, using Ctrl-A, or right-clicking and picking “select all” from the context menu.
Right-click on the selection and select More > Test to start the verification process.
PeaZip tests one archive after another, displaying results in a separate window. You could move all archives into a single folder to make this operation easier, or switch folders to continue testing archives.
All in all, this is a straightforward option to batch test archives on Windows (or any other of the supported operating systems).
One of the most frustrating experiences as a Windows Insider is the Controlled Rollout feature in my experience. You sign up to beta test Windows 11 versions and instead of getting all features ready for testing, Microsoft is limiting access to new features.
While you can enable the features with the ViVeTool, doing so requires more steps and is not super comfortable. Still, it is the only reliable option to enable features that are on “roll out” immediately on a Windows 11 system.
Serial leaker Phantom of Earth discovered a hidden feature in recent Insider builds of Windows 11 that should make things easier for users.
Microsoft is FINALLY adding a "Feature Flags" page to Windows Insider settings that will let you manually toggle new features on or off without needing to use vivetool or suffering through CFR! (Hidden bits in 26300.8155, not enabled yet) pic.twitter.com/YiP4acx0Nu
Microsoft is apparently working on integrating its own “ViVeTool-like” interface in the Settings. This means that testers can enable certain features, that are on rollout, directly there.
The full functionality is unknown at this point. Will all features be listed there or only handpicked ones by Microsoft? We do not know at this point. There is also the chance that Microsoft is having a change of heart at one point.
Also, it appears that the change targets Insider versions only and not stable builds. Stable Windows 11 users who want to enable some features directly will therefore still have to use the ViVeTool to do so.
If done right, it could improve testing certain Windows 11 features and changes for many testers.
A new team at Microsoft plans to release 100 percent native apps for the Windows operating system. Announced by Rudy Huyn on X, the focus of the apps is a meaningful user experience.
I’m building a new team to work on Windows apps! You don’t need prior experience with the platform, what matters most is strong product thinking and a deep focus on the customer.⁰⁰If you’ve built great apps on any platform and care about crafting meaningful user experiences,…
Hyun does not mention whether the team will work on making existing apps 100 percent native or if it will work on new apps that may ship with the operating system at one point in time.
The development is a major shift from Microsoft’s recent heavy reliance on web-based wrappers and Progressive Web Apps (PWAs).
Here is why this is important:
For years, Microsoft has favored web-based apps over native code. These apps are often seen as slow, memory-hungry, and less-optimized than native apps.
It is another confirmation that Microsoft is trying to steer the wheel around. Apps are fundamental and attempts to make them better could improve the perception of the operating system.
Focus on quality. Hyun mentions that he is looking for developers with “strong product thinking”, regardless of platform that they have experience on. This could be an indicator that Microsoft might work on polishing the user experience.
While little is know about the project, apart from what Huyn mentioned on X, it could be another puzzle piece of Microsoft’s redemption attempt.
Since the information is scarce, pretty much everything surrounding this new project is unknown, including when we can expect the first releases and whether these will replace existing apps that may not be 100 percent native or be entirely new apps.
The distribution of KB5079391, released on March 26, had to be halted by Microsoft to investigate an installation error.
The company writes:
Some devices might encounter the following error while installing this update:
“Some update files are missing or have problems. We’ll try to download the update again later. Error code: (0x80073712)”
The availability of the optional update for Windows 11 has been limited by Microsoft as a consequence to investigate the underlying cause. Microsoft says that it will provide information about the issue once it has discovered the root cause of the error message.
Beta updates
The issue highlights the fragile nature of the operating system. Optional updates, which are beta releases of the following month’s cumulative update, should not be installed by the majority of Windows users.
In fact, there are only a few exceptions to the rule:
Major issues: When a major issue is fixed that affects users significantly.
Testing: When new features need to be evaluated.
Other than that, it is usually better to wait for the release of the cumulative updates, as these are the releases that are considered more stable. However, here, I also advice to wait with the installation, as bugs and issues are common and may affect operations.
In any event, creating a system backup before installing any updates is highly recocmmended.
Another Chromium-based web browser? Samsung has just released the first stable version of its browser for Windows after it launched in Beta in January 2026. The new browser shares the engine with Google Chrome and other Chromium-based browsers, which means that you can expect a similar performance and compatibility.
Samsung’s main intention with the browser is to provide Galaxy-users with a seamless experience between their mobiles and desktop PCs that run Windows. This includes syncing data such as bookmarks or the browsing history between all linked devices, and integrating the password manager Samsung Pass.
It should not come as a surprise that these features need a Samsung account to function at all. However, at the time of writing, the features are limited to the company’s own Galaxy Books series of laptops. More precisely, Galaxy Books 3 to 6 are supported for now. This limits the reach severely.
Samsung has partnered up with Perplexity to drive AI features in the browser. You can expect the usual range, including natural language input for search and the browsing history, the summary of one or multiple webpages, and more.
The AI features are also limited, according to Samsung. Only users from the US and South Korea get the Perplexity-powered AI functions.
Other than that, you may enable an integrated content blocker and get some comfortable features, such as translating webpages.
Since Samsung Browser is Chromium-based, you may install compatible extensions, including from the Chrome Web Store. Installations work exactly as expected: click on the install button and accept the installation prompt to add an extension to Samsung Browser.
Who is Samsung Browser for then? The obvious answer is Samsung Galaxy customers who use one or multiple mobile devices from Samsung and also a Windows PC, preferably one of the Galaxy Books. Everyone else does not really get much out of this, as the main use case — accessing data everywhere — does not apply and because there is not really much in terms of standout features besides that.
