Print Security
The latest Print Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
Your Windows 11 PC might already be encrypted — here's how to avoid getting locked out
With Windows 11 24H2, Microsoft now turns on device encryption automatically during clean installs on compatible hardware. While this protects your data if the PC is lost or stolen, it also creates a single point of failure: the 48-digit recovery key. Many users don't realize they're encrypted until a firmware update or TPM glitch triggers a recovery prompt, and without that key, their files are gone forever. This guide explains how to check your encryption status, find and back up your recovery key, and test it before disaster strikes.
Microsoft’s Entra MFA Shake-Up: Your Deadline is September 2026, Not May 2027
Microsoft is deprecating the custom controls that let third-party MFA providers like Duo and Okta work with Entra ID Conditional Access. From September 30, 2026, you won't be able to add or edit those controls, and they retire completely in May 2027. Organizations must migrate to the new External MFA framework before that editing freeze, following a careful inventory, pilot, and phased rollout plan.
Key Intune Tools Land in Microsoft 365 E3/E5 on August 1, 2026 – What IT Teams Must Do Now
Microsoft will complete the rollout of Intune Suite capabilities into Microsoft 365 E3 and E5 by August 1, 2026. E3 gets Remote Help, Advanced Analytics, and Intune Plan 2; E5 adds Endpoint Privilege Management, Cloud PKI, and Enterprise Application Management. Organizations should audit current licenses, pilot new tools, and avoid canceling add-ons prematurely despite potential savings.
High-Severity 'Copy Fail' Flaw Exposes WSL2 Users to Root Attacks — Patching Steps Inside
Microsoft has disclosed a high-severity Linux kernel vulnerability, CVE-2026-31431 (Copy Fail), which allows local attackers to gain root in WSL2 environments. An exploit has already been confirmed on WSL 2.6.3, and while no official patch is available yet, users and admins must verify their WSL installations, update channels, and prepare to apply the fix as soon as it’s released.
Microsoft’s 2011 Secure Boot Certificates Are Expiring: What Windows Users and Admins Must Do Before June 2026
Microsoft's 2011 Secure Boot certificates expire in June and October 2026, requiring updates to firmware and Windows. Home users should keep Windows and firmware current; IT admins must audit devices, test updates, and plan for hardware that may need replacement. Simply enabling Secure Boot is not enough—organizations must verify new certificates are installed.
Google’s Gemini Enterprise Connector Overhaul Could Break Your Microsoft 365 Integrations – Here’s How to Prepare
Google is rolling out a Gemini Enterprise connector upgrade that forces reauthorization of existing connections, potentially disrupting Microsoft 365 and third-party integrations. IT admins need to audit connectors, prepare for permission prompts, and test workflows to avoid service outages.
Microsoft to Disable RC4 Kerberos Encryption by Mid-2026: What IT Admins Must Do Now
Microsoft announced that by the end of Q2 2026, Active Directory domain controllers will no longer treat RC4 as a default Kerberos encryption type. This article explains the timeline, the impact on organizations, and provides a step-by-step action plan for IT admins—from auditing event logs to remediating legacy accounts and applying Group Policy exceptions—ensuring a smooth transition ahead of the deadline.
Neowin’s New Winget Safety Guide: Why You Should Never Install Apps Without an Exact ID
A new guide from Neowin warns Windows 11 users that installing winget packages without exact IDs can lead to unwanted or malicious software. It recommends a three-step process: search, inspect, and install with precise identifiers to avoid security risks in the growing winget ecosystem.
Android 16 Lock-Screen Flaw Lets Anyone Send Texts via Gemini—Here's How to Block It Now
A lock-screen vulnerability in Android 16 allows anyone with physical access to a phone to send SMS messages via Google Gemini without a PIN, even when the user had revoked messaging permissions. Google is rolling out a fix, but as of July 19 there's no device-by-device confirmation, so affected users should immediately disable Gemini's lock-screen messaging features and check for unauthorized app integrations.
Microsoft Sets Hard Deadline: SMS MFA Retires in Entra ID by 2027, Passkeys Take Over
Microsoft will retire its built-in SMS and voice MFA for Entra ID on February 1, 2027, forcing organizations to move users to phishing-resistant passkeys or risk account lockouts. The change brings a two-phase rollout starting September 2026, with a hard no-opt-out deadline that requires immediate planning, piloting, and communication.
Office LTSC 2021’s Final Countdown: Plan Your Exit Before the 2026 Security Shutdown
Microsoft will end support for Office LTSC 2021, Project LTSC 2021, and Visio LTSC 2021 on October 13, 2026. After that date, no security updates or technical support will be provided, leaving users at risk. This article explains the practical impact, offers a step-by-step migration plan to Microsoft 365 Apps or Office LTSC 2024, and highlights the special considerations for Project and Visio.
The Hidden Danger in 'winget upgrade --all' That Could Break Your Company's PCs
The 'winget upgrade --all' command is popular for updating Windows apps, but it lacks a critical filter to separate apps that need administrator rights from those that don't. This flaw, tracked in GitHub issue #2706 since 2022, can cause broken installs, lost user settings, and compliance headaches on managed PCs. IT teams should replace blanket updates with a curated, tested catalog and script narrow upgrades by package ID—using WinGet as an engine, not a policy manager.
Windows 10 security updates just stopped—how to enroll in paid patches before the October 2026 cutoff
Windows 10 support ended on October 14, 2025. Here’s how consumers and businesses can enroll in paid Extended Security Updates to keep getting critical fixes, and what deadlines they face.