Despite Windows 10 losing support in October of this year, it's still the most popular version of Microsoft's operating system. Granted, the gap between the user bases of Windows 10 and Windows 11 is rapidly narrowing, with Statcounter claiming that 54.2% of Windows machines use Windows 10, compared to 42.69% for Windows 11; however, it's still large enough to be worth analyzing.

So, why do you think Windows 10 still holds onto its crown as the most used operating system in the Microsoft sphere? In my opinion, it's Windows 11's TPM 2.0 requirement that prevents people from making the upgrade. It seems Microsoft agrees, as the company has posted a lengthy discussion highlighting all the benefits TPM 2.0 can bring.

Microsoft just really wants you to upgrade to TPM 2.0 already


Source: Unsplash

As spotted by Neowin, Microsoft has recently posted a blog post covering TPM and its benefits. It's seemingly aimed at trying to convince people to make the jump and upgrade their CPU to a TPM 2.0-compatible model, which is likely a huge roadblock preventing people from making the move over to Windows 11.

Here's how Microsoft explains TPM 2.0's role in Windows 11:

Windows 11 takes security seriously, and TPM is one of its cornerstones. Here’s why it matters:

   • Protects your data: TPM can encrypt your data, making it difficult for hackers to access
      sensitive information. This is especially critical for things like personal details, financial data, and confidential files.

   • Ensures trusted software: TPM verifies the integrity of your system’s software and
      firmware. This feature, called secure boot, helps stop malicious software from launching during startup.

   • Guards against physical tampering: If someone tries to physically tamper with your
      device’s hardware, TPM can detect changes and prevent your system from booting, keeping
      your device secure from physical attacks.

   • Supports advanced security features: Many of Windows 11’s most powerful security
      features rely on TPM. These tools help keep your data safe, even if your device is lost or stolen.

The company also makes some claims about why people should use Windows 11. Microsoft never explicitly mentions it, but it does seem like they're directly comparing Windows 11 to Windows 10:

Why upgrade to Windows 11?

Windows 11 offers several benefits, many of which are powered by TPM. Here’s why upgrading makes sense:

   • Stronger security: With TPM, Windows 11 ensures the integrity of your software and
      that your data stays encrypted. This is vital in today’s world, where cyber threats are more sophisticated than ever.

   • Better user experience: Along with security, Windows 11 brings a host of new features
      designed to improve performance and usability. The updated interface, better compatibility,
      and overall smoother experience make it a worthwhile upgrade.

   • Ready for the future: Upgrading to Windows 11 ensures that your system is ready for
      future updates and security features.

Unfortunately, Microsoft has had ample time to convince people to upgrade their CPUs for Windows 11, but people aren't taking its advice as much as it'd like. As such, I don't think this blog post will be particularly effective in converting Windows 10 users to Windows 11.

The company may need to rely on Windows 10 losing support to convince people to grab a Windows 11 computer. If you're planning an upgrade to a new device, don't chuck out that old PC; instead, try these seven things you can do with your old Windows 10 PC instead of trading it in.

source

Windows 10 and 11 have plenty of ways to take screenshots, and the Snipping Tool app is by far the most convenient of them all (or PrintScreen if you need a quick screen grab). Snipping Tool saves every screenshot and screen recording on drive C by default, namely in your Pictures > Screenshots of your profile folder. If that is not okay and you want to have the Screenshot folder in another place, here is how to do that.

If your drive C has limited space or you have another reason to change the location of the default screenshot folder in Windows 10 or 11, doing it is very easy. You can select a new location from the Snipping Tool app, File Explorer itself, or the system registry if you feel a bit adventurous.

Note: This guide only applies to the default screenshot-taking app, Snipping Tool. If you use third-party apps like Snagit or ShareX, refer to their settings to change where those apps store taken screenshots by default.

How to change the default screenshot folder in Windows 10 and 11—option 1
Microsoft only recently updated the Snipping Tool app with a built-in option to change where the app stores screenshots and screen recordings. Here is how to do that.

Note: Snipping Tool settings do not affect where Windows stores screenshots taken with the Win + PrintScreen button. If you take screenshots this way and want to change the default folder, jump to option 2.

   1️⃣ Open the Snipping Tool app and click the three-dot button in the upper-right corner of the
        window. Note that you might need to resize the app for more convenience.

       

   2️⃣ Scroll down and find the "Automatically save original screenshots" option.

   3️⃣ Press the arrow-down button next to it, and you will see the "Screenshots are saved
        to" option. Click the "Change" link and specify where you want to store your
        screenshots.

       

Note that Snipping Tool stores screen recordings in another folder. If you want to change it as well, scroll further down and do the same steps for the "Automatically save original screen recordings" option.

       

Tip: You can turn on automatic screenshot and screen recording saving. In such a case, screenshots and screen recordings will be copied to your clipboard, and you will have to save them manually each time, wherever you want.

Change the default screenshot folder in Windows—option 2

This method only works for screenshots, not screen recordings. It applies to both Snipping Tool and the Win + PrintScreen shortcut.

   1️⃣ Open File Explorer and navigate to the Pictures folder in your profile. It is pinned by default to
        the nav pane. Alternatively, go to C: > Users > Your Username > Pictures. You will find the Screenshot folder there.

   2️⃣ Right-click the Screenshot folder and click Properties.

       

   3️⃣ Go to the Location tab and click Move.

       

   4️⃣ Specify the new folder for your screenshots. Upon saving, Windows will ask you whether you
        want to move existing screenshots to the new location.

Should you change your mind, repeat the same steps but click Restore Default in step 3. Windows might tell you that the folder does not exist and ask you to create it. Click Yes.

While Windows 10 and 11 do not allow you to do the same for the Screen Recordings folder, you can move the entire Video user folder to a new location. The process is the same as described above, just make sure you right-click the Videos folder (the one hosting the Screen recordings directory).

Change the default screenshot folder in Windows 10 and 11—option 3

Now, here is a method for those who do not mind getting their hands dirty, figuratively speaking. You can change the default screenshot location (this does not work for screen recordings) using the system registry.

Warning: Back up important data before messing around with the system registry. We also recommend creating a system restore point in case unexpected things happen.

   1️⃣ Create a new folder where you want to store screenshots.

   2️⃣ Press Win + R and type regedit to launch Windows Registry Editor.

   3️⃣ Paste the following into the address bar:
        Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
        \Explorer\User Shell Folders.

   4️⃣ Find the {B7BEDE81-DF94-4682-A7D8-57A52620B86F} value and double-click it

       

        Tip: If the value does not exist, click Edit > New > String Value and rename it to that long cryptic name in braces.

   5️⃣ Change the value data to the path of your new folder. For example, D:\Screenshots, and press Ok.

Note that this change will not move your existing screenshots to a new folder.

source

Google security alerts used in new Gmail hack.
dpa/picture alliance via Getty Images

Update, April 21, 2025: This story, originally published April 19, has been updated with new information regarding the sale of phishing kits and further details of structural email sender authentication protections, which were seemingly bypassed in this latest Gmail attack campaign.

Protecting your accounts and data is getting harder and more complex, despite the best efforts of security defenders. In the same week that we have seen details of Microsoft introducing strict new email authentication rules on May 5 to protect 500 million Outlook users, and the FBI warning that hackers impersonating the FBI have struck, so both these stories merge as Google confirms that Gmail users are under attack from hackers bypassing its own email authentication protections and leveraging trust in Google infrastructure to launch a dangerous and costly threat. Here’s what you need to know and do.

Beware This Gmail Security Alert — No Matter How Real It Appears

Wouldn’t it be great if account security were straightforward and easy to accomplish? When you get an email from Google, a security alert no less, that passes Google’s own email authentication protections, you’d think it was trustworthy, right? Wrong, very wrong indeed, at least for now.

An April 16 posting on the X social media platform first alerted us to the threat that exploits trust in Google’s own protections and platforms to execute a sophisticated hack attack. That post explained how the user, a software developer called Nick Johnson, had received a security alert email from Google informing them that a “subpoena was served on Google LLC requiring us to produce a copy of your Google Account content.” The emails went on to state that Johnson could examine the details or “take measures to submit a protest,” by following the included link to a Google support page. OK, so it’s a phishing email, nothing unusual about that, right? Wrong again. Not only did this threat come in an email that was validated and signed by Google itself, it was sent from a “no-reply@google.com” address, it passed the strict DomainKeys Identified Mail authentication checks that Gmail employs, and it was sorted by Gmail into “the same conversation as other, legitimate security alerts,” Johnson said.

This legitimacy is continued if you were to follow the link to the Google support page, a nefarious clone, of course, but one that is hosted on sites.google.com. Get as far as wanting to look at the documentation or upload a protest and, once again, the Google account credentials page is a perfect clone and hosted at sites.google.com, which adds the trust of the google.com domain. You’d have to be pretty clued up to notice it wasn’t the genuine accounts.google.com where such logins actually happen.

If you fall into the trap, you can wave access to your Google account goodbye, and the hackers will say hello to your Gmail account and all the data it contains.

What Is DomainKeys Identified Mail And How Does It Work With Gmail?

Google implemented a strict email bulk sender authentication compliance requirement for Gmail messages starting April 1, 2024. This was meant to prevent unscrupulous spammers from being able to send unauthenticated email that could come complete with a nefarious payload. Microsoft is about to introduce the same for Outlook.com users from May 5. This is where DomainKeys Identified Mail comes in, along with Domain-based Message Authentication, Reporting & Conformance and the Sender Policy Framework.

The DMARC, DKIM and SPF trilogy adds confidence for users that the email they are looking at is from a genuine sender and not someone impersonating a brand or domain. Or, at least, that’s the idea — this latest attack has shown, however, that attackers are clever and tend to find any chinks in the protective armor as they did with the Gmail implementation. That doesn’t mean you shouldn’t authenticate, though; you really should.

Before starting with DMARC, you need to check out SPF and DKIM.
SPF enables your mail server to determine if an email claiming to be from a specific domain is authorized by that domain admin, as per the Domain Name System record. DKIM, meanwhile, uses a text string hash value header attached to email messages, encrypted with a private key, to ensure domain spoofing is far from simple. DMARC then checks that the SPF and DKIM authentication records are a proper match and determines what happens to the email in question. This determination can be for it to land in the inbox, spam folder or get bounced back from whence it came.

When configuring your DMARC settings, it’s important to note the p= tag in the txt field as this instructs the mail server in receipt of the email whether a failure should be sent to the spam folder (p=quarantine) or bounced (p=reject).

Gmail Hackers Can Buy Phishing Kits For $25

Although this particular Gmail attack can rightly be described as being sophisticated and complex, because it employed a method of bypassing the protections already put in place by Google to prevent brand impersonation of the domains sending authenticated emails to potential victims, the same cannot be said of all phishing campaigns. Indeed, many follow a tried-and-trusted template approach and don’t require anything beyond a fundamental understanding of technology. Not all cybercriminals are elite hackers; the vast majority are quite happy taking the straightforward approach of buying a ready-made phishing kit to do the attack donkey work for them.

Adrianus Warmenhoven, a cybersecurity expert with NordVPN, has now confirmed in an email that these phishing kits are available for as little as $25, and sometimes even less, in dark web forums and Telegram groups operated by cybercriminals. “With features like drag-and-drop website builders, email templates, and even contact lists,” Warmenhoven warned, “these kits enable even the least technical attackers to carry out professional-looking scams.”

Although the precise features of any phishing kit will vary and be dependent upon the cost of the kit in question, NordVPN security experts have said that the key elements are as follows:

   • Phishing kits can contain web code for fake sites that clone real-life platforms. While some of
      these will be one-page wonders, others can include multiple pages to make the site more believable.

   • Phishing kits can contain malicious scripts that automatically transfer data sent to the cloned
      website back to a server operated by the hacker.

   • Phishing kits can contain data exfiltration tools that enable the hacker to access the data from
      the website in question.

   • Phishing kits can contain geoblockers and redirection protocols to limit traffic heading to the
      site so as to evade detection for as long as possible.

   • Phishing kits can contain drag-and-drop website builders for more advanced users to create
      customized clone sites without any web-coding experience being required.

   • Phishing kits can contain email templates, customized for the platform being targeted, to
      accompany the cloned website itself.

   • Phishing kits can contain bundled contact lists with selected email and telephone details of
      potential targets.

Warmenhoven warned that NordVPN’s research has revealed Google, Facebook and Microsoft to be the most commonly impersonated brands in phishing attacks, with 85,000 fake URLs imitating Google discovered in 2024. “Phishing kits and Phishing-as-a-Service platforms lower the barrier to entry, so we’re seeing a surge in the number and variety of attacks,” Warmenhoven said, “and that means consumers need to be more alert than ever.”

Read my recent report on one of the most evolved phishing kits, Tycoon 2FA, which is capable of bypassing Gmail 2FA protections and stealing account passwords to get a better understanding of the real-world threat such tools pose and how to mitigate them.

Google Promises To Shut Down Gmail Attack With New Update

The good news is that Google has said that it is rolling out protections to counter the specific attacks from the threat actor concerned. “These protections will soon be fully deployed,” a spokesperson said, “which will shut down this avenue for abuse.” In the meantime, Google advised users to enable 2FA protections and switch to using passkeys for Gmail to provide “strong protection against these kinds of phishing campaigns."

Explaining that the attack email leveraged an OAuth application combined with a creative DKIM workaround to bypass the types of safeguards meant to protect against this exact type of phishing attempt, Melissa Bischoping, head of security research at Tanium, warned that “while some components of this attack are new – and have been addressed by Google – attacks leveraging trusted business services and utilities are not one-off or novel incidents.”

Moving forward, Gmail users should still be alert to the danger of genuine-looking emails and alerts that purport to be from legitimate sources, even if that source is Google itself. Awareness training should evolve with the threat landscape, addressing both new and persistently effective techniques, Bischoping said. “As always,” Bischoping concluded, "robust multi-factor authentication is essential because credential theft and abuse will continue to be an attractive target.”

source

Microsoft really doesn't want customers to upgrade older PCs, but there are workarounds for many models. Here's how you can find out whether your Windows 10 PC can safely upgrade to Windows 11 - for free.


mustafaU/Getty Images

On October 14, 2025, Microsoft will stop delivering security updates to your Windows 10 PC unless you're willing to pay for a subscription to the Extended Security Updates program.

If you try to upgrade to Windows 11 on a PC that's more than five old, you'll probably encounter an error message telling you -- in no uncertain terms -- that your old PC doesn't qualify because its CPU isn't on the official list of compatible processors. Microsoft has made it abundantly clear that it will not revise those requirements. You will also hit roadblocks if your PC doesn't have a Trusted Platform Module (TPM) version 2.0.

That might be the official policy, but -- as with everything Windows-related -- it pays to read the fine print. 

Those pesky restrictions prevent you from automatically upgrading to Windows 11 using Windows Update or the Windows 11 Installation Assistant. Yet there are documented workarounds for most PCs that were originally built for Windows 10, as I document in ZDNET's Windows 11 FAQ.

Over the past two years, Microsoft has played a cat-and-mouse game with enthusiasts, adding occasional speed bumps that make it more difficult to bypass these compatibility checks. There are workarounds for most modern PCs, but some older devices, especially those built using AMD processors, might be out of luck. The instructions in this post take all those developments into account. 

The instructions in this article assume that you have a PC running a retail or OEM edition of Windows 10 (Home or Pro) and that you are signed in as an administrator on the PC you want to upgrade.

Which option should you choose?

Please don't skip over this section.

This article describes two upgrade options.

To take advantage of the workaround described in option 1 below, your computer must meet all the other requirements for Windows 11.

   • It must be configured to start up using UEFI, not a legacy BIOS configuration.

   • Secure Boot must be supported, although it does not need to be enabled. (But seriously, folks, you should enable it.)

   • A TPM must be enabled; version 1.2 is OK, but a system without any TPM or with the TPM
     disabled will fail. Any PC that was originally designed for Windows 10 should include a TPM.

To check these details on a PC you're considering upgrading, run the System Information utility, Msinfo32.exe, and look at the System Summary page. Pay special attention to the BIOS Mode value. If it says "Legacy," you'll need to reconfigure your system to UEFI mode (and convert your system disk from MBR to GPT partitioning) before you can install Windows 11 as a normal upgrade.

To see whether your PC has a TPM enabled, run the Trusted Platform Module Management tool, Tpm.msc. If your computer includes a TPM and it's turned on, this app will display information about it. If there's no TPM, or if the TPM is disabled in firmware settings, you'll see a message that says "Compatible TPM cannot be found."

If you're unable (or unwilling) to change from Legacy BIOS to UEFI, or if you have an older PC that doesn't have a TPM option at all, you'll need to use the second option, which takes advantage of an undocumented hack that allows you to bypass the compatibility checks and complete the upgrade. Skip to the "Option 2" section of this post for details on how to use the free Rufus utility to perform this upgrade.



Note that a new set of restrictions, introduced as part of the Windows 11, version 24H2 update, require a CPU that supports specific instructions -- SSE4.2 and PopCnt. That makes it impossible to upgrade to Windows 11 version 24H2 on a PC that was originally built in 2008 or earlier. Most PCs with Intel CPUs that are from 2009 or later will meet this standard. AMD CPUs from 2013 or later should also meet these requirements. For details, see "Microsoft blocked your Windows 11 upgrade? This trusty tool can (probably) fix that."

If you plan to perform a clean installation of Windows 11, you can boot from installation media and run Windows Setup. That option skips the CPU compatibility check completely (but still requires a TPM and Secure Boot support). After the installation completes, you'll need to reinstall all your apps, restore your data files, and tweak settings to personalize your system preferences.

Want to avoid all that hassle? Choose the option that's appropriate for your hardware.

Option 1: Use this simple registry edit

Bypass CPU checks and accept any TPM version with this registry edit. Please be aware that this option requires that you run the Setup program from within your current Windows installation. You can't boot from a USB flash drive and install Windows 11 this way.

This process requires four steps.



1. Change one key in the Windows registry

You need to make one small change to the Windows registry. For more than three years, this change was documented at Microsoft's support website, but the company removed those instructions in December 2024. (Here's an archived version of that support article.) This change tells the Windows 11 Setup program to skip the check for compatible CPUs and to allow installation on a PC with an older TPM (version 1.2). The usual warnings apply when working with the registry; I recommend you make a complete backup before proceeding.

Open Registry Editor (Regedit.exe) and navigate to the following key:

HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetup

If the MoSetup key, doesn't exist, you need to create it. Right-click the node for HKEY_LOCAL_MACHINE\SYSTEM\Setup in the left-hand navigation pane, then choose New > Key. Name it MoSetup and press Enter.

Select the MoSetup key and then right-click in any empty space in the pane on the right. Choose the option to create a new DWORD value. (Don't choose the QWORD option!)

Replace the default name for that key by typing the text AllowUpgradesWithUnsupportedTPMOrCPU and then press Enter. Then double-click the new value and change the "Value data" box to 1. The result should look like this:


Use this registry tweak to override the Windows 11 CPU compatibility
check. You must have a TPM (any version) and Secure Boot must be
enabled. Screenshot by Ed Bott/ZDNET

Click OK to save your change, and then restart your PC.



2. Download the Windows 11 ISO

On the PC you want to upgrade, go to the Windows 11 Download page (aka.ms/DownloadWindows11) and choose the option at the bottom of the page, "Download Windows 11 Disk Image (ISO) for x64 devices." Save the ISO file in your Downloads folder.

Note that this is a big file. Depending on the speed of your internet connection, the download could take a while.



3. Mount the ISO file in File Explorer

After the download completes, open File Explorer and double-click the ISO file you downloaded in the previous step. Doing so mounts the file as a virtual DVD drive in its own folder, with its own drive letter.



4. Run Windows Setup

In File Explorer, find the Setup.exe file in the virtual drive you opened in the previous step and double-click it to begin the upgrade. You'll see a stern warning about compatibility issues, but you can safely click Accept to move past it. (For details on what that warning message really means, see "Is Microsoft really going to cut off security updates for your 'unsupported' Windows 11 PC?") After you click OK on that dialog box, your upgrade should proceed without any serious issues.

If you're upgrading from the same edition (Home or Pro), you'll have three options: You can keep your apps, settings, and files (Full Upgrade); keep your data files but start fresh with apps and settings (Keep Data Only); or start completely fresh (Clean Install).]Is Microsoft really going to cut off security updates for your 'unsupported' Windows 11 PC?") After you click OK on that dialog box, your upgrade should proceed without any serious issues.

Option 2: Use the free Rufus utility

On older PCs without a TPM and on PCs that don't support Secure Boot, you'll need to use an undocumented hack to bypass the compatibility checker. You can do this manually by replacing the Appraiserres.dll file (in the Sources subfolder on the Windows 11 installer drive) with a zero-byte version and then making a series of registry edits. But it's simpler to use the free, open-source Rufus utility to make a USB drive that includes this file.

To get started, download Rufus version 4.6 or later. Earlier versions won't work, thanks to changes Microsoft made in October 2024 to its compatibility checking tools. For details of how the newer versions work, see "Microsoft blocked your Windows 11 upgrade? This just-released tool can get the job done." In addition, be aware that using Rufus will not allow you to bypass the new restrictions I mentioned earlier that were introduced with Windows 11 version 24H2. If you have a very old PC with a CPU that lacks support for SSE4.2 and PopCnt instructions, not even Rufus can help.

To get started, you'll need to download the Windows 11 ISO. Be sure to save it to the Downloads folder of your Windows system drive so you can find it easily. You'll also need a USB flash drive of at least 16 GB in size. You will reformat this drive as part of the process, so back up any data on that drive first -- and don't store the Windows 11 ISO here.

1. Download Rufus from the developer's site or from the Microsoft Store and run the app.   

2. Choose the USB drive and then choose the "Disk or ISO image" option.

3. Click the Select button, choose the Windows 11 ISO you downloaded earlier, and then click Start.

4. In the Windows User Experience dialog, select the first checkbox to remove hardware requirements, as shown in the screenshot below.

5. Click OK to begin creating the drive.


Be sure to choose the top checkbox here to bypass the compatibility
check for the Windows 11 upgrade. Screenshot by Ed Bott/ZDNET

After Rufus successfully creates your installer, open that USB drive in File Explorer, and double-click Setup. Do not try to upgrade by booting from that USB drive and performing a clean install; it won't work.

As is the case with the other option, you'll see a warning about compatibility issues. It's a scare tactic. (For details on what that warning message really means, see "Is Microsoft really going to cut off security updates for your 'unsupported' Windows 11 PC?") After you click Accept on that dialog box, your upgrade should proceed without any serious issues.

My ZDNET colleague Lance Whitney has more details on the other options available with Rufus in "How to install Windows 11 the way you want (and bypass Microsoft's restrictions)." 

source

Download links:

RKill - http://www.bleepingcomputer.com/download/rkill/
MalwareBytes - http://www.malwarebytes.org
HitMan Pro - http://www.bleepingcomputer.com/download/hitmanpro/
Roguekiller - http://www.bleepingcomputer.com/download/roguekiller/
Tronscript - http://www.majorgeeks.com/files/details/tron.html

source