lock the pinned folders in Quick Access
Hello, I would like to lock the pinned folders in Quick Access in Windows 11 so they can only be clicked. Right now, if a pin is accidentally dragged, Windows sometimes creates a duplicate of the folder. I still want to: Open the folder normally Copy or move files inside the folder Pin or unpin folders intentionally Could you advise if there is a way to prevent dragging or copying of pinned folders in Quick Access without affecting folder functionality? Thank you.
Internal RDP vs Self-Hosted RustDesk
Hi everyone, I am looking for some guidance and real-world experiences around choosing the best approach for remote access in a Windows environment. Right now, we are considering two main options: - Continue using Microsoft Remote Desktop Protocol (RDP), but strictly for internal use only (no direct exposure to the public internet). - Deploy a self-hosted instance of RustDesk as an alternative or complement to RDP for remote access and remote support. Our main concern is security. RDP has historically been a common attack vector, especially when exposed externally or misconfigured, and we want to avoid introducing unnecessary risk to our endpoints. Even if we restrict RDP to internal networks or VPN-only access, we are still cautious about potential vulnerabilities, credential theft, lateral movement, and abuse of remote access. What we are trying to understand better is: 1. In environments where RDP is used only inside the LAN or over VPN (no open RDP from the internet), what are the recommended hardening practices and controls you would consider mandatory today? Examples might include: Network Level Authentication (NLA), strong account policies, just-in-time access, firewall restrictions, RDP Gateway, MFA, monitoring/logging, etc. 2. From a security and operational perspective, is it generally considered acceptable to keep RDP enabled only for internal administrative tasks, while avoiding using RDP for end-user remote support scenarios? 3. For those who have deployed self-hosted RustDesk (or similar remote support tools) in a Windows/Active Directory environment, how has it compared to RDP in terms of: - Security model (encryption, authentication, access control, exposure to the internet) - Ease of deployment and maintenance - User experience and performance - Logging, auditing, and integration with existing security monitoring 4. Are there any best practices or architectural patterns you would recommend when combining these approaches? For example: - Keeping RDP only on jump servers / bastion hosts inside the network - Using RustDesk (self-hosted) for remote support and helpdesk use cases - Enforcing least privilege, MFA, and strong authentication for all remote access paths - Segmentation and limiting which machines are even allowed to receive RDP connections 5. Have you encountered any specific security pitfalls, misconfigurations, or "gotchas" when relying on RDP internally or when rolling out RustDesk self-hosted that we should be aware of before committing to a design? Our goal is to design a remote access strategy that: - Minimizes attack surface and reduces the likelihood of compromise via remote access. - Separates administrative access from end-user remote support where it makes sense. - Remains manageable for a small IT/security team in terms of configuration, patching, and monitoring. If you have any references to Microsoft documentation, hardening guides, or community best practices for RDP (especially internal-only scenarios), as well as any detailed write-ups or lessons learned from using RustDesk self-hosted in production, those would be extremely helpful. Thank you in advance for any guidance, recommendations, or examples you can share. Best regards, JuanDESIGNER only mkes 1 design not 4
I use ms ai image designer to make images and i makew ai videos ,, but for a week now it only makes 1 image not 4,, and it doesnt follow the propsat as per usual,. and it makes images in 3:2 not 16:9. I updateed my subscription for this tool and depend onm it.. SO please help me fix this
How can I easily install pending Windows updates on my PC?
Call 1-855-535-7109. To install pending Windows updates easily on your Windows PC, follow these steps: Open Windows Settings: Press Windows + I to quickly open the Settings menu. Go to Update & Security: In the Settings window, select Update & Security. Check for Updates: Under the Windows Update section, click Check for updates. Windows will search for any pending updates. Install Updates: If updates are available, click on Install to begin the installation process. Windows will automatically download and install the updates. Restart Your Computer: After updates are installed, a restart may be required. Windows will prompt you to restart, or you can manually restart your PC. Use Windows Update Troubleshooter (if issues occur): If updates aren’t installing properly, try using the Windows Update Troubleshooter. Go to Settings > Update & Security > Troubleshoot > Additional troubleshooters, then select Windows Update and run the troubleshooter.
Windows needs a dedicated AI settings section with per‑app toggles
Hello Microsoft team. I have this idea about the AI stuff thats getting added to Windows lately. Like in Notepad and Paint, Photos too, even File Explorer. It seems like theres no one spot to handle all that. People who want to keep things running smooth or save on RAM end up frustrated because they cant just turn it off easily. I think thats a problem especially for older computers or ones with not much memory. What if there was a special AI section in the Settings app. You know, with a switch to enable or disable everything at once or maybe toggles for each app separately, like for Notepad, paint or Search in the system. And options to stop those background AI things from running all the time. And a mode focused on performance that cuts down on CPU and RAM when you turn AI off. That would make a difference I bet. Users get more say in what happens, and the system feels more stable. It helps with trust too, since not everyone wants AI popping up everywhere. Many users want basic lightweight Windows, without all the extras AI features. This part gets a bit messy to explain, but yeah, it would let people choose. Thanks for looking at this.😊
M Service Failed to Start
Hi, I'm getting the following error which seems to be causing my PC to freeze and it can only be unfrozen by powering off/on: 'The M service failed to start due to the following error: The system cannot find the file specified.' Using the registry editor I found the following: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\M I noticed that the ImagePath data is set to C Can anyone shed any light on what the M service is and how to rectify this? Regards, RichUrgent: Stop the "Security Theater." UAC Needs Parent Process Visibility NOW.
Subject: Urgent: Stop the "Security Theater." UAC Needs Parent Process Visibility NOW. To the Windows Shell & Security Team, I am writing to demand a critical rectification in the User Account Control (UAC) design. The current implementation of UAC is not just outdated; it is fundamentally broken and fosters dangerous user habits due to a lack of transparency. The Core Problem: Context is Everything Your current design only answers "WHAT is running" (e.g., cmd.exe executing netsh winsock reset), but it deliberately hides "WHO requested it." This obfuscation renders the security prompt useless. Let me give you a simple analogy: If someone tells me to "Go home" at night, my reaction depends entirely on the speaker. If it is my father, it is an instruction of care. If it is a stranger in the shadows, it is a threat. Right now, Windows is that stranger in the dark. It throws a command in my face without identifying the source. When a generic system process requests high privileges, how is a user supposed to distinguish between a legitimate driver update and a malicious script? The "Safety" Excuse is Invalid Do not hide behind the excuse that "Parent Process ID (PPID) can be spoofed." Even a potentially spoofable path is infinitely better than a complete blindfold. By hiding the call stack, you are forcing users to play Russian Roulette with their "Yes/No" buttons. You Are Training Users to Be Vulnerable Because you refuse to provide the "Source" context, users have learned that they cannot verify the prompt. Consequently, they are conditioned to blindly click "Yes" just to make the annoying window go away. This is Security Theater at its worst. You are not protecting the user; you are confusing them. The Demand We are in 2026. The technical barrier to displaying the "Initiating Process" in the UAC dialog is non-existent. 1. Show the Parent Process: Display clearly which application triggered the UAC request (e.g., "Initiated by: Steam.exe"). 2. Show the Hierarchy: Give advanced users the option to expand the process tree right there in the dialog. Stop being lazy. Stop assuming users do not need to know. Give us the information we need to make actual security decisions. Disappointed and Expecting Change, A Windows User who refuses to click "Yes" blindly.Save the date: Windows Office Hours - February 19, 2026
Join us for our upcoming Windows Office Hours on February 19, from 8:00–9:00 AM PT! A wide range of product experts, servicing specialists, and engineers from across Windows, Microsoft Intune, Configuration Manager, Windows 365, Windows Autopilot, security, public sector, FastTrack, and more will be online and ready to help. They’ll be in the chat to offer guidance, explore best practices, and answer any questions you bring. Want to learn more about how Windows Office Hours works? Visit the Windows IT Pro Blog for a full overview. If you’re unable to join live at 8:00 AM PT, you can still participate—just post your questions on the Windows Office Hours: February 19th event page up to two days beforehand.
