Ken's Korner Newsletter Logo August 2023
News from Microsoft

Recently Microsoft “leaked” the StagingTool used to unlock new features in Windows 11.

On August 2, 2023, Microsoft posted instructions for its Bug Bash program. This is something that Microsoft puts out for the Insiders. They are some of the developers and other Windows junkies. Their task is to check for bugs in the latest Windows build before Microsoft releases it to the public. These testers get various rewards plus a look ahead at what is coming. Microsoft gets a lot of beta testing at a very low cost. It’s a good deal for both sides.

Always think about security.

This time, much to the surprise of the debuggers and the rest of us, Microsoft “accidentally” included a link to one of their internal testing tools. Reportedly they wanted users in China to test a new passwordless sign-in feature. To do this they offered instructions on downloading and using the StagingTool.

The fact that Microsoft includes many hidden features in a disabled state in each release of Windows is nothing new. Sometimes they are activated in subsequent updates. Hackers, developers and other Windows power users do find some of them from time to time using third party tools like ViVeTool. But the StagingTool is from Microsoft’s internal research, and it has capabilities way beyond what the third-party apps have.

I have a strong suspicion that this “leak” was not entirely accidental. Which is why I put that in quotes. The potential downside for Microsoft is small. Sure, the Windows junkies gain access to a valuable tool. But those people already have a collection of tools. Now they have a better one. They will now be more efficient and better equipped to dig into the insider preview versions of Windows looking for bugs. That is a win for Microsoft.

The rest of the public has no use for this tool and doesn’t really care enough to bother getting it even though it is free to download. Could the bad guys get it too? Sure, but they also have their tool kits already. This one doesn’t really increase their ability to create improved malware or gain access to other systems. So, this isn’t a big win for bad guys.

The Microsoft leak was a big story for many news cycles and the computer world is buzzing with stories about Microsoft and the StagingTool. Another win for the software giant. Would it be a big surprise to learn, somewhere down the road, that this “leak” was not an accident? Not to me. What do you think?

The links to the Staging Tool were removed from public view within twenty-four hours. But that was enough time for the Windows Insiders people to download and distribute the program. They are currently exploring everything it can do.

See nothing, say nothing, hear nothing.

If you want to try your hand at finding some of the hidden gems in Windows 11 there are several Windows groups and forums that have the StagingTool available for download. You will have to become a Windows Insider but that is a relatively easy thing to do. Remember to exercise the usual caution when downloading executable files from the Internet.

StagingTool.exe is rather straight forward as engineering tools go. Its command line interface allows you to lock or unlock various features in Insider builds. Since it comes from Microsoft it is a little less risky than some of the other tools. Still, if you decide to try it out for yourself proceed with caution. I would recommend that you use a computer that you can easily re-image if something goes wrong.

If you do decide to experiment with the StagingTool here are a few links that have information and instructions.

From The Bleeping Computer:
How to enable hidden Windows 11 features with Microsoft StagingTool.

From PCWorld
How to use Microsoft’s secret staging tool to unlock new Windows 11 features

From MSpoweruser
How to use Staging Tool to discover Windows 11’s secret features

From Github
The list of Features IDs
Download link for StagingTool

While other places online also have StagingTool available for download. Github is one of the safest places to download stuff from. Still, you should be careful. Make sure to follow all the normal precautions to protect yourself against malware.

If you know someone that you think would enjoy this newsletter, share it with them and ask them to join using the link at the bottom of the page.


And remember — always back it up!



Go back to the top

To get the Ken's Korner Newsletter delivered to your Inbox CLICK HERE