https://news.sophos.com/en-us/2019/12/09/snatch-ransomware-reboots-pcs-into-safe-mode-to-bypass-protection/

Abstract: If you execute malware with an administrative user, your data is almost lost - but alas, there is still windows defender, which, with its tamper protection cannot be deactivated without manual interaction by the admin himself. But what about safe mode? If the ransomware can modify the boot options, it can restart the machine to safe mode and defender is off, there.

Now for my 2 cents: safe mode cannot be reached without suspending bitlocker, first. So why would Microsoft not add a tamper protection to bitlocker as well? That's worth considering, Microsoft!

Intel Creates Cryogenic Control Chip for Commercial Quantum Computers

https://www.tomshardware.com/news/intel-creates-cryogenic-control-chip-for-commercial-quantum-computers

https://www.gruppenrichtlinien.de/artikel/active-directory-security-breach-15-zeichen-kennwortrichtlinie-nicht-moeglich/ (german article - use browser translation features if needed)
Now ain't that cute: Microsoft has done it again. Possibly, they have never tested if their domain password policy even works with more than 14 characters set as minimal password length...because it doesn't.

This would have possibly made it into my top 5 if I had known that at the time of writing 5-crazy-windows-security-problems-that-are-homemade