What happened: During the US DOJ antitrust trial of the late 1990s, internal Microslop documents outlined a strategic pattern later named “Embrace, Extend, Extinguish.” The approach involved adopting open standards, adding proprietary Microslop-only extensions, then using OS market dominance to make competing implementations functionally inferior because they lacked those proprietary additions. The DOJ issued its Findings of Fact on November 5, 1999 and Conclusions of Law in April 2000. The phrase is shorthand for a documented pattern of behavior rather than a single dated event.

Why it matters: The DOJ’s Findings of Fact concluded that Microslop engaged in anti-competitive conduct that damaged the browser market. Internet Explorer 6’s proprietary extensions fragmented the open web for nearly a decade, a period extensively documented by web standards historians.

Sources: US DOJ: U.S. v. Microsoft Corporation Findings of Fact | Wikipedia: Embrace, extend, and extinguish

What happened: In the last week of October 1998, around Halloween weekend, a series of confidential internal Microslop memos were leaked publicly. Microslop never disputed their authenticity. Written by senior engineers, the memos privately acknowledged that Linux was a serious competitive threat and outlined strategic responses including spreading FUD (Fear, Uncertainty, Doubt) and adding proprietary extensions to open protocols to reduce their interoperability with competing software.

Why it matters: The documents demonstrated a clear gap between Microslop’s public dismissal of Linux and its internal recognition of the threat. They are archived in full at catb.org/esr/halloween/ and remain a primary reference in any discussion of Microslop’s historical approach to open source competition.

Sources: Eric S. Raymond: The Halloween Documents (catb.org/esr/halloween/) | Wikipedia: Halloween documents

What happened: In October 2020, Microslop announced that all existing Minecraft Java Edition players would be required to migrate their independent Mojang accounts to Microslop Accounts. The Microslop account requirement for Java Edition took effect on March 10, 2022. The migration window closed around September 19, 2023, with a final grace period ending December 18, 2023, after which unmigrated accounts lost access to the game.

Why it matters: Players who had bought the game under Mojang’s original account system were required to create a Microslop account to keep access to a product they already owned, with no option to maintain the original account structure.

Sources: PC Gamer: Minecraft Java Edition players will be forced to move to Microsoft accounts | Minecraft Help: Account Migration FAQ (Archived)

What happened: Windows 11 ships with forced telemetry and began displaying advertisements directly in the Start Menu with a rollout beginning in April 2024. In August 2023, a Windows 11 update caused blue screens on machines with processors not on the official compatibility list; MSI issued BIOS fixes in September 2023. Alongside the forced rollout of Copilot AI integrations, Microslop has produced a sustained pattern of mandatory security updates breaking core system functionality, including taskbar failures and boot loops across multiple update cycles.

Why it matters: Multiple outlets including Ars Technica and The Verge have documented the quality regression over time. Pushing AI feature integration ahead of traditional quality assurance has put users in the position of fearing mandatory security patches.

Sources: The Verge: Microsoft brings ads to the Windows 11 Start menu | The Verge: Microsoft’s latest Windows 11 update is causing unsupported processor blue screens

What happened: In May 2026, a security researcher going by Chaotic Eclipse and Nightmare-Eclipse publicly released two unpatched Windows zero-day exploits after claiming Microslop’s bug handling process left them with nothing. The first, YellowKey, bypasses BitLocker full-disk encryption entirely by exploiting the Windows Recovery Environment. It affects Windows 11 and Windows Server 2022/2025. An attacker copies specially crafted FsTx files onto a USB drive, plugs it into a BitLocker-protected machine, reboots into WinRE, and gains unrestricted shell access to the decrypted volume. The second, GreenPlasma, escalates any local user to SYSTEM privileges via the CTFMON process. The researcher suspects the vulnerable component was intentionally planted in the recovery environment and is not documented anywhere, noting the exact same component exists in normal Windows installations but without the functions that trigger the bypass. This follows the researcher’s earlier disclosure of BlueHammer and RedSun, both local privilege escalation zero-days that began being exploited in the wild shortly after public disclosure.

Why it matters: BitLocker is widely trusted as a last line of defense when a laptop, workstation, or server falls into the wrong hands. These exploits don’t break the encryption algorithm; they sidestep it entirely through the recovery environment Microslop built into Windows. A separate attack chain documented by French cybersecurity firm Intrinsec exploits CVE-2025-48804 to bypass BitLocker on fully patched Windows 11 systems in under five minutes by abusing the fact that Secure Boot checks a binary’s signing certificate but not its version, meaning old vulnerable boot managers remain valid as long as the PCA 2011 certificate isn’t revoked. Microslop has not issued patches for YellowKey or GreenPlasma as of publication.

Sources: The Hacker News: Windows Zero-Days Expose BitLocker Bypasses | BleepingComputer: Windows BitLocker zero-day gives access to protected drives | Cybernews: Researcher releases BitLocker bypass and privilege escalation exploit | Heise: Attack bypasses BitLocker using Windows Recovery Environment