|Ed Bott, reporting for ZDNet: Citing an `elevated risk for destructive cyberattacks,` Microsoft today released an assortment of security updates designed to block attacks similar to those responsible for the devastating WannaCry/WannaCrypt ransomware outbreak last month. Today`s critical security updates are in addition to the normal Patch Tuesday releases, Microsoft said. They`ll be delivered automatically through Windows Update to devices running supported versions, including Windows 10, Windows 8.1, Windows 7, and post-2008 Windows Server releases. But in an unprecedented move, Microsoft announced that it was also making the patches available simultaneously for manual download and installation on unsupported versions, including Windows XP and Windows Server 2003. The new updates can be found in the Microsoft Download Center or, alternatively, in the Update Catalog...|
|msm1267 writes: EternalBlue, the NSA-developed attack used by criminals to spread WannaCry ransomware last month, has been ported to Windows 10 by security researchers. The publicly available version of EternalBlue leaked by the ShadowBrokers targets only Windows XP and Windows 7 machines. Researchers at RiskSense who created the Windows 10 version of the attack were able to bypass mitigations introduced by Microsoft that thwart memory-based code-execution attacks. These mitigations were introduced prior to a March security update from Microsoft, MS17-010, and any computer running Windows that has yet to install the patch is vulnerable. You can read the researchers` report here (PDF), which explains what was necessary to bring the NSA exploit to Windows 10...|
|A viral Twitter rant about Windows 10 Enterprise supposedly ignoring users` privacy settings has since been clarified. `I made mistakes on my original testing and therefore saw more connections than I should have,` writes IT security analyst Mark Burnett, `including some to Google ads.` But his qualified results -- quoted below -- are still critical of Microsoft: You can cut back even more using the Windows Restricted Traffic Limited Functionality Baseline but break many things.Settings can be set wrong if you aren`t paying attention. Also, settings are not consistent and can be confusing to beginners.You are opted-in to just about everything by default and have to set hundreds of settings to opt out, even on an Enterprise Windows system. Sometimes multiple settings for the same feature. Most Microsoft documentation discourages opting out and warns of a less optimal experience... But you can`t completely opt-out. Windows still tracks too much.Home and Professional users are much worse...|
|Windows 7 and 8.1 (and also Windows Vista) have a bug that is reminiscent of Windows 98 age, when a certain specially crafted filename could make the operating system crash (think of file:///c:/con/con). From an ArsTechnica report: The new bug, which fortunately doesn`t appear to afflict Windows 10, uses another special filename. This time around, the special filename of choice is $MFT. $MFT is the name given to one of the special metadata files that are used by Windows` NTFS filesystem. The file exists in the root directory of each NTFS volume, but the NTFS driver handles it in special ways, and it`s hidden from view and inaccessible to most software. Attempts to open the file are normally blocked, but in a move reminiscent of the Windows 9x flaw, if the filename is used as if it were a directory name -- for example, trying to open the file c:\$MFT\123 -- then the NTFS driver takes out a lock on the file and never releases it. Every subsequent operation sits around waiting for the...|
The NSA`s exploit toolkit has been weaponized to target critical systems all over the world. So much for the debate over the theoretical downside of undisclosed vulnerabilities. (It also inadvertently provided the perfect argument against encryption backdoors.) The real world has provided all the case study that`s needed.
It appears the NSA finally engaged in the Vulnerabilities Equity Process -- not when it discovered the vulnerability, but rather when it became apparent the agency wouldn`t be able to prevent it from being released to the public. What`s happened recently has been devastating and Microsoft -- whose software was targeted -- has expressed its displeasure at the agency`s inaction.
Maybe the agency will be a bit more forthcoming in the future. Ellen Nakashima and Craig Timberg of the Washington Post report former NSA employees and officials had concerns about the undisclosed exploit long before the Shadow Brokers gave it to the world. <...
|An anonymous reader writes: Today, WikiLeaks leaked documentation about a tool called Athena. According to leaked documents, which WikiLeaks previously claimed it received from hackers and CIA insiders, Athena is an implant -- a CIA technical term for `malware` -- that can target and infect any Windows system, from Windows XP to Windows 10, Microsoft`s latest OS version. Documents leaked today are dated between September 2015 and February 2016, showing that the CIA had the ability to hack Windows 10 months after its launch, despite Microsoft boasting about how hard it would be to hack its new OS. [...] The documents reveal that CIA had received help from a non-government contractor in developing the malware. The company is Siege Technologies, a cyber-security company based in New Hampshire, which was acquired on November 15, 2016, by Nehemiah Security, another US company, based in Tysons, Virginia, on the outskirts of Washington and near CIA`s headquarters, in a zone peppered ...|
|Security researchers Troy Hunt, writing on his blog: Often, the updates these products deliver patch some pretty nasty security flaws. If you had any version of Windows since Vista running the default Windows Update, you would have had the critical Microsoft Security Bulletin known as `MS17-010` pushed down to your PC and automatically installed. Without doing a thing, when WannaCry came along almost 2 months later, the machine was protected because the exploit it targeted had already been patched. It`s because of this essential protection provided by automatic updates that those advocating for disabling the process are being labelled the IT equivalents of anti-vaxxers and whilst I don`t fully agree with real world analogies like this, you can certainly see where they`re coming from. As with vaccinations, patches protect the host from nasty things that the vast majority of people simply don`t understand. This is how consumer software these days should be: self-updating with zero...|
|An anonymous reader quotes the AP: Teams of technicians worked `round the clock` Saturday to restore hospital computer systems in Britain and check bank or transport services in other nations after a global cyberattack hit dozens of countries and crippled the U.K.`s health system. The worldwide attack was so unprecedented that Microsoft quickly changed its policy and announced that it will make security fixes available for free for older Windows systems, which are still used by millions of individuals and smaller businesses. [Windows XP, Windows 8, and Windows Server 2003] An anonymous reader writes: The patches are available for download from here. Microsoft also advises companies and users to disable the Windows Server Message Block version 1 protocol, as it`s an old and outdated protocol, already superseded by newer versions, such as SMBv2 and SMBv3... Microsoft had released a fix for that exploit a month before, in March, in security bulletin MS17-010 [which] included fixes ...|
|An anonymous reader quotes a report from BleepingComputer: Two Google security experts have found a severe remote code execution (RCE) bug in the Windows OS, which they`ve described as `crazy bad.` The two experts are Natalie Silvanovich and Tavis Ormandy, both working for Project Zero, a Google initiative for discovering and helping patch zero-days in third-party software products. The two didn`t release in-depth details about the vulnerability, but only posted a few cryptic tweets regarding the issue. Drilled with questions by the Twitter`s infosec community, Ormandy later revealed more details: the attacker and the victim don`t necessarily need to be on the same LAN; the attack works on a default Windows install, meaning victims don`t need to install extra software on their systems to become vulnerable; the attack is wormable (can self-replicate). The tweets came days before Microsoft`s May 2017 Patch Tuesday, scheduled tomorrow, May 9. The researchers said a report is ...|
|The vast majority of IT organizations (91%) have installed Windows 10, but there is still great variation in the current level of Windows 10 adoption, according to a new survey conducted by Dimensional Research. Factors impacting Windows 10 adoption Nearly nine in ten (87%) have concerns about moving to Windows 10 including application compatibility (65%), the need for user training (43%), manual effort required to migrate (31%), the performance of applications (24%) and the increased … More ...|
|2017-04-26 15:02:41||The Register|
We`ll give it to you when it`s ready and it is not
Microsoft has urged non-tech-savvy people or anyone who wants a stable computer to not download and install the biggest revision to Windows this year. And that`s because it may well bork your machine.
|An anonymous reader shares a report: Over the weekend, I put together a little tool that scans executable files for PNG images containing useless Adobe Extensible Metadata Platform (XMP) metadata. I ran it against a vanilla Windows 10 image and was surprised that Windows contains a lot of this stuff. Adobe XMP, generally speaking, is an Adobe technology that serializes metadata like titles, internal identifiers, GPS coordinates, and color information into XML and jams it into things, like images. This data can be extremely valuable in some cases but Windows doesn`t need or use this stuff. It just eats up disk space and CPU cycles. Thanks to horrible Adobe Photoshop defaults, it`s very easy to unknowingly include this metadata in your final image assets. So easy, almost all the images on this site are chock full of it. But you can appreciate my surprise when a bunch of important Windows binaries showed up in ...|
|Karma has long been a staple man-in-the-middle attack used in authorised wireless security assessments and unsanctioned ones, but as many modern operating systems now provide effective countermeasures, other approaches for tricking wireless clients into automatically associating with a rogue access point are wanted. Enter Lure10 – a new attack that, by taking advantage of Wi-Fi Sense, tricks wireless devices running Windows into doing exactly that. What is Wi-Fi Sense? Wi-Fi Sense, enabled by default on … More ...|
|Has your Windows machine been implanted with NSA’s DoublePulsar backdoor? If you haven’t implemented the security updates released by Microsoft in March, chances are good that it has. What is DoublePulsar? DoublePulsar is a backdoor implant that enables the injection and running of DLLs – potentially malicious ones – on Windows computers. It was recently leaked by the Shadow Brokers, and hackers have been using it – in conjunction with the EternalBlue exploit – to … More ...|
|An anonymous reader quotes a report from BleepingComputer: GitHub user Zeffy has created a patch that removes a limitation that Microsoft imposed on users of 7th generation processors, a limit that prevents users from receiving Windows updates if they still use Windows 7 and 8.1. This limitation was delivered through Windows Update KB4012218 (March 2017 Patch Tuesday) and has made many owners of Intel Kaby Lake and AMD Bristol Ridge CPUs very angry last week, as they weren`t able to install any Windows updates. Microsoft`s move was controversial, but the company did its due diligence, and warned customers of its intention since January 2016, giving users enough time to update to Windows 10, move to a new OS, or downgrade their CPU, if they needed to remain on Windows 7 or 8.1 for various reasons. When the April 2017 Patch Tuesday came around last week, GitHub user Zeffy finally had the chance to test four batch scripts he created in March, after the release of KB4012218. His ...|
The Shadow Brokers -- having failed to live up to half their name -- released more NSA exploits last week when it became apparent no one was willing to purchase the exploits from them. This dump was far more interesting than previous releases, as it contained a large number of Windows exploits and -- for some -- a very handy, easy-to-use front end for malware deployment.
This dump probably ruined a few Easter weekends at Microsoft, but not nearly as many as was first presumed. While the exploits targeted older versions of Windows , they would have caused trouble for government and corporate networks still relying those versions. Those targeting unsupported versions are the most dangerous, as those holes will never be patched. They`re also the ones with the smallest user bases, so that mitigates the damage somewhat. As Marcy Wheeler points out, the NSA had plenty of time to warn Microsoft about unpatched holes prior to the Shadow Brokers` latest dump. ...
|halfEvilTech writes: Last year, Microsoft announced they were planning on blocking OS updates on newer Intel CPU`s, namely the 7th Generation Kaby Lake processors. Ars Technica reports: `Now, the answer appears to be `this month.` Users of new processors running old versions of Windows are reporting that their updates are being blocked. The block means that systems using these processors are no longer receiving security updates.` While Windows 7 has already ended mainstream support, the same can`t be said for Windows 8.1 which is still on mainstream support until January of next year...|
|2017-04-12 03:32:11||The Register|
Support ended on Tuesday and Microsoft`s not offering even a single strand of safety net
Farewell, Windows Vista, we hardly knew ye. But as of now * you`re out of support and even-more-unloved than was previously the case.
|Microsoft is officially banning emulators from Windows Store. The company has updated the Windows Store policy to announce the changes. The new rules bar any applications that emulate pre-existing game systems, resulting in the removal of a popular program that supported games from Nintendo and Sega and other consoles. From a report on ArsTechnica: An affected developer was notified of the change on Tuesday when its product, Universal Emulator, was delisted from the Windows Store. While no proof of a letter or notice from Microsoft was published, the developers at NESBox linked to relevant changes in the Windows Store application rules, dated March 29, which now include this line: `Apps that emulate a game system are not allowed on any device family.` This list of general Windows Store rules, written for developers, received a massive update to its `Gaming and Xbox` requirements; these used to contain only one sentence, and it referred hopeful Windows Store game developers to the ID...|
|Starting today, Microsoft is updating its privacy statement and publishing information about the data it collects as part of Windows 10. From a report: `For the first time, we have published a complete list of the diagnostic data collected at the Basic level,` explains Windows chief Terry Myerson in a company blog post. `We are also providing a detailed summary of the data we collect from users at both Basic and Full levels of diagnostics.` Microsoft is introducing better controls around its Windows 10 data collection levels in the latest Creators Update, which will start rolling out broadly next week. The controls allow users to switch between basic and full levels of data collection. `Our teams have also worked diligently since the Anniversary Update to re-assess what data is strictly necessary at the Basic level to keep Windows 10 devices up to date and secure,` says Myerson. `As a result, we have reduced the number of events collected and reduced, by about half, the ...|
|An anonymous reader quotes a report from Bleeping Computer: A new attack on smart TVs allows a malicious actor to take over devices using rogue DVB-T (Digital Video Broadcasting -- Terrestrial) signals, get root access on the smart TV, and use the device for all sorts of nasty actions, ranging from DDoS attacks to spying on end users. The attack, developed by Rafael Scheel, a security researcher working for Swiss cyber security consulting company Oneconsult, is unique and much more dangerous than previous smart TV hacks. Scheel`s method, which he recently presented at a security conference, is different because the attacker can execute it from a remote location, without user interaction, and runs in the TV`s background processes, meaning users won`t notice when an attacker compromises their TVs. The researcher told Bleeping Computer via email that he developed this technique without knowing about the CIA`s Weeping Angel toolkit, which makes his work even more impressing...|
Last week, the Senate voted 50-48 along party lines to kill consumer broadband privacy protections. That vote then continued today in the House, where GOP lawmakers finished the job, apparently happy to advertise how ISP campaign contributions consistently, directly manifest in anti-consumer policy with a 215 to 205 vote (you can find a full vote breakdown here ). The rules, which were supposed to take effect this month, were killed using the Congressional Review Act -- which not only eliminates the protections, but limits the agency`s ability to issue similar rules down the road.
The broadband industry`s effort to kill the rules is one of the uglier examples of pay-to-play government in recent memory. The protections, originally passed last October by the FCC , have been endlessly demonized by the broadband industry, despite the fact that they`re relatively straight forward. The rules would have simply required that ISPs are transparent about what they collect (...
|Slashdot reader AmiMoJo quotes The Register: Three people in Illinois have filed a lawsuit against Microsoft, claiming that its Windows 10 update destroyed their data and damaged their computers. The complaint, filed in Chicago`s U.S. District Court on Thursday, charges that Microsoft Windows 10 [installer] is a defective product, and that its maker failed to provide adequate warning about the potential risks posed by Windows 10 installation -- specifically system stability and data loss... The attorneys representing the trio are seeking to have the case certified as a class action that includes every person in the U.S. who upgraded to Windows 10 from Windows 7 and suffered data loss or damage to software or hardware within 30 days of installation. They claim there are hundreds or thousands of affected individuals. Microsoft responded that they`d offered free customer service and other support options for `the upgrade experience,` adding `We believe the plaintiffs` claims are ...|
|Earlier this week, CEO of Microsoft Greater China, Alain Crozier, told China Daily that the company is ready to roll out a version of Windows 10 with extra security features demanded by China`s government. `We have already developed the first version of the Windows 10 government secure system. It has been tested by three large enterprise customers,` Crozier said. The Register reports: China used Edward Snowden`s revelations to question whether western technology products could compromise its security. Policy responses included source code reviews for foreign vendors and requiring Chinese buyers to shop from an approved list of products. Microsoft, IBM and Intel all refused to submit source code for inspection, but Redmond and Big Blue have found other ways to get their code into China. IBM`s route is a partnership with Dalian Wanda to bring its cloud behind the Great Firewall. Microsoft last year revealed its intention to build a version of Windows 10 for Chinese government users in...|
|Security researchers from computer and network security outfit Cybellum have revealed a new zero-day code injection and persistence technique that can be used by attackers to take over applications and entire Windows machines. They demonstrated the attack on antivirus solutions, and ultimately dubbed it DoubleAgent, as it turns the antivirus security agent into a malicious agent. The DoubleAgent attack “DoubleAgent exploits a legitimate tool of Windows called Microsoft Application Verifier which is a tool included … ...|
|2017-03-22 04:26:05||The Register|
There`s Reds under the Windows! And that`s the way China`s government wants it
Microsoft`s supremo for China has told state-owned China Daily that Redmond`s ready roll out version of Windows 10 with extra security features demanded by China`s government.
|Reader AmiMoJo writes: Until now Windows 10 has allowed users to avoid downloading updates over metered (pay-per-byte) connections, to avoid racking up huge bills. Some users were setting their ethernet/wifi connections as metered in order to prevent Windows 10 from downloading and installing updates without their permission. In its latest preview version of the OS, Microsoft is now forcing some updates necessary for `smooth operation` to download even on these connections. As well as irritating users who want to control when updates download and install, users of expensive pay-per-byte connections could face ...|
|An anonymous reader writes: `A new User Access Control (UAC) bypass technique relies on altering Windows registry app paths and using the Backup and Restore utility to load malicious code without any security warning,` reports BleepingComputer. The technique works when an attacker launches the Backup and Restore utility, which loads its control panel settings page. Because the utility doesn`t known where this settings page is located, it queries the Windows Registry. The problem is that low-privileged users can modify Windows Registry values and point to malware. Because the Backup and Restore utility is a trusted application, UAC prompts are suppressed. This technique only works in Windows 10 (not earlier OS versions) and was tested with Windows 10 build 15031. A proof-of-concept script is available on GitHub. The same researcher had previously found two other UAC bypass techniques, one that abuses the Windows Event Viewer, and one that relies on the Windows 10 Disk...|
|Artem Tashkinov writes: In a move that will shock a lot of people, someone at Microsoft decided to deny Windows 7/8.1 updates to the users of the following CPU architectures: Intel seventh (7th)-generation processors (Kaby Lake); AMD `Bristol Ridge` (Zen/Ryzen); Qualcomm `8996.` It`s impossible to find any justification for this decision to halt support for the x86 architectures listed above because you can perfectly run MS-DOS on them. Perhaps, Microsoft has decided that the process of foisting Windows 10 isn`t running at full steam, so the company created this purely artificial limitation. I expect it to be cancelled soon after a wide backlash from corporate customers. KitGuru notes that users may encounter the following error message when they attempt to update their OS: `Your PC uses a processor that isn`t supported on this version of Windows.` The only resolution is to upgrade to Windows 10...|
|In less than a month`s time, Microsoft will put Windows Vista to rest once and for all. If you`re one of the few people still using it, you have just a few weeks to find another option before time runs out. (I mean, nobody will uninstall it from your computer, but.) From a report on PCWorld: After April 11, 2017, Microsoft will no longer support Windows Vista: no new security updates, non-security hotfixes, free or paid assisted support options, or online technical content updates, Microsoft says. (Mainstream Vista support expired in 2012.) Like it did for Windows XP, Microsoft has moved on to better things after a decade of supporting Vista. As Microsoft notes, however, running an older operating system means taking risks -- and those risks will become far worse after the deadline. Vista`s Internet Explorer 9 has long since expired, and the lack of any further updates means that any existing vulnerabilities will never be patched -- ever. Even if you have Microsoft`...|
|Tom Warren, writing for The Verge: Microsoft is unveiling some changes to the way Windows Updates are applied to Windows 10 PCs with the upcoming Creators Update. The software giant has long been criticized by Windows 10 users for its aggressive approach to applying updates, and it`s introducing some new options to prevent annoying reboots. `What we heard back most explicitly was that you want more control over when Windows 10 installs updates,` admits John Cable, Microsoft`s Windows director of program management. `We also heard that unexpected reboots are disruptive if they happen at the wrong time.` To stop these random reboots, Microsoft is adding a new snooze option that appears in a new prompt to let you know there`s a Windows 10 update available. Snooze will stop an update installing for three days, and give you time to save any crucial work...|
|2017-02-28 05:47:50||Silicon Security|
|Google Zero`s latest unpatched bug is ranked `critical` and could be used to target Windows 10 Edge and Internet Explorer 11|
|2017-02-28 05:45:03||Silicon Security|
|Windows 10 Creators Update scheduled for April, with another coming later in the year|
|Microsoft is planning to introduce a new feature to Windows 10 that will allow a user to prevent installation of desktop apps. The latest Windows Insider build comes with an option that allows users to enable app installations only from the Windows Store. From a report on MSPowerUser: Once enabled, users will see a warning whenever they try to install a Win32 app -- they will get a dialog saying apps from the Windows Store helps to keep their PC `safe and reliable.` This feature is obviously disabled by default, but users can enable it really easily ...|
|2017-02-22 05:45:30||Silicon Security|
|Windows 10 will get a second major update in 2017 as Microsoft also launches Skype Lite in India|
|Julia Fioretti, reporting for Reuters: European Union data protection watchdogs said on Monday they were still concerned about the privacy settings of Microsoft`s Windows 10 operating system despite the U.S. company announcing changes to the installation process. The watchdogs, a group made up of the EU`s 28 authorities responsible for enforcing data protection law, wrote to Microsoft last year expressing concerns about the default installation settings of Windows 10 and users` apparent lack of control over the company`s processing of their data. The group -- referred to as the Article 29 Working Party -- asked for more explanation of Microsoft`s processing of personal data for various purposes, including advertising. `In light of the above, which are separate to the results of ongoing inquiries at a national level, even considering the proposed changes to Windows 10, the Working Party remains concerned about the level of protection of users` personal data,` the group said ...|
|An anonymous reader writes: `For the second time in three months, Google engineers have disclosed a bug in the Windows OS without Microsoft having released a fix before Google`s announcement,` reports BleepingComputer. `The bug in question affects the Windows GDI (Graphics Device Interface) (gdi32.dll)...` According to Google, the issue allows an attacker to read the content of the user`s memory using malicious EMF files. The bad news is that the EMF file can be hidden in other documents, such as DOCX, and can be exploited via Office, IE, or Office Online, among many. `According to a bug report filed by Google`s Project Zero team, the bug was initially part of a larger collection of issues discovered in March 2016, and fixed in June 2016, via Microsoft`s security bulletin MS16-074. Mateusz Jurczyk, the Google engineer who found the first bugs, says the MS16-074 patches were insufficient, and some of the issues he reported continued to remain vulnerable.` He later resubmitted the...|
|In case you were wondering what other misery DRM could contribute to, Hacker House security researchers have an answer for you : n n HackerHouse have been investigating social engineering attacks performed with Digital Rights Management (DRM) protected media content. Attackers have been performing these attacks in the wild to spread fake codec installers since Microsoft introduced DRM to its proprietary media formats. n n Improperly-licensed media files will produce a pop-up , asking the user if they want to visit the originating site to obtain the rights to play the file. This popup also warns users that this is great way to pick up malware if they`re not careful. In these cases, computer users will likely be deterred from following through on the risky click. n n But that only happens if it`s not licensed properly. If it is -- an expensive process that runs about $10,000 -- then no warning appears, leaving users open to attack by malicious fake codec installers. What would ...|
|`The prestigious FOSS project replacing the entire city`s administration IT with FOSS based systems, is about to be cancelled and decommissioned,` writes long-time Slashdot reader Qbertino. TechRepublic reports: Politicians at open-source champion Munich will next week vote on whether to abandon Linux and return to Windows by 2021. The city authority, which made headlines for ditching Windows, will discuss proposals to replace the Linux-based OS used across the council with a Windows 10-based client. If the city leaders back the proposition it would be a notable U-turn by the council, which spent years migrating about 15,000 staff from Windows to LiMux, a custom version of the Ubuntu desktop OS, and only completed the move in 2013... The use of the open-source Thunderbird email client and LibreOffice suite across the council would also be phased out, in favor of using `market standard products` that offer the `highest possible compatibility` with external and internal software... ...|
|2017-02-10 18:26:06||The Register|
Malware can spread to gizmos and gadgets after slipping into internal systems
The Mirai malware that hijacked hundreds of thousands of IoT gadgets, routers and other devices is now capable of infecting Windows systems.
|If you`re using an older, outdated version of Skype, you may want to consider updating soon. Microsoft said today that starting on March 1 people will no longer be able to sign in to version 7.16 of Skype for Window desktop and older versions, and version 7.18 of Skype for Mac and older versions thereof. VentureBeat reports: `If you`re one of those users, all you`ll need to do is download the new update,` the Skype team said in a blog post. This isn`t the first time Skype is retiring old software. But that doesn`t mean the upcoming move won`t rankle some people. Version 7.18 of Skype for Mac and version 7.16 of Skype for Windows both came out less than a year and a half ago -- in December 2015. So it`s not as if this is very old software. Still, Microsoft has been doing a lot to improve Skype in the past year. It`s been migrating the app to its Azure public cloud infrastructure, and adding chatbots. Current versions of Skype -- like version 7.44 for Mac -- come with amenities...|
|Orome1 quotes a report from Help Net Security: A zero-day bug affecting Windows 10, 8.1, Windows Server 2012 and 2016 can be exploited to crash a vulnerable system and possibly even to compromise it. It is a memory corruption bug in the handling of SMB traffic that could be easily exploited by forcing a Windows system to connect to a malicious SMB share. Tricking a user to connect to such a server should be an easy feat if clever social engineering is employed. The vulnerability was discovered by a researcher that goes by PythonResponder on Twitter, and who published proof-of-exploit code for it on GitHub on Wednesday. The researcher says that he shared knowledge of the flaw with Microsoft, and claims that `they had a patch ready 3 months ago but decided to push it back.` Supposedly, the patch will be released next Tuesday. The PoC exploit has been tested by SANS ISC CTO Johannes Ullrich, and works on a fully patched Windows 10. `To be vulnerable, a client needs to support SMBv3, ...|
|schwit1 shares this angry commentary from a CNET senior editor: Maybe you`re delivering a presentation to a huge audience. Maybe you`re taking an online test. Maybe you just need to get some work done on a tight deadline. Windows doesn`t care. Windows will take control of your computer, force-feed it updates, and flip the reset switch automatically - and there`s not a damn thing you can do about it, once it gets started. If you haven`t saved your work, it`s gone. Your browser tabs are toast. And don`t expect to use your computer again soon; depending on the speed of your drive and the size of the update, it could be anywhere from 10 minutes to well over an hour before your PC is ready for work. As far as I`m concerned, it`s the single worst thing about Windows. It`s only gotten worse in Windows 10. And when I poked around Microsoft, the overarching message I received was that Microsoft has no interest in fixing it. The editor recalls rebooting his Windows laptop while listening to a...|
|Earlier this month, Microsoft announced several privacy changes in Windows 10, but it didn`t give users an option to completely opt-out of data-collection feature. The announcement came at a time to coincide with a statement by the Swiss data protection and privacy regulator, the FDPIC, which last week said it would drop its threats of a lawsuit after the company `agreed to implement` a string of recommendations it made last year. The news closed the books on an investigation that began in 2015, shortly after Windows 10 was released. Though the Swiss appear satisfied, other critics are waiting for more. The French data protection watchdog, the CNIL, was equally unimpressed by Microsoft`s actions, and it served the company with a notice in July to demand that it clean up its privacy settings. In an email, the CNIL said that the changes `seem to comply` with its complaint, but it`s `now analyzing more in [sic] details Microsoft answers in order to know whether all the ...|
|In a blog post, Microsoft says that continued usage of Windows 7 increases maintenance and operating costs for businesses. Furthermore, time is needlessly wasted on combating malware attacks that could have been avoided by upgrading to Windows 10. A report on Neowin adds: Microsoft also says that many hardware manufacturers do not provide drivers for Windows 7 any longer, and many developers and companies refrain from releasing programs on the outdated operating system. Markus Nitschke, Head of Windows at Microsoft Germany, had the following to say about Windows 7: `Today, it [Windows 7] does not meet the requirements of modern technology, nor the high security requirements of IT departments. As early as in Windows XP, we saw that companies should take early steps to avoid future risks or costs. With Windows 10, we offer our customers the highest level of security and functionality at the cutting edge...|
|An anonymous reader quotes a report from PCWorld: Microsoft is giving users some more control over Windows 10 updates, with a new beta build of its operating system released Monday. The build allows folks with the Windows 10 Professional, Education, and Enterprise versions to defer new updates for up to 35 days. In addition, the company will allow those users to decide whether or not they want to include driver updates when they want to update Windows. It`s a move that helps respond to one of the key criticisms of Windows 10: that Microsoft`s regime of forced, cumulative updates has caused problems for users with some configurations. This way, users can steer clear of updates they don`t want to install yet and dodge problematic driver updates. The newly-minted update changes are just one part of the improvements added to Windows 10 with the build released Monday. Microsoft is also working on making the initial Windows 10 setup more accessible using Cortana. The company`s ...|
|2016-12-30 11:00:12||The Register|
If you all ask nicely, maybe they`ll restore Program Groups?
Because its not complicated enough already, Windows 10s Start menu will support folders in a forthcoming release.
|An anonymous reader writes: Windows 10 Insider builds will now feature Green Screen of Death (GSOD) instead of the classic Blue Screen of Death (BSOD) error page we have all become accustomed to. The change was teased on Twitter by Matthijs Hoekstra, Senior Program Manager for Windows Enterprise Developer Platform, and spotted by a user that goes by the nickname of Chris123NT. According to Hoekstra, only Windows 10 Insider builds will feature the green error screen, while stable Windows 10 versions will continue to use the classic blue-themed error page. Hoekstra didn`t elaborate on the reasons behind the color change, but the color-coded error screens would allow Microsoft support staff to triage bugs and prioritize customers...|
|It`s no secret that Microsoft has been aggressively pushing Windows 10 to users. Over the past year and a half, we have seen users complain about Windows 10 automatically getting downloaded to their computer, and in some cases, getting installed on its own as well. The automatic download irked many users who were on limited or slow data plans, or didn`t want to spend gigabytes of data on Windows 10. A company executive has admitted for the first time that they may have went overboard with Windows 10 updates. From a report on Softpedia: Chris Capossela, Chief Marketing Officer at Microsoft, said in the latest edition of the Windows Weekly that this was the moment when the company indeed went too far, pointing out that the two weeks between the moment when users started complaining about the unexpected behavior and the one when a patch was released were `very painful.` `We know we want people to be running Windows 10 from a security perspective, but finding the right balance where you`re...|
|jader3rd shares an article from PC World arguing that Windows 10`s data collection `trades your privacy for Microsoft`s security.` [Anonymized] usage data lets Microsoft beef up threat protection, says Rob Lefferts, Microsoft`s director of program management for Windows Enterprise and Security. The information collected is used to improve various components in Windows Defender... For example, Windows Defender Application Guard for Microsoft Edge will put the Edge browser into a lightweight virtual machine to make it harder to break out of the browser and attack the operating system. With telemetry, Microsoft can see when infections get past Application Guard defenses and improve the security controls to reduce recurrences. Microsoft also pulls signals from other areas of the Windows ecosystem, such as Active Directory, with information from the Windows 10 device to look for patterns that can indicate a problem like ransomware infections and other attacks. To detect those patterns...|
|An anonymous reader shares a report: To help with the smooth running of Windows 10, and to get an idea of how users interact with the operating system, Microsoft collects telemetry data, which includes information on the device Windows 10 is running on, a list of installed apps, crash dumps, and more. Telemetry data recorded by Windows 10 is, in a nutshell, just technical information about the device the OS is on, and how Windows and any installed software is performing, but it can occasionally include personal information. If you`re worried about that, the news that Microsoft is sharing telemetry data with third parties might concern you. Microsoft recently struck a deal with security firm FireEye to provide access to Windows 10 telemetry data, in exchange for having FireEye`s iSIGHT Threat Intelligence technology included in its Windows Defender Advanced Threat Protection service. WDATP is an enterprise security product that helps enterprises detect, investigate...|
|Bogdan Popa, writing for Softpedia:The latest Windows 10 insider build brings a change that puts the Windows PowerShell in the spotlight, as it replaces the super-popular Command Prompt in some essential parts of the operating system. Command Prompt has been around for as long as we can remember, but starting with Windows 10 build 14971, Microsoft is trying to make PowerShell the main command shell in the operating system. As a result, PowerShell officially replaces the Command Prompt in the Win + X menu, so when you right-click the Start menu, you`ll only be allowed to launch the more powerful app. Additionally, in File Explorer`s File menu and in the context menu that appears when pressing Shift + right-click in any folder, the old Command Prompt will no longer be available. Typing cmd in the run dialog will launch PowerShell as well, so Microsoft has made a significant step towards phasing out the traditional Command Prompt...|
|Russian antivirus vendor Kaspersky Lab has asked antitrust regulators in various countries (including the European Union and Russia) to make Microsoft stop giving an unfair advantage to Windows Defender, Eugene Kasperky wrote in a blog post. From a report on Myce: Microsoft is making it hard for independent anti-virus vendors to compete with Windows Defender, Microsoft`s own antivirus application built-in to Windows 8 and Windows 10, according to founder of Kaspersky Lab, Eugene Kaspersky. For example, when users upgraded to Windows 10, their own antivirus product was disabled and Windows Defender was enabled by default. Another showcase of Microsoft`s way of making it harder to compete is that antivirus companies only received a week to make their antivirus software compatible with Windows 10. And even when the antivirus software was compatible, Windows Defender would be enabled nevertheless.You can read Eugene`s blog post ...|
|Mark Hachman, reporting for PCWorld: When Microsoft`s Windows 10 deadline passed, many heaved a sigh of relief, thinking that Microsoft`s obnoxious popup reminders had finally been laid to rest. Surprise! Microsoft`s at it again, reminding users to sign up for Bing Rewards by using Edge, Windows 10`s built-in browser. My colleague Brad Chacos was hit by the ad after hours, reported it, and immediately erased Edge from his toolbar. Here`s what we know: The popup doesn`t seem to appear if you use Edge frequently (Brad does not). Personally, I`ve never experienced a similar ad, though I use Edge as well as Bing Rewards, meaning there`s no need for such an ad to appear. A notification here, a suggestion there: Microsoft`s gently slipped in promotions for Office as well as its third-party apps off and on since Windows 10 was launched, and then sneakily reset those options once the Anniversary Update launched last summer. But here`s the problem. Brad turned off his ad...|
|New submitter TroII writes: After Microsoft ended its year-long `free` Windows 10 offer, new installations have slowed predictably. But in an unexpected turn, October saw more new installs of both Windows 7 and Windows 8.1 than of Windows 10. Compared to September`s numbers, market share increased only 0.06% for Windows 10, while new installations of Windows 7 and 8.1 were an order of magnitude higher at 0.68%. According to tracking firm NetMarketShare, Windows 7 is still by far the most popular version of the OS, installed on more than twice as many computers as Microsoft`s latest offering...|
|Microsoft currently distributes major Windows 10 updates -- Anniversary Update, for instance -- as essentially full operating system installs, going as much 4GB in size. But that is changing starting today (for some users). From an article on The Verge: Microsoft has been promising smaller updates to Windows 10, through various methods, for what feels like years, but the company is now starting to test a new Unified Update Platform (UUP) that will make a big difference. `One of the biggest community and customer benefits of UUP is the reduction you`ll see in download size on PCs,` explains Bill Karagounis, a Windows program manager. `We have converged technologies in our build and publishing systems to enable differential downloads for all devices built on the Mobile and PC OS.` Differential downloads only include the changes that have been pushed out since you last updated a Windows 10 PC. This new change will debut with the Windows 10 Creators Update that`s expected to...|
|Due to Google’s public release of information about an actively exploited Windows zero-day, Microsoft was forced to offer its own view of things and more information about the attack. The vulnerability is just one part of the attack chain leveraged by the Strontium (aka Fancy Bear, aka APT28) hacker group, which is widely believed to be behind the DNC and John Podesta email hacks, and backed by the Russian government. “This attack campaign, originally identified … More →|
|An anonymous reader quotes a report from Reuters: Microsoft Corp said on Tuesday that a hacking group previously linked to the Russian government and U.S. political hacks is behind recent cyber attacks that exploit a newly discovered flaw in its Windows operating system. Microsoft said that a patch to defend Windows users against this sort of attack will be released on Nov. 8. The software maker said in an advisory on its website there had been a small number of attacks using `spear phishing` emails from a hacking group known Strontium, which is more widely known as `Fancy Bear` or APT 28. A U.S. intelligence expert on Russian cyber activity said that Fancy Bear primarily works for or on behalf of the GRU, Russia`s military intelligence agency, which U.S. intelligence officials have concluded were responsible for hacks of Democratic Party databases and emails. Microsoft said the attacks exploited a vulnerability in Adobe Systems Inc`s Flash software and one in the ...|
|An anonymous reader writes: Google today shared details about a security flaw in Windows, just 10 days after disclosing it to Microsoft on October 21. To make matters worse, Google says it is aware that this critical Windows vulnerability is being actively exploited in the wild. That means attackers have already written code for this specific security hole and are using it to break into Windows systems.In a blog post, security researchers at Google write, `The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome`s sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape ...|
|Researchers from security outfit enSilo have uncovered a new code injection technique that can be leveraged against all Windows versions without triggering current security solutions. They’ve dubbed the technique AtomBombing, because it exploits the operating system’s atom tables. “These tables are provided by the operating system to allow applications to store and access data. [They] can also be used to share data between applications,” enSilo’s Tal Liberman explained. “What we found is that a threat … ...|
|First-time submitter Big O Notation shares `an honest review about the new Ubuntu Bash` that shipped with the Windows 10 Anniversary Update. While it`s still officially beta, most of the commands work as expected, and it includes popular programs like the Pico text editor. Here`s some of the review`s highlights: Pros: You can also manage and manipulate other files inside your entire Hard Disk, even those outside of your Linux home directory. Cons: Even if you chmod something properly, when you use ls -l the Bash would not show the correct permissions. [And] if you try to create a Folder in your Linux Home Directory by using the Windows GUI, it would be impossible to read and manage it. Don`t try this at home. Microsoft says they`ve included the Windows Subsystem for Linux primarily as `a tool for developers -- especially web developers and those who work on or with open source projects.` One Scandinavian developer has even tried running X on Bash on Ubuntu on Windows, reporting ...|
|2016-10-07 13:05:11||The Register|
`Rather than you approving which patches you want, we are saying let them all flow`
Interview At Microsoft`s recent Ignite event in Atlanta, The Reg sat down with Brad Anderson, Corporate Vice President of Enterprise Client and Mobility.
|An anonymous Slashdot reader quotes ZDNet: Microsoft rolled out this week the seventh Cumulative Update of fixes to Windows 10 Anniversary Update since the Anniversary version of Windows 10 began going to customers on August 2...causing installation issues for some users. I don`t know how many are affected -- it`s definitely nowhere near `all` -- but reports are coming in on Twitter and in Microsoft support forums from those who can`t install the update, resulting (at least for some) in an endless loop of repeated attempts... But a few of those affected have pointed out that when Microsoft first delivered this update to its `Release Preview` ring of Insider testers at the start of this week, some testers reported the installation failure/reboot issue. Despite those reports, Microsoft still pushed this update out to those not in the Insider program... Unsurprisingly, this issue is triggering a round of `What`s the point of Insider testing?` questions. It looks to...|
|2016-09-29 06:38:07||The Register|
We`re making your NAS secure by hiding it from you
Microsoft has overnight pushed out the latest of its ongoing preview builds for Windows 10, with this one carrying a warning that it could break your network file share connections.
|Microsoft announced today that Windows 10 is now running on over 400 million active devices. This is up from 300 million as of May, and 207 million as of end of the March. The company says that it deems devices that have been active in the past 28 days as `active.` Microsoft added that this 400 million active devices figure include tablets and phones as well as Xbox One consoles, HoloLens, and Surface Hubs running Windows 10. Paul Thurrott adds:Microsoft last provided a Windows 10 usage milestone on June 29, when it said that there were 350 million active Windows 10 devices. At that time, I noted that the Windows 10 adoption had accelerated from the previous milestone, hitting an average of almost 29 million new devices per month. But 50 million additional devices over three months is a much slower pace of about 17 million per month. This is the slowest rate since Windows 10 was first announced. Again, no surprise there: Windows 10 was free for its first year, and over that time...|
|Microsoft has been asked to pay compensation to customers who suffered malfunctions on their PCs when upgrading to Windows 10. Several customers have complained in the past one year about issues such as their computer upgrading to Windows 10 without their consent, and high-data usage due to automatic downloads of Windows 10 installation files in the background. The consumer watchdog has told Microsoft to `honor consumers` rights` and compensate those who have faced issues because of Windows 10. From a report:`Many people are having issues with Windows 10 and we believe Microsoft should be doing more to fix the problem,` said Alex Neill, director of policy at Which? Of 2,500 people surveyed, who had upgraded to Windows 10, more than 12 percent said they ended up rolling back to their previous version of the operating system. More than half stated that this was because the upgrade had adversely affected their PC. `We rely heavily on our computers to carry out daily activities so, ...|
|2016-09-22 08:08:33||Silicon Security|
|Is Windows 10 a software upgrade villain? That is the suggestion from Which? as it urges Redmond to compensate users|
|2016-09-22 01:02:52||The Register|
Windows Update silently did the deed, added a few security fixes for .Net Framework too
Microsoft has quietly excised Windows 10 free upgrade offers from Windows 7 and 8, aka the GWX.exe .
|Microsoft released Windows 10 Anniversary Update last month. But the trickling of the company`s latest major update users could take as much as three months, the company has said. Many users have been complaining about not seeing an update pop-up on their system. When ZDNet`s reporter Mary Jo Foley asked Microsoft about this, the company confirmed that it hadn`t seeded the update to all Windows 10 users. From the report: Microsoft began rolling out the latest version of Windows 10, the Anniversary Update, on August 2. At that time, Microsoft officials said the rollout would be staggered, but didn`t get too explicit as to how -- or how long it might take the company to push Windows 10 Anniversary to consumers and business users who are on the so-called Current Branch of Windows 10. It`s worth repeating that those who really want the Anniversary Update immediately have options to proactively go get it. I received a Microsoft blast email just over a week ago that included a footnote ...|
|An anonymous reader writes: Buried in the announcement of the new Kaby Lake (seventh-generation) processors and a rash of incoming notebooks set to use them is the confirmation that they will have a Windows 10 future. Microsoft has been warning people for ages that Kaby Lake will not run on anything older than Windows 10, and it looks like AMD`s upcoming Zen chip will be going the same way. Microsoft said, `As new silicon generations are introduced, they will require the latest Windows platform at that time for support. This enables us to focus on deep integration between Windows and the silicon, while maintaining maximum reliability and compatibility with previous generations of platform and silicon.` `We are committed to working with Microsoft and our ecosystem partners to help ensure a smooth transition given these changes to Microsoft`s Windows support policy,` an Intel spokesperson said. `No, Intel will not be updating Win 7/8 drivers for 7th Gen Intel Core [Kaby ...|
|An anonymous reader writes: The Anniversary Update may have introduced a whole host of new features but it has also caused a fair number of problems for Windows 10 users. Among the most annoying issues reported since its release in late-July are freezes on systems equipped with SSDs. Microsoft has acknowledged the problem and provided a couple of workarounds that users could try, promising that a permanent fix would eventually be made available. Microsoft now says that it has addressed the freezing issues in the latest Cumulative Update that it just released. `After the launch of the Anniversary Update for Windows 10, Microsoft received a small number of reports of Windows 10 freezing when signing into Windows after installing the Anniversary Update. With the help of users and MVP`s who posted on this thread an investigation determined that a small fraction of users who had moved app information to a second logical drive could encounter this issue...|
|Slashdot reader MojoKid quotes an article from Hot Hardware: A security researcher for AVG has discovered a new piece of ransomware called Fantom that masquerades as a critical Windows update. Victims who fall for the ruse will see a Windows screen acting like it`s installing the update, but what`s really happening is that the user`s documents and files are being encrypted in the background... The scam starts with a pop-up labeled as a critical update from Microsoft. Once a user decides to apply the fake update, it extracts files and executes an embedded program called WindowsUpdate.exe... As with other EDA2 ransomware, Fantom generates a random AES-128 key, encrypts it using RSA, and then uploads it to the culprit. From there, Fantom targets specific file extensions and encrypts those files using AES-128 encryption... Users affected by this are instructed to email the culprit for payment instructions. While the ransomware is busy encrypting your files, it displays Microsoft`s...|
|It appears that many users are facing an issue with their Windows 10 computers when they plug in an Amazon Kindle device. According to reports, post Windows 10 Anniversary Update installation, everytime a user connect their Amazon Paperwhite or Voyage, their desktop and laptop lock up and require rebooting. The Guardian reports:Pooka, a user of troubleshooting forum Ten Forums said: `I`ve had a Kindle paperwhite for a few years no and never had an issue with connecting it via USB. However, after the recent Windows 10 updates, my computer BSOD`s [blue screen of death] and force restarts almost as soon as I plug my Kindle in.` On Microsoft`s forums, Rick Hale said: `On Tuesday, I upgraded to the Anniversary Edition of Windows 10. Last night, for the first time since the upgrade, I mounted my Kindle by plugging it into a USB 2 port. I immediately got the blue screen with the QR code. I rebooted and tried several different times, even using a different USB cable, but that made no...|
|While Windows 10 is generally well-liked by reviewers and users, it`s relatively clear that it`s not the OS to choose if you actually want to control how much babbling your OS does over the network . While a lot of complaints about Windows 10 have been proven to be hyperbole or just plain wrong (like it delivers your BitTorrent behavior to Hollywood or it makes use of menacing keyloggers), Windows 10 is annoyingly chatty, sending numerous reports back to Microsoft even when the operating system is configured to be as quiet and private as possible. While Microsoft has been criticized for this behavior for some time now , the general response out of Redmond has been to tap dance over, under and around most of the key complaints. Enter the Electronic Freedom Foundation, which last week effectively called on Microsoft to stop bullshitting everybody in terms of what gets collected and why. The EFF does a good job reiterating how Microsoft used malware-esque tactics to get users ...|
|whoever57 writes: According to a report via InfoWorld, the latest Windows 10 update [KB 3176934] breaks Desired State Configuration (DSC) functionality in PowerShell. Some things that were broken in the prior update, such as support of many webcams and a freeze issue, don`t appear to have been fixed in this update. Windows PowerShell Blog reported last night: `Due to a missing .MOF file in the build package, the update breaks DSC. All DSC operations will result in an `Invalid Property` error. If you are using DSC from or on any Windows client, take the following steps: Uninstall the update if already installed [...]; If using WSUS, do not approve the update. Otherwise, Use Group Policy to set the `Configure Automatic Updates` to `2 -- Notify for download and notify for install` [...] A fix for this issue will be included in the next Windows update which is due out 8/30/...|
|Microsoft`s now changing the way updates are delivered for Windows 7 and 8.1. Slashdot reader JustAnotherOldGuy writes: Microsoft`s Senior Product Marketing Manager Nathan Mercer just announced that, `From October 2016 onwards, Windows will release a single Monthly Rollup that addresses both security issues and reliability issues in a single update... Each month`s rollup will supersede the previous month`s rollup, so there will always be only one update required for your Windows PCs to get current.` What this means is that individual patches will no longer be available after October 2016, and Windows 7 and Windows 8 users will now only have two choices: stop updating completely and leave your computers vulnerable to security holes, or accept everything single thing Microsoft sends you whether you want it or not. Microsoft says their new approach `increases Windows operating system reliability, by eliminating update fragmentation and providing more proactive patches for known issues...|
|The Anniversary Update which Microsoft rolled out to Windows 10 users earlier this month has broken millions of webcams, the company said on Friday. The problem is that after installing the update, the company added, Windows no longer allows USB webcams to use MJPEG or H264 encoding processes, and only supports YUY2 encoding. Microsoft says it introduced the changes to prevent an issue that was resulting in duplication of encoding the stream (poor performance). If you`re facing the issue, there`s a workaround (via Thurrott.com): Rafael has figured out a workaround that should hopefully stop the freezing issue; if you are comfortable tweaking the registry, make this change. HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows Media Foundation\Platform, add DWORD `EnableFrameServerMode` and set to ...|
|Since Microsoft began pushing Windows 10 on consumers and enterprise users, it has consistently worked towards minimizing the choices they can make about the installation. One of these steps was to make sure that both individual users and enterprise customers could not pick and choose which patches to apply and which to forgo – cumulative patches became the norm. And while enterprises can test the patches before deploying them, home users don’t have that option … More →|
|2016-08-18 02:52:35||The Register|
Slams `questionable tactics to cause users to download software many didnt want`
The Electronic Frontier Foundation (EFF) has called on Microsoft to offer a single unified screen on which Windows 10 users can control how Windows 10 deals with their personal information and monitors their use of the OS.
|msm1267 writes from a report via Threatpost: A Windows UAC bypass has been publicly disclosed that not only bypasses the security feature meant to prevent unauthorized installs, but can be used to run code on compromised machines without leaving a trace on the hard disk. The bypass relies on Event Viewer (eventvwr.exe), a native Windows feature used to view event logs locally or remotely. Researcher Matt Nelson said he figured out a way to use eventvwr to hijack a registry process, start Powershell and execute commands on Windows machines; he collaborated with fellow researcher Matt Graeber on a proof-of-concept exploit, which was tested against Windows 7 and 10. A report published today by Nelson said it would work against any version of the OS that implements UAC. An attacker would already need to be on the machine to use this technique, Nelson said. The attack allows an admin user to execute code in a high-integrity context without requiring the user to approve ...|
|It`s enabled by default on Windows (and supported by other operating systems) -- but now security researchers are warning that `Man-in-the-middle attackers can abuse the WPAD protocol to hijack people`s online accounts and steal their sensitive information even when they access websites over encrypted HTTPS or VPN connections,` according to CSO. Slashdot reader itwbennett writes: Their advice: disable WPAD now. `No seriously, turn off WPAD!` one of their presentation slides said. `If you still need to use PAC files, turn off WPAD and configure an explicit URL for your PAC script; and serve it over HTTPS or from a local file`... A few days before their presentation, two other researchers named Itzik Kotler and Amit Klein independently showed the same HTTPS URL leak via malicious PACs in a presentation at the Black Hat security conference. A third researcher, Maxim Goncharov, held a separate Black Hat talk about WPAD security risks, entitled ...|
|A week after releasing Windows 10 Anniversary Update, Microsoft is already ready to unveil new features for its next major update dubbed Redstone 2. The Verge reports: The new update doesn`t have any big new features for public testers yet, as Microsoft is in the early stages of making structural improvements to its OneCore shared code of Windows across PCs, tablets, phones, HoloLens, Xbox, and IoT. The first few builds available for testing `may include more bugs and other issues that could be slightly more painful for some people to live` according to Windows software engineer Dona Sarkar. Microsoft has released Windows 10 build 14901, and the company is testing out new notifications within File Explorer to provide tips on what`s new in Windows 10. You can opt out of the notifications, and they`re just a test for now...|
|Microsoft says it is giving more time to users on Windows 7 and Windows 8.1 devices running sixth generation Intel Skylake chips. Earlier the company had said that it would end support for such systems on July 17, 2018 (before that the end date was July 17, 2017). Today`s announcement further pushes the deadline, giving Windows 7 users till January 14, 2020, and Windows 8.1 users till January 2023. ZDNet adds: Today`s latest change to the Skylake support cut-off dates also applies to Windows Embedded 7, 8 and 8.1 devices. As of this latest change, supported devices running Skylake -- here`s the list of PCs that qualify, along with embedded devices -- will get all applicable security updates for Windows 7 and 8.1 until the end of support dates for each product. What we don`t really know is why Microsoft made this latest change. Did Intel `fix` Skylake? Did customers, especially those wanting to downgrade to Windows 7, complain a lot? The official word is `This change is designed to help...|
|An anonymous reader writes from a report via Softpedia: Microsoft fixed today a serious security flaw in the Windows PDF Library, a standard library used by Windows 10 to open and render PDF files, embedded by default in Edge. Exploiting this flaw allows attackers to execute code on the user`s machine and take over the device, just by tricking a user into accessing a PDF hosted online via Edge. Since Edge is not only the default browser in Windows 10, but also the default PDF reader, this flaw puts countless of users that have not changed those settings at risk. Even worse, Microsoft has the annoying habit of resetting your personal app preferences once in a blue moon, always reverting Edge as the default browser and the default app to open PDF files...|
|An anonymous reader quotes a report from WinBeta: Microsoft released KB3151631 as part of today`s Patch Tuesday set of updates that will disable RC4 in both Internet Explorer 11 on Windows 7 and later and in the Edge browser on Windows 10. As the company describes things: `RC4 is a stream cipher that was first described in 1987, and has been widely supported across web browsers and online services. Modern attacks have demonstrated that RC4 can be broken within hours or days. The typical attacks on RC4 exploit biases in the RC4 keystream to recover repeatedly encrypted plaintexts. In February 2015, these new attacks prompted the Internet Engineering Task Force to prohibit the use of RC4 with TLS. Previously, Microsoft Edge and Internet Explorer 11 allowed RC4 during a fallback from TLS 1.2 or 1.1 to TLS 1.0. A fallback to TLS 1.0 with RC4 is most often the result of an innocent error, but this is indistinguishable from a man-in-the-middle attack. For this reason, RC4 is now entirely...|
|2016-08-07 20:57:34||The Register|
Microsoft`s response: Have you tried uninstalling it and installing it again?
Users are reporting that upgrading to the Windows 10 Anniversary Update renders their PCs unusable.
|An anonymous reader quotes a report from Ars Technica: With the Windows 10 Anniversary Update, aka Windows 10 version 1607, released earlier this week, it`s time to look forward to what`s next. Windows 10 has multiple release tracks to address the needs of its various customer types. The mainstream consumer release, the one that received the Anniversary Update on Tuesday, is dubbed the Current Branch (CB). The Current Branch for Business (CBB) trails the CB by several months, giving it greater time to bed in and receive another few rounds of bug fixing. Currently the CBB is using last year`s November Update, version 1511. In about four months, Microsoft plans to bump CBB up to version 1607, putting both CB and CBB on the same major version. [The Long Term Servicing Branch, an Enterprise-only version that will receive security and critical issue support for 10 years, will also be updated.] Going forward, however, the differences between both current branch variants (CB and ...|