Items tagged with NASDAQ:MSFT
Over the past few years, the surge in cryptocurrency values has meant that unscrupulous individuals are looking for ways to make money without putting in the hard work. In the case of cryptocurrency malware, the software is installed on unsuspecting computers, forcing them to mine without the victim seeing a single dime in the resulting revenue. Such is the same with LemonDuck, which the Microsoft 365 Defender Threat Intelligence Team is warning about this week. Once LemonDuck malware finds its way onto a target machine, it is swept up into a botnet that mines for cryptocurrencies. What makes LemonDuck so dangerous, however, is that it doesn't just target one platform. Instead, it is viable on...
Read more...
Microsoft's weekly cadence with Windows 11 Insider Preview releases continues this week with Build 22000.100. This latest build is available to testers that have joined Microsoft's Windows Insider Dev Channel. With Build 22000.100, Microsoft is focused on refining the UI and implementing a slew of fixes for outstanding issues. Going forward, we're not likely to see any dramatic changes build-to-build, as the Windows 10 successor inches closer to its [assumed] late October launch. However, as Microsoft outlined earlier this week, Teams integration is rolling out to select testers on the Dev Channel before a broader release in future builds. Given that Windows 11 is an evolution of the Windows...
Read more...
Microsoft is warning of a vulnerability in both Windows 11 (not yet released, but available in preview form to Windows Insiders) and Windows 10 that could reveal a user's admin password, which in turn could be used to elevate their own system privileges. That's obviously not a good thing, as it would essentially grant the hacker with full control of a system. "An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view,...
Read more...
Microsoft is on a roll with its Windows 11 Insider Preview builds, and today it is opening up a new feature for Insiders to try out. When Microsoft first announced Windows 11 last month, it said that its popular Teams video conferencing platform would be tightly integrated into the operating system. Starting today, Microsoft Teams integration is making its way to the most recent Insider Preview builds of Windows 11. However, at this time, Microsoft is only enabling this new Teams experience to a limited number of testers. "We are beginning to roll Chat from Microsoft Teams to only a subset of Insiders at first, and over time will increase to more Insiders," said Microsoft's Brandon LeBlanc. ...
Read more...
Last week Intel launched its 30.0.100.9684 graphics driver, the first official non-beta release for Microsoft's upcoming Windows 11 operating system. Intel's early efforts beat out both NVIDIA and AMD when offering product-quality drivers for current-generation graphics hardware. However, buried within the release notes for the recent driver release was a reference to a potential release window for Windows 11. The release notes include the usual references to Windows 10 operating systems ranging from the October 2018 Update to the most recent May 2021 Update. However, there's a reference to one other operating system at the bottom of the list, which says "Microsoft Windows 11-64 October 2021...
Read more...
Last year, Microsoft announced that it would be bringing DirectStorage to Windows PCs to “revolutionize PC gaming." Then, Microsoft showed how DirectStorage would improve the Windows 11 gaming experience back in June, but what about Windows 10? Since that announcement, the DirectX team has been hard at work, and the DirectStorage Developer Preview is now available with support for Windows 10 version 1909 and up. Over the years, as games became more advanced, so too did the graphics, leading to longer load times and other issues. However, thanks to SSD and PCIe technology developments, gaming PCs can have storage solutions that offer significantly more bandwidth than previously possible...
Read more...
After the PrintNightmare vulnerability was found, the Windows Print Spooler and printer drivers were under the microscope. Now, yet another Print Spooler vulnerability has been discovered, allowing for code execution with SYSTEM privileges. First disclosed yesterday, the new print spooler vulnerability was uncovered by researchers at Carnegie Mellon University. It stems from Windows allowing non-admin users to install printer drivers through a feature called “Point and Print.” However, Microsoft “requires that printers installable via Point are either signed by a WHQL release signature or are signed by a certificate that is explicitly trusted by the target system.” Want...
Read more...
Earlier this year, malicious hackers exploited a vulnerability in Microsoft Exchange servers to attack an estimated 30,000 organizations worldwide. Both Microsoft and other organizations were quick to point fingers at Chinese hackers, but the Biden administration, along with U.S allies, are formally blaming China after accusing Bejing of working with the criminal hackers. The announcements, released today, come as both condemnation and warning due to China’s “irresponsible and destabilizing behavior in cyberspace.” Though the country may want to be a responsible world leader, its malicious cyber activity “poses a major threat to U.S. and allies’ economic and national...
Read more...
Just as there is a traditional weapons market, a private sector cyberweapons market enables people and organizations to attack anyone worldwide for a fee. However, Microsoft takes this threat of cyberweapons seriously, and is now working to fight the problem head-on. Yesterday, Microsoft's Cristin Goodwin, General Manager for the Digital Security Unit, reported on a cyberweapon being manufactured by a group called Sourgum. This weapon was initially found by the Citizen Lab, at the University of Toronto's Munk School, after being used to attack "more than 100 victims around the world including politicians, human rights activists, journalists, academics, embassy workers and political dissidents."...
Read more...
Remember that scene in Office Space where a trio of disgruntled employees take a problematic printer to field and beat it to a pulp? Anyone who has ever dealt with stubborn printer issues has probably felt that way. It doesn't help that we also have to worry about printer vulnerabilities messing up our day, and to that end, Microsoft has warned of yet another one. The latest printer bug is being tracked as CVE-2021-34481. It has to do with the Windows Print Spooler service, and without a patch in place, a nefarious actor could potentially gain unfettered access to an affected system. At that point, they could install malware, swipe sensitive data, and worst of all, rearrange your carefully aligned...
Read more...
Microsoft is settling into a regular cadence with its Windows 11 builds, with a new one arriving about once a week. Today, Microsoft released its Insider Preview Build 22000.71 to testers that are currently on the Dev Channel. One of the biggest updates with Build 22000.71 is the introduction of a new entertainment widget. According to Microsoft, the widget will cycle through newly available featured movies from the Microsoft Store. Clicking on one of the posters for a film will take you directly to the Microsoft Store page, where you can rent or purchase the title in question. Updated "Acrylic Material" context menus in the latest Windows 11 build. In addition, Microsoft says that right-click-invoked...
Read more...
Over the past few years, biometric security solutions have been on the rise, replacing the use of traditional passwords on both mobile devices and the PC. Windows Hello is one such implementation. It allows users to near-instantaneously log onto their machines with their face or fingerprint (or a PIN), and is in wide use today. It's also apparently vulnerable to an exploit that could allow an attacker to bypass facial recognition on a Windows PC. Any vulnerability is concerning because of Windows Hello's massive footprint—Microsoft's telemetry suggests the vast majority of Windows 10 users (85 percent) use Windows Hello. Because it is so widely used, security researchers at CyberArk Labs...
Read more...
The console war between Microsoft and Sony is currently in a new generation, with the Xbox Series X/Xbox Series S battling it out against the PlayStation 5/PlayStation 5 Digital Edition. However, the consoles are broadly similar concerning internal hardware, with each sporting an AMD Zen 2-based Ryzen processor coupled with an RDNA 2 GPU. But there's one PlayStation 5 hardware accessory that Xbox chief Phil Spencer seemingly wants for the Xbox family: DualSense. The DualSense controller uses haptic feedback instead of rumble for a more realistic "tactile" sensation while gaming. In addition, the adaptive triggers can have varying resistance based on actions taking place on-screen. Unfortunately,...
Read more...
Everything is going to the cloud, it seems, and that now includes Windows with Windows 365. Windows 365 will allow people to stream their Windows experience so you can continue where you left off anywhere on any device starting August 2. Though virtualization, remote access, and cloud-based devices have been commonplace for several years now, Microsoft’s Windows 365 offering is taking a stab at the new market that has been born out of the pandemic. The goal is to combine “the power and security of the cloud with the versatility and simplicity of the PC,” to enable “a variety of new scenarios for the new world of work.” Windows 365 will work through any browser...
Read more...
After last week's out-of-band update to patch the PrintNightmare vulnerability, Microsoft has now released more vulnerability fixes as part of Patch Tuesday. With this update, the Redmond, Washington-based company knocked out a whopping 117 security issues that garnered a variety of concerns. Patch Tuesday has become something a holiday (or recurring nightmare) on the second Tuesday of each month for IT administrators, as Microsoft pushes out the latest security updates to its products. For this Patch Tuesday, a rather extensive list including Microsoft Office products, Microsoft networking products, and a swath of Windows products have been given security updates. Many of the vulnerabilities...
Read more...
If all the rumors are accurate, Microsoft will launch its next-generation Windows 11 operating system in October. Windows 11 builds upon the strong foundation that Windows 10 provided but brings some critical functionality and user interface improvements to improve the customer experience. Now, in a Medium post penned by Microsoft's Christina Koehn and Diego Baca, we're getting the inside track on some of the critical design decisions behind Windows 11. Not surprisingly, some of the changes within Windows 11 are due to the COVID-19 pandemic and how it affected the way we work and learn. "We created the digital equivalent of your work desk nestled into your home, empowering you to achieve something...
Read more...
Yesterday, Microsoft reported that it had detected a 0-day remote code execution exploit being used in the wild against SolarWinds’ Serv-U FTP product. The vulnerability that allowed this exploit has since been patched, but it is still disconcerting, nonetheless. Tracked as CVE-2021-35211, the vulnerability reported to SolarWinds by Microsoft resided in Serv-U’s version of the Secure Shell (SSH) protocol, explains Microsoft’s Threat Intelligence Center (MSTIC). If Serv-U’s SSH happened to be exposed to the internet, black hat hackers could exploit the vulnerability; thus allowing for remote code execution with privileges, leading to malware installations or unwanted data...
Read more...
Windows 11 is still a work in progress, even as it nears a wholesale release sometime this holiday season (perhaps as early as October). That means there could be new features in the final build that have not been disclosed yet. In the meantime, the Windows Insider program is our, erm, window into Windows 11, and the latest build has a new recommendations feature that appears destined for the final release. The latest Preview build of Windows 11 is 22000.65, which you can obtain and install if you are a member of the Windows Insider program (free to join). In a blog post announcing the build, Microsoft does not really talk about the new feature (not in any kind of detail, anyway), but sort of...
Read more...
Coping and pasting content from the web is about to become a whole lot more flexible, courtesy of some new APIs (application programming interfaces) Microsoft and Google are working on for their respective browsers. Once in place, Edge and Chrome users will be able to copy content from a wider range of sources, including .docx. What is at play here are a set of Pickle Clipboard APIs. As things currently stand, Edge and Chrome users are only able to copy content from a limited selection of file types, like .jpg and .png. But that is going to change. As described in a Google Chromium conversation, Pickle Clipboard APIs will expand the copy and paste capability to non-standard web formats. "Pickle...
Read more...
Microsoft is taking a trip down memory lane and it is inviting you along for the stroll, with some nifty new background options for its Teams software. One of the background options is of Clippy, the "true OG virtual assistant" that predates today's fancy-pants AI assistants like Siri, Alexa, Google Assistant, and the rest (we can throw Bixby into the mix). Clippy first debuted in Microsoft Office in 1997. It would have been hard to imagine two and a half decades ago ever being enamored by the cheerful paperclip that was always all-too-eager to help, whether you wanted its suggestions or not. But in the years that have passed, Clippy has become a sort of cult icon in geek nostalgia. "Whether...
Read more...
As people became more comfortable with the Windows 10 Start menu, Microsoft massively changed it with Windows 11. However, there was a workaround to bring back the familiar menu until Windows 11 build 22000.65 was released, which disabled the hack. Now, if you happen to update, the workaround is gone, but there are a few ways to make the Windows 11 Start Menu more comfortable. Several days ago, a workaround to bring back the Windows 10 Start menu to Windows 11 was discovered. To do this, users needed to create a DWORD (32-bit) registry key called “Start_ShowClassicMode” located at “HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced” and then set the value...
Read more...
Windows 11 is coming this holiday season, although upgrades from Windows 10 won't happen until much later. We're sure that users who are hungry to get their hands on Microsoft's latest OS will be able to do so fairly quickly, though. That's especially true considering Windows 10 Insider Previews have all but dried up, leaving nothing but Windows 11 for Microsoft's volunteer quality assurance testers. However, once users upgrade, there's an alarmingly short time to decide to roll back to Windows 10 without starting over entirely. An FAQ has made its way to PC maker MSI's website that indicates Microsoft is trimming down the Windows 10 rollback window to just 10 days. The rollback functionality...
Read more...
