Free Republic

An unpatched zero-day in Microsoft Windows 10 (and prior) allows attackers to corrupt an NTFS-formatted hard drive with a one-line command. In multiple tests by BleepingComputer, this one-liner can be delivered hidden inside a Windows shortcut file, a ZIP archive, batch files, or various other vectors to trigger hard drive errors that corrupt the filesystem index instantly. "Critically underestimated" NTFS vulnerability In August 2020, October 2020, and finally this week, infosec researcher Jonas L drew attention to an NTFS vulnerability impacting Windows 10 that has not been fixed. When exploited, this vulnerability can be triggered by a single-line command to...

CNN Business)Microsoft said Thursday that the suspected Russian hackers behind a massive US government security breach also viewed some of the company's source code. The unauthorized access does not appear to have compromised any Microsoft (MSFT) services or customer data, the company said in a blog post. But an investigation showed that the attackers took advantage of their access to Microsoft's systems to view company code. "We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories," Microsoft said....

Microsoft officially ended support for its one-time flagship operating system, Windows 7, at the start of 2020. As the year draws to a close, I ran the numbers to see how many PCs are still running this unsupported OS. Spoiler: It's a big number...With a heartfelt nod to Monty Python, Windows 7 would like you all to know that it's not dead yet.A year after Microsoft officially ended support for its long-running OS, a small but determined population of PC users would rather fight than switch. How many? No one knows for sure, but that number has shrunk substantially in...

UPDATED: The seized domain has been turned into a killswitch to prevent the SolarWinds hackers to escalate infections and make new victims. Microsoft and a coalition of tech companies have intervened today to seize and sinkhole a domain that played a central role in the SolarWinds hack, ZDNet has learned from sources familiar with the matter. The domain in question is avsvmcloud[.]com, which served as command and control (C&C) server for malware delivered to around 18,000 SolarWinds customers via a trojanized update for the company's Orion app. SolarWinds Orion updates versions 2019.4 through 2020.2.1, released between March 2020 and June...

Should we be worried?The undead have telepathic powers if Microsoft's latest Windows 10 Insider emission is to be believed.Perhaps stung by cruel criticism that the last batch of bleeding-edge Dev Channel releases have been a little light on features, build 20270 arrived overnight and apparently imbued Microsoft's unloved assistant, Cortana, with mindreading abilities.Assuming one's PC has a mind of its own, of course (and judging by the shenanigans that seem to happen every Patch Tuesday, we're starting to wonder). "You can now use Cortana on your PCs to translate their thoughts into direct actions to open and find files and...

Did someone mention multithreading?Microsoft has once again unleashed some iffy knitwear on the world with an MS Paint-themed sweater to ring in the festive season.The company previously flung Windows XP and 95 incarnations at its favoured fans (we note Vulture Central has remained jumper-free) but the MS Paint version is the first to be sold to the general public, replete with worldwide shipping.The new #WindowsUglySweater has arrived — and this year it’s supporting a fantastic cause! Get yours today (they disappear fast!) and you’ll be supporting @GirlsWhoCode when you do. Good deal, isn’t knit? 🧶 — Windows (@Windows) December 1,...

I am surprising myself with a new laptop! (shhhhh - don't tell me about the gift and spoil the surprise) After many, many years of GREAT service from my ASUS "Zen", I'm buying a new "Zen". After searching the net for an easy & straightforward method to transfer my programs, docs, photos, apps, Outlook emails, etc - I've discovered it's not as easy as I thought.

The PC revolution started off life 35 years ago this week. Microsoft launched its first version of Windows on November 20th, 1985, to succeed MS-DOS. It was a huge milestone that paved the way for the modern versions of Windows we use today. While Windows 10 doesn’t look anything like Windows 1.0, it still has many of its original fundamentals like scroll bars, drop-down menus, icons, dialog boxes, and apps like Notepad and MS paint. Windows 1.0 also set the stage for the mouse. If you used MS-DOS then you could only type in commands, but with Windows 1.0...

Don't expect any Windows 10 preview updates in December due to holidays, says Microsoft. Microsoft has told Windows 10 owners and IT admins not to expect any Windows 10 preview updates in December to give them a break when staffing levels are low over the holiday season. December will be a break from the usual schedule of Windows 10 updates each month, which include optional previews that arrive after the mandatory Patch Tuesday security updates in the second week of every month. "Because of minimal operations during the holidays and the upcoming Western new year, there won't be any preview...

Android, Adobe, SAP, Red Hat join the bug-busting party Patch Tuesday Microsoft published fixes for 112 software vulnerabilities for its November Patch Tuesday, 17 of which have been rated critical.Of the remainder, 93 are rated important, and two are rated low severity.Fifteen Microsoft products are affected, including: Microsoft Windows, Office, Internet Explorer, Edge (EdgeHTML and Chromium), ChakraCore, Exchange Server, Dynamics, Windows Codecs Library, Azure Sphere, Windows Defender, Teams, Azure SDK, Azure DevOps, and Visual Studio.One of the fixed flaws is being actively exploited, the Windows Kernel Cryptography Driver vulnerability (CVE-2020-17087) disclosed by Google's Project Zero at the end of last...

Dayglored Note: Many Thunderbird users are finding operational issues after updating to Version 78 (including me). This FAQ addresses some of them, in particular the deprecation of TLSv1.1 and earlier, which will cause Thunderbird to be unable to send/receive email from some mail servers. I have copied the FAQ content regarding that particular issue below. The whole page is useful, and is found here: https://support.mozilla.org/en-US/kb/thunderbird-78-faq After upgrading to Thunderbird 78, I cannot get or send email messages. One reason why this might happen is when your email provider is using outdated security protocols. Thunderbird takes protecting the privacy and security...

A few days ago, Eric S. Raymond (ESR), developer and writer, suggested that we're nearing the last phase of the desktop wars. The winner? Windows… running on Linux.  He's on to something. I've long thought that Microsoft was considering migrating the Windows interface to running on the Linux kernel. Why? Raymond argues that "WSL (Windows Subsystem for Linux) allows unmodified Linux binaries to run under Windows 10. No emulation, no shim layer, they just load and go." Indeed, you can run standard Linux programs now on WSL2 without any trouble.  That's because Linux is well on its way to becoming...

Starting next month, users trying to access certain websites will see IE refuse to load the URL and automatically open the site in Edge instead. This forced IE-to-Edge behavior is part of Microsoft's Internet Explorer deprecation plans. Microsoft has been gradually rolling out the feature for testing purposes for some Windows users since the release of Edge 84 this summer. However, with the release of Edge 87, scheduled for next month, Microsoft plans to enable the forced IE-to-Edge action for all IE users. At the core of this new feature is a new DLL file that Microsoft has been silently...

One question: Why Redmond, why? Ah, you need to meet developers wherever they are... Microsoft has delivered on its threat to inflict Chromium Edge on Linux. Completist tendencies aside, one would be forgiven for wondering, "Why?"Click to enlarge Edge on Linux had been lurking behind the bushes before its announcement at September's Build event. Indeed, Microsoft insiders had whispered to us that it had been running for a while, but booting it out of the door was not a top priority for the team. A good few months later and here we are: a Dev Channel version of Edge can...

Steady as she goes for Microsoft as Edge turns up and Start gets a buffing Good news for Windows fans, the October 2020 Update is here, for some people at least, and the known issues list isn't as bad as the last one.After lurking in the beta and release preview channel of the Windows Insider program for what seemed like an age, the Windows 10 October 2020 (aka 20H2) has arrived, bringing with it Microsoft's new Chromium-based Edge browser and, frankly, precious little else.The glorified update follows the pattern established in 2019, where a major update hit during the spring,...

Redmond urges folks to apply update ASAP – plus more fixes for Outlook and software from Adobe, Intel, SAP, Red Hat Patch Tuesday Microsoft's Update Tuesday patch dump for October 2020 has delivered security patches that attempt to address 87 CVEs for a dozen Redmond products.Nadella's security crew has identified 22 remote code execution (RCE) CVEs though the most worrisome looks like CVE-2020-16898, Windows TCP/IP RCE, which is rated 9.8 out 10 in severity. It affects Windows desktop and server systems.According to Microsoft, the Windows TCP/IP stack doesn't properly handle ICMPv6 Router Advertisement packets. Thus someone could send a vulnerable...

Don't worry, there are some useful features in the update too Microsoft has bequeathed new capabilities to both the released and the preview versions of Windows Terminal, a feature-laden alternative to the command prompt.It's the features that now appear in the released version that are most interesting. Windows Terminal – as found in the Microsoft Store – has reached version 1.2, with enhancements including focus mode, always on top, command palette and more. The preview version has been bumped to 1.3 with a new tab switcher, tab search, and some other tweaks.By default the Terminal offers much more than the...

Mozilla has been watching the user share of its flagship Firefox web browser shrink for a while, so it was hardly a surprise last week when the company announced it was doing some belt tightening that would result in another round of layoffs. What was a surprise were the numbers involved: The company is laying off about 250 employees, for a staff reduction of 25%, and is completely closing its operations in Taipei, Taiwan. In addition, 60 employees will be shifted to new jobs, and the company will reduce spending on such things as developer tools, internal tooling and platform...

The website of Notepad++ is banned in China as of Monday, “obviously due to” its release of editions named “Free Uyghur” and “Stand with Hong Kong,” the source code and text editor announced on Twitter.First released in 2003 by France-based developer Don Ho, free-to-use Notepad++ operates on Windows and supports some 90 languages. In his release notices for the two editions, Ho openly voiced his concerns over “human rights” conditions, respectively in the Xinjiang autonomous region and Hong Kong.Tests by TechCrunch found that the Notepad++ ban only applies to its Download page — which showcases the special editions and thus...

Microsoft’s services will drop support for IE11 in a year Microsoft will end support for Internet Explorer 11 across its Microsoft 365 apps and services next year. In exactly a year, on August 17th, 2021, Internet Explorer 11 will no longer be supported for Microsoft’s online services like Office 365, OneDrive, Outlook, and more. Microsoft is also ending support for Internet Explorer 11 with the Microsoft Teams web app later this year, with support ending on November 30th.While it’s still going to take some time to pry enterprise users of Internet Explorer 11 away, Microsoft is hoping that the new...