Apple promised that its iTunes app would be available on the Microsoft Store by the end of 2017. The announcement was greeted with enthusiasm, but unfortunately, the company didn't meet their own deadline. They cited the need for more time to build a more robust user experience for Windows users. The wait is finally over, and its big news, because some Windows 10 machines can only download apps, and prior to this, iTunes was offered as a standalone download only. The app is fairly … Read more
Hackers Can Use PDF Files To Access Windows Credentials
Security researcher Assaf Baharav from Check Point Security has discovered a new twist on an old, fairly well-known attack. He was able to essentially "weaponize" PDFs to steal Windows credentials stored in NTLM hashes. Unfortunately, no action other than simply opening the PDF is required for the hacker to gain access to the information. Baharav used the same methodology that hackers have used in the past, which amounts to instantiating SMB requests from inside the document. Hackers have … Read more
Most “Wannacry” Hacks Were On Windows 7 Machines
Last year's Wannacry attack was bad, but in many ways, it was a self-inflicted wound. According Webroot's recently published "Annual Threat Report," almost all of the machines that succumbed to the Wannacry attack were running Windows 7. That attack is estimated to have caused in excess of $4 billion in total losses. The central problem is that businesses have been much slower than individuals to make the shift from Windows 7 to the much more secure Windows 10. For example, in January … Read more
Remote Desktop Flaw Affects Every Windows Version
Researchers at Preempt Security recently discovered a critical flaw in Microsoft's Credential Security Support Provider protocol (CredSSP for short) that impacts every version of Windows in existence. It could allow a hacker to remotely exploit Windows Remote Desktop to execute malicious code and steal any data stored on the machine. The flaw, logged as CVE-2018-0886 would allow a hacker to execute a man in the middle attack, (provided that they had Wi-Fi or physical access to the machine) … Read more
Microsoft Office Update Available To Only Windows 10 Users
There are big changes coming to MS Office which you need to be aware of, given how widely used "Office" is in most companies. First, the headline change: When MS Office 2019 is released, it will only run on Windows 10. If you've still got machines on older operating systems, and you want to keep your productivity suite up to date, then you'll need to upgrade those older systems. Also, be aware that when Office 2019 ships, it will only have "Click-to-Run" technology. No MSI, although … Read more
Nvidia Dropping Driver Support For Older Operating Systems
AMD long ago dropped support of 32-bit operating systems, and now, Nvidia is following suit. The long-anticipated move by the company will mean the end of driver support for the 32-bit builds of Windows 7, Windows 8, Windows 8.1, Windows 10, Linux and FreeBSD. Nvidia is taking a balanced, responsible approach here. The company has pledged to continue offering 32-bit driver security updates until January 2019, but will immediately discontinue making performance updates to the drivers of older … Read more
Microsoft May Remove Windows Paint From Operating System
"Paint" is one step closer to being a thing of the past. In May of this year, Microsoft caught a surprising amount of flak when they announced that the venerable app, which had been included with the OS in every release since 1985, would be going away and replaced by a newer, sleeker version called Paint 3D. The company had not expected any backlash on the matter and was sent scrambling when tens of thousands of people complained loudly in forums all over the internet. The company … Read more
Windows 10 Third Party Password Manager Could Have Security Issue
Do you use "Keeper?" If you're not sure what it is, then you probably don't. It's a password manager that Microsoft has been bundling with some of its Windows 10 releases. Either way, there's a serious flaw in its design that you should be aware of. Earlier in the year, Tavis Ormandy, a researcher on Google's Project Zero team, discovered a bug that saw Keeper injecting privileged user information into web pages, exposing all manner of private data unnecessarily to website owners. The … Read more
Microsoft Word Gets Update To Disable DDE After Malware Concerns
In recent months, Microsoft Word has been getting a fair amount of bad press, thanks to an old-but-still-supported feature called DDE (Dynamic Data Exchange). This is the feature that allows Word to pull data from other MS Office applications. For instance, if you embed a chart into your Word document, each time you open the doc, it will automatically poll the spreadsheet the chart was created from an update it dynamically. It's a good feature, but unfortunately, it's subject to abuse by … Read more
Windows 10 Now Installed On Over 600M Machines
When Microsoft first released Windows 10, the company boasted that it would try to get its new OS running on a billion devices by 2018. Time and circumstance have conspired to make that lofty goal unlikely, and the company has since retreated from it. However, according to statistics released at a recent shareholder's meeting, there are now more than 600 million devices utilizing it, including PCs, tablets, HoloLens headsets, Surface Hubs and Xbox One consoles. It's an impressive number, … Read more
