Code execution 0-day in Windows has been under active exploit for 7 weeks

The word ZERO-DAY is hidden amidst a screen filled with ones and zeroes.

Enlarge (credit: Getty Images)

A critical code execution zero-day in all supported versions of Windows has been under active exploit for seven weeks, giving attackers a reliable means for installing malware without triggering Windows Defender and a roster of other endpoint protection products.

The Microsoft Support Diagnostic Tool vulnerability was reported to Microsoft on April 12 as a zero-day that was already being exploited in the wild, researchers from Shadow Chaser Group said on Twitter. A response dated April 21, however, informed the researchers that the Microsoft Security Response Center team didn’t consider the reported behavior a security vulnerability because, supposedly, the MSDT diagnostic tool required a password before it would execute payloads.

Uh, nevermind

On Monday, Microsoft reversed course, identifying the behavior with the vulnerability tracker CVE-2022-30190 and warning for the first time that the reported behavior constituted a critical vulnerability after all.

Read 14 remaining paragraphs | Comments

#biz-it, #microsoft, #uncategorized, #windows, #zerodays

Microsoft promises faster PC game load times with DirectStorage release

Close up of SSD NVMe M.2 2280 Solid State Drive

Enlarge / You’ll need an NVMe SSD to use DirectStorage on Windows. (credit: Getty Images)

PC games can now use DirectStorage, a DirectX 12 Ultimate API that Microsoft announced in 2020. The feature is supposed to bring faster loading times and improved textures and draw distances.

The Xbox Series X/S already uses DirectStorage, and in June, Microsoft said it would bring the feature to Windows 11. The storage acceleration API should improve gameplay by bringing instant asset introduction and enabling more vivid virtual landscapes. It works by sending data directly from an NVMe SSD to the graphics card, skipping the CPU and leveraging PCIe 3.0 or PCIe 4.0 speeds, depending on the system.

In a developer blog post today, Microsoft said it is moving DirectStorage out of developer preview and making it available via a public SDK.

Read 4 remaining paragraphs | Comments

#gaming-culture, #microsoft, #tech, #windows

Firefox 95 for Windows and Mac introduces RLBox, a new sandboxing tech

A minimalist view of the Firefox web browser.

Enlarge / A minimalist view of the Firefox web browser. (credit: Firefox)

Mozilla has released the latest version of Firefox, Firefox 95, for Windows and macOS. It’s available now for all users on both platforms.

The Firefox team says the new macOS version reduces CPU usage during event processing and that power usage is reduced while streaming video from sites like Netflix, “especially in fullscreen.” macOS users will also get a faster content process startup and will enjoy memory allocator improvements for better overall performance.

On both macOS and Windows, Mozilla has “improved page load performance by speculatively compiling JavaScript ahead of time.” There’s also a way to move the picture-in-picture toggle button to the opposite side of the video on both platforms, plus a handful of fixes.

Read 3 remaining paragraphs | Comments

#firefox, #firefox-95, #macos, #mozilla, #tech, #web-browser, #windows, #windows-10, #windows-11

Holiday Windows Are Back. And So Are New York Shoppers.

A fabled Christmas tradition continues at a handful of big department stores.

#bergdorf-goodman, #christmas, #fashion-and-apparel, #macys-inc, #saks-fifth-avenue, #shopping-and-retail, #windows

How to Escape Your Car in a Flood

Only a foot or two of water can sweep away everything from sedans to trucks. Experts urge drivers to avoid flooded crossings, and to remember a few steps in a crisis.

#automobile-safety-features-and-defects, #drownings, #hurricanes-and-tropical-storms, #national-highway-traffic-safety-administration, #rescues, #roads-and-traffic, #traffic-accidents-and-safety, #windows

Dell XPS 15 9510 review: Come for the screen, stay for everything else

Most people buying a laptop these days will get by just fine with a 13- or 14-inch thin-and-light PC like the Dell XPS 13 or Lenovo’s ThinkPad X1 Carbon. These laptops have reasonably powerful processors and integrated graphics that are good enough for an external monitor or two, but they prioritize a thin profile and light weight over performance.

Still, sometimes you need something larger and more powerful, whether it’s because you want a bigger screen to use away from your desk or you need extra processor cores or graphical power for editing videos or playing games. And if you want those things in a laptop that doesn’t totally disregard size and weight—and if you prefer or require Windows instead of macOS—that’s when you buy something like the XPS 15.

The latest XPS 15 (officially, model number 9510) is yet another iterative improvement for a laptop that has always looked and felt like a blown-up version of the XPS 13. But six- or eight-core Intel Tiger Lake processors and a new Nvidia GeForce RTX GPUs with ray tracing capabilities make this version of the XPS 15 especially appealing for professionals and light gamers, even if updated competitors like Lenovo’s ThinkPad X1 Extreme Gen 4 (and, when it’s finally released, an updated version of the 16-inch MacBook Pro with Apple Silicon) give it a run for its money.

Read 27 remaining paragraphs | Comments

#dell, #features, #gadgetology, #tech, #windows, #xps-15

Windows Movie Maker Redux? Microsoft acquires web-based video editor Clipchamp

Windows Movie Maker Redux? Microsoft acquires web-based video editor Clipchamp

Enlarge (credit: Clipchamp)

Microsoft hasn’t updated its old Windows Movie Maker software since 2012, and it hasn’t even offered the old version for download since 2017, leaving Windows users to fend for themselves when it comes to beginner-friendly editing and sharing of video clips. That situation will hopefully change thanks to Microsoft’s acquisition of Clipchamp, a web-based video-editing tool. Clipchamp includes a variety of built-in templates for family-video editors, Twitch and YouTube streamers, and businesses putting together ads or other branded videos.

Microsoft hasn’t made specific announcements about where and how Clipchamp will be integrated into its products, but it hinted that the app “is a natural fit to extend the cloud-powered productivity experiences in Microsoft 365,” implying that the web version will be a part of Microsoft’s subscription service in the future. Clipchamp is “also a great fit for Microsoft Windows,” which currently only offers very basic video editing via the built-in Photos app. Microsoft’s current tools definitely aren’t up to the level of iMovie, which Apple offers for free to macOS, iOS, and iPadOS users.

Whatever comes of the Clipchamp acquisition, it won’t be included in the initial version of Windows 11 when it’s released on October 5. But Microsoft’s Panos Panay shared a brief teaser video of a revamped Windows 11 Photos app, which may at least improve upon the barebones version in Windows 10.

Read on Ars Technica | Comments

#microsoft, #tech, #windows, #windows-movie-maker

Windows 11 launches October 5

Microsoft offered a broad “Holiday 2021” release date when it announced Windows 11, back in June. Of course, it didn’t specify precisely which holiday. Perhaps the company was aiming for World Teachers’ Day, a belated Sukkot or an extremely early Halloween. After strongly implying a late-October release a few months back (which some pointing to the 20th), the company this morning announced that the operating system is set to arrive October 5.

The date is, undoubtedly, on the early side of Microsoft’s release window. The first major release since 2015 will be available as a free upgrade to users with an eligible PC running Windows 10. October 5 will also see the availability of the first systems shipping with Windows 11 preloaded.

windows 11 desktop

Image Credits: Microsoft

Frederic wrote up the first preview build when it became available through the Windows Insider Dev Channel. He noted at the time, “This is definitely more than just another bi-annual Windows 10 update with a few minor UI changes.”

Indeed, the company fittingly offers an 11 point blog post highlighting the major changes that will arrive in the October update. The first – and most immediately apparent – is one that has been around since that earliest preview build. The operating system’s design has been refreshed for a cleaner feel throughout.

That includes new Snap Layouts, Groups and Desktops designed to offer a more organized approach to multitasking. A number of the company’s online services have been more deeply integrated into the OS. Microsoft 365 is built into the Start menu, offering up access to recently viewed files, for more cross-platform integration. Teams, meanwhile, has been added to the taskbar (Microsoft really wants you to use Teams, folks). You’ll find Widgets there, as well, with quick access to information like news, weather, sports and stocks.

There are a range of accessibility updates. In a lengthy post from July, Microsoft highlights those updates, noting, “Accessible technology is a fundamental building block that can unlock opportunities in every part of society. A more accessible Windows experience has the power to help tackle the “disability divide” — to contribute to more education and employment opportunities for people with disabilities across the world.

The Microsoft Store get a design upgrade, as well, and the company has promised more access for independent developers to create new tools for the operating system. The new version of Windows continues to offer a focus on desktop gaming, with features like e DirectX12 Ultimate, DirectStorage and Auto HDR.

Windows 11 widgets

Image Credits: Microsoft

There’s been some confusion around what, precisely, all of this means for unsupported machines of late – as well, as, frankly, which machines qualify as supported. It was reported earlier this week that those systems that don’t fall within Microsoft’s parameters won’t get Windows Update when the new operating system is installed manually. That’s obviously a massive bummer, given that the utility deliveries security patches and other updates.

“The free upgrade to Windows 11 starts on October 5 and will be phased and measured with a focus on quality,” the company writes in this morning’s post. “Following the tremendous learnings from Windows 10, we want to make sure we’re providing you with the best possible experience. That means new eligible devices will be offered the upgrade first. The upgrade will then roll out over time to in-market devices based on intelligence models that consider hardware eligibility, reliability metrics, age of device and other factors that impact the upgrade experience.”

The company says it expects all qualified machines will be offered the upgrade by some point in mid-2022. For those systems that aren’t upgraded, Microsoft says it will continue supporting Windows 10 through October 14, 2025.

#apps, #microsoft, #windows, #windows-11

Updated app from Apple brings iCloud Passwords to Windows

The updated iCloud for Windows and new iCloud Passwords app. (We've blacked out some private information here, obviously.)

Enlarge / The updated iCloud for Windows and new iCloud Passwords app. (We’ve blacked out some private information here, obviously.) (credit: Samuel Axon)

Apple has released a new version of iCloud for Windows, numbered 12.5. The update adds the ability to access and manage passwords saved in iCloud from a Windows machine, a feature users have long requested.

Apple has been gradually adding more support for iCloud passwords on non-Apple platforms with mixed results. The company released a Chrome extension that synced iCloud passwords with Chrome. But like this new iCloud Passwords app, it did the bare minimum and not much else.

Still, this addition is welcome for users who primarily live in the Apple ecosystem (and thus use Apple’s iCloud password locker) but who sometimes have to use Windows. For example, some folks use an iPhone or a Mac most of the time but have a Windows PC that is only used to play games that can’t be played on the Mac.

Read 6 remaining paragraphs | Comments

#apple, #apple-keychain, #icloud, #icloud-for-windows, #icloud-passwords, #tech, #windows, #windows-10

Parallels Desktop 17 is here and ready to run Windows 11 on M1 Macs

Parallels Desktop 17 has arrived with support for macOS Monterey and Windows 11. Further, the popular virtualization software for Macs is now a universal binary, making deployment a little less complicated for many IT professionals.

Note that you can only run ARM versions of Windows (10 or 11) on Macs with Apple Silicon chips like the M1. Both Windows 10 and 11 for ARM are available as Insider Preview builds. On the other hand, Parallels can run versions of Windows going back as far as XP if you’re running it on an Intel Mac. A number of Linux distros are also supported, though Intel Macs gain access to more of those than M1 Macs do.

If you have access to those Insider Preview builds, you can run most Windows applications on your M1 Mac, Parallels’ developers say, because Windows on ARM can run both 32-bit and, more recently, 64-bit x86 applications. That said, even on machines it’s designed to run on, Windows on ARM can be occasionally fussy about x64 apps. So your mileage will likely vary depending on what you’re trying to do.

Read 5 remaining paragraphs | Comments

#apple-silicon, #desktop-virtualization, #m1, #macos, #macos-monterey, #parallels, #parallels-desktop, #parallels-desktop-17, #tech, #tpm, #virtual-machines, #virtualization, #windows, #windows-10, #windows-11

New WireGuardNT shatters throughput ceilings on Windows

Forget bendable mobile phones, we're holding out for working mobile phone plushies.

Enlarge / Forget bendable mobile phones, we’re holding out for working mobile phone plushies. (credit: Carol Yepes via Getty Images)

The WireGuard VPN project announced a major milestone for its Windows users today—an all-new, kernel-mode implementation of the VPN protocol called WireGuardNT. The new implementation allows for massively improved throughput on 10Gbps LAN connections—and on many WI-Fi connections, as well.

WireGuard (on Windows) and Wintun

The original implementation of WireGuard on Windows uses wireguard-go—a userspace implementation of WireGuard written in Google’s Go programming language. Wireguard-go is then tied to a virtual network device, the majority of which also lives in userspace. Donenfeld didn’t like tap-windows, the virtual network interface provided by the OpenVPN project—so he implemented his own replacement from scratch, called Wintun.

Wintun is a definite improvement over tap-windows—the OpenVPN project itself has implemented Wintun support, with impressive results (414Mbps over tap-windows vs 737Mbps over Wintun). But while using Wintun is an improvement over tap-windows, it doesn’t change the need for constant context switches from kernel space (where the “real” network stack lives) and userspace (where OpenVPN and wireguard-go both live).

Read 9 remaining paragraphs | Comments

#biz-it, #tech, #vpn, #wi-fi, #windows, #wireguard

Two-for-Tuesday vulnerabilities send Windows and Linux users scrambling

A cartoonish padlock has been photoshopped onto glowing computer chips.

Enlarge

The world woke up on Tuesday to two new vulnerabilities—one in Windows and the other in Linux—that allow hackers with a toehold in a vulnerable system to bypass OS security restrictions and access sensitive resources.

As operating systems and applications become harder to hack, successful attacks typically require two or more vulnerabilities. One vulnerability allows the attacker access to low-privileged OS resources, where code can be executed or sensitive data can be read. A second vulnerability elevates that code execution or file access to OS resources reserved for password storage or other sensitive operations. The value of so-called local privilege escalation vulnerabilities, accordingly, has increased in recent years.

Breaking Windows

The Windows vulnerability came to light by accident on Monday when a researcher observed what he believed was a coding regression in a beta version of the upcoming Windows 11. The researcher found that the contents of the security account manager—the database that stores user accounts and security descriptors for users on the local computer—could be read by users with limited system privileges.

Read 12 remaining paragraphs | Comments

#biz-it, #exploits, #hacking, #linux, #tech, #vulnerabilities, #windows

Could Cloud PCs be Microsoft’s gateway to Chromebook-like hardware?

When Microsoft announced that it was releasing a cloud PC service called Windows 365 this morning, it got me thinking. While Windows 365 is about packaging a virtual Windows business desktop in a cloud context, if you think about the announcement in a different way, perhaps it could herald the beginning of a lightweight, cloud-based version of Windows — something that has been talked about for some time.

To be clear, the cloud PC announcement wasn’t related to hardware at all. It’s taking a Windows desktop and moving it fully virtualized to the cloud where you can run it from anywhere giving you a replica of your Windows desktop PC in the cloud. But what if you stretched that idea a bit by taking Microsoft 365 with Office apps and threw it onto a low-cost PC and used the Edge browser as your primary way of interacting with the computer? Now you have something that could compete directly with a Chromebook-style computer.

That’s exactly what Google has done with Chrome and Chromebooks for over a decade, working with partners to deliver low-cost hardware with most required compute work taking place in the cloud. The Chrome browser is the primary desktop environment, Google Workspace (aka G Suite) is the default set of office suite apps with word processor, spreadsheet and presentation software along with email and calendar and other services. In fact, you can run any software service you wish in Chrome including Microsoft’s cloud office tools. Regardless, the end-result of this is a low-end business (or personal) laptop that gets most of its power from the cloud.

Most people don’t need a modern notebook computer, and the hardware required to run full-strength operating systems contributes to the high cost of the underlying machine, something Google discovered long ago. If you simplified everything to a browser, an office suite, and web access to your favorite tools, you would have just about everything you need without all of the management headaches associated with owning a PC with a traditional OS sitting on it.

Think about the person who just uses email, office tools and watches a little Netflix. This kind of machine would be perfect for them without blowing their budget out of the water or being overly complex.

Last year when the pandemic hit and everyone had to hunker down and work on a PC including children, people went looking for a low-cost option. They voted for Chromebook in droves accounting for over 30 million units sold, including over 11 million in the fourth quarter alone, according to Canalys data.

While growth slowed a bit in the first quarter of this year, Canalys found Chromebook shipments still grew by 275%. Brian Lynch, an analyst at Canalys wrote in the report that “Chromebooks are well and truly a mainstream computing product now,” adding that “while the education sector still accounts for the majority of shipments, their popularity with consumers and traditional commercial customers has reached new heights over the course of the last year.”

Windows did well too, but given the number of Chromebooks flying off the shelves — led by Lenovo and HP, two companies that also make machines running Microsoft software — a Windows-based cloud PC could give Chromebook a run for its money.

It’s worth noting that, yes, there are low-cost Windows PCs out there. You can get one at Walmart for $149, which competes price-wise with any Chromebook computer out there, but these lower end Windows machines are still a full-fledged Windows PC and you still have to deal with all the management. From an IT (or personal use) perspective, Chromebooks are much easier to manage than Windows PCs.

Since Satya Nadella came on board as CEO at Microsoft in 2014, the company has shown a strong willingness to shift its focus away from the PC where it made its name (and its money) and move toward the cloud. So far, Redmond has done well moving in that direction with its market cap recently breaking the $2 trillion threshold.

What’s more, Microsoft’s cloud infrastructure market share sits at around 20%, more than doubling where it was in 2014 when Nadella took over. Even more, the company had around 16% of cloud office suite market share in 2014, a figure that has grown to 40% today. Google’s office suite is the fairest of them all though with almost 60%, according to Statista. That is due at least in part to its Chromebook sales pushing users towards its suite.

If Microsoft wants to dent that number, a good way to do that would be to create a cloud-based notebook that looks a lot like Chromebook, but with a Windows bent. It would mean eating into their traditional desktop PC OS dominance, but much like in 2014, it could be about trading a past with diminishing returns for a future with much more promising ones.

#chromebooks, #cloud, #google, #hardware, #microsoft, #microsoft-365, #office, #pcs, #tc, #windows

Microsoft launches Windows 365

Microsoft today launched Windows 365, a service that gives businesses the option to easily let their employees access a Windows 10 desktop from the cloud (with Windows 11 coming once it’s generally available). Think game streaming, but for your desktop. It’ll be available for business users (and only business users), on August 2, 2021.

Announced through a somewhat inscrutable press release, Windows 365 has been long expected and is really just an evolution of existing remote desktop services.

But hey, you may say, doesn’t Microsoft already offer Azure Virtual Desktop that gives businesses the option to let their employees access a Windows PC in the cloud? Yes, but the difference seems to be that Windows 365 is far easier to use and involves none of the complexity of setting up a full Azure Virtual Desktop environment in the Azure cloud.

But couldn’t Microsoft have made Azure Virtual Desktop easier to use instead of launching yet another virtual desktop service? Yes, but Azure Virtual Desktop is very much an enterprise service and by default, that means it must play nicely with the rest of the complexities of a company’s existing infrastructure. The pandemic pressed it into service in smaller companies because they had few alternatives, but in many ways, today’s launch is Microsoft admitting that it was far too difficult to manage for them. Windows 365, on the other hand, is somewhat of a fresh slate. It’s also available through a basic subscription service.

“Microsoft also continues to innovate in Azure Virtual Desktop for those organizations with deep virtualization experience that want more customization and flexibility options,” the company says. At least we know why the company renamed Windows Virtual Desktop to Azure Virtual desktop now. That would’ve gotten quite confusing.

Image Credits: Microsoft

This also gives Microsoft the opportunity to talk about “a new hybrid personal computing category” its CEO Satya Nadella calls a ‘Cloud PC.’ It’s a bit unclear what exactly that’s supposed to be, but it’s a new category.

“Just like applications were brought to the cloud with SaaS, we are now bringing the operating system to the cloud, providing organizations with greater flexibility and a secure way to empower their workforce to be more productive and connected, regardless of location,” Nadella explains in today’s press release.

But isn’t that just a thin client? Maybe? But we’re not talking hardware here. It’s really just a virtualized operating system in the cloud that you can access from anywhere — and that’s a category that’s been around for a long time.

“Hybrid work has fundamentally changed the role of technology in organizations today,” said Jared Spataro, corporate vice president, Microsoft 365. “With workforces more disparate than ever before, organizations need a new way to deliver a great productivity experience with increased versatility, simplicity and security. Cloud PC is an exciting new category of hybrid personal computing that turns any device into a personalized, productive and secure digital workspace. Today’s announcement of Windows 365 is just the beginning of what will be possible as we blur the lines between the device and the cloud.”

 

 

#ceo, #cloud, #cloud-infrastructure, #computing, #jared-spataro, #microsoft, #microsoft-365, #microsoft-windows, #operating-system, #satya-nadella, #tc, #technology, #thin-client, #thin-clients, #windows, #windows-10

Microsoft’s emergency patch fails to fix critical “PrintNightmare” vulnerability

Skull and crossbones in binary code

Enlarge (credit: Getty Images)

An emergency patch Microsoft issued on Tuesday fails to fully fix a critical security vulnerability in all supported versions of Windows that allows attackers to take control of infected systems and run code of their choice, researchers said.

The threat, colloquially known as PrintNightmare, stems from bugs in the Windows print spooler, which provides printing functionality inside local networks. Proof-of-concept exploit code was publicly released and then pulled back, but not before others had copied it. Researchers track the vulnerability as CVE-2021-34527.

A big deal

Attackers that can exploit print capabilities are exposed to the Internet. Attackers can also use it to escalate system privileges once they’ve used a different vulnerability to gain a toe-hold inside of a vulnerable network. In either case, the adversaries can then gain control of the domain controller, which as the server that authenticates local users, is one of the most security-sensitive assets on any Windows network.

Read 11 remaining paragraphs | Comments

#biz-it, #exploits, #microsoft, #tech, #vulnerabilities, #windows

A well-meaning feature leaves millions of Dell PCs vulnerable

Dell has released a patch for a set of vulnerabilities that left as many as 30 million devices exposed.

Enlarge / Dell has released a patch for a set of vulnerabilities that left as many as 30 million devices exposed. (credit: Artur Widak | Getty Images)

Researchers have known for years about security issues with the foundational computer code known as firmware. It’s often riddled with vulnerabilities, it’s difficult to update with patches, and it’s increasingly the target of real-world attacks. Now a well-intentioned mechanism to easily update the firmware of Dell computers is itself vulnerable as the result of four rudimentary bugs. And these vulnerabilities could be exploited to gain full access to target devices.

The new findings from researchers at the security firm Eclypsium affect 128 recent models of Dell computers, including desktops, laptops, and tablets. The researchers estimate that the vulnerabilities expose 30 million devices in total, and the exploits even work in models that incorporate Microsoft’s Secured-core PC protections—a system specifically built to reduce firmware vulnerability. Dell is releasing patches for the flaws today.

Read 10 remaining paragraphs | Comments

#biz-it, #dell, #firmware, #pcs, #security, #windows

Here’s what you’ll need to upgrade to Windows 11

Since Microsoft’s announcement of Windows 11 yesterday, one concern has reverberated around the Web more loudly than any other—what’s this about a Trusted Platform Module requirement?

Windows 11 is the first Windows version to require a TPM, and most self-built PCs (and cheaper, home-targeted OEM PCs) don’t have a TPM module on board. Although this requirement is a bit of a mess, it’s not as onerous as millions of people have assumed. We’ll walk you through all of Windows 11’s announced requirements, including TPM—and make sure to note when all this is likely to be a problem.

General hardware requirements

Although Windows 11 does bump general hardware requirements up some from Windows 10’s extremely lenient minimums, it will still be challenging to find a PC that doesn’t meet most of these specifications. Here’s the list:

Read 29 remaining paragraphs | Comments

#features, #kvm, #linux, #microsoft, #tech, #tpm, #trusted-computing, #uefi, #virtualization, #windows, #windows-10, #windows-11

Windows 11 is much more than a new theme slapped onto Windows 10

The latest Windows focuses heavily on improved task management, prettier UI, and a much more ambitious Microsoft Store.

Enlarge / The latest Windows focuses heavily on improved task management, prettier UI, and a much more ambitious Microsoft Store. (credit: Microsoft)

Earlier this morning, we got our first official look at Windows 11 by way of Microsoft’s What’s New For Windows event. The new OS offers several significant, functional changes to what we’ve become accustomed to in Windows 10—this isn’t just the same old operating system with a fresh coat of paint.

However, Windows 11 absolutely does get that fresh coat of paint. Its new desktop environment makes heavy use of translucent window dressing with rounded corners, an effect which brings to mind panes of frosted glass. In many ways, the new look is reminiscent of compiz-based Linux desktop environments circa 2010—but with significantly higher resolution and a more coherent overall theme.

Microsoft Chief Product Officer Panos Panay ties the new look to eyebrow-raising statements about emotion: “We understand the responsibility of [functionality and practicality] more than ever before, but it must also be personal—and maybe most importantly, it must feel emotional.”

Read 21 remaining paragraphs | Comments

#amazon, #android, #android-apps, #intel, #microsoft, #tech, #windows, #windows-11

Make way for Windows 11? Windows 10 end-of-life is October 2025

Please show your retired operating system the respect it deserves, with a proper Viking funeral.

Enlarge / Please show your retired operating system the respect it deserves, with a proper Viking funeral. (credit: Aurich Lawson | Getty Images)

A new Windows visual refresh, codenamed Sun Valley. is on the way this summer. Until recently, we’ve assumed that this update would simply bring a new look for Windows 10 21H2—the major release of Windows 10 in the second half of 2021—but new information in the form of end-of-life (EOL) dates for Windows 10 and a leaked screenshot of something purporting to be “Windows 11 Pro” heavily imply that serious changes are on the way.

Windows 10 EOL in 2025

Rumors of Sun Valley being “Windows 11” have been circulating for months, but until recently, we didn’t put much stock in them. Windows 10 was intended to be Windows as a Service—a radical departure from the prior era of new, major Windows releases every three years or so. It seemed likely that Sun Valley’s “sweeping visual rejuvenation” would result in Windows 10 21H2 looking very different from Windows 10 21H1. Why fix what’s not broken?

The first strong indication that bigger things may be coming landed last week from a Microsoft-published EOL notice for Windows 10. “Windows 10 Home and Pro”—no code names, no minor version numbers—is now listed as retiring on October 14, 2025. “Retiring” is a part of the Modern Lifecycle Policy and means that the retired product leaves support entirely; this does not follow the old Fixed Lifecycle Policy with “mainstream” and “extended” support. Retired is retired—hit the pasture.

Read 9 remaining paragraphs | Comments

#microsoft, #sun-valley, #tech, #windows, #windows-10, #windows-11

Windows 10 21H1 available now, improves document load times

If you're the itchy type and 21H1 isn't showing up in Windows Update for you yet, you can force the issue by <a href="https://www.microsoft.com/software-download/windows10">downloading</a> and running the Media Creation Tool.

Enlarge / If you’re the itchy type and 21H1 isn’t showing up in Windows Update for you yet, you can force the issue by downloading and running the Media Creation Tool. (credit: Jim Salter)

The May 2021 update to Windows 10 is here—although most users likely won’t notice. The new version of Windows 10 is delivered via Windows Update, just like the October 2020 version was, and it’s being rolled out in staggered intervals to groups of users. (We saw it available immediately while manually checking Windows Update in a Windows 10 Pro VM today.)

The new update offers three new user-facing features—improved Windows Hello support for systems with multiple cameras, an improved version of Windows Defender Application Guard, and improvements to the Group Policy Service which allow faster group policy updates for remote workers.

Windows Hello

Windows Hello is Microsoft’s facial-recognition biometric authentication system—on machines with cameras, it allows the user to unlock the system by looking into the camera rather than typing in a password or swiping a fingerprint. Facial recognition isn’t a particularly secure unlock method—a moderately knowledgeable attacker can frequently defeat it with a photograph—but for most users in relatively low-security environments, it’s good enough.

Read 7 remaining paragraphs | Comments

#tech, #windows, #windows-10, #windows-10-21h1, #windows-hello, #windows-update

Microsoft is (finally) killing off Internet Explorer entirely

Collage of computer screens displaying various websites.

Enlarge / You don’t need Internet Explorer to view any of these websites—which, unfortunately, doesn’t stop your users from trying it anyway. (credit: TimZillion / Getty Images)

If you’re one of the 10 people on the planet who absolutely loves Microsoft’s venerable Internet Explorer browser, you’d better spend quality time with it while you can—Microsoft is retiring the browser on June 15, 2022.

The much-hated browser has clung tenaciously to the Windows operating system thanks largely to a never-ending supply of businesses that tailored custom websites and web interfaces using IE-only functionality, because those businesses were unwilling to rewrite them for a more modern web environment. But Microsoft believes that the new Chromium-based Edge has finally licked the problem of IE compatibility once and for all:

Not only is Microsoft Edge a faster, more secure and more modern browsing experience than Internet Explorer, but it is also able to address a key concern: compatibility for older, legacy websites and applications. Microsoft Edge has Internet Explorer mode (“IE mode”) built in, so you can access those legacy Internet Explorer-based websites and applications straight from Microsoft Edge.

The retirement doesn’t apply across the entire spectrum of Microsoft operating systems yet—IE11 is disappearing from standard Windows 10 editions but will continue to live on (for now) in Windows 10 LTSC and in all current versions of Windows Server.

Read 6 remaining paragraphs | Comments

#browsers, #edge, #edgium, #ie, #internet-explorer, #microsoft, #tech, #windows

Microsoft puts Windows 10X variant on the back burner

The Surface Neo failed to launch in 2020—this year, it looks like its operating system will share that fate.

Enlarge / The Surface Neo failed to launch in 2020—this year, it looks like its operating system will share that fate. (credit: Microsoft)

At its fall 2019 Surface event, Microsoft announced that Windows 10X—a new consumer Windows distribution—would power a line of dual-screened tablet devices in 2020. But the Surface Neo never arrived, and in May 2020, Microsoft Chief Product Officer Panos Panay retargeted Windows 10X to “single screen experiences.”

What was Windows 10X?

Microsoft’s original plan for the Windows variant was to “enable unique experiences on multi-posture dual-screen PCs.” This meant powering an entirely new class of devices—a hinged pair of touchscreens, which seemed to be trying to bridge the divide between tablet and notebook. In addition to Microsoft’s own Surface Neo, the company’s hardware partners—including Dell, Lenovo, and HP—were supposed to manufacture devices to the new specification.

But Microsoft nixed the Neo last year, and the talk of partner-manufactured 10X devices died along with it. The company’s new chief product officer, Panos Panay, declared that Microsoft “need[s] to focus on meeting customers where they are now”—which meant focusing on single-screen devices and interfaces again.

Read 7 remaining paragraphs | Comments

#microsoft, #surface, #surface-neo, #tech, #windows, #windows-10, #windows-10x

Windows 10 “Sun Valley” will do away with Windows 95 era icons

Back in January, we reported on Sun Valley—a coming “sweeping visual rejuvenation” of Windows 10’s user interface. This week, Windows Latest leaked new detail about the upcoming makeover: There’s a new set of icons in C:\Windows\System32\Shell32.dllreplacing classic Windows icons that date back to the Windows 95 era.

The changes are surprisingly subtle. Most of the new icons are extremely similar to the nearly 30-year old versions they’re replacing. Elderly symbols such as floppy disks and floppy disk drives persist in the new icon set—the visual style is updated on these venerable references, but that’s about it.

Ironically, in the case of the floppy disk related icons, the equipment looks older. The drives in the older icons took styling cues from then-current 1990s-era equipment, but the replacement icons look more like equipment from the late 1970s or very early 1980s.

Read 1 remaining paragraphs | Comments

#microsoft, #sun-valley, #tech, #windows, #windows-10

Goodbye again, Flash—Microsoft makes removal from Windows 10 mandatory

Microsoft rings yet another bell in the dirge for Flash—the KB that removes it from Windows 10 will become mandatory this July.

Microsoft rings yet another bell in the dirge for Flash—the KB that removes it from Windows 10 will become mandatory this July. (credit: Adobe)

Microsoft, Apple, Google, Mozilla, and even Adobe itself have all deprecated Adobe Flash technology, which reached end of life on January 1 of this year. This July, Microsoft is taking things one step further—KB4577586, aka Update for Removal of Adobe Flash Player, will become mandatory for all versions of Windows 10.

The update in question won’t remove third-party installations of the Flash player—only versions that have been bundled with Windows itself. The change seems unlikely to significantly impact most people—Microsoft Edge, Google Chrome, Mozilla Firefox, and Apple Safari each ended Flash support by January 1, 2021.

Although Internet Explorer 11 (and the IE mode in Microsoft Edge) supports direct installation of downloaded Flash players as a plug-in, the Adobe Flash Player itself has a built-in “kill-switch” causing it to refuse to play Flash content if the system date is later than January 12, 2021.

Read 2 remaining paragraphs | Comments

#adobe, #adobe-flash, #deprecated-software, #flash, #microsoft, #tech, #windows, #windows-10

Office default Calibri will join Clippy, Internet Explorer in Windows retirement

In tech, all good defaults (that aren’t the Mac startup chime, at least) must some day come to an end. Today, Microsoft announced its Office font since 2007—the everyman sans serif, Calibri—would soon join Clippy, Internet Explorer, and the Windows 8 Start button in the big Windows graveyard in the sky.

“Calibri has been the default font for all things Microsoft since 2007, when it stepped in to replace Times New Roman across Microsoft Office,” the Microsoft Design Team opined in Calibri’s de facto obit. “It has served us all well, but we believe it’s time to evolve.”

Microsoft is now on the hunt for tech’s next great default font. Rather than going the reality competition route and opening up the search to any old handwritten font family, the company has commissioned five custom fonts that will now vie for this cushy gig.

Read 6 remaining paragraphs | Comments

#biz-it, #fonts, #windows

Graphical Linux apps are coming to Windows Subsystem for Linux

This week, Microsoft launched support for graphical and audio Linux apps under the Windows Subsystem for Linux—although the new feature is only available in the Dev channel of Insider builds, for now. The new feature is nicknamed WSLg, and it includes both X and PulseAudio servers. We gave WSLg some limited testing today, and it performed rather well.

After running apt install firefox in the WSL2/Ubuntu terminal, we ran an Ubuntu-flavored web browser and played several videos on YouTube. We don’t necessarily recommend you base your next HTPC on WSLg—but the videos were watchable, with decent frame rate and non-skipping audio. (We tested WSLg with a Ryzen 5 Pro 2500U-powered Minisforum UM250 Mini-PC.)

More importantly, virt-manager worked very well on the little Minisforum—in very short order, we set up a “virt-ception” by using virt-manager beneath WSL2/Ubuntu running on Windows 10 to access a Windows VM running under Ubuntu on a machine across the office. (You can also see a Hackintosh VM in the background.)

Read 4 remaining paragraphs | Comments

#linux, #tech, #ubuntu, #windows, #windows-subsystem-for-linux, #wsl, #wsl2

Turn the Lights Out. Here Come the Birds.

Buildings, landmarks and monuments are turning off lights to prevent fatal impacts as birds set off on spring migration.

#academy-of-natural-sciences, #animal-behavior, #animal-migration, #audubon-society-national, #birds, #canada, #conservation-of-resources, #cornell-lab-of-ornithology, #dallas-tex, #florida, #fort-worth-tex, #lighting, #new-york-city, #windows

“Expert” hackers used 11 zerodays to infect Windows, iOS, and Android users

The word ZERO-DAY is hidden amidst a screen filled with ones and zeroes.

Enlarge (credit: Getty Images)

A team of advanced hackers exploited no fewer than 11 zeroday vulnerabilities in a nine-month campaign that used compromised websites to infect fully patched devices running Windows, iOS, and Android, a Google researcher said.

Using novel exploitation and obfuscation techniques, a mastery of a wide range of vulnerability types, and a complex delivery infrastructure, the group exploited four zerodays in February 2020. The hackers’ ability to chain together multiple exploits that compromised fully patched Windows and Android devices led members of Google’s Project Zero and Threat Analysis Group to call the group “highly sophisticated.”

Not over yet

On Thursday, Project Zero researcher Maddie Stone said that, in the eight months that followed the February attacks, the same group exploited seven more previously unknown vulnerabilities, which this time also resided in iOS. As was the case in February, the hackers delivered the exploits through watering-hole attacks, which compromise websites frequented by targets of interest and add code that installs malware on visitors’ devices.

Read 8 remaining paragraphs | Comments

#android, #biz-it, #chrome, #exploits, #google, #ios, #vulnerabilities, #windows, #zerodays

Bitflips when PCs try to reach windows.com: What could possibly go wrong?

Stock photo of ones and zeros displayed across a computer screen.

Enlarge (credit: Getty Images)

Bit flips are events that cause individual bits stored in an electronic device to flip, turning a 0 to a 1 or vice versa. Cosmic radiation and fluctuations in power or temperature are the most common naturally occurring causes. Research from 2010 estimated that a computer with 4GB of commodity RAM has a 96 percent chance of experiencing a bit flip within three days.

An independent researcher recently demonstrated how bitflips can come back to bite Windows users when their PCs reach out to Microsoft’s windows.com domain. Windows devices do this regularly to do things like making sure the time shown in the computer clock is accurate, connecting to Microsoft’s cloud-based services, and recovering from crashes.

Remy, as the researcher asked to be referred to, mapped the 32 valid domain names that were one bitflip away from windows.com. He provided the following to help readers understand how these flips can cause the domain to change to whndows.com:

Read 12 remaining paragraphs | Comments

#bitflips, #bits, #biz-it, #domains, #microsoft, #operating-systems, #tech, #windows

Chromebooks had a banner 2020

2020 was a weird year by any measure. Certainly it was a wild ride for those in the consumer electronics category. Take smartphones — first there were manufacturing delays out of China, followed by an across the board decrease in demand. There are lots of reasons contributing to the latter, but the simplest and most prevalent one is that people just didn’t want to spend money to upgrade their devices.

But the pandemic also changed how — and where — many people work and learn. It was an abrupt shift for many that required tech investments, even in the face of economic uncertainty. After years of stagnating, plateauing and dropping, PC and tablet sales saw a spike. Earlier this month, IDC noted a nearly 20% increase in tablet sales for Q4, owing in part to a backlog in PC availability.

New figures from the firm (first noted by GeekWire) point to some significant gains for Chromebooks during that time period. According to IDC’s PC Tracker, the models comprised 10.8% of the PC market for 2020; that’s up from 6.4% a year prior. The number also pushed past MacOS’s 7.5% for the year.

Even so, Apple still grew as an overall percent of the market, up from 6.7%. Both of those numbers have eaten into Windows’ figures — though Microsoft continues to dominate the market at 80.5% (down from 85.4%).

The figures reflect positive reports from other firms. In January, Canalys noted, “Chromebook vendors enjoyed new heights of success in Q4, as the overall market almost quadrupled in size over the same period a year ago.” Pricing is certainly a factor, along with an overall scramble as schools have gone virtual amid COVID-19 concerns.

#chrome, #chrome-os, #chromebooks, #hardware, #idc, #macos, #windows

The world’s second-most popular desktop operating system isn’t macOS anymore

Market share chart

Enlarge (credit: Ars Technica)

For ages now, every annual report on desktop operating system market share has had the same top two contenders: Microsoft’s Windows in a commanding lead at number one and Apple’s macOS in distant second place. But in 2020, Chrome OS became the second-most popular OS, and Apple fell to third.

That’s according to numbers from market data firm IDC and a report on IDC’s data by publication GeekWire. Chrome OS had passed macOS briefly in individual quarters before, but 2020 was the first full year when Apple’s OS took third place.

Despite the fact that macOS landed in third, viewing this as an example of Google beating out Apple directly might not be accurate. Rather, it’s likely that Chrome OS has been primarily pulling sales and market share away from Windows at the low end of the market. Mac market share actually grew from 6.7 percent in 2019 to 7.5 percent in 2020.

Read 4 remaining paragraphs | Comments

#chromebook, #chromeos, #mac, #macos, #pc, #tech, #windows

Zero-days under active exploit are keeping Windows users busy

The word ZERO-DAY is hidden amidst a screen filled with ones and zeroes.

Enlarge (credit: Getty Images)

It’s the second Tuesday of February, and that means Microsoft and other software makers are releasing dozens of updates to fix security vulnerabilities. Topping off this month’s list are two zero-days under active exploit and critical networking flaws that allow attackers to remotely execute malicious code or shut down computers.

The most important patch fixes a code-execution flaw in Adobe Reader, which despite its long-in-the-tooth status remains widely used for viewing and working with PDF documents. CVE-2021-21017, as the critical vulnerability is tracked, stems from a heap-based buffer overflow. After being tipped off by an anonymous source, Adobe warned that the flaw has been actively exploited in limited attacks that target Reader users running Windows.

Adobe didn’t provide additional details about the vulnerability or the in-the-wild attacks exploiting it. Typically, hackers use specially crafted documents sent by email or published online to trigger the vulnerability and execute code that installs malware on the device running the application. Adobe’s use of the word “limited” likely means that the hackers are narrowly focusing their attacks on a small number of high-value targets.

Read 9 remaining paragraphs | Comments

#adobe, #biz-it, #exploits, #microsoft, #reader, #tech, #vulnerabilities, #windows, #zerodays

Apple launches an iCloud Passwords extension for Chrome users on Windows

Apple has introduced an iCloud Passwords Chrome extension that will make life easier for those who use both Windows computers and other Apple devices, like a Macbook or an iPhone. The new browser extension lets you access the passwords you saved in Safari on your other Apple devices, then use them within Chrome when you’re on a Windows PC.

You can also save any new passwords you create in Chrome to your iCloud keychain, so it’s synced across your Apple devices.

Image Credits: Apple

Apple didn’t formally announce the new feature, but reports of an iCloud Passwords extension had already been referenced in the release notes of the new iCloud for Windows 10 (ver 12), which arrived at the end of January. After the update, a “Passwords” section appeared in the app designated by the iCloud Keychain logo. This directed users to download the new extension, but the link was broken, as the extension was not yet live.

That changed on Sunday, according a report from 9to5Google, which found the new Chrome add-on had been published to the Chrome Web Store late on Sunday evening. Now, when Windows users access the new Passwords section, the dialog box that prompts the download will properly function.

Once installed, Chrome users on Windows will be able to access any passwords they saved or allowed iCloud Keychain to securely generate for them within Safari for macOS or iOS. Meanwhile, as Windows users create new credentials, these, too, will be synced to their iCloud Keychain so they can later be pulled up on Mac, iPhone, and iPad devices, when needed.

This is the first Chrome extension to support iCloud Keychain on Windows, as before Apple had only offered an iCloud Bookmarks tool for older Windows 7 and 8 PCs, which reached over 7 million users.

Image Credits: Apple

Some users who have tried the extension are reporting problems, but it seems that’s related to their PCs not having been first updated to iCloud for Windows 12.0, which is a prerequisite for the new extension to work.

Though Apple typically locks users into its own platforms, it has slowly expanded some of its services to Windows and even Android, where it makes sense. Today, Apple offers its entertainment apps like Apple Music and Apple TV on other platforms, including Android, and has launched Apple TV on its media player rival, Amazon Fire TV, among others. And 9to5Mac notes that Apple appears to be working to bring Music and Podcasts to the Microsoft Store in the future, as well.

#apple, #browser, #chrome, #icloud, #icloud-keychain, #microsoft, #passwords, #safari, #security, #windows

Can Cute Windows Resurrect a Depressed Town in Upstate New York?

A project in Cherry Valley, a longtime artists’ haven, is brightening storefronts and telling the world, “We’re still here!”

#art, #bley-paul, #historic-buildings-and-sites, #windows

Microsoft earnings: Xbox hardware sales shot up 86% with Series X/S

The Xbox Series X, which launched in November.

Enlarge / The Xbox Series X, which launched in November. (credit: Sam Machkovech)

Microsoft delivered its earnings report for Q2 2021 yesterday, and the company has continued its sprint of very strong quarters, again driven primarily by Azure and the cloud. But that same old story isn’t the only one here: the report also tells us a thing or two about the new Xbox’s performance, as well as Windows and Office.

Overall, Microsoft beat analyst expectations. The company’s top-level revenue grew 17 percent year over year, reaching $43.08 billion. Analysts had expected $40.18 billion. $14.6 billion of that was from the business segment Microsoft calls “Intelligent Cloud,” which most notably includes Azure but also some other professional services like GitHub.

Cloud wasn’t the only positive story, though. Personal Computing including Windows, Xbox, and Surface grew 15 percent compared to the previous year to just over $15 billion. That included an 86 percent increase in Xbox hardware sales, as well as a 40 percent increase in Xbox content and surfaces—the former of those includes the launch of the Xbox Series X/S consoles in November, and the latter includes Game Pass, which Microsoft has been pushing hard as a core value proposition for the Xbox game platform.

Read 5 remaining paragraphs | Comments

#earnings, #microsoft, #microsoft-azure, #office, #satya-nadella, #tech, #windows, #xbox

How to (Literally) Drive the Coronavirus Away

What’s the transmission risk inside a car? An airflow study offers some insight for passengers and drivers alike.

#automobiles, #car-services-and-livery-cabs, #coronavirus-risks-and-safety-concerns, #taxicabs-and-taxicab-drivers, #windows, #your-feed-health, #your-feed-science

Hackers used 4 zero-days to infect Windows and Android devices

Stylized image of rows of padlocks.

Enlarge (credit: Getty Images)

Google researchers have detailed a sophisticated hacking operation that exploited vulnerabilities in Chrome and Windows to install malware on Android and Windows devices.

Some of the exploits were zero-days, meaning they targeted vulnerabilities that at the time were unknown to Google, Microsoft, and most outside researchers (both companies have since patched the security flaws). The hackers delivered the exploits through watering-hole attacks, which compromise sites frequented by the targets of interest and lace the sites with code that installs malware on visitors’ devices. The boobytrapped sites made use of two exploit servers, one for Windows users and the other for users of Android.

Not your average hackers

The use of zero-days and complex infrastructure isn’t in itself a sign of sophistication, but it does show above-average skill by a professional team of hackers. Combined with the robustness of the attack code—which chained together multiple exploits in an efficient manner—the campaign demonstrates it was carried out by a “highly sophisticated actor.”

Read 7 remaining paragraphs | Comments

#android, #biz-it, #exploits, #google-project-zero, #tech, #vulnerabilities, #windows, #zerodays

Microsoft hints at coming “sweeping visual rejuvenation” of Windows 10

This screenshot of the Photos and Calculator apps comes from a video Microsoft product chief Panos Panay dropped on Instagram to demonstrate new UI concepts in March 2020.

Enlarge / This screenshot of the Photos and Calculator apps comes from a video Microsoft product chief Panos Panay dropped on Instagram to demonstrate new UI concepts in March 2020. (credit: Microsoft)

We’ve been hearing rumors for a while now about a significant visual refresh planned for Windows 10 in 2021 under the codename “Sun Valley.” Those rumors gained some extra steam this morning, when Windows Latest reporter Mayank Parmar spotted a Microsoft job posting made in October that offered prospective senior software engineer hires an opportunity to “deliver a sweeping visual rejuvenation of Windows experiences to signal [that] Windows is BACK.”

Shortly after Parmar published a report on the listing, Microsoft edited it to remove the interesting bits—it now reads like a standard software engineer job listing, offering the opportunity to “build delightful, polished experiences for Windows” without saying anything about changes coming to Windows.

What we know about Sun Valley so far

Sun Valley is rumored to be a major UI code overhaul expected to land in Windows 10 21H2—the build that will drop in the second half of 2021. To be clear, the “rumored” part means exactly what it says—so far, it’s rumors only, with multiple sources but no confirmation from Microsoft.

Read 4 remaining paragraphs | Comments

#microsoft, #sun-valley, #tech, #uncategorized, #windows, #windows-10

Microsoft may be developing its own, in-house ARM CPU designs

Microsoft has so far neither confirmed nor denied Bloomberg's claims regarding in-house CPU designs.

Enlarge / Microsoft has so far neither confirmed nor denied Bloomberg’s claims regarding in-house CPU designs. (credit: Aurich Lawson / Grid Engine)

This afternoon, Bloomberg reported that Microsoft is in the process of developing its own ARM CPU designs, following in the footsteps of Apple’s M1 mobile CPU and Amazon’s Graviton datacenter CPU.

Bloomberg cites off-record conversations with Microsoft employees who didn’t want to be named. These sources said that Microsoft is currently developing an ARM processor for datacenter use and exploring the possibility of another for its Surface line of mobile PCs.

Bloomberg’s sources paint the datacenter part as “more likely” and a Surface part as “possible.” This seems plausible, given that Microsoft’s chip design unit reports to the Azure cloud VP, with no direct reporting ties to the Surface division. Microsoft declined to comment on any specific plans, saying only that it “[continues] to invest in our own capabilities in areas like design, manufacturing and tools, while also fostering and strengthening partnerships with a wide range of chip providers.”

Read 4 remaining paragraphs | Comments

#amazon, #apple, #arm, #cpus, #datacenter-cpus, #microsoft, #microsoft-surface, #mobile-cpus, #surface, #tech, #windows, #windows-arm

Xbox cloud gaming service hits iOS, Windows PCs in spring 2021

This demonstration of Microsoft's Project xCloud as played with a Razer Kishi controller, attached to a standard Android smartphone, could be a hint of what's to come to iOS devices in spring of 2021.

Enlarge / This demonstration of Microsoft’s Project xCloud as played with a Razer Kishi controller, attached to a standard Android smartphone, could be a hint of what’s to come to iOS devices in spring of 2021. (credit: Microsoft)

In a blog post today outlining everything from upcoming games to plans for Xbox Series X/S, Microsoft announced that Xbox cloud gaming will come to iOS mobile devices and Windows PCs in spring of 2021.

On Windows PCs, the games will stream through the Xbox app or a Web browser, whereas the service will be limited to the mobile Web browser on iOS devices.

Microsoft’s game-streaming features require an Xbox Game Pass Ultimate subscription, which also includes an on-demand library of downloadable games for both Xbox platforms and Windows PCs, the EA Play downloadable game library, and Xbox Live Gold, Microsoft’s online multiplayer service.

Read 7 remaining paragraphs | Comments

#app-store, #apple, #apple-app-store, #gaming-culture, #ios, #microsoft, #pc, #project-xcloud, #safari, #tech, #windows, #xbox, #xbox-cloud-gaming

The Munich Atelier Where Stained Glass Comes to Life

In a six-story building in the city’s center, Michael and Petra Mayer run — and reside in — one of the world’s oldest and most celebrated architectural glass and mosaic studios.

#architecture, #art, #churches-buildings, #glass, #historic-buildings-and-sites, #interior-design-and-furnishings, #munich-germany, #restoration-and-renovation, #stained-glass, #windows

See the New York City Holiday Christmas Windows

Department stores are in trouble. Tourism is a mess. But behind the glass vitrines, the show goes on.

#bergdorf-goodman, #bloomingdales, #macys-inc, #quarantine-life-and-culture, #saks-fifth-avenue, #shopping-and-retail, #windows, #your-feed-fashion

Google’s Project Zero discloses Windows 0day that’s been under active exploit

A stylized skull and crossbones made out of ones and zeroes.

Enlarge (credit: Getty Images)

Google’s project zero says that hackers have been actively exploiting a Windows zeroday that isn’t likely to be patched until almost two weeks from now.

In keeping with long-standing policy, Google’s vulnerability research group gave Microsoft a seven-day deadline to fix the security flaw because it’s under active exploit. Normally, Project Zero discloses vulnerabilities after 90 days or when a patch becomes available, whichever comes first.

CVE-2020-117087, as the vulnerability is tracked, allows attackers to escalate system privileges. Attackers were combining an exploit for it with a separate one targeting a recently fixed flaw in Chrome. The former allowed the latter to escape a security sandbox so the latter could execute code on vulnerable machines.

Read 9 remaining paragraphs | Comments

#biz-it, #exploits, #google, #microsoft, #project-zero, #vulnerabilities, #windows

Pulumi raises $37.5M Series B for its cloud engineering platform

Seattle-based Pulumi, one of the newer startups in the ”infrastructure-as-code” space, today announced that it has raised a $37.5 million Series B funding round led by NEA. Previous investors Madrona Venture Group and Tola Capital also participated in this round, which brings the total investment in the company to $57.5 million.

The new investment follows the launch of Pulumi 2.0, which got the company closer to its vision of becoming what the team calls a ‘cloud engineering platform’ and impressive growth over the last, with a 10x growth in adoption in the last twelve months.

“We started with infrastructure as code, because we felt like that was a foundational piece that gave us the programming model, along with the cloud resource model,” Pulumi co-founder and CEO Joe Duffy told me. “That was an important place to start. With [Pulumi] 2.0,  we launched support for testing, for policy as code — so that you could actually apply governance and compliance as part of your infrastructure management — and really helping more of the team work together.”

Indeed, after starting with a focus on infrastructure teams, Pulumi is now looking to expand across teams.

“The infrastructure team is becoming the nucleus that pulls the whole team together. We’re actually calling this cloud engineering,” Duffy explained. “What we’re calling cloud engineering is developers using the cloud in a first-class way, infrastructure teams helping them do that and increasingly pulling in security engineers to make sure that governance is part of the story as well. The 2.0 release was our first time exploring those adjacencies and trying to paint a path to realizing the full Pulumi vision.”

Infrastructure as code isn’t necessarily new, of course. The promise of Pulumi is that it isn’t hobbled by any legacy products but that the team designed it as a cloud-native product from the ground up. That’s something NEA’s Aaron Jacobson, who will join the company’s board, also stressed.

“If you think about how fast the cloud has evolved just in 10 years, Pulumi is built in a place of multi-cloud, of Kubernetes, of serverless, Jacobson said. “And much of the original infrastructure-as-code constructs didn’t even have those in mind. Since Pulumi is newer to market and has come after all those constructs, it just has better integration, it’s just is a more delightful experience to developers.”

NEA’s Scott Sandell is actually taking this a bit further. “Venture capitalists are in the business of pattern recognition,” he said. “And the pattern that I recognized actually goes all the way back to when I was a product manager in the windows group. And I saw that developers don’t want to have to deal with complexity — they want to have the complexity managed for them.” That, he argues, is what Pulumi does for developers — and it surely helped the both Duffy and his co-founder and Pulumi executive chairman Eric Rudder left successful careers at Microsoft to build this company.

In addition to the new funding, Pulumi also today announced that it brought in a number of new executives, including industry veterans Jay Wampold as CMO, Lindsay Marolich as senior director of demand generation, Kevin Kotecki as VP of sales and Lee-Ming Zen as VP of engineering.

#aaron-jacobson, #cloud, #cloud-computing, #cloud-infrastructure, #co-founder, #developer, #madrona-venture-group, #microsoft, #nea, #pulumi, #recent-funding, #scott-sandell, #seattle, #startups, #tola-capital, #vp-of-sales, #windows

We’re Living in a World of Walls. Here Is a Window to Escape.

On ancient stones and new barriers, computer screens and emergency exits.

#border-barriers, #cairo-egypt, #deaths-fatalities, #israel, #quarantine-life-and-culture, #sarajevo-bosnia-and-herzegovina, #windows

FBI/DHS: Government election systems face threat from active Zerologon exploits

FBI/DHS: Government election systems face threat from active Zerologon exploits

Enlarge (credit: Getty Images)

The FBI and the cybersecurity arm of the Department of Homeland Security said they have detected hackers exploiting a critical Windows vulnerability against state and local governments and that in some cases the attacks are being used to breach networks used to support elections.

Members of unspecific APTs—the abbreviation for advanced persistent threats—are exploiting the Windows vulnerability dubbed Zerologon. It gives attackers who already have a toehold on a vulnerable network access to the all-powerful domain controllers that administrators use to allocate new accounts and manage existing ones.

To gain initial access, the attackers are exploiting separate vulnerabilities in firewalls, VPNs, and other products from companies including Juniper, Pulse Secure, Citrix NetScaler, and Palo Alto Networks. All of the vulnerabilities—Zerologon included—have received patches, but as evidenced by Friday’s warning from the DHS and FBI, not everyone has installed them. The inaction is putting governments and elections systems at all levels at risk.

Read 3 remaining paragraphs | Comments

#biz-it, #department-of-homeland-security, #dhs, #fbi, #federal-bureau-of-investigation, #microsoft, #policy, #tech, #windows, #zerologon

Windows 10 machines running on ARM will be able to emulate x64 apps soon

Windows laptops and convertibles running ARM aren’t exactly the bulk of the market at this point, but there are several of them there—including Microsoft’s own updated Surface Pro X, which was just announced today.

One of the reasons that not every consumer has made the plunge is that running traditional x86 apps on these Windows 10 ARM machines poses significant limitations. Among the biggest: there’s no support at all for running 64-bit x86 applications in emulation, only 32-bit.

Today, Microsoft announced in a long-winded blog post that that limitation will soon change, as emulation of 64-bit Windows applications is going into a public-testing phase soon. That addresses one of the biggest complaints about the platform—complaints that have only grown as more popular applications have converted to 64-bit-only as the months have gone by.

Read 5 remaining paragraphs | Comments

#arm, #cpu, #emulation, #microsoft, #tech, #virtualization, #windows, #x86

Following Apple’s Sidecar launch, Astropad announces Luna Display for Windows

In June, Luna Display creator Astropad wrote a blog post titled, “Why Getting Sherlocked by Apple Was a Blessing in Disguise.” It arrived on the one-year anniversary of Apple’s launch of Sidecar for macOS, which let Mac owners use an iPad as a second display — thus making Luna’s functionality redundant.

The rose-colored post detailed how the company planned to pivot by diversifying its portfolio — in the case of Luna, that specifically meant launching a Windows version. “Later this summer, we’ll open up Astropad Studio for a free public beta on Windows,” the company wrote. “Not long after, we’ll be launching a Kickstarter campaign for an HDMI version of Luna Display.”

Today the company launched a Kickstarter for its Windows version, two years after launching the original Mac dongle on the crowdfunding platform. Delivery is set for May 2021. Early-bird supporters can get on-board with the device for as low as $49 (down from a retail price of $80).

Image Credits: Astropad

The dongle turns an iPad into a second display for a Windows PC, either wirelessly or tethered. The model comes in either USB-C of HDMI models, depending on the ports available on your machine. The second tablet can be used as a touchscreen for the extended monitor, which should work well with Windows 10, given how much Microsoft has tailored it to a touch experience.

I was a fan of the original Luna for Mac — though, like many, had less interest in the product as soon as Apple announced native support for Sidecar. Following the launch of Windows support, owners of the original Mac version will be able to use their existing device with PCs, as well. The device will work for Mac to iPad, Windows to iPad, Mac to Mac (with one laptop serving as a second screen) and a “headless mode,” with uses the iPad as a display for the Mac Mini and Mac Pro.

#apple, #astropad, #hardware, #ipad, #luna-display, #microsoft, #sidecar, #windows

How to Keep the Coronavirus at Bay Indoors

Tips for dodging the virus as Americans retreat from colder weather: Open the windows, buy an air filter — and forget the UV lights.

#content-type-service, #coronavirus-2019-ncov, #coronavirus-risks-and-safety-concerns, #education-k-12, #fans-airflow, #filters, #hygiene-and-cleanliness, #masks, #ultraviolet-light, #windows, #your-feed-science

Microsoft brings new robotic process automation features to its Power Platform

Earlier this year, Microsoft acquired Softomotive, a player in the low-code robotic process automation space with a focus on Windows. Today, at its Ignite conference, the company is launching Power Automate Desktop, a new application based on Softomotive’s technology that lets anyone automate desktop workflows without needing to program.

“The big idea of Power Platform is that we want to go make it so development is accessible to everybody,” Charles Lamanna, Microsoft’s corporate VP for its low-code platform, told me. “And development includes understanding and reporting on your data with Power BI, building web and mobile applications with Power Apps, automating your tasks — whether it’s through robotic process automation or workflow automation — with Power Automate, or building chatbots and chat-based experiences with Power Virtual Agent.”

Power Automate already allowed users to connect web-based applications, similar to Zapier and IFTTT, but the company also launched a browser extension earlier late last year to help users connect native system components to Power Automate. Now, with the integration of the Softomotive technology and the launch of this new low-code Windows application, it’s taking this integration into the native Windows user interface one step further.

“Everything still runs in the cloud and still connects to the cloud, but you now have a rich desktop application to author and record your UI automations,” Lamanna explained. He likened it to an ‘ultimate connector,’ noting that the “ultimate API is just the UI.”

He also stressed that the new app feels like any other modern Office app like Outlook (which is getting a new Mac version today, by the way) or Word. And like the modern versions of those apps, Power Automate Desktop derives a lot of its power from being connected to the cloud.

It’s also worth noting that Power Automate isn’t just a platform for automating simple two- or three-step processes (like sending you a text message when your boss emails you), but also for multistep, business-critical workflows. T-Mobile, for example, is using the platform to automate some of the integration processes between its systems and Sprint.

Lamanna noted that for some large enterprises, adopting these kinds of low-code services necessitates a bit of a culture shift. IT still needs to have some insights into how these tools are used, after all, to ensure that data is kept safe, for example.

Another new feature the company announced today is an integration between the Power Platform and GitHub, which is now in public preview. The idea here is to give developers the ability to create their own software lifecycle workflows. “One of the core ideas of Power Platform is that it’s low code,” Lamanna said. “So it’s built first for business users, business analysts, not the classical developers. But pro devs are welcome. The saying I have is: we’re throwing a party for business users, but pro devs are also invited to the party.” But to get them onto the platform, the team wants to meet them where they are and let them use the tools they already use — and that’s GitHub (and Visual Studio and Visual Studio Code).

#articles, #author, #automation, #business, #business-process-automation, #business-process-management, #business-software, #economy, #ifttt, #microsoft, #microsoft-windows, #player, #softomotive, #tc, #windows, #zapier