Tag: windows

Windows 7 is a chocolate teapot, Microsoft warns

Nestle-chocolate-teapot-1Software giant Microsoft has warned the world that its Windows 7 software is the chocolate teapot of software and is advising people to upgrade to Windows 10.

Microsoft ended mainstream support for Windows 7 back in January 2015 and stopped OEMs from selling PCs with Windows 7 and 8.1 near the end of 2016.

A spokesVole said that Windows 7 will approach its end of extended support in less than three years, and warned enterprise customers and other users to upgrade to Windows 10.

While January 14, 2020 might seem a long way away it does take organisations rather a long time to do a roll out. But Vole warned that Windows 7 really was not an option anymore and not fit for the purpose for most corporates.

In a new blog post, the company says that continued usage of Windows 7 increases maintenance and operating costs for businesses. Similarly, time is needlessly wasted on combating malware attacks that could have been avoided by upgrading to Windows 10. Microsoft also says that many hardware manufacturers do not provide drivers for Windows 7 any longer, and many developers and companies refrain from releasing programs on the outdated operating system.

Markus Nitschke, Head of Windows at Microsoft Germany said that the Operating system did not meet the requirements of modern technology, nor the high security requirements of IT departments.

Companies should take early steps to avoid future risks or costs, he said.

Microsoft further pointed out that its obsolete operating system is based on “long-outdated security architectures”. It also cautioned that companies and businesses who still use it are more susceptible to cyber-attacks.

Windows 10 to lock when you move away

8746-dSoftware king of the world Microsoft has a wizard wheeze to hack off users.

Vole has thought that it would be much more secure if every time a user steps away from their machine, Windows 10 senses this and goes into lock down automatically.

The feature is labelled as Dynamic Lock and has started appearing in recent test builds of Windows 10. Vole has dubbed the software “Windows Goodbye” internally which might be a prediction more than a label.

Vole uses special Windows Hello cameras to let Windows 10 users log into a PC with just their face and big corporates want employees to use the winkey+L combination to lock machines when they’re idle.

The new feature will make it an automatic process and it is not clear how Microsoft detect inactivity, but it’s possible the company could use Windows Hello-compatible machines or detect idle activity and lock the machine accordingly.

Windows can already be configured to do this after a set time period, but Vole is streamlining this feature into a simple setting for anyone to enable. Microsoft is planning to deliver Dynamic Lock as part of the Windows 10 Creators Update, expected to arrive in April.

It might work in a corporate world although logging on and off each time you go to the loo is going get annoying quick. Supervisors often must get up for a moment to help their employees, logging on and off each time they do that is going to force them to lob their PC through the window.  But home users are up and about all the time.

To be fair all this will be redundant when the computer starts to recognise who you are and switches back on automatically. That tech is already there with Windows Hello.

Watchdog tells Microsoft to refund Windows 10 update victims

Watchdog-Lele1A UK watchdog Which?  has growled at the software giant Microsoft over the fact its update bricked some users PCs and told it to pay up to have them repaired.

For those who came in late, last year Vole rolled out a free Windows 10 update to all its customers. However Which? received hundreds of complaints about the software, including repeated pop-ups regarding updates, various problems regarding printers, Wi-Fi cards, working of speakers, files being lost and email accounts no longer syncing.

Many complained about being “nagged” by Microsoft to install the new update and despite declining notifications. Which? said there have also been complaints about poor customer service from Microsoft when users contacted the company about the problems they are having, the report said.

Alex Neill, Director of Campaigns and Policy said that of 2,500 people surveyed, who had upgraded to Windows 10, more than 12 percent said they ended up rolling back to their previous version of the operating system. More than half stated that this was because the upgrade had adversely affected their PC.

”We rely heavily on our computers to carry out daily activities so, when they stop working, it is frustrating and stressful,” A, was quoted as saying. ALSO READ: Microsoft’s Cortana to help refrigerators in ‘food management,” Neill said.

“Many people are having issues with Windows 10 and we believe Microsoft should be doing more to fix the problem. Which? is now calling on Microsoft to improve its customer service and compensate its customers where appropriate.

 

Linux on Windows might be a giant bug

bugWhile the world cheered at the prospect of Linux running on Windows, security experts were less sure and fear that it might have bought a new way to hack a Windows machine.

Alex Ionescu, chief architect at Crowdstrike told the assorted throngs at the Black Hat USA security conference that some problems he reported to Microsoft during the beta period have already been fixed, but the larger problem, though, is that there is now a new potential attack surface that organisations need to know about and risks that need to be mitigated.

“In some case, the Linux environment running in Windows is less secure because of compatibility issues, There are a number of ways that Windows applications could inject code, modify memory and add new threats to a Linux application running on Windows.”

The modified Linux code in turn could then call Windows APIs and get access to system calls to perform malicious actions that might not be mitigated.

He said that Windows was now a “two-headed beast” that can do a little Linux and can also be used to attack the Windows side of the system.

Linux on Windows does not run inside of a Hyper-V hypervisor, which potentially could isolate the Linux processes. Instead Linux is running on the raw hardware, getting all the benefits of performance and system access, as well as expanding the potential attack surface, he said.

The Windows file system is also mapped to Linux, such that Linux will get access to the same files and directories.

The updating mechanism inside of Linux for Windows is also an area Ionescu looked at. There is a scheduled task that can be set in Windows to run the Apt-Get Linux command to update packages for the user mode that is enabled by Ubuntu. That said, Ionescu noted that Microsoft isn’t actually using an Ubuntu Linux kernel, just user-land tools and applications.

AppLocker, which is Microsoft’s whitelisting service for Windows applications, doesn’t work for Linux applications. As such, if an enterprise has enabled Linux on systems, Linux apps can potentially run without first checking with AppLocker.

 

French Windows privacy slammed

c3f9850de05b9d4e64c50e5353a17117The French government is furious that Windows 10 appears to collect rather too much user data.

France’s National Data Protection Commission (CNIL) has order Microsoft to comply with the French Data Protection Act within three months. and “stop collecting excessive data and tracking browsing by users without their consent.”

In addition to this, the chair of CNIL has notified Microsoft that it needs to take “satisfactory measures to ensure the security and confidentiality of user data”. The notice comes after numerous complaints about Windows 10, and a series of investigations by French authorities which revealed a number of failings on Microsoft’s part.

Microsoft is accused of not only gathering excessive data about users, but also irrelevant data. The CNIL points to Windows 10’s telemetry service which gathers information about the apps users have installed and how long each is used for. The complaint is that “these data are not necessary for the operation of the service”.

The company is also criticised for its lack of sufficient security — such as the four-digit PIN used to protect payment information which does not have a limit on the number of guesses that can be made. The CNIL’s list of complaints does not end there. It also took exception to the activation of an advertising ID for tailored advertising without user consent, the lack of cookie blocking options, and the fact that data is being transferred out of Europe to the US.

In a statement, the CNIL said:

Given the above, the Chair of the CNIL has decided to issue a formal notice to Microsoft Corporation to comply with the Act within three months. This proceedings only commits French Data protection authority. The other data protection authorities belonging to the WP29 Contact group are continuing their investigations within their respective national procedures.

The purpose of the notice is not to prohibit any advertising on the company’s services but, rather, to enable users to make their choice freely, having been properly informed of their rights.

It has been decided to make the formal notice public due to, among other reasons, the seriousness of the breaches and the number of individuals concerned (more than ten million Windows users on French territory).

Vole is probably not too concerned. It fully expects the cheese munching surrender monkeys to back down when the three month deadline it is up, but if France’s objection is heard by the Germans, who are a lot more earnest about privacy then it might have a fight on its hands.

Thunderstorm hits Microsoft’s Windows 10 nagware

live_tv_windows_10Microsoft’s Windows 10 nagware is making a public idiot of the company and rendering the software customers have paid for unfit for the purpose.

The latest public humiliation of the company happened during a live TV weather forecast. Instead of the weather map that the television station KCCI wanted, the screen was full of a demand that meteorologist Metinka Slater upgrade to Windows 10 immediately.

Slater was busy trying to warn the good and the bad citizens of Iowa about thunderstorms rolling through Iowa, which was a little more important than a software upgrade.

“Microsoft recommends upgrading to Windows 10. Gosh, what should I do?” Slater asked the viewing public.  Upgrading to Linux instead perhaps? Certainly a TV company can’t risk being seen as being that unprofessional ever again.

Microsoft is increasingly alienating people from its Windows 10 operating system with these sorts of antics. Forced upgrades of any sort are a pain.  We know this because even after you upgrade to Windows you are forced to upgrade on demand even when you do not have enough disk space.  Windows 10 wants to upgrade itself every morning and fills up our hard drive and then insists that it needs 5GB to install itself which the SSD slave drive does not have.

Frankly we hope that the TV Company sues Microsoft, because there does not seem to be any way to make the company understand that nagware on legitimate paid for software is just wrong.

Microsoft makes a Chinese Windows 10

cimg3254Microsoft has made the Chinese government its own version of Windows 10.

Dubbed Windows 10 Zhuangongban, or “Windows 10 Specially-provided Edition” – Vole has already completed the first version of the specialised Windows 10.

Microsoft announced the deal and its intention to develop the China-specific software in December and Vole is not the only government focused OS on the Chinese market.

The Zhuangongban features fewer of Microsoft’s consumer-targeted apps and services, while including more management and security controls. So in other words it does not phone home to Microsoft as much as the western version does either.

Microsft said the Chinese version has the ability to run any Windows-compatible programs, but is not saying if there are any other differences.

China’s government has itself been developing NeoKylin, a partially Chinese developed Linux fork, but this new move might indicate that China needs a broaders support of software – particularly in its state-owned enterprises, which need to be able to use industry standard software tools.

 

McAfee security has become spyware

spyMcAfee software which comes bundled with some PCs seems to be converting itself to spyware to help serve up advertising and could be used as a geolocation tool.

Help Net Security wrote that  seven laptops, the Lenovo Flex 3, Lenovo G50-80 (UK version), HP Envy, HP Stream x360 (Microsoft Signature Edition), HP Stream (UK version), Acer Aspire F15 (UK version), and Dell Inspiron 14 (Canadian version) were tested by the security research team of Duo Security.

Duo sniffed the traffic sent from and to them once they have been taken out of the box, plugged in, and connected to a network.

“Within the first few packets on all seven laptops, there were issues. It took awhile to figure them out, as much of the traffic was encrypted and one had to go by server hostname or calling program name, or by reverse-engineering the calling code to find out what was going on,” they pointed out.

It found several security issues which should have been fixed last year and some of the Windows 10 security settings were being reset to their “phone home” defaults.  But that was not the worst thing.

The McAfee software was using web beacons that can be used to track and serve advertising to users and to track users.

Basically to fix the problems is to turn off all privacy settings, make some registry settings adjustments, and turn off some services. You have to do this each time you patch your PC, the researchers advised. Of course removing McAfee, setting up Windows Defender, and adjusting firewalls to stop the transmission of data is probably better.

Brazilian coders create platform friendly malware

brazilBrazilians are a friendly bunch and now its hackers are starting to design malware on Java JAR files which can play nicely on all three major platforms, Mac, Linux, and Windows.

Virus vendor Kaspersky has spotted a few families of Java executables in the wild which don’t really care what operating system you use.

By packing malware as a JAR file, crooks are practically making sure their content will be executed on all targets, regardless of operating system.

True the Java engine needs to be installed on each victim’s computer for the malware to run, but given it is installed on 70-80 percent of computers that is pretty much a no-brainer.

According to Kaspersky, Brazil’s criminal underground seems to be the first one that has taken this step. At the moment they are running spam campaigns and banking trojans.

Right now, infections with these three malware families that use JAR files are popping up mainly in Brazil, but a large number of victims was also recorded in China and Germany, where Kaspersky says that local cyber-crime gangs are also experimenting with the same JAR-packing techniques.

Microsoft ends support for Windows 8

1942584Software King of the World Microsoft is ending mainstream support for its Windows 8 operating system.

Vole killed off support for Windows 7 at this time last year and now Windows 8’s security updates will be coming to an end on the 12th of January, 2016.

This might seem a little strange as Windows 8 was only released in 2012, and Vole normally gives you a decade of support before killing it off.  But this is more to do with the fact that Windows 8.1 is such a different beastie from Windows 8 that Microsoft is seeing them as different operating systems.

Given that Windows 8 was pretty pants, most users will have given up on it and upgraded anyway. Those who have not will not get support. If users upgrade to Windows 8.1 or even Windows 10, that support will be extended to 2023.

In addition to ending security updates for Windows 8, just last week Microsoft also announced that they will be ending support for older builds of Internet Explorer, namely versions 8, 9, and 10 which all come to an end also on the 12 January.