Sofia Elizabella Wyciślik-Wilson

Numerous Microsoft 365 services were knocked offline for several hours, leaving users unable to log into accounts and use various tools. Affected services included Office.com, Outlook.com and Teams, and the problem hit users around the world.

The company scrambled to determine the root cause of the issues, eventually homing in on a "recent change" which needed to be rolled back. This, however, did not ultimately solve the problem, so Microsoft was forced to put other mitigations in place.

Continue reading →

It is just days since the CISA (Cybersecurity and Infrastructure Security Agency) issued an emergency warning about a critical Windows vulnerability. Now Microsoft has issued a warning that the vulnerability is being actively exploited and the company is "actively tracking threat actor activity".

The Netlogon EoP vulnerability (CVE-2020-1472) is concerning not just because of its severity, but because of the fact that it can be exploited in a matter of seconds. The security issue affects Windows Server 2008 and above, and enables an attacker to gain admin control of a domain.

Continue reading →

Torrents have appeared online containing the source code for Windows XP, Windows 2000, and other software from Microsoft. Shared on the notorious 4chan, a collection of files approaching 50GB in size also include the source code for Windows Server 2003, Windows NT and MS DOS.

The leaker justifies their decision to share the source code saying that "information should be free and available to everyone", and that to hold onto it for themselves would be an "evil act". The leaker also cheekily points out that Microsoft should be happy that the source code is publicly available given the company's current embracing of open source.

Continue reading →

Many countries are in the process of rolling out "track and trace" mobile apps to make it easier for people to determine whether they have been in contact with anyone who has contracted coronavirus. Now Google has added a new layer to Google Maps that shows local information about COVID-19.

The optional layer shows a seven-day average of new COVID-19 cases for whatever area of the map you are looking at, and Google says that the aim of the new feature is to enable people to "make more informed decisions about where to go and what to do".

Continue reading →

It has been a few weeks since there was an update to Windows Terminal, but now Microsoft has released a new version of the preview build. With Windows Terminal Preview v1.4.2652.0, the company has not only addressed various bugs, but also introduced key new features.

A important new addition to the command line tool is support for Jump Lists. In taking advantage of this Windows 10 feature, it is now possible to launch Windows Terminal Preview with a specific profile from the start menu or task bar.

Continue reading →

Cybersecurity and Infrastructure Security Agency (CISA) has taken the extraordinary steps of issuing an emergency alert about a critical vulnerability in Windows.

CISA issued the warning to government departments, saying it "has determined that this vulnerability poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action". With Emergency Directive 20-04, the CISA requires agencies to install the August 2020 Security Update to mitigate against a vulnerability in Microsoft Windows Netlogon Remote Protocol.

Continue reading →

If you have installed KB4568831 for Windows 10 on your Lenovo ThinkPad, you may well have encountered the crashing issues caused by the update. Those affected by the problem have been hit by SYSTEM_THREAD_EXCEPTION_NOT_HANDLED error messages, and 0xc0000005 Access Denied messages in log files and memory dumps.

Microsoft has now acknowledged that there is an issue and has offered details of a workaround -- although you may want to think about whether you really want to follow the mitigation advice because of the security implications.

Continue reading →

Hackers are increasingly turning their attention to attacking Linux servers and workstations, according to security researchers from Kaspersky.

While it is Windows systems that have traditionally been in the cross-hairs of attackers, advanced persistent threats (APTs) are now a serious issue in the Linux world. Linux systems are being specifically targeted with an ever-widening selection of malware tools.

Continue reading →

Since adopting the Chromium engine for Edge, Microsoft has been eager for people to move away from the legacy version of its web browser.

To help ensure compliance with its wishes, the company has released the KB4576754 update which forces the installation of the new Microsoft Edge and removes the old version. With the update being mandatory, anyone wanting to avoid Edge will have to take action.

Continue reading →

After suddenly hitting the big time during the coronavirus pandemic, video conferencing tool found itself the center of attention for both good and bad reasons. While people welcome the app facilitating remote working, Zoom's security and privacy credentials were called in to questions in a series of incidents.

The company subsequently promised to take action to improve things in these areas, and over the summer there have been ongoing updates to Zoom. Now two-factor authentication (2FA) has been made available to all users.

Continue reading →

Another month, another Patch Tuesday. Earlier this week Microsoft released a series of updates for Windows 10, including KB4571756, a cumulative update designed to fix a range of security issues.

But many people installing KB4571756 have found that the update breaks Windows Subsystem for Linux 2. Microsoft is yet to acknowledge this as a known issue, but many people are experiencing "Element not found" errors in WSL 2 as well as seeing the message "Process exited with code 4294967295".

Continue reading →

People like to be individuals, and in the computing arena one way to be a little different is to change the look of Windows by using themes. But a security researcher has warned of a technique that could be exploited by hackers to trick users into divulging their Windows login details when applying a theme.

Malicious theme packs can be used to execute a "pass-the-hash" attack which sends passwords to a remote server. The specially designed themes are easy to create, andthe way the credential stealing attack works will fool many people -- but there are protective measures that can be put in place.

Continue reading →

We have written a lot about Windows 10 here on BetaNews, and many of these articles have been about problems introduced by new updates. For some time now it has felt as though the updates and patches that are released have not been fully tested, and users of the operating system are being used as guinea pigs when Patch Tuesday rolls around each month.

There is, of course, the argument that Microsoft has an impossible task when it comes to ensuring that patches and updates do not cause problems for people with near unlimited combinations of hardware and software. But that's little consolation if it's your system that gets borked by a patch.

Continue reading →

Earlier in the year, Intel announced that it had completed software validations on fixes for a series of security flaws affecting many of its processors discovered a couple of years ago. Now Microsoft, in conjunction with the chip-maker, released microcode updates for Windows 10 to fix these issues.

The four problems are connected to the now-infamous Spectre and Meltdown flaws from 2018. They relate to problems with the speculative execution function of many chips, and could allow for sensitive data to leak.

Continue reading →

It's a little over a month since Linus Torvalds announced the release of version 5.8 of the Linux kernel -- something he previously described as "one of our biggest releases of all time".

But despite the fact that Linux kernel 5.8 was released so recently, VirtualBox has already been updated to include support for it. This means that the virtualization software can be used to run distros like Ubuntu 20.10 (Groovy Gorilla), which is powered by version 5.8 of the kernel. The software can also run under distros based on the newest kernel.

Continue reading →