Sofia Elizabella Wyciślik-Wilson

Microsoft has set out its plans for WinUI 3.0 which is due to ship later this year. Described as the "modern native UI platform of Windows", WinUI is the C++-based library of controls and Fluent styles that empowers developers to create a new breed of apps.

The company has shared details of the roadmap for WinUI, explaining how version 3.0 will expand into a full UX framework. It is part of Project Reunion which sees Microsoft bringing together a unified set of tools and APIs to make it easy to develop apps for different Windows 10 devices.

Continue reading →

A serious security vulnerability has been discovered in Chrome, forcing Google to push out an emergency update to the browser. Affecting the Windows, Mac and Linux versions of Chrome, the high severity vulnerability is being tracked as CVE-2021-21148.

Described as a "heap buffer overflow in V8", it is being actively exploited in the wild, although few details of the exploit are available. Because of the severity of the vulnerability, Google has released a fix and is urging everyone to install it.

Continue reading →

Microsoft has changed the status of both Windows 10 version 2004 and version 1909, marking them as being ready for "broad deployment".

In the case of Windows 10 version 1909 (or Windows 10 November 2019 Update), the company says it is "designated ready for broad deployment for all users via Windows Update". For Windows 10 version 2004 (aka Windows 10 May 2020 Update), however, the status has been updated to indicate that it is merely "designated for broad deployment". And there is a reason for the difference between the two.

Continue reading →

We recently wrote about a serious vulnerability in the sudo tool which could be used to gain root access to Linux systems. Now a security researcher has found that the security flaw also affects macOS Big Sur -- including on new M1 Macs.

The Baron Samedit vulnerability -- or CVE-2021-3156 -- is a heap-based buffer overflow bug that was discovered by cybersecurity firm Qualys. While it was initially thought to only affect Linux systems, researcher Matthew Hickey (who also goes by the name Hacker Fantastic) found that macOS is also vulnerable with only very minor changes needed to the original exploit.

Continue reading →

Microsoft has released a new update for Windows 10, addressing various issues that have plagued users.

Although the KB4598291 update is an optional one, it fixes so many problems that many people are going to want to get it installed straight away. This particular update is only available for Windows 10 May 2020 Update (version 2004) and Windows 10 October 2020 Update (20H2).

Continue reading →

Microsoft has released a new version of its PowerToys utilities collection for Windows 10, bringing improvements to FancyZones and PowerToys Run. The latest update also includes numerous bug fixes.

Included among the new arrivals in PowerToys 0.31.1 are a new dark mode option and an enhanced interface for FancyZones.

Continue reading →

A trojanized version of OpenSSH software is being used to steal SSH credentials from high performance computing (HPC) clusters, reports security firm ESET. The Linux malware has been dubbed Kobalos, and is described as "small, yet complex" and "tricksy".

Despite its diminutive size, the Kobalos backdoor is hitting some major targets including government systems in the US, universities in Europe, and a major ISP in Asia. Security experts report that while the multiplatform backdoor works on Linux, FreeBSD and Solaris, "there are also artifacts indicating that variants of this malware may exist for AIX and even Windows".

Continue reading →

The next big update for Windows 10 is going to be Windows 10 21H1 -- although it should also have a slightly snappier name when it is released. But while previous xxH1 updates have reached users in May, this year it is looking like it could be a little later than expected.

Although Microsoft has said little official about the Windows 10 21H1 release, a developer writing on the Chromium Gerrit appears to have let something slip.

Continue reading →

Waiting for Microsoft to issue patches for bugs that have been discovered in its software can mean having to be very patient -- some updates just seem to take forever to appear. More than this, the bug fixes can introduce new problems of their own, so it's little wonder that third-party patching services such as 0patch have grown in popularity.

And once again, 0patch has managed to beat Microsoft in releasing a patch for a serious vulnerability. The company's latest patch addresses a local privilege escalation 0day in Windows Installer, and it's available well ahead of Microsoft's official fix.

Continue reading →

It is only a few days since we let you know about an aesthetic change coming to Settings in Windows Terminal. Now the big day has arrived, and Microsoft has released version 1.6 of its powerful and versatile command line tool.

Windows Terminal 1.6 Preview is the first update to see the light of day in 2021, and while the new UI for Settings is the big news, there are plenty of other improvements as well.

Continue reading →

It is very difficult for web browsers to be able to honestly make the claim that they have an exclusive feature these days -- the likes of Chrome, Edge, Firefox et al have started to become all but indistinguishable from one another. Looking to stay ahead of the pack, however, Vivaldi has launched a new feature which is unique.

While the likes of Google have been experimenting with tab grouping and pinning to make room for more open tabs in a browser window, the latest version of Vivaldi has taken a new approach. With the new release you have two layers of tabs to play with, doubling your browsing opportunities.

Continue reading →

Facebook has issued an apology after posts relating to Plymouth Hoe were erroneously flagged up for containing offensive language.

Plymouth Hoe is an area of the South Western English city of Plymouth, and it caused the same problems as places such as Cockermouth, Scunthorpe and Devil's Dyke for obscenity filters. The social network not only removed posts for using the word 'Hoe', but also closed down groups relating to the area.

Continue reading →

Security researchers have revealed details of a vulnerability in Sudo that could be exploited by an attacker to gain root privileges on a wide range of Linux-based systems.

News of the security flaw was shared by Qualys, and it has been described as "perhaps the most significant sudo vulnerability in recent memory". Worryingly, the heap-based buffer overflow bug has existed for almost a decade. It is known as Baron Samedit, tracked as CVE-2021-3156, and affects various versions of Sudo.

Continue reading →

A couple of week ago, we reported about a critical NTFS vulnerability that left hard drives open to corruption in Windows 10. Security researcher Jonas Lykkegaard revealed that opening a folder with a specially crafted name could wipe out the contents of a drive in an instant.

Microsoft is yet to produce a fix for the problem, but that doesn't mean no one else has. Third party patch-makers such as 0patch have already made names for themselves stepping in to produce updates either for unsupported versions of Windows, or simply beating Microsoft to the punch. Now it is the turn of developers from OSR who have released an unofficial workaround patch for the NTFS flaw.

Continue reading →

Installing updates in Windows 10 can be something of a gamble -- will the latest patches make things better or worse? For people with Conexant ISST audio drivers, there have been numerous issues in Windows 10 May 2020 Update (or Windows 10 version 2004).

Users trying to update these drivers found that the update process would fail or produce errors during or after setup. Having worked with Synaptics, Microsoft has identified a compatibility issue and also provided details of a workaround.

Continue reading →