Sofia Elizabella Wyciślik-Wilson

Fans of Linux-based operating systems often cite greater security as the basis for the love of their chosen distro. Whether Linux distros have better security track records than the likes of Windows 11 and macOS because they are inherently more secure or because they are simply not targeted as much as very much open to debate, but Linux remains fallible, nonetheless.

Going some way to prove this is the Symbiote malware discovered by security researchers from BlackBerry and Intezer Labs. Symbiote is worrying for a number of reasons including the fact that it is described as "nearly-impossible-to-detect". It is also extremely dangerous piece of malware that "parasitically infects" systems, infecting all running processes and giving threat actors rootkit functionality, remote access and more.

Continue reading →

Microsoft-owned GitHub plans to sunset its developer-focused text editor Atom. Citing a lack of "significant feature development", GitHub says that Atom will be killed off in December and its projects will be archived.

Atom has been around for more than a decade and has built up a dedicated following, but now its users have just six months to seek out an alternative that they love just as much.

Continue reading →

Microsoft is due to release a big update for Windows 11 later this year, known variously as the 22H2 update and Sun Valley 2. While an official release date is yet to be announced, we already know that the feature update is complete and was made available to developers some weeks ago.

We are expecting the official launch to come in the next few months, but you can grab it right now if you're keen to try out new options such as Start menu folders and regain drag-and-drop in the taskbar. The good news is that getting hold of this important build of Windows 11 is incredibly simple -- and there's no need to be a developer.

Continue reading →

USB-C is now all-but ubiquitous as a connection and charger type for everything from smartphones and webcams to laptops and Bluetooth speakers. There are some notable exceptions, of course, not least of which is Apple's iPhone.

Although just about every Android phone has made the switch to USB-C, Apple has decided to doggedly hang on to its proprietary Lightning connector for the iPhone. But the EU could soon force the company's hand as it moves towards implementing a legal requirement for all phones to have USB-C port in Europe.

Continue reading →

If you were thinking that it has been a while since Microsoft updated PowerToys, you'd be right -- it's over a month since the last update was released. But now the company has pushed out PowerToys v0.59.0, and it's a significant release.

There are many things worthy of mention in this latest version of the utility collection, not least of which is the completion of adding ARM64 support. This is far from being all that PowerToys v0.59.0 has to offer though, there are also important changes and improvements to many individual components including Keyboard Manager, Power Rename and the much-loved FancyZones.

Continue reading →

Yesterday, Apple announced updates to all of its operating systems -- iOS, iPadOS, watchOS and macOS -- and the next version of its desktop operating system is called macOS Ventura. Also known as macOS 13, this will be a free upgrade for anyone with an eligible system and the hardware requirements cut far fewer people out of the loop than Microsoft did with Windows 11.

Apple shared details of the latest version of the OS at WWDC 2022, immediately making a developer preview available for download and promising that a public beta will launch in July. What can you expect to see in Ventura? There's a new app and window management tool called Stage Manager, the ability to use an iPhone as a webcam for a Mac, a greater focus on gaming than before, and much more.

Continue reading →

It is only a couple of months since Microsoft first talked about Windows Autopatch, a new service for users of Windows 10 and Windows 11 designed to ensure that software is kept up to date. The company has now released a public preview of the free service.

As well as keeping Windows 10 and Windows 11 updated, Windows Autopatch will also take care of updating firmware, drivers and Microsoft 365 apps. Microsoft says that the launch date for the service is July, so the release of a public preview gives interested users a chance to try it out a few weeks early.

Continue reading →

Microsoft has once again released a preview of an update for Windows that is due to get a full launch next Patch Tuesday. The KB5014023 update is available for Windows 10 versions 21H1 and 21H2, as well as Windows Server 20H2 and it fixes a number of issues.

Among the problems addressed by the optional update is an issue that caused file copying to be much slower than usual. Other notable changes include a fix for a GPU issue that caused apps to crash, and a fix for a problem that prevented Excel and Outlook from launching.

Continue reading →

Following on from the Follina security flaw, another Windows zero-day vulnerability has come to light. Dubbed SearchNightmare, the issue allows the search-ms URI protocol handler to be used to launch remotely hosted malware-ridden executables via a search window.

The protocol is normally used to perform local searches, but it can also be used to do the same with shared files on a remote host. An attacker could easily trick a victim into clicking a search-ms URI, and a method has been found to bypass the security warning that should be displayed by default.

Continue reading →

This week, we have written about the Follina zero-day vulnerability that allows for remote code execution on a victim's computer. Despite having been known about for a number of weeks, Microsoft is still yet to issue a patch for the actively exploited critical security flaw, instead simply offering details of a workaround.

As has been the case in the past, a third party has come to the rescue. Micro-patching firm 0patch has released a free fix for the vulnerability -- for Windows 11, Windows 10, Windows 7 and Windows Server 2008 R2 -- which is tracked as CVE-2022-30190 and relates to the Microsoft Windows Support Diagnostic Tool (MSDT) component of Windows.

Continue reading →

Microsoft has launched a new family of products called Entra. Microsoft Entra encompasses a number of identity and access management solutions including the existing Azure AD. The launch comes after the acquisition of CloudKnox Security last year, and is Microsoft's attempt to help boost security across multicloud environments -- or "secure access for a connected world".

Bolstering the product family, the company has also launched cloud permission management tool Microsoft Entra Permissions Management​, and Microsoft Entra Verified ID​ -- a system that allows for more secure interactions, based on decentralized identity standards. Microsoft has also announced public previews of Workload Identities​ and Lifecycle Workflows.

Continue reading →

The ability to edit sent messages is something that is common -- although far from universal -- in chat and social apps. The likes of Slack and Skype make it easy to make changes, such as correcting typos in messages, and it is an option that is said to be coming to Twitter at some point in the future.

But while the option to edit tweets may be some way off, users of WhatsApp may have this option sooner rather than later. The developers of WhatsApp are currently working on bringing a message-editing option to the mobile versions of the apps, as well as the desktop and web editions.

Continue reading →

Yesterday we wrote about a zero-day vulnerability called Follina which allows for remote code execution on a victim's computer. While the flow -- tracked as CVE-2022-30190 -- has been described as an Office vulnerability, it is really the result of a security issue with a component of Windows.

A problem exists in the Microsoft Windows Support Diagnostic Tool (MSDT) which is found in all supported versions of Windows, including Windows 11. The vulnerability has been billed as an Office vulnerability as using a malicious Word file is one of the easiest attack vectors to exploit the flaw. But what is worrying about the vulnerability, apart from the fact that Microsoft has not fixed it yet, is that the company was made aware of the fact that it was being actively exploited way back on April 12.

Continue reading →

In the coming weeks, Microsoft is expected to share details of a new Surface Laptop Go. However, it seems we may already know much of what to expect, after a listing for the yet-to-be-announced Surface Laptop Go 2 popped up on a Korean website.

While news of the upcoming device will interest those in the market for an updated model, the listing shows that there may not be a great deal to get excited about besides an upgraded processor.

Continue reading →

While Microsoft may be quick to point out security vulnerabilities in other companies' products, its own software is far from infallible. A good example of this is the recently discovered 'Follina' security hole that affects Microsoft Office.

The vulnerability can be exploited to launch PowerShell and execute a variety of malicious commands; all that a victim needs to do is open a specially crafted Word file. Tracked as CVE-2022-30190, Microsoft has released details of a workaround that helps to mitigate the issue.

Continue reading →