Microsoft has warned that all versions of Windows feature critical unpatched RCE vulnerabilities. The security problems stem from the Windows Adobe Type Manager Library, and relates to the parsing of fonts.
The company is working on a fix which will be released when the next Patch Tuesday rolls around -- but for Windows 7 users, despite the critical nature of the bugs, it is only those who have paid for an ESU licence that will get the security update. There is a bit of good news, however. While the vulnerability is yet to be patched, there is a workaround available that will do the job for the time being.
Microsoft's Windows 10 is hardly a new operating system anymore. In fact, it has been available to the public for damn near five years now. And yet, despite existing half a decade, it still feels very incomplete. The Control Panel still hasn't been merged with Settings, for instance, and the user interface still feels like a work in progress. Hey, at least those terrible Live Tiles are seemingly on their way out. Ultimately, using Windows 10 feels like you are in a constant state of beta. It shouldn't be this way -- Microsoft's operating system should be much better than it is. After all, the company essentially has unlimited resources.
Thankfully, Linux is here to save the day. Yes, thanks to Linux distributions, computer users can experience a sane operating system -- one that actually makes sense. There are countless great Linux-based operating systems, such as MX Linux 19.1, Netrunner 20.01, elementary OS 5.1.2, and Manjaro 19.0. One of my favorite Linux distros -- particularly for those switching from Windows -- is the excellent Zorin OS. Why? Well, it is very secure, looks great, offers a familiar user experience, and comes with some great free software. Today, a new version of that operating system -- Zorin OS 15.2 -- becomes available for download, and it looks awesome.
With Windows 7 now at its end-of-life, the need to update outdated systems is of the utmost importance. This is especially true for Internet of Things (IoT) and Industrial Control System (ICS) environments, as vulnerabilities in these older systems can lead to attacks that result in costly downtime, catastrophic safety and environmental incidents, and theft of sensitive intellectual property.
We spoke to Phil Neray, vice president of industrial cybersecurity at CyberX, to find out more about why updating these systems is so imperative and to hear some recommendations about how organizations can go about doing so.
A moment five years in the making is here. Support for Windows 7 officially ended on January 14. While not every enterprise has completed the migration to Windows 10, it is the operating system IT teams must focus on moving forward -- and it means big changes in how they operate. "Set it and forget it" is done. At the same time, the pain of migrating thousands of endpoints over to an entirely different OS is too, replaced instead by a new method of ongoing life cycle management.
We’ve entered the era of Windows as a Service. This is not just clever marketing but rather a genuine shift in how new Windows features are introduced and updates are conducted. Essentially, this model requires delivery of new features twice a year and security updates every month. Feature updates also receive ongoing quality updates over the course of either 18 or 30 months, replacing what previously occurred over the course of several years. The new model translates to a continuous rollout of Windows through internal testing. As with any major change, Windows as a Service has its pros and cons. Let’s dive in.
Just after Windows 7 reached the end of support on January 14, a bug emerged that turned desktops black. Having initially said that only people paying for support would get a fix, Microsoft relented and gave everyone a patch. Now another bug has reared its head, preventing Windows 7 users from shutting down or rebooting their computers.
It's not clear what is causing the bug, but affected users see a message that reads "You don't have permission to shut down this computer" when they attempt to shut down or reboot. There's no fix available just yet, but there are workarounds.
With its "last" update for Windows 7, Microsoft managed to introduce a strange bug that left some users staring at a black desktop rather than their preferred background image.
With Windows 7 now at the end of its life, Microsoft initially said that only those who were paying for extended support would get a fix for the bug, but ultimately it relented and said everyone could have it. Now the patch has been released as KB4539602.
As of January 14, 2020, Microsoft has discontinued Windows 7 support as planned for the operating system's End of Life (EOL). To some organizations, this operating system (OS) might seem like a distant memory. However, nearly 30 percent of the world’s computers -- or more than 400 million -- still run Windows 7 and are only now contemplating migration to Windows 10. Millions of users will be depending on an unsupported OS for some time after its retirement and IT teams will still be responsible for maintaining these systems.
While Microsoft will not be globally pushing out any more security patches for Windows 7 after Jan 14th, customers can pay for a security update service which will deliver patches until 2023. Failure to sign-up for and implement these patches will mean operating an OS that is vulnerable to malicious actors. IT teams will need to continue updating and patching Windows 7 as long as their company is using it -- even if they are in the process of migrating to Windows 10.
I am a huge proponent of using Linux-based desktop operating systems, and I try to convert people from Windows whenever it makes sense. Why do I do this? Well, Linux distributions, believe it or not, are often easier to use than Microsoft's operating system. With so many people living in the web browser these days, a Linux installation with Google Chrome is largely all an average user needs. More advanced users can install excellent free software such as LibreOffice or GIMP -- if needed. Not to mention, it can be argued that Linux is more secure than Windows. Overall, switching to Linux is a huge win for many.
Even installing a Linux distro is easy these days. Long gone are the days where the installation required a degree in computer science (except for Arch, maybe). The current Ubuntu installer, for instance, is more straightforward than the one found on Windows 10! So why in the hell is Canonical, the maker of Ubuntu, making it seem so damn hard? You see, the company has put out an installation guide that will make a person curious about switching to Ubuntu to instead run for the hills.
Microsoft may have dropped Windows 7 like a hot stone, but that doesn't mean everyone is. Recognizing the fact that large numbers of people are going to continue using the aged operating system, most antivirus firms are going to continue to offer support.
Support from the likes of AVG, Avira, Kaspersky and Trend Micro for at least two years is great news for those concerned about the security of sticking with Windows 7. Of course, this doesn't mean that the operating system is entirely safe to use now that it has reached end of life, but with the right software installed, hangers-on can secure their systems somewhat.
If you are still using Windows 7 on your computer, you are making a huge mistake. Running an unsupported operating system is pure foolishness -- there will be countless exploits in the future for which you simply won't receive patches. In other words, your data and overall online safety is now at major risk. If you insist on sticking with Microsoft's operating system, you might as well upgrade to Windows 10 -- either by installing the operating system on your current computer or buying a new PC with the OS pre-loaded.
Understandably, many people are scared of Windows 10 -- Microsoft's data collection through extreme telemetry can make it feel like your own computer is spying on you. In that case, a Linux-based operating system should be considered. Today, Canonical releases an official guide for those thinking of switching to Ubuntu from Windows 7. Not only does the guide address potential hardware incompatibilities, but it provides a handy list of popular Windows software and its comparable Linux alternatives.
Some Windows 7 users who installed the KB4534310 update found that their desktops turned black. With the operating system having now reached end of life, the company said that it would only make a fix available to organizations paying for Windows 7 Extended Security Updates (ESU).
But Microsoft has changed its mind. It now says that it will make a patch available for all Windows 7 users, addressing the bug introduced by the last ever freely available Windows 7 update.
Your Windows 7 desktop has turned black? Microsoft has a fix on the way... and workarounds in the meantime [Updated]
Windows 7 is dead: you know this. There are no more Windows 7 updates for most people: you know this. And some believe Windows 7 should be made open source: yeah, right
Whatever the status of Windows 7, the fact of the matter is that there are plenty of people still using it, and the last update (KB4534310) caused a strange problem for some users, turning their desktops black. Microsoft has now acknowledged the issue, but says that it will only fix the bug for those who are willing to pay.
Windows 7 is dead to Microsoft -- unless, of course, you're willing to pay. It's now ten days since the operating system reached end of life, but many people, for various reasons, are choosing to stick with it rather than upgrading to Windows 10.
This means missing out on security updates, but the Free Software Foundation (FSF) thinks it has a solution. It suggests that Microsoft 'upcycles' Windows 7 and makes the operating system open source so that the community can "study and improve" it.
Internet Explorer may be a relic from the past, but it's still out there and used by surprising numbers of people. Not all versions of it are supported by Microsoft anymore, so when a critical bug was discovered in the Windows 7, 8.x, 10, Windows Server 2008 and 2012 versions of the browser, there were questions about who was going to be protected.
The bug was revealed just days after support ended for Windows 7, and it wasn't clear whether Microsoft would stick to its guns and leave those people still using this operating system out in the cold and unprotected. The company has now confirmed what's going to happen.
It can hardly have escaped your attention that Windows 7 has now reached end of life. For companies and enterprise customers unwilling to pay for Extended Security Updates, this means there will be no more updates. The average home user who has decided to stick with Windows 7 has been completely abandoned by Microsoft, leaving them with an operating system that could be found to contain an endless number of security vulnerabilities.
But, actually, there is another option for home users, and it does not involve paying any money to Microsoft. We're talking micropatches. Specifically, we're talking about micropatches from 0patch. We've covered the work of this company in the past, including its recent fix for the Internet Explorer vulnerability.