Articles about Windows

Security researchers at Cybellum have revealed details of a zero-day exploit that makes it possible for an attacker to take full control of antivirus software. The technique can be used to take control of just about any application, but by focusing on antivirus tools, the illusion of safety offered to victims means they are likely to be completely unaware of what is happening.

The attack works by exploiting the Microsoft Application Verifier that's built into Windows. It is possible to replace the tool with a custom verifier which can then be used to inject malicious code into any chosen application. A number of well-known antivirus tools -- including Avast, BitDefender, ESET, Kaspersky, and F-Secure -- are vulnerable, while patches have been released for others.

Continue reading →

If you are like me, running just one operating system isn't enough -- maybe you dual boot or have multiple computers. I, for example, have a Windows 10 desktop, MacBook Pro laptop, and a Linux box. The problem with this setup, you see, is that my desk gets very crowded and messy. Believe it or not, I have just one monitor for all of my computers (I switch between HDMI and DisplayPort), but multiple keyboards, touch pads and mice -- it can be distracting.

Today, Logitech launches a brilliant product that should solve my dilemma. The MK850 Performance Wireless Keyboard and Mouse Combo works with Windows, Mac, Android, Chrome OS and iOS. It should work with desktop Linux distributions too, such as Ubuntu and Fedora. With the click of a button, both the keyboard and mouse can switch between up to three computers or operating systems. This includes mobile devices, such as tablets and smartphones (the mouse will not work with iOS, however). Best of all, both of the input devices are ergonomic and look elegant.

Continue reading →

Kdenlive has been a popular non-linear video editor in the Linux world for a very long time, but the developers have also recently released a first Windows port.

The build doesn't skimp on functions: there's a full multi-track timeline and an array of effects and transitions to explore.

Continue reading →

Google has announced that it plans to introduce placeholders on Google Drive. The search giant is currently beta testing the new feature, which is officially called Drive File Stream, with the help of G Suite users as part of the Early Adopter Program.

Drive File Stream enables users to access content stored in their Google Drive account without actually downloading it on their device. It works similarly to Dropbox Smart Sync or OneDrive placeholders on Windows 8.

Continue reading →

Around a year ago I took a look at the iClever Tri-folding Backlit Bluetooth Keyboard, having previously examined the iClever Portable Foldable Bluetooth Keyboard. The latest addition to the range follows in the footsteps of its predecessors, but this time boasts a trackpad.

This is a Bluetooth keyboard that can be configured to connect to up to three devices -- phones, tablets, laptops, and so on. The keys are nearly full-sized (just 9 percent smaller than normal), and the right-hand side of the fold-out unit is occupied by a laptop-style trackpad that allows for easier control of the device you connect to, and eliminates the need to carry a mouse as well.

Continue reading →

Last week 0patch produced what was described as the first 0-day patch for Windows in lieu of Microsoft's usual Patch Tuesday release. It came after Google revealed a pair of vulnerabilities affecting IE/Edge and Windows.

Having addressed the problem in Windows, 0patch is at it again, this time patching the "type confusion" bug (CVE-2017-0037) that plagues Internet Explorer and Edge. This patch is described as an attempt to "release a simple temporary patch that blocks an attacker than try to create a perfect patch", and it's available for anyone who is willing to place their trust in third-party patching.

Continue reading →

Microsoft today releases Visual Studio 2017 and the fourth preview of Visual Studio for Mac. The latest official version of its longstanding IDE for Windows adds improvements related to productivity, performance, mobile apps, cloud development, DevOps and the ecosystem surrounding Visual Studio.

Visual Studio 2017, according to Microsoft's blog post announcing the release, features an improved startup and project load times, better navigation, the ability to edit files without having to open a project or solution, CMake support and Linux support for C++, Xamarin Forms Previewer, a new Connected Services experience, the ability to build .NET Core 1.0 and .NET Core 1.1 apps, support for Azure App Service and more.

Continue reading →

Following the revelation of vulnerabilities in Windows, Internet Explorer and Edge by Google, and the delaying of the traditional Patch Tuesday, Microsoft security update practices have been in the spotlight. Google's Project Zero has exposed security issues that Microsoft is yet to fix, so a third party has decided to step in to help out.

A new project going by the name of 0patch has created a "0patch" for a zero-day, addressing the Windows gdi32.dll memory disclosure (CVE-2017-0038) yet to be fixed by Microsoft. As the issue is unlikely to receive an official patch until at least the middle of March, this third-party option is all that's available for now.

Continue reading →

Security researchers from Kaspersky Lab are currently investigating the first Windows-based spreader for the Mirai malware, something that can have huge implications for companies that invested heavily in IoT.

The spreader was apparently built by someone with "more advanced skills" than those that had created the original Mirai malware. This, Kaspersky Lab says, has "worrying implications for the future use and targets of Mirai-based attacks."

Continue reading →

The latest software vulnerability report from Secunia Research at Flexera Software reveals that the average US private PC user has 75 installed programs on their PC, 7.4 percent of which are no longer patched by the vendor.

More detailed analysis of the findings shows that 7.5 percent of users had unpatched Windows operating systems in the final quarter of 2016, up from 6.1 percent in Q3 of 2016 and down from 9.9 percent in Q4, 2015.

Continue reading →

Google's Project Zero has proved controversial on several occasions already, with the search giant publicly revealing details of software bugs when companies fail to fix them. Now the project has unearthed a bug in Windows, and as Microsoft failed to patch it within 90 days of being notified, details of the flaw have been made available for everyone to see -- and exploit.

A problem with the Windows Graphics Component GDI library (gdi32.dll) means that a hacker could use EMF metafiles to access memory and wreak all sorts of havoc. While Microsoft has issued Security Bulletin MS16-074, Google's Mateusz Jurczyk says it failed to properly address the problem -- hence the public outing of the bug.

Continue reading →

Finished with that USB key? Unplugging it risks losing data, so in theory you should click the Windows "Safely remove hardware" icon, choose the drive, and wait to be told it’s safe to unplug.

Unfortunately, the Safely Remove Hardware system is very strict about the drive types it supports. SATA or eSATA drives, fixed drives with a USB connections, even some USB keys won’t appear on the list, and the only guaranteed safe way to swap them out is to grind your way through Device Manager.

Continue reading →

PeaUtils is a simple suite of file processing tools from Giorgio Tani, the developer of PeaZip.

The program can create hashes, process checksums, analyze and report on files, split and join files, display files in a hex view, securely delete confidential data, wipe drive free space, and more.

Continue reading →

These days, the threats posed to your PC have never been greater. It’s no longer enough to rely on simple basic anti-malware protection and the built-in Windows firewall. If you want to really close the door to hackers, Trojans and other threats, you need to add multiple layers of security to your computer.

That’s the bad news. Here’s the good news: thanks to the Downloadcrew Software Store, there’s never been a better time to beef up your protection, with great deals for the latest software, from Malwarebytes 3 to Emsisoft Anti-Malware 2017.

Continue reading →

Need to enter a Unicode symbol on your PC? Then launch the Character Map, find what you need to the clipboard and copy it to the clipboard. Sounds easy, right? Until you try it.

The reality is the Character Map gives you hundreds of characters to examine, organised in a way which doesn’t always match their purpose, and displayed in such a small font that you’ll barely be able to see some of them at all.

Continue reading →