Windows | ResearchBuzz: Firehose

March 26, 2023

Bleeping Computer: Microsoft pushes OOB security updates for Windows Snipping tool flaw

Bleeping Computer: Microsoft pushes OOB security updates for Windows Snipping tool flaw. “Now tracked as CVE-2023-28303, the Acropalypse vulnerability is caused by image editors not properly removing cropped image data when overwriting the original file. For example, if you take a screenshot and crop out sensitive information, such as account numbers, you should have reasonable expectations that this cropped data will be removed when saving the image. However, with this bug, both the Google Pixel’s Markup Tool and the Windows Snipping Tool were found to be leaving the cropped data within the original file.”

March 16, 2023

Krebs on Security: Microsoft Patch Tuesday, March 2023 Edition

Krebs on Security: Microsoft Patch Tuesday, March 2023 Edition. “Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction.”

Tweaks & Updates 0

March 14, 2023

Ars Technica: You can now run a GPT-3-level AI model on your laptop, phone, and Raspberry Pi

Ars Technica: You can now run a GPT-3-level AI model on your laptop, phone, and Raspberry Pi. “Things are moving at lightning speed in AI Land. On Friday, a software developer named Georgi Gerganov created a tool called ‘llama.cpp’ that can run Meta’s new GPT-3-class AI large language model, LLaMA, locally on a Mac laptop. Soon thereafter, people worked out how to run LLaMA on Windows as well. Then someone showed it running on a Pixel 6 phone, and next came a Raspberry Pi (albeit running very slowly).”

Tweaks & Updates 0

February 26, 2023

The Verge: Microsoft accidentally offers Windows 11 upgrades to unsupported PCs again

The Verge: Microsoft accidentally offers Windows 11 upgrades to unsupported PCs again. “Microsoft has once again accidentally offered the Windows 11 upgrade to PCs with unsupported hardware. Twitter user PhantomOcean3 spotted the mistake earlier this week, where Microsoft was showing fullscreen prompts on unsupported hardware.”

Around the Search & Social Media World 0

February 15, 2023

Krebs on Security: Microsoft Patch Tuesday, February 2023 Edition

Krebs on Security: Microsoft Patch Tuesday, February 2023 Edition. “Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This year’s special Valentine’s Day Patch Tuesday includes fixes for a whopping three different ‘zero-day’ vulnerabilities that are already being used in active attacks.”

Security & Legal Issues 0

January 23, 2023

The Verge: Microsoft to stop selling Windows 10 downloads on January 31st

The Verge: Microsoft to stop selling Windows 10 downloads on January 31st. “Microsoft says it will stop selling downloads for Windows 10 Home and Pro licenses later this month. Windows 10 will continue to be supported until October 2025.”

Tweaks & Updates 0

January 22, 2023

PC World: The old Windows Photos app is better than the new one, and you can still use it

PC World: The old Windows Photos app is better than the new one, and you can still use it. “What’s known as Microsoft Photos Legacy still resides within the Windows Store, and there’s one good reason that you might still prefer it over the latest version: its superior content search capabilities.”

Useful Stuff 0

January 9, 2023

Bleeping Computer: Microsoft ends Windows 7 extended security updates on Tuesday

Bleeping Computer: Microsoft ends Windows 7 extended security updates on Tuesday. “Windows 7 Professional and Enterprise editions will no longer receive extended security updates for critical and important vulnerabilities starting Tuesday, January 10, 2023. Microsoft launched the legacy operating system in October 2009. It then reached its end of support in January 2015 and its extended end of support in January 2020.”

Tweaks & Updates 0

December 19, 2022

Ars Technica: Critical Windows code-execution vulnerability went undetected until now

Ars Technica: Critical Windows code-execution vulnerability went undetected until now . “Researchers recently discovered a Windows code-execution vulnerability that has the potential to rival EternalBlue, the name of a different Windows security flaw used to detonate WannaCry, the ransomware that shut down computer networks across the world in 2017.”

Security & Legal Issues 0

December 13, 2022

PC World: Finally! Windows Snipping Tool will add screen recording

PC World: Finally! Windows Snipping Tool will add screen recording. “The Windows Snipping Tool app is finally adding a screen recorder feature—a tool that PCWorld may care more about than you, honestly.”

Tweaks & Updates 0

December 9, 2022

Microsoft: Whoops, Patch Tuesday might screw your database connections (The Register)

The Register: Microsoft: Whoops, Patch Tuesday might screw your database connections . “Applications using the Open Database Connectivity (ODBC) interface may fail to connect after installing the November Patch Tuesday Windows updates, according to Microsoft. Users may see the apps that use the Microsoft ODBC SQL Server Driver have problems, with some attempts to access databases generating an error message when the connection fails, the software maker wrote this week in its Windows Health Dashboard.”

Tweaks & Updates 0

October 14, 2022

Ars Technica: How a Microsoft blunder opened millions of PCs to potent malware attacks

Ars Technica: How a Microsoft blunder opened millions of PCs to potent malware attacks. “For almost two years, Microsoft officials botched a key Windows defense, an unexplained lapse that left customers open to a malware infection technique that has been especially effective in recent months.”

Security & Legal Issues 0

October 14, 2022

Krebs on Security: Microsoft Patch Tuesday, October 2022 Edition

Krebs on Security: Microsoft Patch Tuesday, October 2022 Edition. “Microsoft today released updates to fix at least 85 security holes in its Windows operating systems and related software, including a new zero-day vulnerability in all supported versions of Windows that is being actively exploited. However, noticeably absent from this month’s Patch Tuesday are any updates to address a pair of zero-day flaws being exploited this past month in Microsoft Exchange Server.”

Security & Legal Issues 0

September 14, 2022

Bleeping Computer: Microsoft September 2022 Patch Tuesday fixes zero-day used in attacks, 63 flaws

Bleeping Computer: Microsoft September 2022 Patch Tuesday fixes zero-day used in attacks, 63 flaws. “Today is Microsoft’s September 2022 Patch Tuesday, and with it comes fixes for an actively exploited Windows vulnerability and a total of 63 flaws. Five of the 63 vulnerabilities fixed in today’s update are classified as ‘Critical’ as they allow remote code execution, one of the most severe types of vulnerabilities.”

Security & Legal Issues 0

September 7, 2022

PowerToys 0.62: three new toys to play with (Text Extractor, Quick Accent, Screen Ruler) (GHacks)

GHacks: PowerToys 0.62: three new toys to play with (Text Extractor, Quick Accent, Screen Ruler). “Microsoft published a new stable version of its PowerToys tools collection for Windows today. The new version of PowerToys introduces three new utilities to the application that users may start using right away.”

Tweaks & Updates 0

Bleeping Computer: Microsoft pushes OOB security updates for Windows Snipping tool flaw

Krebs on Security: Microsoft Patch Tuesday, March 2023 Edition

Ars Technica: You can now run a GPT-3-level AI model on your laptop, phone, and Raspberry Pi

Krebs on Security: Microsoft Patch Tuesday, February 2023 Edition

The Verge: Microsoft to stop selling Windows 10 downloads on January 31st

PC World: The old Windows Photos app is better than the new one, and you can still use it

Bleeping Computer: Microsoft ends Windows 7 extended security updates on Tuesday

Ars Technica: Critical Windows code-execution vulnerability went undetected until now

PC World: Finally! Windows Snipping Tool will add screen recording

Microsoft: Whoops, Patch Tuesday might screw your database connections (The Register)

Ars Technica: How a Microsoft blunder opened millions of PCs to potent malware attacks

Krebs on Security: Microsoft Patch Tuesday, October 2022 Edition

Bleeping Computer: Microsoft September 2022 Patch Tuesday fixes zero-day used in attacks, 63 flaws

PowerToys 0.62: three new toys to play with (Text Extractor, Quick Accent, Screen Ruler) (GHacks)

Get RB Firehose Via EMail

Recent Posts

Popular Posts

Latest ResearchBuzz Gizmos