The Register: It’s September 2017, and .NET lets PDFs hijack your Windows PC. “While much of the tech world is still fixating on Apple’s $1,000 face-reading iPhone, administrators are going to be busy testing and deploying this month’s Patch Tuesday load. Microsoft, Adobe, and Google have all released patches to mark the second Tuesday of the month. The updates include fixes for Flash, Edge, Internet Explorer, and Android.”
BetaNews: Microsoft will never again sneakily force Windows downloads on users. “There have been various controversies with Windows 10, from issues with privacy and telemetry, to ads and forced upgrades. Following a court case, Microsoft has vowed to never force upgrade files onto users again. Windows users in Germany were particularly unimpressed when Microsoft forcibly downloaded many gigabytes of files to upgrade from Windows 7 and 8 to Windows 10. Having held out for 18 months, and losing its case twice, Microsoft has finally agreed to stop its nefarious tactics.”
TechCrunch: Microsoft launches Windows Bounty program, offering awards up to $250,000. “Microsoft has been running a bounty program for a few years now, launching it just ahead of the release of Windows 8.1 back in mid-2013. At the time, the company was awarding up to $50,000 for exploits, in an attempt to help address any potential security issues before they could become a larger public concern. It’s a tact taken by a number of tech’s biggest names, like Google, Facebook and, more recently, Apple. The software giant’s expanding things a bit today, with the simply named ‘Windows Bounty Program.'” I think they mean “tack” as in sailing, and not “tact”, but I’m not sure. Maybe “tactic”?
BetaNews: It’s the end of the line For Windows Paint as Microsoft finally kills off its simple art tool. “Among the list of features set to be removed or deprecated in Windows 10 Fall Creators Update is Microsoft Paint, a fixture of Windows since the operating system’s first release back in 1985. Microsoft doesn’t give any explanation as to why it’s being removed. Indeed, in the list of features being dropped it simply says ‘Microsoft Paint.’ Everything else in the list, including Outlook Express, has at least a one-line explanation. What a sad, inglorious ending.” Someone in the comments is pointing out that the program is being deprecated, not completely removed.
Krebs on Security: Adobe, Microsoft Push Critical Security Fixes. “It’s Patch Tuesday, again. That is, if you run Microsoft Windows or Adobe products. Microsoft issued a dozen patch bundles to fix at least 54 security flaws in Windows and associated software. Separately, Adobe’s got a new version of its Flash Player available that addresses at least three vulnerabilities.”
ZDNet: Microsoft says ‘no known ransomware’ runs on Windows 10 S — so we tried to hack it. “The software giant announced the version of Windows earlier this year as the flagship student-focused operating system to ship with its newest Surface Laptop. Microsoft touted the operating system as being less susceptible to ransomware because of its locked-down configuration — to the point where you can’t run any apps outside the protective walled garden of its app store. In order to get an app approved, it has to go through rigorous testing to ensure its integrity. That’s one of several mitigations that helps to protect the operating system to known file-encrypting malware. We wanted to see if such a bold claim could hold up.”
The Verge: Microsoft releases new Windows XP security patches, warns of state-sponsored cyberattacks. “Microsoft issued a ‘highly unusual’ patch for Windows XP last month to help prevent the spread of the massive WannaCry malware. At least 75,000 computers in 99 countries were affected by the malware which encrypts a computer and demands a $300 ransom before unlocking it. Microsoft stopped supporting Windows XP in April 2014, but the software giant is now taking the unprecedented move of including it in the company’s Patch Tuesday round of security updates today.”