By continuing to use the site or Forum, you agree to the use of cookies, find out more by reading our GDPR policy.

An Internet Explorer zero-day vulnerability that came to light last month has now been incorporated in the RIG exploit kit, a web-based toolkit that malware authors use to infect a site's visitors with malware. The vulnerability in question is CVE-2018-8174. This vulnerability affects VBScript, the Visual Basic scripting engine that's included with Internet Explorer and Microsoft Office. On April 20, Bleeping Computer learned from a Chinese security researcher that a cyber-espionage group was using this vulnerability to infect users via Internet Explorer, as part of a series of attacks conducted by what later proved to be a North Korean state-sponsored hacking group. Security researchers from Qihoo 360, who first spotted these attacks, reported the vulnerability to Microsoft, and the company patched the bug in the May 2018 Patch Tuesday security updates, released on May 8. More details can be found on OUR FORUM.
 

The prognosticators at analyst company the IDC do not currently see a bright future for traditional PCs and notebooks. In their Worldwide Quarterly Personal Computing Device Tracker, they predict the PC market will decline 1.8% over the next 4 years, from 408.3 million units in 2018 to 386.2 million devices in 2022. The one bright spark, however, is the detachable market, which they expect to grow 9.8% over the same period, from 23.9 million devices in 2018 to 35.0 million devices in 2022. “Overall the challenges for traditional PCs and tablets remain the same as in past years,” said Ryan Reith, program vice president with IDC’s Worldwide Quarterly Mobile Device Trackers. “However, we continue to see pockets of opportunity and growth when you peel back the onion. With notebook PC's, it’s clear that marketing and development resources are being poured into premium/gaming, convertibles, and thin and light devices. All OEMs, some of which are new to space, seem to be laser-focused on these areas. Detachable tablets are another area that has seen growth, however, it currently feels like the trends around notebook growth opportunities have overshadowed detachable developments.” Learn more at OUR FORUM.

When we talk about computers connecting directly to your brain to interpret your thoughts and act on them, it evokes images of the Borg in Star Trek, but Microsoft is developing just such a technology, but for a very humanitarian reason. Satya Nadella told attendees at Microsoft’s eighth Ability Summit in Redmond that Microsoft is developing brain reading technology to assist people with locked-in syndrome, a rare neurological disorder that only allows people to communicate by eye movement. “How do you give them a language, because of just basically the ability to detect brain activity,” said Nadella. Microsoft has in recent years been brought a number of products designed to improve accessibility to market, including a Seeing Eye app which uses AI to describe scenes to those with visual difficulties and a new Xbox Adaptive Controller, which offers a cheap way for those with disabilities to connect adaptive controllers to their gaming console. “To me, being able to sort of really take that and channel it, see things like at one week where you have these thousands of folks across the company come together and invent these new technologies has been eye-opening for me,” he said. “In fact, I’m just getting ready to even host a dinner with some of the researchers that are working on the brain — you know, human-brain interface.” Learn more on OUR FORUM.

USB Implementers Forum (USB-IF), the organization which promotes USB technology, today announced a USB HID (Human Interface Device) standard for braille displays. This new standard will make it easier for the blind community to use a braille display across operating systems and different types of hardware. It will also enable easy development of braille devices as custom software and drivers created for a particular OS or screen reader is no longer needed. Microsoft collaborated with Apple and industry organizations to develop this new standard. “We see the opportunity that advancements in technology can create for people with disabilities and have a responsibility as an industry to develop new ways of empowering everyone to achieve more,” said Jeff Petty, Windows accessibility program manager lead at Microsoft. “Developing an HID standard for braille displays is one example of how we can work together, across the industry, to advance technology in a way that benefits society and ultimately improve the unemployment rate for people with disabilities.”“Technology should be accessible to everyone and Apple designs all products with that in mind,” said Sarah Herrlinger, director of Global Accessibility Policy and Initiatives at Apple. Further details can be found on OUR FORUM.

After it was reported that the VPNFilter botnet consisting of over 500,000 routers and NAS devices was taken over by the US government, the FBI issued an advisory stating that users should reboot their routers in order to disrupt the malware. Unfortunately, as shown by the five phone calls I received today, many people heard the reboot part but did not read the rest of the recommendations of turning off remote administration, changing passwords, and upgrading to the latest firmware. One step that was not mentioned is the fact that the only way to truly remove VPNFilter is to reset the router to factory defaults. Due to this, people are just resetting their routers but leaving part of the malware still present after it is rebooted. With that said, I have put together a guide on VPNFilter, what the FBI advisory is about, and the steps you should perform to clean and secure your router. VPNFilter is malware that targets routers and NAS devices in order to steal files, information, and examine network traffic as it flows through the device. When the malware is installed, it will consist of three different stages, with each stage performing specific functions. There's plenty more on OUR FORUM.

The rollout of Windows 10 April 2018 Update started earlier this month, and according to AdDuplex, a leading cross-promotion network for Windows Store apps, the latest version of the OS has already managed to reach 50% of Windows 10 PCs in just one month. It is worth noting that the report is based on data collected from around 5,000 Microsoft Store apps. Microsoft typically needs a few months to ship new Windows 10 updates to all devices, but it appears that the more and more users have manually upgraded their systems to the newest version of the operating system. Windows 10 April 2018 Update is available for manual download since April 30, and in just one month, the operating system is on 50% of PCs. AdDuplex claims that this the fastest spreading Windows 10 update by far, and the previous version of Windows 10 (the Creators Update) was under 50% for about 3 months. Microsoft has tried to make Windows 10 the right operating system for all devices with the April 2018 Update (version 1803). Windows 10 version 1803 is a big update and it comes with Timeline, a new feature that allows users to resume the activity from where they left off. It also improves Edge browser, Start menu, Fluent Design, first-party apps and fixes the glitches reported by users. Tere's more on OUR FORUM.