By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

The last time Microsoft provided us with any information regarding the number of Windows 10 devices was back in March, when it surpassed the 800 million mark. During the Build developer event, however, Paul Thurrott from got access to documentation with more recent information in that regard. According to those documents, Windows 10 is now active on 825 million devices, a notable increase over the 800 million announced two months ago. Usage numbers were also revealed for some of Microsoft's apps. The Edge browser for Android and iOS has been downloaded a total of 4.5 million times, and Microsoft Launcher has over four million users. Meanwhile, SwiftKey, which was already fairly popular prior to its acquisition by Microsoft, has a total of 159 million active users. Additionally, Thurrot learned a bit more about the structure of Microsoft's organization, specifically around Windows, which has been without a known leader since Terry Myerson stepped down last year. Microsoft has made Eran Megiddo Corporate Vice President for Windows and Education, but he will report to Joe Belfiore, so the position isn't exactly the same as the one held by Myerson. Under the leadership of Megiddo, the Windows team has set three goals - to create clarity around Microsoft’s strategy for the OS, better manage cross-devices experiences between Windows and mobile, and continue pushing Windows in the education market. Google's Chrome OS is gaining popularity in that segment, so it makes sense that Microsoft wants to put up a fight. Since its launch, Windows 10 hasn't quite grown at the pace Microsoft originally hoped it would, as the company originally targeted one billion users in the three years following the initial release. However, growth has been steady, and Microsoft is inching closer to that number, and the new leadership could be a good step in that direction.
Via Neowin

Scammers running business email compromise (BEC) fraud have grown in number, attack more often, and turn to remote access trojans as the preferred malware type to accompany their raids. Although the FBI's Internet Crime Complaint Center (IC3) developed a Recovery Asset Team has made a difference in reducing losses caused by BEC scams, now there are more fraudsters than ever. Since its establishment in early 2018, IC3's asset recovery team has recorded a success rate of 75% for the incidents it investigated, retrieving over $192 million in funds misdirected in BEC scams. BEC is a global threat, but there is one place where making money through this type of fraud is the norm. This type of activity is rife in Nigeria, home of the infamous 419 email scam (the prince is still looking for someone to help move his wealth out of the country). Palo Alto Networks' Unit 42 has been monitoring the Nigerian cybercrime since 2014 and documented its evolution into using malware for reaching the financial goal. In 2017 there were around 300 unique actors or groups engaged in BEC fraud, and the next year the number grew to over 400. The researchers track them under the code name SilverTerrier. With swelling their numbers, activity from SilverTerrier also surged last year, by 54% compared to 2017. This translates into a monthly average of 28,227 attacks Unit 42 saw aimed at its customers. High-tech was the most targeted industry, with over 120,000 attacks recorded last year, up from 46,000. Moving behind at a rapid speed is the wholesale sector, which faced four times more attacks, around 80,000. Further details posted on OUR FORUM.

Today Nvidia released GeForce Game Ready WHQL 430.64 drivers for Windows 10, 8, 8.1 and 7 with a slew of bug fixes. Nvidia 430.64 driver update includes security fixes and as well as Game Ready status for a couple of new games. Nvidia 430.64 also comes with a fix for a bug that caused higher CPU usage by NVDisplay.Container.exe. About a week ago, Nvidia fixed this critical bug with the 430.53 hotfix update and the company has also included the fix in the latest update. The fix for higher CPU usage isn’t the only change as Nvidia has packed a few more improvements into this driver. As mentioned, GeForce Game Ready WHQL 430.64 drivers also add Game Ready status to three new titles – World War Z, Total War: Three Kingdoms and RAGE 2. There are several bug fixes included in this driver update. For example, Nvidia has fixed an issue where users experienced flickering when the benchmark is launched. Another bug where the application crashes when the game is launched has been fixed. The update includes a fix for Shadow of the Tomb Raider where the game freezes when launched in SLI mode. Crashing issues with Hitman 2 in DirectX 12 has been also addressed. Nvidia is also fixing the desktop flickers when videos are played on the secondary monitor. Nvidia is aware of a couple of problems with the driver on Windows 10 machines. In the changelog, Nvidia says that when 3D Settings page > Vertical Sync setting is set to Adaptive Sync, V-Sync works only at the native refresh rate after rebooting the system. Learn more and download from OUR FORUM.

Microsoft is releasing Windows 10 Insider Preview Build 18894 (from the 20H1 branch) to Windows Insiders in the Fast ring. There are a number of improvements, bug fixes, and performance enhancements coming with today’s preview build. However, there is also quite a long list of known issues so make sure to pay attention to those before installing the latest Windows 10 2020 Preview Build. We’ve heard your feedback asking for increased consistency, and to make it easier to find your files. Over the next few days, we’ll be starting to roll out a new File Explorer search experience – now powered by Windows Search. This change will help integrate your OneDrive content online with the traditional indexed results. This rollout will start with a small percentage, and then we’ll increase the rollout to more Insiders as we validate the quality of the experience. What does that mean for you? Once you have the new experience, as you type in File Explorer’s search box, you’ll now see a dropdown populated with suggested files at your fingertips that you can pick from. These improved results can be launched directly by clicking the entry in the new suggestions box, or if you want to open the file location, just right-click the entry and there’ll be an option to do so. If you need to use commands or dig deeper into non-indexed locations, you can still press enter and populate the view with the traditional search results. For more visit OUR FORUM.

Security researchers brought to life and released a wicked variant of Clippy, the recently resurfaced assistant in Microsoft Office that we all loved so much to hate, that makes it more difficult to detect a malicious macro in documents. Dubbed Evil Clippy, the tool modifies Office documents at file format level to spew out malicious versions that get by the static analysis of antivirus engines and even utilities for manual inspection of macro scripts. To do this, it takes advantage of undocumented features, unclear specifications, and deviations from intended implementations. Macros are snippets of VBA (Visual Basic for Applications) code that automate tasks in Microsoft Office applications. They are constantly used to deliver malware when the user opens a document. Researchers at Dutch security testing company Outflank developed Evil Clippy for professionals running red team attacks against a client organization. The tool runs on Windows, macOS, and Linux. The tool can be used with documents formats for Microsoft Office 97 - 2003 (.DOC and .XLS), and  2007 and above (.DOCM and .XLSM, which are basically ZIP containers and come with macros enabled). All these file types use the Compound File Binary Format (CFBF) and Outflank's program modifies it using the OpenMCDF library. One technique Evil Clippy uses to generate a maldoc is "VBA stomping," a method detailed by Walmart's security team, by which the original code of the VBA script can be replaced by a compiled version for the VBA engine called pseudo-code, or p-code in short. Infosec expert Vesselin Bontchev detailed publicly that VBA scripts can execute at runtime in three forms, with p-code being the most popular. We more posted on OUR FORUM.

Microsoft will begin to ship an in-house custom built Linux kernel starting with the Windows 10 Insider builds this summer. This kernel is to become the backbone for the new Windows Subsystem for Linux 2.0 or WSL2. Unlike WSL1, which used a Linux-compatible kernel, WSL2 will use a genuine open-source kernel compiled from the stable 4.19 version release of Linux at While Microsoft will be providing the Linux kernel, they will not provide any Linux binaries to go with it. Instead, users will still need to download their favorite Linux distribution from the Microsoft Store or by creating a custom distribution package. While the source code for the kernel will come from, Microsoft has stated that they will apply custom patches that reduce the memory footprint of the kernel and provide hardware compatibility. In the first iteration of the Windows Subsystem for Linux (WSL1), Microsoft had to translate Linux system calls so they could communicate and work with the Windows NT kernel. With the use of a true Linux kernel, it is no longer necessary to use a translation layer and apps will have full access to their normal system calls. Removing the translation layer not only improves compatibility for Linux apps but also increase file system performance. According to tests performed by Microsoft, the new Linux kernel has improved the performance of WSL, with unpacking archives up to 20x faster and tools such as npm, git, and cmake being 2-5x faster. To make it easier to administer WSL2, Microsoft will also include the Linux kernel in Windows Update so that security updates and improvements will automatically be delivered to Windows 10. Learn more by visiting OUR FORUM.