Gregg Keizer

Author Archives: Gregg Keizer

Microsoft stays security bulletins’ termination

Microsoft today postponed the retirement of the security bulletins that for nearly two decades have described in detail the month's slate of vulnerabilities and accompanying patches.The bulletins' last stand was originally scheduled for January, with a replacement process ready to step in Feb. 14. Rather than a set of bulletins, Microsoft was to provide a searchable database of support documents dubbed the "Security Updates Guide" or SUG.But just hours before February's security updates were to be released, Microsoft announced that it was postponing the entire collection to March 14, citing "a last-minute issue" that might impact some customers. The Redmond, Wash. company never spelled out exactly what led it to decide on the unprecedented delay.To read this article in full or to leave a comment, please click here

DOJ: No, we won’t say how much the FBI paid to hack terrorist’s iPhone

The U.S. Department of Justice yesterday argued that it should not have to reveal the maker of a tool used last year to crack an alleged terrorist's iPhone or disclose how much it paid for the hacking job, court documents showed.That tool was used last year by the FBI to access a password-protected iPhone 5C previously owned by Syed Rizwan Farook, who along with his wife, Tafsheen Malik, killed 14 in San Bernardino, Calif., in December 2015. The two died in a shootout with police later that day. Authorities quickly labeled them terrorists.In March 2016, after weeks of wrangling with Apple, which balked at a court order compelling it to assist the FBI in unlocking the iPhone, the agency announced it had found a way to access the device without Apple's help. Although the FBI acknowledged it had paid an outside group to crack the iPhone, it refused to identify the firm or how much it paid.To read this article in full or to leave a comment, please click here

DOJ: No, we won’t say how much the FBI paid to hack terrorist’s iPhone

The U.S. Department of Justice yesterday argued that it should not have to reveal the maker of a tool used last year to crack an alleged terrorist's iPhone or disclose how much it paid for the hacking job, court documents showed.That tool was used last year by the FBI to access a password-protected iPhone 5C previously owned by Syed Rizwan Farook, who along with his wife, Tafsheen Malik, killed 14 in San Bernardino, Calif., in December 2015. The two died in a shootout with police later that day. Authorities quickly labeled them terrorists.In March 2016, after weeks of wrangling with Apple, which balked at a court order compelling it to assist the FBI in unlocking the iPhone, the agency announced it had found a way to access the device without Apple's help. Although the FBI acknowledged it had paid an outside group to crack the iPhone, it refused to identify the firm or how much it paid.To read this article in full or to leave a comment, please click here

GOP senator alleges password-hijack attempts after blasting WikiLeaks founder

Sen. Ben Sasse (R-Neb.) Saturday claimed that hackers were trying to gain access to his personal and government-issued devices through bogus password-reset notifications.In a short flurry of Twitter messages, Sasse blamed the hacking attempts on his criticism of WikiLeaks and its founder, Julian Assange, earlier in the week."Heads-up...I've been critical of Assange & WikiLeaks this week. So...big surprise: Am having multiple 'password reset' attempts right now," Sasse tweeted Saturday. The probing was hitting "basically every device, every platform, personal and govt," he added in a follow-up tweet.To read this article in full or to leave a comment, please click here

GOP senator alleges password-hijack attempts after blasting WikiLeaks founder

Sen. Ben Sasse (R-Neb.) Saturday claimed that hackers were trying to gain access to his personal and government-issued devices through bogus password-reset notifications.In a short flurry of Twitter messages, Sasse blamed the hacking attempts on his criticism of WikiLeaks and its founder, Julian Assange, earlier in the week."Heads-up...I've been critical of Assange & WikiLeaks this week. So...big surprise: Am having multiple 'password reset' attempts right now," Sasse tweeted Saturday. The probing was hitting "basically every device, every platform, personal and govt," he added in a follow-up tweet.To read this article in full or to leave a comment, please click here

After WikiLeaks’ CIA dump, China tells U.S. to stop spying

China today asked the U.S. government to stop spying on it, China's first reaction to WikiLeaks' disclosure of a trove of CIA documents that alleged the agency was able to hack smartphones, personal computers, routers and other digital devices worldwide."We urge the U.S. to stop listening in, monitoring, stealing secrets and [conducting] cyber-attacks against China and other countries," said Geng Shuang, a Foreign Ministry spokesman said today in a Beijing press briefing.Geng also said that China would protect its own networks, was willing to work with others toward what he called "orderly cyberspace," and repeated his government's stock denunciation of hacking.To read this article in full or to leave a comment, please click here

After WikiLeaks’ CIA dump, China tells U.S. to stop spying

China today asked the U.S. government to stop spying on it, China's first reaction to WikiLeaks' disclosure of a trove of CIA documents that alleged the agency was able to hack smartphones, personal computers, routers and other digital devices worldwide."We urge the U.S. to stop listening in, monitoring, stealing secrets and [conducting] cyber-attacks against China and other countries," said Geng Shuang, a Foreign Ministry spokesman said today in a Beijing press briefing.Geng also said that China would protect its own networks, was willing to work with others toward what he called "orderly cyberspace," and repeated his government's stock denunciation of hacking.To read this article in full or to leave a comment, please click here

What’s Microsoft after with Windows Server on ARM?

It was unclear today exactly what kind of edge Microsoft might gain by partnering with Qualcomm and others to run Windows Server on ARM processors, an analyst said."Microsoft must see something that is interesting enough to port over Azure and Windows," said Patrick Moorhead, principal analyst at Moor Insights & Strategy, in a Wednesday interview. "But Qualcomm has not provided any details other than how many cores it has and that it's 10-nanometer, so I can't give any empirical comparison between it and, say, Intel."Today, Microsoft announced it was collaborating with Qualcomm, Cavium and other chip makers to use ARM in its own data centers to run cloud workloads. The Redmond, Wash. company did not discuss plans to move beyond internal applications. It has, however, pledged that the more general purpose Windows 10 will run on consumer- and business-grade personal computers.To read this article in full or to leave a comment, please click here

Microsoft’s update shrinking reduces Windows 10 Insider betas by 65%

Microsoft last week repeated its assertion that future Windows 10 feature upgrades will shrink in size later this year, and supported the claim with a smattering of data.Those running Windows 10's preview, labeled "Insider," will see the largest reductions in download size, the data showed. Microsoft Windows 10's new update delivery system reduces the size of downloads -- in this case by 65% for an Insider refresh (in green) -- compared to a full-install "canonical" update (in blue), by sending only what has changed since the last update.To read this article in full or to leave a comment, please click here

Safari browser sheds users, mimicking IE

Apple's Safari browser, like rival Internet Explorer (IE), has lost a significant number of users in the last two years, data published Wednesday showed.The most likely destination of Safari defectors: Google's Chrome.According to California-based analytics vendor Net Applications, in March 2015, an estimated 69% of all Mac owners used Safari to go online. But by last month, that number had dropped to 56%, a drop of 13 percentage points -- representing a decline of nearly a fifth of the share of two years prior.It was possible to peg the percentage of Mac users who ran Safari only because that browser works solely on macOS, the Apple operating system formerly labeled OS X. The same single-OS characteristic of IE and Edge has made it possible in the past to determine the percentage of Windows users who run those browsers.To read this article in full or to leave a comment, please click here

Microsoft starts selling 6 more years of Windows Server support

Microsoft yesterday started selling extended support for its Windows Server software, letting corporate customers add up to six years to the lifespan of Windows Server 2008 and later, and SQL Server 2008 and later.The company had announced this "Premium Assurance" in December, saying then that the extended support would be available for purchase this month.[ Further reading: SharePoint 2013 cheat sheet ] Under Premium Assurance, only vulnerabilities graded as "Critical" and "Important" will be patched. The extended support costs between 5% and 12% of the current licensing cost for each year of coverage, depending on when a customer commits. The sooner a plan is bought, the lower the price.To read this article in full or to leave a comment, please click here

Windows 7 share decline stalls, hinting at tough transition to 10

Windows 7's decline in user share, driven for a year by desertions to Windows 10, has stalled for the last eight months, data published today showed.According to analytics vendor Net Applications, the user share of Windows 7 -- an estimate of the proportion of the world's personal computer owners who ran that operating system -- climbed by 1.2 percentage points last month to 48.4%, the highest mark since June 2016.And Windows 7 ran more Windows machines than any other edition, accounting for 52.8% of the personal computers powered by Microsoft's OS. The difference between the user share of all PCs and only those running Windows stemmed from the fact that Windows ran on 91.8% of all personal computers, not 100%.To read this article in full or to leave a comment, please click here

Microsoft adds Store app-only restriction as option in Windows 10

Microsoft has added a setting to Windows 10 that will let users restrict new software installation to only those apps hosted in the Windows Store.The option debuted in the latest version of Windows 10 Insider, the preview program which gives participants an early peek at the next feature upgrade as Microsoft builds it. That version, labeled 15042, was released Friday.[ Related: Fix Windows 10 problems with these free Microsoft tools ] With the setting at its most stringent, Windows 10 will block the installation of Win32 software -- the traditional legacy applications that continue to make up the vast bulk of the Windows ecosystem -- and allow users to install only apps from the Windows Store, Microsoft's marketplace.To read this article in full or to leave a comment, please click here

Ransomware ‘customer support’ chat reveals criminals’ ruthlessness

Ransomware criminals chatting up victims, offering to delay deadlines, showing how to obtain Bitcoin, dispensing the kind of customer support that consumers lust for from their cable and mobile plan providers, PC and software makers?What's not to love?Finnish security vendor F-Secure yesterday released 34 pages of transcripts from the group chat used by the crafters of the Spora ransomware family. The back-and-forth not only put a spotlight on the gang's customer support chops, but, said a company security advisor, illustrated the intertwining of Bitcoin and extortion malware.To read this article in full or to leave a comment, please click here

Ransomware ‘customer support’ chat reveals criminals’ ruthlessness

Ransomware criminals chatting up victims, offering to delay deadlines, showing how to obtain Bitcoin, dispensing the kind of customer support that consumers lust for from their cable and mobile plan providers, PC and software makers?What's not to love?Finnish security vendor F-Secure yesterday released 34 pages of transcripts from the group chat used by the crafters of the Spora ransomware family. The back-and-forth not only put a spotlight on the gang's customer support chops, but, said a company security advisor, illustrated the intertwining of Bitcoin and extortion malware.To read this article in full or to leave a comment, please click here

Microsoft still plans to ship two Windows 10 upgrades in 2017

Microsoft this month reaffirmed that it will issue two Windows 10 upgrades this year, twice the number of 2016 but still shy of the firm's original target.In a presentation 11 days ago at a Microsoft technical conference held in Australia, Bill Karagounis, a director of program management, pointed to a follow-on upgrade that will appear sometime after the Creators Update, which is expected to finalize and ship next month.[ Related: Windows 10 Redstone: A guide to the builds ] A slide Karagounis showed during the session -- which was webcast from Microsoft's Channel 9 website -- included another upgrade this year after Creators. It lacked a release date and a more descriptive name other than "Second Update in 2017."To read this article in full or to leave a comment, please click here

Windows Update issues may be at root of February’s patch delay

Microsoft was closed-mouthed yesterday about why it postponed the month's security updates, but a patch expert argued that it was probably due to one of more problems with the company's update service infrastructure, not a single flawed fix."Something is broken in the infrastructure, in Windows Update or the [Microsoft Update] Catalog, is my guess," said Chris Goettl, product manager at patch management vendor Ivanti, formerly Shavlik.Goettl contended that a back-end snafu was the most likely cause for the unprecedented delay, which Microsoft announced yesterday, because other potential causes made less sense.To read this article in full or to leave a comment, please click here

Microsoft quietly prolongs life of original Windows 10

Microsoft earlier this month quietly extended the life of Windows 10's debut edition, the version launched in July 2015.Rather than end support for Windows 10 v. 1507 -- Microsoft labels the OS by year and month -- in March, as announced last year, the company will issue the version's final security updates in May, probably May 9, that month's Patch Tuesday.[ Further reading: Support family and friends with Windows 10’s new Quick Assist app ] The new date was posted as a revision to a mid-January blog post by Nathan Mercer, a senior product marketing manager for Microsoft. In the original entry, Mercer had tapped March 26 as the end of 1507 "servicing," a company synonym for updating and patching.To read this article in full or to leave a comment, please click here

Microsoft shelves all February security updates

Microsoft today took the unprecedented step of postponing an entire month's slate of security updates for Windows and its other products just hours before the patches were to begin rolling out to customers."We discovered a last-minute issue that could impact some customers and was not resolved in time for our planned updates today," Microsoft said in a post to the MSRC (Microsoft Security Research Center) blog. "After considering all options, we made the decision to delay this month's updates."Today was set as Patch Tuesday, the monthly release of security fixes from Microsoft. Normally, Microsoft issues the updates around 10 a.m. PT (1 p.m. ET). Although Microsoft did not time stamp its blog post, the SAN Institute's Internet Storm Center (ISC) pointed out the delay at 8:22 a.m. PT (11:22 ET).To read this article in full or to leave a comment, please click here

Microsoft shelves all February security updates

Microsoft today took the unprecedented step of postponing an entire month's slate of security updates for Windows and its other products just hours before the patches were to begin rolling out to customers."We discovered a last-minute issue that could impact some customers and was not resolved in time for our planned updates today," Microsoft said in a post to the MSRC (Microsoft Security Research Center) blog. "After considering all options, we made the decision to delay this month's updates."Today was set as Patch Tuesday, the monthly release of security fixes from Microsoft. Normally, Microsoft issues the updates around 10 a.m. PT (1 p.m. ET). Although Microsoft did not time stamp its blog post, the SAN Institute's Internet Storm Center (ISC) pointed out the delay at 8:22 a.m. PT (11:22 ET).To read this article in full or to leave a comment, please click here