Read more of this story at Slashdot.

Copilot Recall Privacy and Security Claims Challenged

Does Recall Have Cloud Hooks?

Data May Not Be Completely Deleted

When you launch a game on a Snapdragon on a Windows laptop, you might get an AI frame rate boost from Microsoft’s mysterious Auto Super Resolution (Auto SR) feature. But while Microsoft hasn’t fully explained how the feature works, The Verge can now confirm it’s not Qualcomm technology, not exclusive to Qualcomm’s new Snapdragon X chips, and not exclusive to specific games, either.

↫ Sean Hollister at The Verge

These resolution enhancer technologies from NVIDIA, AMD, and apparently Microsoft are another great use of what we today call “AI” technologies. Of course, I wish we didn’t have to deal with several proprietary offerings but instead enjoyed several open source versions and possibly a standard to work off of, but give it some time, and we may still get there.

Like I’ve said before – there’s nothing inherently wrong with “AI” technologies, as long as they’re used in ways that make sense, run locally, and most importantly, aren’t based on the wholesale theft of artists’ and programmers’ works. Unsurprisingly, the tech bros at companies like OpenAI don’t really understand the concept of “consent”, and until they do, their offerings should be deemed illegal.

Aside from that, the company also announced Windows 11 IoT Enterprise LTSC 2024 this week. The company has also published the minimum system requirements as well as supported processor families. They have been categorized as Preferred and Optional. Interestingly, SSD has been added as a minimum system requirement, which has been a rumour about the client OS since mid-2022.

↫ Sayan Sen at NeoWin

The LTSC release, which is not really supposed to be used by average consumers, is still remarkably popular. It contains a fixed feature set and gets far fewer updates than regular Windows releases, it omits otherwise stock applications like Edge, and gives its users far more control over which updates are and are not installed. LTSC also enjoys 10 years of support from Microsoft.

Interestingly enough, the minimum specifications for the IoT version of LTSC do not require a TPM 2.0, unlike the regular version of Windows, which infamously does require one. I would assume that the “preferred” minimum requirements, which does require TPM 2.0, line up very well with the minimum requirements for the regular LTSC version of Windows 11. Both will become available later this year, alongside the regular release of Windows 11 24H2.

Read more of this story at Slashdot.

Episode 331 of the Shared Security Podcast discusses privacy and security concerns related to two major technological developments: the introduction of Windows PC’s new feature ‘Recall,’ part of Microsoft’s Copilot+, which captures desktop screenshots for AI-powered search tools, and Slack’s policy of using user data to train machine learning features with users opted in by […]

The post Microsoft’s Copilot+ Recall Feature, Slack’s AI Training Controversy appeared first on Shared Security Podcast.

The post Microsoft’s Copilot+ Recall Feature, Slack’s AI Training Controversy appeared first on Security Boulevard.

Read more of this story at Slashdot.

Threat actors compromised a popular audio-visual software package used in courtrooms, prisons, government, and lecture rooms around the world by injecting a loader malware that gives the hackers remote access to infected systems, collecting data about the host computer and downloading more malicious payloads along the way. The software supply chain attack targeted Justice AV..

The post Courtroom Recording Software Compromised in Supply Chain Attack appeared first on Security Boulevard.

Views: 0Source: securelist.com – Author: Cristian Souza, Eduardo Ovalle, Ashley Muñoz, Christopher Zachor Introduction Attackers always find creative ways to bypass defensive features and accomplish their goals. This can be done with packers, crypters, and code obfuscation. However, one of the best ways of evading detection, as well as maximizing compatibility, is to use the […]

La entrada ShrinkLocker: Turning BitLocker into ransomware – Source: securelist.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

About a month ago we talked about the rumours, but now the feature’s officially announced: Microsoft is going to keep track of everything you do on your Windows machine by taking a constant stream of screenshots, and then making said screenshots searchable by using things like text and image recognition. As you might expect, this is a privacy nightmare, and the details and fine print accompanying this new feature do not exactly instill confidence.

First, the feature is a lot dumber than you might expect, as it doesn’t perform any “content moderation”, as Microsoft calls it.

Note that Recall does not perform content moderation. It will not hide information such as passwords or financial account numbers. That data may be in snapshots that are stored on your device, especially when sites do not follow standard internet protocols like cloaking password entry.

↫ Privacy and control over your Recall experience

Well, Microsoft says Recall doesn’t do any content moderation, but that’s actually a flat-out lie. Recall will not show any content with DRM that happens to be on your screen, and private browsing sessions in Chromium-based browsers won’t be shown either. You can also exclude specific applications and websites – filtering websites, however, is only available in Edge. In other words, managing this privacy nightmare is entirely left up to the user… Except for DRM content, of course. The mouse must be pleased, after all.

It also seems Microsoft is enabling this feature by default for at least some business users, as machines managed with Microsoft Intune will have Recall enabled by default, and administrators will need to use Group Policy to disable it. There is no way in hell any company serious about data security will want Recall enabled, so I guess this can be added to the pile of headaches administrators already have to deal with.

My biggest worry is the usual slippery slope this feature represents. How long before governments will legally require a feature like this on all our computers? The more Microsoft and other companies brag about how easy and low-power stuff like this is, the more governments – already on the warpath when it comes to things like encrypted messaging – will want their hands on this.

This is such a bad idea.

At the heart of developer productivity lies improving performance for developer workloads on Windows. Last year at Build, we announced Dev Drive a new storage volume tailor-made for developers and supercharged for performance and security. Since then, we have continued to invest further in Windows performance improvements for developer workloads.  

With the release of Windows 11 24H2, workflows will get even faster when developing on a Dev Drive. Windows copy engine now has Filesystem Block Cloning, resulting in nearly instantaneous copy actions and drastically improving performance, especially in developer scenarios that copy large files.

↫ Pavan Davuluri on the Windows blog

Sounds like a near and meaningful improvement.

Read more of this story at Slashdot.

Read more of this story at Slashdot.

There will be times when you need to remove a user from a device. In this article we’ll show you how to remove a user from Windows 10 or 11.

On Windows you can create a local user account (an offline account) for anyone who will frequently use your PC. But the best option in most cases, is for everyone who uses your PC to have a Microsoft account. With a Microsoft account, you can access your apps, files, and Microsoft services across your devices.

Should you want to remove an additional user account from Windows 10 or 11, you can:

• Select Start > Settings > Accounts > Family & other users. 
• Under Other users, select the flyout for the account you want to remove.
• Next to Account and data, select Remove. Note: this will not delete their Microsoft account, it will just remove their sign-in info from your Windows device.

Please note that Windows devices can have more than one administrator account. A user with an administrator account can access everything on the system, and any malware they encounter can use the administrator permissions to potentially infect or damage any files on the system. Only grant that level of access when absolutely necessary and to people you trust.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

Enlarge / A screenshot of Microsoft's new "Recall" feature in action. (credit: Microsoft)

At a Build conference event on Monday, Microsoft revealed a new AI-powered feature called "Recall" for Copilot+ PCs that will allow Windows 11 users to search and retrieve their past activities on their PC. To make it work, Recall records everything users do on their PC, including activities in apps, communications in live meetings, and websites visited for research. Despite encryption and local storage, the new feature raises privacy concerns for certain Windows users.

"Recall uses Copilot+ PC advanced processing capabilities to take images of your active screen every few seconds," Microsoft says on its website. "The snapshots are encrypted and saved on your PC’s hard drive. You can use Recall to locate the content you have viewed on your PC using search or on a timeline bar that allows you to scroll through your snapshots."

By performing a Recall action, users can access a snapshot from a specific time period, providing context for the event or moment they are searching for. It also allows users to search through teleconference meetings they've participated in and videos watched using an AI-powered feature that transcribes and translates speech.

Read 6 remaining paragraphs | Comments

Microsoft’s developer conference Build is taking place this week, so there’s been some major Windows news and announcements, and for once – we’re not talking about more ads in your operating system, or even “AI” shoehorned into, I don’t know, Phone Dialer or Windows Fax and Scan.

First and foremost, Windows is going to get a new compiler, kernel, and scheduler, but despite such massive low-level changes, the marketing version number won’t jump from 11 to 12. Of course, we all know the marketing version number has nothing to do with the actual Windows NT version number, which currently sits at 10. The Windows NT version number, meanwhile, is actually also meaningless, since it magically jumps around left and right too, going from 6.2 to 10 between Windows 8.1 and Windows 10, where it has stayed ever since.

“We really focused on modernizing this update of Windows 11,” said Microsoft Corporate Vice President of Windows and Devices Pavan Davuluri at a technical briefing on Microsoft’s campus in mid-April. “We engineered this update of Windows 11 with a real focus on AI inference and taking advantage of the Arm64 instruction set at every layer of the operating system stack. For us, what this meant really was building a new compiler in Windows. We built a new kernel in Windows on top of that compiler. We now have new schedulers in the operating system that take advantage of these new SoC architecture.”

↫ Andrew Cunningham at Ars Technica

The focus is clearly on ARM here, which coincides with the launch of Qualcomm’s Snapdragon X Elite, a new SoC that finally seems to truly make ARM laptops that aren’t from Apple a real, competitive thing – so much so that Qualcomm is even breaking with tradition and taking Linux support very seriously for this new chip.

Microsoft also unveiled the name for its new x86 translation layer for Windows on ARM: Prism. Microsoft told Ars Technica that Prism is as fast as Apple’s Rosetta 2, which is interesting because Apple’s M series chips contain special silicon to speed up the translation process, making me wonder if Qualcomm has done the same, or is just brute-forcing it.

Performance like this means the apps customers love work great. Microsoft has partnered closely with developers across the globe to optimize their applications for this processor. In addition, the powerful new Prism emulation engine delivers a 2x performance boost compared to Surface Pro 9 with 5G. On the new Surface Pro and Surface Laptop, powered by Snapdragon X Elite and Snapdragon X Plus processors, experiences like Adobe Creative Cloud, Microsoft 365 and Chrome will feel snappy, quick and responsive.

↫ Pete Kyriacou on the Windows blog

The new Windows on ARM machines using the Snapdragon X Elite will be marketed under the new Copilot+ brand name, which brings with it some requirements, the biggest of which is the neural processing unit: it must be capable of at least 40 trillion operations per second. At the time of writing, the only Windows-capable processor that can boast such numbers is, of course, the new Snapdragon X Elite. AMD and Intel need not apply. They simply cannot match this.

Microsoft tied a bow on all this stuff by unveiling the new Surface Pro and new Surface Laptop, both powered by the new Snapdragon SoCs. You can preorder them today, but they won’t be available until 18 June.

Windows Server 2025 comes equipped with dtrace as a native tool. DTrace is a command-line utility that enables users to monitor and troubleshoot their system’s performance in real-time. DTrace allows users to dynamically instrument both the kernel and user-space code without any need to modify the code itself. This versatile tool supports a range of data collection and analysis techniques, such as aggregations, histograms, and tracing of user-level events. To learn more, see DTrace for command line help and DTrace on Windows for additional capabilities.

↫ What’s new in Windows Server 2025

DTrace was originally developed by Sun as part of Solaris, but eventually made its way to other operating systems as Sun collapsed in on itself and Oracle gave it the final push. DTrace is available for the various surviving Solars-based operating systems, Linux, FreeBSD, NetBSD, macOS, and QNX, and Microsoft ported DTrace from FreeBSD to Windows back in 2018. With Windows Server 2025, DTrace will be shipped out of the box.

I didn’t know this was a thing, but apparently Microsoft offers a Windows tune-up application in the vein of things like CCleaner and similar tools. One of the things it does is protect users from applications that try and change default settings, and it seems the application takes this matter very seriously.

Microsoft may be taking a bit of liberty with that last bit. It looks like the PC Manager feels your PC is broken and needs repair if you changed your default search engine from Bing.

↫ Sayan Sen at Neowin

Setting aside just how defeatist it feels that the creator of Windows needs to make an application to keep Windows from falling over, I find it almost endearing just how hard Microsoft is trying to get users to choose Bing.

If you’ve ever seen the Swedish film Fucking Åmål, it’s also very likely you remember the gut-wrenching, maximally cringe-inducing birthday party for main character Agnes where nobody shows up, while her mother, oblivious to just how deeply disliked Agnes is by her classmates, tries desperately to assure her daughter that people will show up. Director Lukas Moodysson takes no prisoners and drags out the scene to really maximise just how uncomfortably sad the whole thing is.

It’s incredibly hard to watch.

Well, Agnes is Bing, Microsoft is its mother, and nobody shows up to Bing’s birthday party either.

As Nintendo Switch unlocks and homebrew software develops, people are inclined to explore the possibilities and whether or not they actually provide a good experience. Our new prime example seems to be a full install of Windows 11 Arm on the Switch. As noted by @PatRyk on Twitter, who actually set this up, the experience is pretty grueling! The initial installation took three hours, and even basic system tasks were unresponsive.

↫ Christopher Harper at Tom’s Hardware

Silly, sure, but efforts like these all contribute to emulation efforts, which will eventually be important once Nintendo drops support for this machine and they become increasingly harder to get. Give it a decade or so and we’ll need the Switch emulators to keep playing Switch games.

The grabber in Windows 3.1 was improved to save and restore the index register as well, but it does not attempt to restore the flip-flop state, which is significant. The problem with the VGA emulation was that it erroneously applied the flip-flop state to reads from port 3C0h, and Windows 3.1 would save the wrong index register value… but only the second time through, because the flip-flop state was different at that point. That is to say, the Windows 3.1 standard mode grabber read from port 3C0h to query the attribute controller index register state, but the emulation returned the currently selected data register contents instead.

And then, when restoring the attribute controller index register the next time around, the register would be restored to the wrong value which didn’t have bit 5 set, causing the screen to go blank.

↫ Michal Necasek

It’s not every day that you learn how an aspect of the workings of VGA causes a blank screen under very specific circumstances when running Windows 3.1 in Standard mode under emulation, and that this specific aspect of the workings of VGA was implemented to maintain backwards compatibility with EGA.

Absolutely bonkers.

Windows 11 supports a variety of ARM processors from Qualcomm. According to the official documentation, you need a computer with the Snapdragon 850 processor inside or newer to run the current operating system officially. However, customers with PCs powered by the Snapdragon 835, the original Windows on ARM chip from 2016, can bypass hardware requirements and install Windows 11 at their own risk. Sadly, those days will be ending soon.

Starting with Windows 11 version 24H2, Microsoft’s operating system requires ARM v8.1 to run. An attempt to boot it from a device with an ARM v8.0-based processor results in system crashes. For reference, the Snapdragon 835 from 2016 is a chip with Kryo 280 cores, which are derivative of ARM’s Cortex-A73 cores.

↫ Taras Buria at Neowin

I’m sure all three Windows on ARM users are devastated.

That’s right: it’s PowerPC, the most unloved of the architectures CE ever ran on — in fact, this is the first PowerPC Windows CE device I’ve ever found, and I’m the self-described biggest pro-PowerPC bigot in the world. Here’s an unusual form factor Windows CE device, running on the operating system’s least used CPU, from a storied computer company near the end of its run, intended for medical applications, produced in very small numbers and cancelled within months.

What are we going to do with it? Well, what do you think we’re gonna do with it? We’re going to program it, so that we can finally have some software! And, of course, since this wacky thing was there at the bitter end, we’ll talk more about the last days of Data General and what happened next.

↫ Cameron Kaiser

I knew Windows CE supported PowerPC, but I never knew any PowerPC-based Windows CE devices ever actually shipped and made it to market. Only Windows CE 2.0 seems to have supported the architecture, and it seems to have been eliminated in 3.0 and 4.0, so it’s not surprising there weren’t many PowerPC Windows CE devices out there. The device that’s the subject of this article, too, only lasted on the market for a few months, so it’s definitely a rarity.

To support Zero Trust deployments trying to lock down devices to only access approved network destinations, we are announcing the development of Zero Trust DNS (ZTDNS) in a future version of Windows. ZTDNS was designed to be interoperable by using network protocols from open standards to satisfy Zero Trust requirements such as those found in OMB M-22-09 and NIST SP 800-207. ZTDNS will be helpful to any administrator trying to use domain names as a strong identifier of network traffic.

ZTDNS integrates the Windows DNS client and the Windows Filtering Platform (WFP) to enable this domain-name-based lockdown. First, Windows is provisioned with a set of DoH or DoT capable Protective DNS servers; these are expected to only resolve allowed domain names. This provisioning may also contain a list of IP address subnets that should always be allowed (for endpoints without domain names), expected Protective DNS server certificate identities to properly validate the connection is to the expected server, or certificates to be used for client authentication.

↫ Tommy Jensen on the Microsoft blog

If you think I know nothing about programming – wait until you hear me talk about networking. I consider it to basically be arcane magic, and my knowledge doesn’t extend much beyond “plug in cable to make light blinky” and “unplug from power to fix light no blinky”. Network administrators are the real heroes in my eyes.

Anyway, what I do get from painfully reading this announcement over and over again until my eyes started bleeding is that ZTDNS will give network administrators more finegrained control over which DNS servers and domains are accessible, and perhaps more importantly, it will encrypt traffic between clients and the DNS server. I have no idea if this is unique, or if it even makes any sense to do so, but it seems like a good idea, especially for corporate and government networks.

I’m struggling here, y’all. Please help me out.

Well, this was a wild goose chase of a read. J. B. Crawford dove into the history of something I’ve never heard of – Microsoft At Work – and came away with a story that’ while clearer thanks to his research, is still frustratingly nebulous. I’m still not entirely sure what Microsoft At Work really was, but I think it had the goal of running Windows on communications devices like faxes, to make it easier to share and work on documents across various devices. Crawford did a lot of digging, and eventually settles on what he thinks might be a description of what MAW really consisted of.

I am being a bit dismissive for effect. MAW was more ambitious than just installing Windows on a grape. The effort included a unified communications protocol for the control of office machines, including printers, for which a whole Microsoft stack was envisioned. This built on top of the Windows Printing System, a difficult-to-search-for project that apparently predated MAW by a short time, enough so that Windows Printing System products were actually on the market when MAW was announced—MAW products were, we will learn, very much not.

[…]

MAW devices like the Ricoh IFS77 ran 16-bit Windows 3.1 with a new GUI intended to appear more modern while reducing resource requirements. Some reporters at the time noted that Microsoft was cagey about the supported architectures, I suspect they were waiting on ports to be completed. The fax machine was probably x86, though, as there’s little evidence MAW actually ran on anything else.

↫ J. B. Crawford

The ’90s were a wild time, especially as Microsoft, and this MAW project seems to have ’90s written all over it, but I’d still love to learn a lot more about this. I hope this article will bring out some former Microsoft execs or employees who can give us more details, and possibly even some code. I want to know how this works and what it did.

Microsoft is about to go even more hog-wild with “AI” in Windows, as it intends to start recording everything you do on your Windows computer so “AI” features can find stuff for you.

According to my sources, AI Explorer will run in the background and capture everything you do on your computer. It will document and triage everything it sees, no matter what apps or interfaces you’re looking at, and turn them into memories that you can recall at a later point.

For example, you can have a conversation with a friend in the WhatsApp app for Windows, and AI Explorer will record and remember the content that was on-screen and process it with AI for you to recall later. AI Explorer can also summarize conversations, emails, web pages, and general UI surfaces just by asking for it during or after the fact. 

I’m told that much of this experience is rendered on-device and does not reach out to the cloud to process information. This is important for privacy reasons, but also for performance reasons. To reduce latency, AI Explorer will rely on NPU silicon to process content that has been recorded. I also understand that users will be able to filter out specific apps from being recorded by the AI Explorer process, or disable AI Explorer entirely.

↫ Zac Bowden at Windows Central

Is this really something people wan to devote constant resources and thus battery life to?Setting aside the privacy implications of something like this, do people really want to have a permanent record of everything they’ve done on their machine? Maybe I’m just the odd one out here, but nothing about this appeals to me in any way, shape, or form. In fact, it’s quite the opposite – something like this would make make me run for the hills, looking for an alternative to the operating system I’m using.

And the weasel words “much of this experience is rendered on-device” definitely did not go by unnoticed. This wording makes it very clear at least some data will be sent to Microsoft for processing, and over time, that amount will only increase. No data company has ever reduced the amount of data it captures, after all.

The maker of Tiny11, a third-party project that aims to make Windows 11 less bloated with unnecessary parts, released a new version of Tiny11 Builder, a special tool that lets you create a custom Windows 11 image tailored to your needs and preferences. The latest release makes it much easier to create a lightweight Windows 11 ISO without worrying about installing a system modified by unknown third parties.

↫ Taras Buria at Neowin

Perhaps you can make Windows 11 slightly more bearable with this. If there’s any interest from y’all, I could build my own debloated Windows 11 install and see if I can make this platform bearable for myself? Let me know in the comments.

Microsoft is on a roll with updating its app store on Windows 10 and 11. Following the recent release of performance upgrades and improved algorithms, the company announced big changes in how the web version of the Microsoft Store works. Now, every user can download app executables directly from the website using new “installers for web.”

↫ Taras Buria at Neowin

Neat.

Microsoft is not done adding more odd stuff into its operating system. Following the not-so-great reception of new Start menu ads in one of the recent Beta builds, Microsoft is bringing even more ads, which, besides being slightly annoying, come at the cost of existing features. In build 22635.3500, the Sign Out button is now hidden behind a menu with a Microsoft 365 ad.

Microsoft calls the new thing “Account Manager.” In a nutshell, it is a flyout with your existing subscriptions, a Microsoft 365 upsell, and a few account-related notifications, like a prompt to add a backup phone number or enable OneDrive backups. There is now also a link to your Microsoft Account settings.

↫ Taras Buria at Neowin

The beatings will continue until moral improves.

In this week’s Windows 10 Build 19045.4353 announcement blog post, there was this little gem in the changelog.

This update starts the rolls out of account-related notifications for Microsoft accounts in Settings > Home. A Microsoft account connects Windows to your Microsoft apps. The account also backs up all your data and helps you to manage your subscriptions. You can also add extra security steps to keep you from being locked out of your account.

↫ Windows Insider Program Team

It’s worded a bit cryptically, but this means there will be banners in the Windows settings application pushing you to switch from using a local account to using an online Microsoft account. The latter aren’t exactly preferred by quite a few people – many of you belong to that group, I would presume – and Microsoft is doing whatever it can to get people to stop using local accounts.

Luckily, this banner ad is easily removable – if you close it, it won’t come back, and you can disable it by going to Privacy > General and toggling “Show me suggested content in the Settings app”. For now, of course – knowing how Microsoft is treating Windows users these days, these nag-ups will surely increase in both frequency and persistence as time goes on.

You’ve been warned.

Do you administer Windows Server machines, and were you surprised to find a Windows Copilot application on your servers, that neither you nor your users installed? Well, it turns out that Microsoft installed this application alongside an update to the Edge browser – but the company claims this is in error, and the application will be removed in a future update.

Updates to Edge browser version 123.0.2420.65, released on March 28, 2024 and later, might incorrectly install a new package (MSIX) called ‘Microsoft chat provider for Copilot in Windows’ on Windows devices. Resulting from this, the Microsoft Copilot app might appear in the Installed apps in Settings menu.

It is important to note that the Microsoft chat provider for Copilot in Windows does not execute any code or process, and does not acquire, analyze, or transmit device or environment data in any capacity.

↫ Windows 11 known issues and notifications

The company claims this was an enablement package to prepare some Windows devices for the arrival of Copilot, and that it was unintentionally installed on devices. While it doesn’t mean Copilot was actually installed on your PC or server, it’s still a chilling reminder of who really controls your PC or server.

During my daily web crawl I encountered a very interesting gif that I haven’t seen in a long time. It was a hack of an unspecified version of Windows 95, which showed how to bypass the login screen with the help of the menu and printing dialog. However, after a brief check, I found a fair amount of people stating that “just hitting the cancel” button would do the same. Sharp-eyed viewers would notice that it was the very first action taken in the picture. In order to find out if the hack is real at all, I decided to reproduce it and document it for the good of the internet.

↫ David Polakovic

So this hack is actually a lot more involved than I thought it was going to be, and yet, it still feels utterly insane that operating systems were this easy to get into, passwords were this easy to decrypt, and security settings were this trivial to disable. Anyway, the gif is sort-of real, in that yes, you can ‘hack’ Windows 95’s login security through the printing and help subsystems.

Things were different back then, man. I vaguely remember that my high school used to lock us out of the desktop, File Explorer, the Control Panel, and so on, making it impossible for us to access DOS or the games built into Windows 9x. I don’t remember the exact things we used to do, but most of us were aware and used several different methods of bypassing the school lockdowns just to mess around. We never did anything malicious – this is pre-internet, and we just wanted to play some Solitaire or Pinball – but anybody with malicious intent surely could’ve.

Building on top of recent improvements like grouping recently installed apps and showing your frequently used apps, we are now trying out recommendations to help you discover great apps from the Microsoft Store under Recommended on the Start menu. This will appear only for Windows Insiders in the Beta Channel in the U.S. and will not apply to commercial devices (devices managed by organizations). This can be turned off by going to Settings > Personalization > Start and turning off the toggle for “Show recommendations for tips, app promotions, and more”. As a reminder, we regularly try out new experiences and concepts that may never get released with Windows Insiders to get feedback. Should you see this experience on the Start menu, let us know what you think. We are beginning to roll this out to a small set of Insiders in the Beta Channel at first.

↫ Amanda Langowski and Brandon LeBlanc

The Start menu, August 24, 1995 – April 12, 2024. You made it almost 30 years, buddy.

We are about 18 months away from the end of mainstream Windows 10 support, but Microsoft thinks it is time to start nagging warning Windows 10 users about the inevitable. Users on Reddit report spotting a new full-screen ad with a notification that Windows 10 is about to reach its end of life in October 2025, even though it is still getting new features (there are even rumors about Microsoft re-opening the Windows Insider Program for Windows 10).

↫ Taras Buria at Neowin

I mean, I have a long history of crying foul over Windows being adware now, but I don’t think warning users that their operating system is losing support and that they should upgrade to a new version really constitutes an ad. Sure, technically it does, but I think we can all agree that such a warning is useful and informative.

The classic Win32 ListView supports incremental search: You can start typing the name of an item to search for it. But it’s a bit more complicated than that.

↫ Raymond Chen

Gather ’round, children, Mr Chen is telling a story.

Microsoft recently held a streaming event in which it detailed a lot of the new features and changes coming in Windows server 2025, and has now followed that up with a blog post, as well. There’s a lot to go over here, and I’m anything but a Windows Server specialist, so I’ll highlight some of the thing I’m certain will be welcomed by Windows Server administrators.

First and foremost, the biggest improvement: hot-patching. Security updates can be installed without having to reboot, because Server 2025 will modify code in memory without restarting the processes in question. Quarterly updates, however, will still require reboots. Hot-patching will be free on all versions of Server 2025.

Microsoft also promises a massive performance boost for NVMe drives – the company claims a 70% improvement going from Server 2022 to Server 2025. Microsoft’s other file system, ReFS, is also seeing improvements, and Storage Replica’s compression will be available in all editions of Windows Server 2025. A major improvement in Hyper-V is the ability to partition GPUs, so you can use one GPU to power multiple virtual machines.

As far as licensing goes, the most important news here is that you’ll still be able to buy a normal, regular, run-of-the-mill perpetual license for Windows Server 2025, so even though there’s various more ‘modern’ options, you can also just opt for the way it’s always been.

The company is seemingly contemplating on whether to add a new “Recommended” button on the Taskbar. Interestingly, it is unfinished at the moment, or perhaps Microsoft is just not sure if it should proceed with this button at all.

↫ Sayan Sen at Neowin

The beatings will continue until morale improves.

Well, this is something I never knew. Over on the retrocomputing section of StackExchange, someone asked why the second phase of the Windows 98 installation looked decidedly different from the third phase, even though they’re both graphical phases (the first phase is textual). The answer turns out to be both surprising, and entirely predictable.

The first phase is a DOS program called DOSSETUP.BIN, which is the infamous blue part of the installation. The second part, however, is what we’re interested in here, and if the first phase is DOS, and the third phase is Windows 98 itself… What do you think the second phase is running? Yeah, exactly.

Basically, because it is running under Windows 3.1 at that point.

The second uses this minimal Windows 3.1 to run a Windows 3 program, W98SETUP.BIN (specified as the “shell” in SYSTEM.INI).

This starts by copying more files to support all the information-gathering during setup, and various other niceties including the 3D look shown in your screenshot (the contents of the PRECOPY CABs); it ends by copying most of Windows 98, setting the system up so that it will boot Windows 98 from the target drive, and rebooting.

↫ Stephen Kitt

So, in order to install Windows 98, you first run DOS, followed by Windows 3.1, ending in Windows 98. I have no idea why this is so funny to me, especially since it fits entirely within expectations of how Microsoft does things.

Exactly ten years ago, on April 8, 2014, Microsoft released the final security patch for Windows XP. The day marked the end of the road for one of the most iconic Windows versions ever released.

↫ Taras Buria at Neowin

I never liked Windows XP. Compared to the operating systems I was using at the time – BeOS, Mandrake Linux 8.x – Windows XP felt kind of like a bad joke I wasn’t in on. It looked ridiculous, didn’t seem to offer anything substantial, and it didn’t take long for major security incidents related to Windows XP to start dominating the news. It wasn’t until several service packs had been released that Windows XP came into its own, but by that point, I had already found a much better alternative for my Windows needs at the time. I’m of course talking about Windows Server 2003, the better Windows than Windows XP.

Today though, I do have an odd fondness for Windows XP, as I grow older and XP has become something from my teenage years. The look and feel of Windows XP – the classic theme, not that horrendous Fisher Price nonsense – the sound set, the wallpaper of course – has become iconic, warts and all, and whole generations of people will feel instant feelings as soon as they see Bliss or hear that iconic startup sound.

Windows XP with a few service packs now belongs to the small group of Windows releases that I would call the peak of the platform, together with Windows 95 and Windows 7 (and perhaps Server 2003, but that’s more of a personal thing and not a consumer operating system). Everything else has not exactly been great or even aged well, and I doubt Windows 10 and 11 will suddenly get good, either.

There are various ways you can change the default browser and similar defaults on Windows, but oneof the ways many third-party tools do this is by editing the relevant registry strings. It turns out that Microsoft is not particularly happy with this, as they’ve recently introduced a new driver specifically designed to prevent this from happening, by blocking tools like regedit or PowerShell from editing a number of registry keys for setting default applications. The driver was discovered by Christoph Kolbicz.

Microsoft implemented a driver based protection to block changes to http/https and .pdf associations by 3rd party utilities. The rollout was staggered and activated “randomly”, but in the meantime I got many reports – also from business or education environments (but not Server OS).

Microsoft also updated the driver during my tests (from 2.0 to 2.1) and extended the deny list of executables. This means, they can change the behavior almost on the fly and add new tricks or block additional extensions/protocols!

↫ Christoph Kolbicz

Digging further into what, exactly, this driver can do, Microsoft also made it so that even if you disable the driver, an additional scheduled task will run to re-enable the driver and revert the registry changes. It also seems this is somehow related to the changes Microsoft has to make to comply with the EU’s DMA, but the driver is also installed on systems outside of the EU, so it’s all a bit unclear at the moment.

Users recently noticed that third-party apps for customizing the user interface no longer work in the upcoming Windows 11 version 24H2. Not only does Microsoft not allow you to run those apps, but it even blocks you from upgrading to newer builds. StartAllBack, a popular tool for tweaking the taskbar and Start menu in Windows 11, was among the first to fail on 24H2. Sadly, it is not the only one. ExplorerPatcher also no longer works in Windows 11 24H2.

ExplorerPatcher from Valinet is quite a popular app that lets you bring back the old Windows 10 taskbar in Windows 11, apply additional modifications to make Windows 11 slightly better, and restore some of its missing features. Windows 11 version 24H2 is now flagging ExplorerPatcher as incompatible due to “security or performance issues” with the following message.

↫ Taras Buria at Neowin

I guess the taskbar and Start menu are incredibly important real estate for Microsoft, since it’s the absolute prime spot for showing ads. If users replace their taskbar and Start menu with something from a third party, that prime real estate is gone. Major conspiracy vibes, yes, and I know this isn’t the reason, but why else would they be blocking these applications?

I can’t think of anything that makes more sense.

With Microsoft’s rollout of the new Outlook for Windows, it appears the company has transformed its email app into a surveillance tool for targeted advertising.

Everyone talks about the privacy-washing campaigns of Google and Apple as they mine your online data to generate advertising revenue. But now it looks like Outlook is no longer simply an email service; it’s a data collection mechanism for Microsoft’s 801 external partners and an ad delivery system for Microsoft itself.

↫ Edward Komenda on the Proton blog

Now, note that this is an article written by Proton, posted on the company blog, so of course they’re not going to be too kind towards their competitors. That being said, the article’s not wrong: the new Outlook web application, now the default in Windows, not only shared your data with around 800 partners, it also displays ads inside of the application. On macOS, it will even show yo fake emails that are, in fact, ads.

Furthermore, once you add your accounts to this new Outlook web application, you’ll also be uploading your username and password to Microsoft, giving them access to your email accounts for advertising and data collection purposes, a shady practice a ton of email clients on mobile devices tend to do as well.

Suffice it to say you really shouldn’t be using this new Outlook, and you should make sure friends and family don’t either. This is yet another nail in the coffin of Windows, now an advertising and data collection platform first, and operating system second.

WinBtrfs is a Windows driver for the next-generation Linux filesystem Btrfs. A reimplementation from scratch, it contains no code from the Linux kernel, and should work on any version from Windows XP onwards. It is also included as part of the free operating system ReactOS.

↫ WinBtrfs GitHub page

If you’re running a distribution that defaults to Btrfs, or you actively choose to use it on other distributions, and you also happen to dual-boot Windows because your boss makes you use some garbage corpo software, this driver will make your setup a bit easier to manage.

They say the only backup you ever regret is the one you didn’t make. Starting in Windows 10, the operating system (OS) now comes with a built-in tool to back up your files, themes, some settings, many of your installed apps, and your Wi-Fi information.

First, you’ll need to sign in with your Microsoft account

Go to Start  > Settings  > Accounts  > Your info . Select Sign in with a Microsoft account instead. You’ll see this only if you’re using a local account. If you see Sign in with a local account instead, you’re already using your Microsoft account.

To start the backup process select Start  > Windows Backup.

Select Folders to drop down a list, and select which of your user folders you want to back up by toggling them On or Off. The ones you have already backed up will say Backed up next to them.

Next, you can move forward to back up your settings. You can use the drop down for each category and select the items you want to back up by setting them to On or Off.

First choose your apps:

Then your settings:

Then your credentials:

When you’ve decided on what to back up, click Back up and the backup will be made.

From this point on, Windows will synchronize these backups at regular intervals. If it’s been a while since you made your backups or changed your settings, you can check the status by going to Start  > Settings  > Accounts  > Windows backup.

Current status

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

They say the only backup you ever regret is the one you didn’t make. iPhone backups can be used to easily move your apps and data to a new phone, to recover things you’ve lost, or to fix things that have failed.

We’ve published posts on how to back up your iPhone to iCloud, and how to backup an iPhone to a Mac. Another method is to backup using the iTunes app on a Windows system.

Choose whichever backup method works best for you, and will continue to work.

First, connect your iPhone to the Windows system with a cable.

You are likely to see a prompt on your iPhone asking whether it can trust this computer.

To proceed, tap Trust and entering your passcode.

Then open the iTunes app on your Windows device.

In iTunes click the Device symbol in the upper left corner (next to the Music drop down box).

Note: It may take a while before the device icon appears

In the Settings of the iTunes app select Summary.

You’ll see some device data about your iPhone, and below that a Backups menu.

Here you can select either iCloud or This Computer.

To create a local backup select This Computer and click on Back Up Now to create a new backup of your iPhone on your Windows System.

To encrypt your backups, select Encrypt local backup, type a password, then click Set Password.

We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

Windows’ celebrated CLI (Command-Line Interpreter) is a treasure trove of hidden features, tools, and settings. Command Prompt lets you tap into every area of your Operating System, from creating new folders to formatting internal and external storage. To help you navigate cmd.exe like a pro, we’ve prepared a compressive list of cool CMD commands to […]

The post 80+ Essential Command Prompt (CMD) Commands appeared first on Heimdal Security Blog.