By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

October 22, Microsoft started rolling out an optional cumulative update for Windows 10 version 1903 with fixes for critical bugs. In addition to the optional cumulative update, Microsoft also shipped a standalone package KB4523786 to make quality improvements to Windows Autopilot configured devices. Windows Autopilot is commonly used by businesses and enterprises to set up and pre-configure new devices in their organizations. Businesses also use Windows Autopilot to reconfigure, recover and reset devices in the organization, and KB4523786 comes with several fixes for such devices. A number of users have reported that Microsoft accidentally delivered KB4523786 to PCs with Windows 10 Home and Pro. If you see ‘Cumulative update for Autopilot in Windows 10 version 1903: October 22, 2019’ on Windows Update page when you check for updates, you should avoid it. Windows 10 doesn’t immediately restart after downloading the patch. Instead, it will offer you to restart the PC and schedule the restart. In this case, you can click on pause updates for 7 days and the patch will not appear again when Windows checks for updates next time. KB4523786 is supposed to be a cumulative update for Autopilot-configured devices and not for normal installations of Windows 10. In a tweet, Microsoft’s Intune team has confirmed that the update was released accidentally and it has been pulled: “Sorry for your experience! An Intune Autopilot update, which was targeted as part of the out of box experience for new devices, was incorrectly offered to customers running Windows Home edition during a regularly scheduled Windows update scan,” a Microsoft representative stated. “Once we became aware of the issue, we stopped distribution of the update. If you have already installed the update, it will not affect you. If not, there is further action required”. Further details can be found on OUR FORUM.

Google is making a big change in the way it presents search results. Most people won’t notice, but, Google executives said, the new technology represents a leap forward in the company’s ability to understand what people are asking for when they search. Google’s search engine uses natural language processing to analyze queries. For example, for the entry “get medicine at pharmacy,” Google will home in on the words “medicine” and “pharmacy” and look for pages related to those two keywords. Starting today, the company is rolling out a new machine learning-powered language processing method called Bidirectional Encoder Representations From Transformers, or BERT for short. BERT looks at the sequences of words in searches — not just the words themselves — to glean more information on the intent behind them. For example, results for “can you get medicine for someone pharmacy” would previously have served a link to a 2017 MedlinePlus article about getting a prescription filled, and missed the point that the search was looking for information on how to pick up a prescription for someone else. Using BERT, Google’s search engine now shows a 2002 article from the Department of Health and Human Services about how to have a friend or family member pick up the medicine on your behalf. Pandu Nayak, Google’s vice president of search, gave another example at a press event yesterday, using the query “How old was Taylor Swift when Kanye went on stage?” Before BERT, Google surfaced videos of the 2009 event during which the rapper interrupted the pop star’s acceptance speech at the MTV Video Music Awards. After BERT, Google presents as its first result a snippet from a BBC article, which states: “A 19-year-old Swift had just defeated Beyoncé to win Best Female Video for her country-pop teen anthem You Belong With Me.” Google's search returns automatically highlighted “19-year-old” for emphasis. Learn more by visiting OUR FORUM.

FBI has updated and expanded the resources and tools designed to help political campaigns, private businesses, and individuals to better understand and mitigate risks posed by foreign entities' cyber intrusions and disinformation efforts during the 2020 U.S. election season. This information is shared through the Protected Voices initiative that raises awareness of potential cybersecurity vulnerabilities, thus making it possible for political campaign managers, staff, and IT directors to prevent foreign actors from hijacking their message. "We’ve created these Protected Voices videos to showcase the methods these adversaries might use, and to help campaigns practice good cyber hygiene because the foundation of election security is cybersecurity," Director of the FBI Chris Wray says. The FBI, in collaboration with the Department of Homeland Security (DHS) and the Director of National Intelligence (DNI), has released a series of short videos containing both guidance and information to help political campaigns identify defend their computer networks from foreign intelligence efforts as part of this effort initially launched in 2018. "The tutorials and online resources explain the nature of foreign influence and social engineering, highlight common areas of vulnerability, and offer cybersecurity measures to help campaigns, companies, and individuals protect themselves against common Internet-enabled crimes," says the FBI press release. "We were hearing campaign personnel say, ‘We know election security is important, but what do we need to do?’" Bradley Benavides, a section chief with the Foreign Influence Task Force, added. "The Protected Voices series is designed to answer that question. These are the steps your information technology team needs to take. This is the training you should give every campaign worker and volunteer. This is where you are vulnerable. This is where you need to be on guard." Full details can be found on OUR FORUM.

Microsoft’s contracts with European Union institutions do not fully protect data in line with EU law, the European Data Protection Supervisor (EDPS) said in initial findings published on Monday. The EDPS, the EU’s data watchdog, opened an investigation in April to assess whether contracts between Microsoft and EU institutions such as the European Commission fully complied with the bloc’s data protection rules. “Though the investigation is still ongoing, preliminary results reveal serious concerns over the compliance of the relevant contractual terms with data protection rules and the role of Microsoft as a processor for EU institutions using its products and services,” the EDPS says in a statement. The EU introduced new rules on data protection in 2018, known as GDPR, applicable to all companies operating in the bloc and designed to give individuals more control over their personal data and to create a more level playing field for businesses. “We are committed to helping our customers comply with GDPR, Regulation 2018/1725 and other applicable laws,” a Microsoft spokesman said. “We are in discussions with our customers in the EU institutions and will soon announce contractual changes that will address concerns such as those raised by the EDPS.” The EDPS has worked with the Dutch ministry of justice, which carried out risk assessments last June and found that public authorities in member states face similar issues. The two have since set up a forum designed to set up fair rules for public administrations. For more on this and to keep up with changes and violations on GDPR visit OUR FORUM.

Installing the KB4520062 cumulative update for Windows 10 – released on October 15 – could break the Windows Defender Advanced Threat Protection (ATP) service. That’s the warning provided in Microsoft’s release notes, stating that certain customers should not install this update. “After installing this update, the Microsoft Defender Advanced Threat Protection (ATP) service might stop running and might fail to send reporting data,” the warning reads. “You might also receive a 0xc0000409 error in Event Viewer in MsSense.exe.” Before going on a red alert, this issue pertains to Microsoft’s enterprise-based customers. Microsoft Defender Advanced Threat Protection is a paid service for detecting, investigating, and responding to “advanced threats.” It’s built into Windows 10 but unrelated to the Windows Security platform found in Windows 10 Home and Pro. Microsoft notes that it’s currently “working on a resolution” but doesn’t expect an official fix until the middle of November. That means businesses and corporations should not install this update until then. If the update is already installed, issues with the Microsoft Defender Advanced Threat Protection platform may already be in effect. Uninstall the update and wait for a fix.

Two reports published in the last few months show that malware operators are experimenting with using WAV audio files to hide malicious code. The technique is known as steganography -- the art of hiding information in plain sight, in another data medium. In the software field, steganography -- also referred to as stego -- is used to describe the process of hiding files or text in another file, of a different format. For example, hiding plain text inside an image's binary format. Using steganography has been popular with malware operators for more than a decade. Malware authors don't use steganography to breach or infect systems, but rather as a transfer method. Steganography allows files hiding malicious code to bypass security software that whitelists non-executable file formats (such as multimedia files). All previous instances where malware used steganography revolved around using image file formats, such as PNG or JEPG. The novelty in the two recently-published reports is the use of WAV audio files, not seen abused in malware operations until this year. The first of these two new malware campaigns abusing WAV files was reported back in June. Symantec security researchers said they spotted a Russian cyber-espionage group known as Waterbug (or Turla) using WAV files to hide and transfer malicious code from their server to already-infected victims. The second malware campaign was spotted this month by BlackBerry Cylance. In a report published today and shared with ZDNet last week, Cylance said it saw something similar to what Symantec saw a few months before. But while the Symantec report described a nation-state cyber-espionage operation, Cylance said they saw the WAV steganography technique being abused in a run-of-the-mill crypto-mining malware operation. Further details are posted on OUR FORUM.