By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Windows 10 1903 users continue to complain that Start Menu is giving a critical error message and that Edge now will not launch after installing the latest KB4517389 cumulative update. For some, uninstalling the recent cumulative update has fixed these issues, but for others, the Start Menu problem persists. With new cumulative updates routinely introducing new issues in Windows 10, it has become difficult to diagnose what exactly is causing these issues. Was it a previous update that made a change that persisted after uninstall or something new that was introduced in the latest update? The other frustrating part of these issues is that only some people experience them and others perform their updates without a problem. For example, I personally have not had any issues after installing the recent Windows 10 1903 updates. While Microsoft has not acknowledged any issues with this update in the Windows 10 health dashboard, these issues are being reported in the Feedback Hub, Microsoft's community forums, and elsewhere. Therefore, it is assumed they are aware of them. Below we will take a look at the issues users are experiencing in Windows 10 1903 after installing the KB4517389 cumulative update that was released on October 8th, 2019. With the release of the KB4524147 cumulative update on October 3rd, Windows 10 1903 users started reporting that when they click on the Start Menu button, Windows would display a Critical Error message. Users reported that uninstalling the KB4524147 update would fix the Start Menu issue. After installing this week's KB4517389 cumulative update, users are once again reporting that the Start Menu is giving the same critical error again. Most have reported getting their Start Menu working by uninstalling the KB4517389 update and others have said they also had to uninstall the KB4524147 before the error would go away. With the release of KB4517389, users are also reporting being unable to launch Microsoft Edge. Some have stated that they can launch Microsoft Edge if they click on a link on a web page, but double-clicking on the icon does not do anything. Learn more by visiting OUR FORUM.

Nothing much. That is if you want the short answer. For the long answer, you are invited to give this article a scan, as we take a look at what exactly will Windows 10 November 2019 Update brings to the table. If you have been following along the development of the operating system, you may have noticed some silence on the 19H2 front. Microsoft has moved the majority of the new features to early next year, reserving them for the 20H1 release. What this means is that while there are a number of new additions to November 2019 Update (codenamed 19H2), the focus for this is on optimizations and refinements, as well as under the hood changes. To some, this makes the most lackluster since the Windows 10 November 2015 Update, which was the first major OS update. A case can be made that 19H2 rivals that version in terms of new features that it brings. However, this fall release of Windows 10 still brings along valuable refinements, small as they are, to your PC. Not to mention the stability and performance enhancements that the company will build future versions on. Microsoft stirred things up a bit recently when it made the decision to split the major Windows 10 releases into two distinct flavors — the first one being a fully-fledged update with new features, and the other one being a secondary patch update. Since we already got the first major update for the year as 19H1, this new release is now on the horizon. What separates this release from the previous versions is how Microsoft plans to ship it to users. 19H2 will arrive in the form of a cumulative update that end-users will be able to install on top of their current Windows 10 19H1 installation. This is a significant change for the company and should result in an overall smaller download and faster install process. Speaking of changes, another notable change is that the 19H2 update is only being tested in the Slow Ring of the Windows Insider Program. That is because the Fast Ring of the preview program is paying host to the 20H1 release, which is well in development now. More complete details can be found posted on OUR FORUM.

Several companies from the automotive industry were targeted by BitPaymer ransomware operators during August, in attacks that used an Apple zero-day vulnerability impacting the Apple Software Update service bundled with iTunes and iCloud for Windows. Apple Software Update is an updater service that gets automatically installed computers when users install iTunes or iCloud for Windows or when using Boot Camp Assistant to install Windows on a Mac. This service is designed to keep all Apple apps up to date on a Windows device, as well as to deliver software and security updates to Windows installations running on Macs computers. BitPaymer's operators found an unquoted path vulnerability within Apple Software Update for Windows which allowed them to launch their ransomware payload on the devices of any target that used iTunes or iCloud, as well as on those where they were previously uninstalled since the updater service is not also removed automatically. As part of their attacks, the BitPaymer operators executed a previously dropped ransomware payload instead of the Apple Software Update binary by abusing the zero-day. They did this by taking advantage of the fact that Apple's developers did not surround the service binary's execution path with quotes. This made it possible for them to launch the BitPaymer ransomware dropped in the form of a binary named 'Program' without an extension. Given that the Apple Software Update binary is signed by Apple, using it to launch the ransomware payload also enabled them to evade detection, fooling the behavioral engine of anti-malware solutions present on the compromised systems. Learn more by visiting OUR FORUM.

Using a credential stuffing attack, an unauthorized person was able to gain access to a TransUnion Canada web portal and use it to pull consumer credit files. BleepingComputer has learned that starting last week TransUnion Canada began sending out data security incident notifications via postal mail to consumers whose information was exposed in a credential stuffing attack. These notifications state that an unauthorized user utilized a TransUnion business portal to perform credit file lookups between June 28th and July 11th, 2019. The attacker was able to gain access to the portal using a TransUnion customer's account that was stolen in a credential stuffing attack. Once the unauthorized user gained access to the TransUnion portal, they could perform credit searches using a consumer's name, address, DOB, or Social Insurance Number ("SIN). If the correct information was entered, a credit file would be shown that contains the consumer's name, date of birth, current and past addresses, and information related to the credit, such as loan obligations, amounts owed, and payment history. Actual account numbers, though, would not be included in the report. While this is not a data breach in the sense that the hacker was able to gain access to the TransUnion's full database, it is still concerning as they would have been able to query for a consumer's credit file. As the information exposed in this security incident could easily be used by the attacker for identity theft, it is strongly recommended that all affected users monitor their credit history for fraudulent activity or new unauthorized lines of credit. Learn more by visiting OUR FORUM.

The beauty of announcing a device that won't launch for a year is that you don't have to toss out the specs list or inner workings for the wolves to tear apart. You can build excitement first. This is what Microsoft did last week with the Surface Duo, a dual-screen device that also happens to be the company's first phone in years -- even though Microsoft says the Duo isn't actually a phone. We know the gist of the product -- an Android phone (which Microsoft denies is actually a phone) that essentially doubles your screen space to take on foldable phone design. Although we have to wait until "holiday 2020" to meet the Duo, Microsoft has certainly created a sense of hype by leaping back into the game at a time when phones that double the available screen space are seen as the next big thing in phone design. A quick flash of the Surface Duo taken from an executive's pocket, a 2-minute video and a few minutes with a non-functioning prototype were our only glimpses at the device. Microsoft's well-orchestrated teaser gives us only fragments of detail, leaving us to wonder if the Duo will come together as a device that could truly take on foldable phones like the Galaxy Fold and upcoming foldable Motorola Razr. Foldable phones aren't expected to be cheap. Samsung sells its Galaxy Fold for $1,980, and the (delayed) Huawei Mate X will go for the equivalent of $2,600. While the Surface Duo won't be a foldable phone, it achieves about the same goal by doubling up on the given screen space you have to work with for watching videos, reading, typing, and playing games. This extra screen space is the real benefit, and the Galaxy Fold proves what a convenience it is. It's a convenience you're also expected to pay for. Follow this and lots more on OUR FORUM.

You might have heard of the copyright law that states data ownership goes to the person who created the data. In this case, data refers to intellectual properties. But can the same definition be applied to smart devices all connected to the Internet? Data moves through many things before and after it is processed. So exactly who owns the machine-generated IoT data? Does the end-user own the IoT data collected by smart devices that you use? Or does the company that created the single board has rights over the data? Does the operating system on the single board tell you that they’ll own the data passing through that smart device (In their “Terms and Conditions”) Does the board manufacturer own it? Among others who can lay claim to data collected by smart devices are the software developers who program the smart devices. This is confusing and as yet, has no clear guidelines as to who owns IoT data. This is the person using different smart devices. Since they are smart devices, they are all connected to the Internet. End-users can access these devices using the related app on their smartphones or directly by punching keys on smart devices. Almost all of the data on a network is created by the end-user. If we applied the copyright law to all this, the end-user would be the IoT data owner. Unfortunately, copyright law does not yet consider smart devices’ data. There are no laws for the IoT devices at the time of writing this article (September 29, 2019). Entities that manufacture smart devices (single board micro-computers that can take certain actions when something happens) are also contenders for data obtained by the devices. They have created the micro-computers and hence their claim to the data. However, it is not feasible to give away one’s rights (end users) to someone else (the manufacturers) as we don’t know where the data will be stored and how will it be used. But there is not much an end-user can do if the hardware makers stake their claim to data without even asking for such permissions. This posting is somewhat detailed, for comprehensive details visit OUR FORUM.

 

GTranslate