By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

No matter how robust an operating system is, it is difficult for it to be completely free of possible threats. Given that cybercriminals are constantly reinventing themselves, it follows that the same goes for cyberthreats. It is a constant cycle where any delay or slip up can open up new points of entry for unwanted visitors. And if operating systems are vulnerable, the companies using them are also vulnerable. In many cases, companies entrust their corporate cybersecurity to a single piece of default software; but experience shows that this is not enough. We now yet more proof of this. And what’s more, it affects a huge number of companies all over the world.
The vulnerabilities in Windows 10
This is exactly what has happened to Windows 10. Several vulnerabilities were found in this new version of the most widely used operating system in the world almost as soon as it was launched. But it has now set alarm bells ringing once again. In this case, the vulnerability is in ExploitGuard CFA File Creator, a tool provided by Windows in order for users to monitor the changes that certain programs are able to make to files within specific folders. The intention behind this tool was clear: it would allow the user to control possible unwanted access, and to avoid possible attacks from untrusted programs. And, put bluntly, the results couldn’t have been more counterproductive. As cybersecurity expert Soya Aoyama has demonstrated, there is a way to insert a malicious DLL so that, when Internet Explorer (which is on the CFA’s list of trusted programs) is run, ransomware can be inserted into the protected folders. I.e., this cyberattack takes advantage of a piece of software that is apparently harmless (Internet Explorer) in order to get into these folders. The worst thing about this may be the fact that, so far, Windows Defender, which has already had one or two problems itself, hasn’t been able to detect this problem on its system. And it doesn’t stop there: when Aoyama disclosed this vulnerability, the company didn’t feel it necessary to launch a patch, since, in their opinion, in order for the risk to be real, unauthorized access must have taken place before the DLL was launched. If we apply this to a corporate environment, the risks are clear. At the moment when the DLL arrives in an employee’s protected folders, it could set off a chain of attacks in the rest of the company, causing a serious corporate cybersecurity problem.

According to a new report, Microsoft has now overtaken Amazon to become the second most valuable company behind Apple. This has been possible with the company recording a great fiscal quarter. Microsoft has also got some help from Amazon which had a disappointing performance in the first fiscal and is now third behind Apple and Microsoft. Apple currently holds the number spot being the first company to break the $1 trillion thresholds earlier in the year. If the same trend is continued by Microsoft, it would be become the second company worth $1 trillion and snatch the first spot from Apple. But it will not be an easy road for Microsoft since Apple is due to release its earnings report next Thursday and with the release of the new iPhones, there are chances of it retaining the number one spot currently. If the latest quarter reports are anything to go by, then we assume that Microsoft could reach the $1 trillion mark by 2020. Microsoft’s cloud business has seen a massive growth with it contributing $8.6 billion (up by 24 percent) out of the total $29.1 billion revenue for the Q1 which is up by 19 percent this fiscal year. The total net income of Microsoft has reached $8.8 billion which is a growth of 34 percent from the previous fiscal year same quarter. Want to know more visit OUR FORUM.

“FIDO has mounted a longstanding campaign to get third party support for its strong authentication standards and expand the compliant device ecosystem, but bringing FIDO2 support to major web browsers effectively brings FIDO support into the Internet’s core infrastructure.” FIDO2 and WebAuthn support has officially arrived on Windows 10, via the operating system’s October 2018 update. The update brings unprefixed support for WebAuthn to the OS, meaning that Windows Hello, the operating system’s built-in biometric security system, can now be used for authentication in the Microsoft Edge browser. In other words, Windows 10 users can log into compatible websites using facial recognition or a fingerprint scan. Alternatively, a FIDO2-compliant security key can also be used for authentication through the browser. It’s a big victory for the FIDO Alliance and its authentication standards, with the organization’s Executive Director, Brett McDowell, having emphasized the major browsers’ support for FIDO2 and WebAuthn at last week’s Money20/20 event in Las Vegas. FIDO has mounted a longstanding campaign to get third party support for its strong authentication standards and expand the compliant device ecosystem, but bringing FIDO2 support to major web browsers effectively brings FIDO support into the Internet’s core infrastructure. Other new features of Windows 10 include control over media autoplay, an improved Reading Mode, a refreshed menu interface, and a number of smaller updates for developers working with the operating system.
Source: Windows Blogs via mobileidworld.com

  

Latest Articles