April 2019
Download
The next version (feature update) of Windows 10 is expected out sometime in April. We recommend not installing it till the bugs get worked out, as usual. Last time this took several months. Windows 10 April 2019 Update release date & new features – what’s coming.
Microsoft is just now pushing the last update (October 2018) to all users.
Microsoft will now remove updates that aren’t compatible with the installed version of Windows 10. If Windows detects this, it will try to resolve the failure by uninstalling recently installed updates. You will receive this notification: “We removed some recently installed updates to recover your device from a startup failure.”
Windows Virtual Desktop is a new “Service” from Microsoft. You are provided a virtual Windows 7 or Windows 10 workstation hosted on Microsoft Azure (Cloud Virtual machine). You remote in and work on the Virtual Desktop. These can be joined to a “Virtual network” and connected to other Microsoft online services or servers. There is no additional cost if you have one of the following Office 365 licenses: Microsoft 365 E3, E5, F1; Windows Enterprise and Education E3 and E5. Windows 7 virtual machines will continue to receive support and patches until 2023 – beyond the January 2020 end of support date for physical desktops.
Office 365 ProPlus will now include the Microsoft Teams app
Teams is the successor to Skype for Business. Microsoft is aggressively pushing Skype users toward Teams.
Netflix is raising prices on its most popular subscription streaming service to $13 a month from $11.
50 Free Tools to Help Grow Your Small Business
At an American Workforce Policy Advisory Board meeting today, the president called Tim Cook (CEO of Apple) “Tim Apple.”
Security
Google Chrome zero day vulnerabilities. Please update your Google Chrome ASAP and verify it is on the latest version, 73.0.3683.103. Click on the 3 dots on the top right, go to Help / About Google Chrome. It will automatically update if needed. If you are on maintenance, the update will be done for you.
If you have ASUS motherboards, we will be contacting you about a security update.
Attackers have taken an old version of the ASUS Live Update utility and injected a malicious code for a backdoor. Then they hosted the file on official ASUS update servers. ASUS distributed this malicious version.
ShadowHammer: ASUS Live Update infected with Backdoor.
How to ensure that my device has the latest and safest version of ASUS Live Update.
WeMo home automation devices are being attacked. If you have one, be sure to update the firmware.
Facebook App Data Exposure
The Mexico-based media company Cultura Colectiva, exposed 146 gigabytes which contains over 540 million records detailing comments, likes, reactions, account names, FB IDs and more.
A separate backup from a Facebook-integrated app titled “At the Pool” was also found exposed to the public Internet via an Amazon S3 bucket. This database backup contained Facebook user ID, name, password, photos and more. The passwords are presumably for the “At the Pool” app rather than for the user’s Facebook account. This could put users at risk who have reused the same password across app accounts. A summary of Facebook data scandals.
Credit Card breach reported at Buca di Beppo, Planet Hollywood, Earl of Sandwich, Chicken Guy!, Mixology, and Tequila Taqueria. Earl Enterprises has published an interactive form on its website to help customers determine if they’ve dined at one of the restaurants that had its POS system compromised with malware.
Toyota Japan says hackers might have stolen details of 3.1 million Toyota and Lexus car owners. …making it the second cyber-security incident the company acknowledged in the past five weeks.
Box data may be exposed due to default settings. The problem lies with Box.com account owners who don’t set a default access level of “People in your company” for file/folder sharing links, leaving all newly created links accessible to the public.
Popup enlarges at the last second so users click on ads instead of ‘Close’ button
The new method sends unsuspecting users to malicious websites that show an ad inside a popup. Like most popups, a “close” button will be displayed in the popup’s top-right corner.
However, when the user moves his mouse to close the popup, code from that page will expand the popup and move the ad in the cursor’s path, so any click on the close button will actually land on the ad instead. The safest way to end popups is to use task manager to end the task.
Customs and Border Protection announces social media tracking program
Using social media and other sources CPB officials improperly maintained databases on activists, attorneys and journalists involved in immigration advocacy. Individuals whose information was contained in those databases were singled out for interrogation at border crossings, according to news reports. Be aware that your social media is being watched.
Tim Torian