August 2023
Download
Windows 11 version 22H2 Moment 3 release notes. Minor changes.
Microsoft enhances Windows 11 Phishing Protection with new features. It detects the copy and paste of a user’s Windows password and warns the user.
Windows 11 is getting a built-in passkey manager for Windows Hello. See below for more about passkeys.
Windows 10/11 timeline
The Windows 11 taskbar is centered by default. It can be changed to the left by going to
Settings | Personalization | Taskbar | Taskbar Behaviors | Taskbar Alignment.
Windows 11 Setup Tips for Businesses (PDF).
For Windows Surface devices that suddenly found the integrated camera didn’t work, Microsoft has released new drivers to fix the issue.
You may have noticed that Outlook e-mail links now open in MS Edge browser by default. You can change it to your preferred browser.
Select “File > Options > Advanced > File and browser preferences” and choose your preferred browser from the dropdown menu.
Reminder: Microsoft products reaching the end of support on October 10, 2023:
- Windows 11 21H2 (22000) Home and Pro.
- Windows Server 2012 and 2012 R2.
Microsoft has a new default font for its 365 Office apps: Aptos. It replaces Calibri.
Make sure any new computer has enough RAM. The minimum is now 8GB. 16GB+ is strongly recommended — costs have come down. As mentioned last month, get a larger SSD (hard drive) than needed – it will extend its life.
AWS is now charging for IPv4 addresses.
Prices for public static IP addresses may increase with ISPs.
It has been four years since we officially ran out of IPv4 ranges to allocate.
Twitter changes logo to “X” from the bird.
“The change will be very confusing to a huge chunk of Twitter’s audience, which has been already souring on the social platform given a slew of other major changes Musk has made..”
Asked by one user what tweets should be called now that Twitter has rebranded, Musk responded: “x’s.”
Twitter’s valuation has dropped to less than half the October 2022 purchase price.
Meta’s new app, Threads, launched in July.
Evernote lays off entire US staff.
After the merger with Google Maps division, Waze has layoffs.
Mergers and shutdowns are common at Google. Google said Stadia “is not shutting down” two months before announcing Stadia would be shut down.
SwitchBot has some interesting smart home gadgets.
NASA Launches Beta Site with On-Demand Streaming.
Also, check out https://climate.nasa.gov/
YouTube Premium is now $13.99 per month.
Netflix kills Basic plan, making its cheapest ad-free tier $15.49.
Android phones can tell you if there’s an AirTag following you.
https://www.gnod.com/ Creates maps of similar things. A great way to find new things you like.
Music https://www.music-map.com/
Books https://www.literature-map.com/
Movies https://www.movie-map.com/
Products https://www.productchart.com/
WT Social is a social network developed by the founder of Wikipedia.
Users are rated by how trustworthy their posts are.
ECONOMY
Fitch Downgrades the United States’ Long-Term Ratings to ‘AA+’ from ‘AAA’
“The rating downgrade of the United States reflects the expected fiscal deterioration over the next three years, a high and growing general government debt burden, and the erosion of governance…”
Samsung’s profits are down 95 percent for a second consecutive quarter.
Samsung is still suffering under a glut of unsold memory chips.
The latest inflation data: the CPI is down to 3%, the lowest level since March 2021. This 3% inflation rate is despite shelter inflation still being reported at 7.8% with a 1/3 weight in CPI. Therefore, ex-shelter, the inflation rate is now less than 1%. (from SeekingAlpha)
CHATBOTS and AI
The rise of AI newsbots in India.
The phenomenon is mirrored in other Asian markets, from China to Southeast Asia, where artificial news anchors are starting to change the face of news broadcasting.
Google just changed its privacy policy to reflect broader uses of all the surveillance data it has captured over the years. Data will be used to train AI.
AI and Microdirectives – Law enforcement by machine?
Imagine a future in which AIs automatically interpret and enforce laws.
At least in this early form, Windows Copilot is cobbled together from Bing Chat and barely integrated into Windows. I may be a bit cynical – Microsoft’s last new and exciting feature promised about the same thing — Cortana. “Just because you can add AI to something doesn’t mean you should.”
Licensing and Q&A: “Microsoft 365 Copilot will be an add-on license available for Microsoft E3, E5, Business Standard, and Business Premium customers to begin… More information will be provided in the future.” Some sites mention a license cost of $20 per user.
AI-enabled brain implant helps patient regain feeling and movement.
PASSKEYS
Passkeys are designed to provide a more secure alternative to passwords for logging in to online sites or services. Unlike passwords, passkeys cannot be targeted by phishing attacks. The setup involves digital
signatures and verification through a device, such as a smartphone.
What is a passkey? (NY Times)
The Keeper password manager now supports passkeys. This is a significant benefit since passkeys are otherwise tied to a single device.
Vendor websites supporting passkey:
Adobe, Apple, Google, Microsoft, Paypal, Shopify.
Directory of supported sites:
https://www.keepersecurity.com/passkeys-directory/
Using passkeys on Android phones.
SECURITY
Apple patches zero-day flaws impacting iPhones, iPads, and Macs. Be sure to update.
Exploitation of recent Citrix ShareFile vulnerability now seen.
Citrix patched the flaw in June 2023 with the release of ShareFile storage zones controller version 5.11.24, warning that it could lead to full application compromise.
Stolen Microsoft security key allowed access to Microsoft cloud services.
- A key used to sign tokens for consumer MSA accounts was stolen.
- Due to a misconfiguration, tokens signed by that key were also usable to steal e-mails from Exchange Online customers using AAD identity.”
- Some government e-mail domains were compromised.
It is very unlikely that your Office 365 account was affected since you are probably not multitenant. It does show how even trusted vendors can get hacked.
It means that applications that use the “Log in with Microsoft” feature could also be affected. For technical details, read this Wiz blog post.
“It is imperative for these applications to immediately refresh the list of trusted certificates,” Tamari urged. “Microsoft advises refreshing the cache of local stores and certificates at least once a day.”
(Computers that can connect to the Windows Update site receive updated CTLs on a daily basis.)
More: Azure AD ‘Log in With Microsoft’ authentication bypass affects thousands.
Analysis of Storm-0558 techniques for unauthorized e-mail access.
Microsoft has agreed to provide more access to security logs as a result of this incident.
Microsoft previews Strict Location Enforcement to thwart stolen token access.
Hot Topic discloses data breach.
Everlast hacked, customer credit cards compromised.
HCA Healthcare patient data stolen and for sale by hackers.
Rite Aid reports major data breach compromising customer information
Over 400,000 corporate credentials stolen by info-stealing malware.
The personal health information of 612,000 Medicare beneficiaries has been breached from CMS contractor Maximus Federal Services.
As noted in CVE-2023-36884, targeted attacks are using specially crafted Office documents.
There is no patch yet. The best thing you can do is just not click.
HUMOR
Tim Torian