- 0
-
Recently Browsing 0 members
No registered users viewing this page.
-
Similar Content
-
By News Staff
Windows 8 - Free Reference Card Bundle
by Steven Parker
Claim your free reference guide today, before this offer expires.
This Windows 8 Quick Reference provides shortcuts, tips, and tricks for the popular operating system. Use it to brush up on the basics and to find alternate methods to your favorite commands.
This printable quick reference is yours to use, distribute, and share at your organization!
Along with this free reference card, if you are eligible, you will also receive a 30-day trial of CustomGuide training, including over 7,000 Online Skills Assessments and Interactive Tutorials.
How to get it
Please ensure you read the terms and conditions to claim this offer. Complete and verifiable information is required in order to receive this free offer. If you have previously made use of these free offers, you will not need to re-register. While supplies last!
>> Windows 8 - Free Reference Card Bundle <<
Offered by CustomGuide, view other free resources | Limited time offer
Not for you?
That's OK, there are other free eBooks on offer you can check out here, but be aware that these are all time-limited offers. If you are uncomfortable sharing your details with a third-party sponsor, we understand. Check out the Neowin Store for our preferred partners.
Home Gym Giveaway | Ultimate Gaming Giveaway (feat. PlayStation 5 & Xbox Series X) Ivacy VPN - 5-year subscription for just $1 per month NordVPN - 2-year subscription at up to 68% off Private Internet Access VPN - subscriptions at up to 71% off Unlocator VPN or SmartDNS - unblock Geoblock with 7-day free trial Subscribe to Neowin - for $14 a year, or $28 a year for Ad-Free experience Disable Sponsored posts · Neowin Deals · Free eBooks · Neowin Store
Disclosure: A valid email address is required to fulfill your request. Complete and verifiable information is required in order to receive this offer. By submitting a request, your information is subject to TradePub.com's Privacy Policy.
-
By zikalify
Firefox 84 launches with support for Apple Silicon CPUs
by Paul Hill
Mozilla has released Firefox 84 with native support for Apple Silicon CPUs. Firefox 83, by contrast, was released just after Apple’s CPU announcement and had to run using Apple’s Rosetta 2 emulation software on newer Macs.
Aside from support for Apple Silicon CPUs, it’s worth mentioning again that Firefox 84 is set to be the last version of Firefox that will include support for Adobe Flash. The plug-in, which has largely been supplanted by HTML5 and Unity, was first released in 1996 and sometimes acted as a security weak point.
Firefox 84 is a big update in terms of Mozilla’s rollout of WebRender, its Servo rendering architecture. The rollout has been extended to devices running macOS Big Sur, Windows devices with Intel Gen 6 GPUs, and Intel laptops running Windows 7 and 8. Linux users with the GNOME desktop with X11 will also get WebRender switched on in this update but it’s unclear when users of other desktop environments and of Wayland will get the feature switched on.
The final point worth mentioning also pertains to Linux; Mozilla says it is now using “more modern techniques” for allocating shared memory on Linux which improves overall performance and increases compatibility with Docker.
Head over to the Firefox website now to grab a fresh copy of the browser or wait for your existing installation to upgrade itself. You can also force the upgrade by going to the Menu button > Help > About Firefox where you should see the update download and eventually offer to restart the browser.
-
By Abhay V
Google discloses a zero-day vulnerability in Windows, currently exploited in the wild
by Abhay Venkatesh
Google’s Project Zero team known to discover security threats has disclosed a zero-day vulnerability in Windows that it believes affects versions from Windows 7 all the way to Windows 10 version 1903 - which was the version that the team tested its code on. The company’s post says that it has evidence of active exploits, which could allow attackers to execute code with elevated permissions.
What’s interesting is that the vulnerability that is tracked with the label CVE-2020-17087, coupled with another actively exploited Chrome zero-day vulnerability disclosed last week (CVE-2020-15999), performs what is known as a sandbox escape. This is where the malicious actor leverages these two bugs to execute code on a compromised target by escaping the secure environment of the browser, explains ZDNet’s Catalin Cimpanu.
The disclosure post also adds that Microsoft will be patching this vulnerability with the upcoming Patch Tuesday updates on November 10. However, the fixes for Windows 7 versions will only make it to users that have subscribed for extended security updates (ESU), so not all users will be able to patch their Windows 7 systems. Since the bug was being actively exploited, the search giant’s team provided Microsoft with seven days to patch the bug before disclosing it publicly today.
Google has already patched the Chrome vulnerability with stable build version 86.0.4240.1111. As for the Windows bug, the vulnerability lies in the Windows Kernel Cryptography Driver (cng.sys), which the Project Zero team explains in detail in the post here. The company has also attached a proof-of-concept code to show how the exploit could crash the system.
Additionally, Google’s Threat Analysis Group direction Shane Huntly has confirmed that the exploit is not related to any state-sponsored attack on the upcoming U.S. election.
-
By indospot
Patch Tuesday: Here's what's new for Windows 8.1 and 7 this month
by João Carrasqueira
We're 13 days into October, but it's not truly a new month until Microsoft releases its Patch Tuesday updates for Windows, and as we're on the second Tuesday of the month, that happens today. Along with all supported versions of Windows 10, there are also new cumulative updates rolling out to Windows 8.1 and some Windows 7 users.
There are two kinds of updates for each operating system - the monthly rollup update and the security-only update. For Windows 8.1, the monthly rollup update is KB4580347 and you can download it manually here. It includes the following changes:
It also has a couple of known issues:
Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following:
Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
When installing a third-party driver, you might receive the error, “Windows can’t verify the publisher of this driver software”. You may also see the error “No signature was present in the subject” when attempting to view the signature properties using Windows Explorer. This issue occurs when an improperly formatted catalog file is identified during validation by Windows. Starting with this release, Windows will require the validity of DER encoded PKCS#7 content in catalog files. Catalogs files must be signed per section 11.6 of describing DER-encoding for SET OF members in X.690.
If this happens, you should contact the driver vendor or device manufacturer (OEM) and ask them for an updated driver to correct the issue.
As for the security-only update, it's KB4580358 and you can download it manually here. It only includes the first and last of the bullet points from the monthly rollup. It also has the same known issues as the monthly rollup.
Of course, for Windows 7, only certain businesses can legitimately obtain the updates, since you need to be paying for extended security updates (ESU) after Microsoft dropped extended support for the operating system at the start of the year. The monthly rollup here is KB4580345, and you can download it manually here. It includes the following changes:
The update has one known issue:
Symptom Workaround Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege. Do one of the following:
Perform the operation from a process that has administrator privilege. Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release.
The security-only update here is KB4580387 and you can get it manually here. It includes the same changes as the monthly rollup, except the third and fourth bullet points. It also has the same known issue.
As usual, the monthly rollup updates should install automatically sooner or later, but if you want the security-only updates, you'll need to install them manually from the links above.
-
By Usama Jawad96
Microsoft apparently just fixed a Windows security flaw first reported to it in 2018
by Usama Jawad
Microsoft fixed quite a number of bugs in this month's Patch Tuesday update, which came out last week. While it packed numerous fixes for various versions of Windows, it did draw some criticism for the handling of a security vulnerability that was reported to it by Google.
However, it appears that the Redmond giant's security woes are not yet over as a new report claims that the firm just fixed a Windows zero-day exploit that was reported to it back in 2018.
Last week, Microsoft fixed a security hole in various versions of Windows that mainly deals with the operating system's incorrect handling of file signatures. In CVE-2020-1464, the company noted that:
In a blog post on Medium, security researcher Tal Be'ery has explained that Bernardo Quintero, a manager at VirusTotal - a service owned by Google - first discovered the vulnerability being exploited back in August 2018. This exploit, internally called "GlueBall", was immediately reported to Microsoft and the findings were published in January 2019 by Quintero. Microsoft acknowledged the issue and added mitigation actions in supporting tools, but stated that it would not fix the issue in the operating system itself. The reasoning behind this decision is not public.
After this, several blog posts were published by other people, explaining how to use GlueBall to exploit Windows. Then in June 2020, GlueBall was once again highlighted by prominent social media accounts.
It would seem that roughly around this time, Microsoft began to take this issue seriously and a proper fix to the gaping security hole was finally released in this month's Patch Tuesday. According to Microsoft's security advisory, this flaw was present in Windows 7, 8, 8.1, RT 8.1, Server 2008, 2012, 2016, 2019, and Windows 10, going all the way up to version 2004, and that it was exploited across numerous versions of the operating system.
In a vague statement to KrebsonSecurity, Microsoft stated that:
The handling of this incident from Microsoft's end is extremely strange, to say the least. One has to wonder why Microsoft delayed fixing a Windows security flaw for nearly two years, especially when it was present in virtually all major versions of the operating system.
Source: Tal Be'ery (Medium) via KrebsonSecurity
-
Question
So I have my old pc setup as a media box over wifi (dlink 601 wireless n router), mapped a drive to my laptop and access via teamviewer. While trying to transfer some photos to my laptop (around 15gb) the max speeds I get are around 1mb per second. Copying in between different HDs in the same computer is fast (around 90mb per second) So i know it's not the HD. Here's an example:
Link to post
Share on other sites
10 answers to this question
Recommended Posts