This year is doing what all years do around this time, and that’s coming to an end. In an attempt to not make our readers needlessly click through the over 8,600 news stories posted in 2018, we’ve compiled a handy list of the most popular ones.
It must be said that our constantly sought-after Weekend PC Game Deals aren’t included, as due to their popularity, the list would be severely skewed. Furthermore, unboxings, reviews, and editorials aren't part of this list either.
Without further ado, here are the top 10 news stories – based on traffic – that were posted on Neowin this year.
Near the end of February, Google’s Project Zero team – tasked with finding bugs in software developed by the Mountain View company and other tech firms -, made public a security flaw definitively tested on version 1709 (Fall Creators Update) of Windows 10.
Upon discovering a flaw, Project Zero reports it to the relevant company, afterwards providing 90 days for the company to fix said issue before it’s made public. In this particular case, the bug relates to the SvcMoveFileInheritSecurity remote procedure call, which if exploited, can potentially lead to elevation of privilege. In other words, if a file is read-only, and the server calls the SetNamedSecurityInfo on a parent directory, this could allow other users on the network to modify the aforementioned read-only file.
This issue was reported on November 10, 2017 and labeled 1428, along with a similar security flaw dubbed 1427. The latter was fixed by Microsoft on Patch Tuesday in February, while 1428 was marked fixed a month later.
News about unannounced products does slip through the cracks sometimes, be it via a statement from an exec or even a press release. This one comes from an announcement of collaboration between AMD and Synaptics to create a “new industry benchmark in high-secure biometric fingerprint authentication”.
Right in the opening paragraph, beyond mentioning the use of AMD’s Ryzen Mobile platform, there’s also the Redmond giant’s “forthcoming biometric security OS including Windows Hello.” We currently know of a lightweight, modular version of Windows dubbed Windows Core OS, and the codename of its traditional PC-oriented variant, Polaris. What’s slightly weird is that Windows 10 already has support for Windows Hello and a fingerprint sensor today, so it’s unclear whether this is just a customized version of Core OS or if it’s an altogether different beast.
It’s been about a year and a half since Google’s ‘Polymer’ YouTube redesign – complete with the oft-requested introduction of an official dark mode. That’s not to say the UI refresh hasn’t gotten its fair share of criticism, the most recent of which came from a Mozilla exec.
According to Chris Peterson, there’s now a heavy reliance on the deprecated Shadow DOM v0 API which is only available in Chrome. This makes Firefox and Edge run five times slower, which is weird considering that both Shadow DOM v0 and v1 APIs are supported. Yet for some reason, Google still relies on the older API.
The beginning of the year brought some rather unfortunate news for everybody with an Intel CPU initially, but extended to AMD and ARM chips as more details were provided. The trio of flaws (later dubbed Spectre and Meltdown) was uncovered because of a Linux kernel patch to fix these flaws that somebody spotted on January 2.
Because of the sensitive nature of the design flaw present – which we later found out affects all Intel chips in the past two decades but not all AMD processors -, there was an embargo in place until January 9. Indeed, multiple cloud providers had scheduled a maintenance period on January 10, specifically to provide the required patches. Due to the flaw being discovered earlier than expected, the aforementioned patches were rushed out before bad actors could take advantage of the vulnerability present.
The performance impact of patches for Spectre v1, v2, and Meltdown was detailed by Microsoft, with the patch for Spectre v2 seeing the biggest dip in performance. Unfortunately for Intel, only its processors are affected by this version of Spectre, publicly dubbed Branch Target Injection. To top it all off, there’s another security vulnerability, NetSpectre, which can steal data from the CPU over the network.
Some good news is on the horizon, as Windows 10 19H1 should see folks recoup some of the lost performance.
In a move that was bound to please image rights holders but ultimately frustrate users, Google axed the ‘View image’ button from its Image search results back in February.
This was part of a package deal made with Getty Images, which was meant to improve the display of copyright information and attribution method for the stock photo company. The ability to visit the source site is still present, and Google says this allows users to “see images in the context of the webpages they’re on”. Alas, a bit of convenience was definitely lost with this UI tweak.
No code is perfect, but the imperfections of a piece of software as important as a driver can have some rather undesirable effects on users’ systems. This is what Nvidia learned with the release of the 397.31 (WHQL certified) GeForce drivers.
Pushed out on April 25 to a vast array of GPUs (sans those based on the Fermi architecture), the offending driver package caused those primarily using GTX 1060 cards to experience reset loops. To fix this problem, a user had to boot into Safe Mode and either remove any trace of 397.31 via Device Driver Uninstaller (DDU) – afterwards installing the previous driver iteration – or clean install version 391.35, another Windows Hardware Quality Labs (WHQL) certified driver.
Unlike last year, people didn’t find this porn-related story quite as interesting, though it is perhaps a little on the annoying side to say the least. It’s in response to a subset of the provisions of the 2017 Digital Economy Act, which was implemented in April of this year.
To comply, MindGeek – parent company of PornHub, Redtube, and YouPorn – has implemented an open system dubbed AgeID. This means anybody looking for adult content has to go through a verification process (once) which covers the viewer’s passport, driving license, SMS, or credit card.
Needless to say, any company not complying with the regulations in the Digital Economy Act will be fined £250,000. Privacy advocates have also pushed back on both the legislation and the AgeID implementation, with Jim Killock, executive director of the Open Rights Group, mentioning 2015’s Ashley Madison hack.
The release of the alpha 1 of Kodi v18 “Leia” in March brought with it a number of new features, improvements to video playback, its music library, Live TV, a serious code rewrite and, perhaps most importantly, support for DRM content.
Kodi, which started out in life as XBMC – Xbox Media Center – for the original Xbox, is a free and open source Home Theater PC application. Think of it as a third party variant of Media Center, which was included in previous versions of Windows. The key difference here is that unlike the latter, Kodi is still alive and well.
Regardless of your opinion concerning which virtual reality headset is better, there’s no denying that the required devices aren’t exactly cheap. To that end, it’s not surprising that users were upset when their Rift HMDs didn’t feel like working on March 7, instead spitting out a “Can’t Reach Oculus Runtime Service” error.
An expired certificate in the Oculus Runtime Service – OculusAppFramework.dll being the file in question – caused every single virtual reality device from the company to stop working. Luckily, a 4 MB patch was issued the next day at 12:35am PT, which addressed this bug.
This is a Microsoft-focused site, so it’s not too much of a shock to see a story about the Redmond giant take the top spot. What is however surprising is that sitting at #1 is a post about Windows Update of all things.
The set of patches was released in mid-May, as a follow-up to Patch Tuesday, for the Anniversary Update (1607) and Fall Creators Update (1709). Looking through the changelog, some arguably big gripes with BitLocker and VM configuration are addressed, and a reliability issue with the creation of shielded VMs is detailed.
Honorable mention: The offline installer for Chrome 67.0.3396.99
As you may be well aware, beyond the regular stream of various news posts, there’s also a software-only section here on the site. Because of it being constantly updated, we’d be remiss not to at least mention the most popular entry of 2018.
While offline installers are reasonably popular, this one in particular dwarfs the other ones in terms of interest. Either way, this is the software release you folks found the most intriguing this year, for some reason or another.
And that is all, folks. Cheers for all the visits, and for taking a walk down memory lane through 2018's most (surprisingly) popular news stories.
Have a great New Year!