The IT Nerd

Frequent readers will recall that a pretty bad vulnerability in Windows was disclosed on Twitter last week that had the potential to be really bad if the bad guys stated to exploit that if Microsoft didn’t come up with a quick fix.

Guess what, the forces of evil have started to exploit it.

ESET’s Matthieu Faou has disclosed on Wednesday that a group of hackers called PowerPool is actively exploiting the bug to move from hijacked user accounts to full system administrator-level control of already infiltrated Windows boxes. Which of course is very, very, very bad. Because chances are if these guys are leveraging tis bug, there are others who are leveraging this bug as well. Thus Microsoft now more than ever needs to step up and address this before this becomes extraordinarily bad.

The next major update for the Windows 10 operating system has been announced by Microsoft today. Dubbed the Windows 10 October 2018 Update and announced via a blog post connected to Microsoft’s presence at IFA in Berlin, it will bring among other features the following to the table:

• A dark theme for File Explorer. Because dark modes are now a thing seeing as macOS Mojave has a dark mode.
• A new snipping experience
• A cloud-powered clipboard
• Support for extended line endings in Notepad
• integration with the Your Phone app
• New web sign-in and fast sign-in features
• A mixed reality flashlight feature
• SwiftKey in the touch keyboard

It should be out by the end of October if the stars align and be punted out to the 700 million devices that Microsoft claims are running Windows 10. Hopefully it will better than the April 2018 update which was plagued with problems when that shipped.

I’m going to go out on a limb and suggest that the folks in Redmond Washington are going to have a very bad day as a zero day exploit, meaning that it has no known fix has been unleashed upon the planet via Twitter.

In short, this exploit is of the privilege escalation variety. Meaning that some miscreant can escalate their user level on an exploited computer to do whatever they want. That’s bad. And you’ll note that in the Tweet above there’s proof of concept code already out there. That means that the bad guys are likely already working on ways to exploit the exploit. Which by the way the exploit in question was confirmed on Twitter by CERT/CC vulnerability analyst Will Dormann:

And CERT/CC has just posted it’s own analysis as well which highlights the fact that there are no known fixes or mitigations. Which is of course very bad. Hopefully Microsoft is on the case and seeing as this is a zero day exploit, won’t wait until Patch Tuesday to come out with a fix for this. Until then, they’ll be under a fair amount of pressure to address this quickly now that this is out there.

Microsoft today announced a budget tablet called Surface Go. The Surface Go features dimensions of 9.6-by-6.9-by-0.3 inches and weighs just 1.2 pounds. It has a 10-inch 3:2 1800-by-1200 PixelSense Display. That put it into roughly the same size as an iPad. It has a single USB-C port in it. But the real story is what it has under the hood. It has an Intel Pentium Gold Processor. You read that right, it has a Pentium processor in it. Clearly to cut the cost down to match the iPad. The Surface Go runs Windows 10 S which a version of Windows that will only run apps found in the Microsoft Store. However you can convert it to the full version of Windows 10 for free.

Pricing goes something like this. The $399 USD model ships with 64GB of eMMC flash storage and 4GB of RAM, or you can get a $549 USD model that includes 128GB of SSD storage and 8GB of RAM. Each of these models come in Wi-Fi-only network configurations. Those go on pre-order tomorrow. LTE models and 256GB versions of the Surface Go will go on sale sometime after August 2. For business customers, Microsoft is also offering a Surface Go with Windows 10 Pro installed for $449 USD. There’s also a number of accessories that will be available from pens to mice.

Here’s the launch video from Microsoft, which also takes the opportunity to troll Apple’s iPad along the way:

The fine folks at Microsoft put out a blog post which trumpeted it’s use of AI to deliver a smooth roll out of the Windows 10 April 2018 update. Near the end of it, they say this:

Based on the update quality and reliability we are seeing through our AI approach, we are now expanding the release broadly to make the April 2018 Update (version 1803) fully available for all compatible devices running Windows 10 worldwide. Full availability is the final phase of our rollout process. You don’t have to do anything to get the update; it will rollout automatically to you through Windows Update.

Quality and reliability? Seriously? Tell that to the people who have been hit by issues related to this update. Most notably this one where your computer is basically unbootable after the update. Now I do have a fix for it but this issue should never have made it out of Microsoft’s QA labs. Then there’s this issue which to Microsoft’s credit they have fixed. And let’s not forget this issue which has been fixed as well. I could go on but I think you see my point here. Which is that this issue has been insanely problematic and Windows 10 users have suffered as a result. And that should never ever happen.

So Microsoft may say this update is ready for prime time. But I say that you should take that with a grain of salt. But if you fell like rolling the dice on this, make sure you have a backup of your computer in case things go south. Which is entirely possible given what has gone on to date.

If you’re a Windows 10 user, and if you installed all the updates that showed up on yesterday’s Patch Tuesday dump, you’ve just fixed a really serious security issue with your Windows 10 computer. Specifically there was a vulnerability where Window 10’s ever helpful virtual assistant Cortana could help an attack bypass the computer’s lock screen and change the password. Now if you guessed that Cortana was always listening for commands to act on even if the computer is locked, you’d be right.

Now I know that when I try to use certain commands with Siri when my iPhone is locked, Siri will demand that I unlock my iPhone. Plus I can disable “Hey Siri” commands  at the lock screen entirely as that has been an issue in the past. Thus maybe Microsoft should look at doing the same. Otherwise, they’ll continue to have a never ending stream of lock screen security issues like Apple has had.

Which? conducted a survey of more than 1,100 people which looked at issues that users have had with Windows 10. And the results are not good if you’re Microsoft. Specifically:

• 21% of complaints had to do with issues with software compatibility
• 16% of complaints had to do with hardware/peripheral problems
• 7% of complaints had to do with email not syncing
• 6% had to do with the removal of non-Microsoft software
• 5% had to do with the PC slowing down
• 10% was classified as “other”

Now the PC world has a ton of hardware and software in it. Which means you can easily get a mix that causes havoc that users cannot solve themselves. Thus 46% of those who responded had to pay someone to fix those issue for them. Largely because Microsoft’s own tech support isn’t up to standard according to Which?

Clearly Microsoft has an issue as we’re three years into Windows 10 which the company calls the “last version of Windows” that they will be kicking out into the world and people are not happy. Which? says that Microsoft really needs to step up their game here and I agree. I stay employed because of the items mentioned above. And frankly, I shouldn’t be. Microsoft should have an OS where having to reach out to someone like me is the exception and not the rule. But that’s clearly not the case and I don’t seriously expect that to change from Microsoft which is a shame.