22Aug15 – DoctorLaptop’s Tips

Sorry for the lack of posts in the last week, I have been busy looking for a new location and working on the new TorroXtra website.

Microsoft pushes Emergency Patch for Zero-Day Internet Explorer Flaw

It’s time to immediately patch your Internet Explorer – Once again!

Microsoft has issued an emergency out-of-band patch for all supported versions of Internet Explorer browser, to fix a critical security flaw that hackers are actively exploiting to hijack control of targeted computers.

The Zero-Day flaw (assigned CVE-2015-2502) is a Remote Code Execution vulnerability that could be exploited when a user visits a booby-trapped website or open a malicious email on an affected machine.

The security bug actually resides in the way Internet Explorer handles objects in memory. If successfully exploited, a hacker could gain the same user privileges as the current user.

Read more here: http://thehackernews.com/2015/08/microsoft-emergency-patch-zero-day-internet-explorer.html

Windows 10 Doesn’t Stop Spying You, Even After Disabling It’s Creepy Features

In our previous articles, we raised concern about Windows 10 privacy issues, including its controversial Wi-Fi Sense feature. Also, to cope up with these issues, I provided you a one-click solution to fix all privacy compromising features that allow Microsoft to track users.

But unfortunately, all those efforts got wasted because Microsoft still tracks you, even after you harden your Windows 10 privacy to an extreme level by disabling all privacy-infringing settings.

This time the culprits are – Cortana and Bing search.

Windows 10 features, including Cortana and Bing search, continue communicating with Microsoft’s servers and sending it data, even after you turned the features off.

 A Technical Analysis done by Ars showed that even when you tell Microsoft to not to make any Internet-related inquiries by changing various privacy settings, it appears that Windows 10 still communicate with the software giant’s servers for different information.

Cortana is Cheating on You

With Cortana and searching the Web from the Start menu turned off, a request to http://www.bing.com is still made for a file called threshold.appcache that contains some Cortana information, whenever a user opens Start and start typing.

The operating system’s voice assistant Cortana sends information containing user’s identifying computer ID that persists across reboots. This allows Microsoft to distinguish between the Cortana requests from different computers.

The worrisome part is that Cortana sends this data even though she is disabled.

Windows 10 Sends your Data via Unencrypted Channel

Moreover, it also appears that Microsoft keeps on sending data to its servers via its Live Tiles in the Start menu. Even if users clear all the Tiles, Windows 10 re-install new tile info from Microsoft.

However, Windows 10 do so using unencrypted HTTP connections, potentially leaving users open to malicious actors who could intercept the traffic between users and the company, which is more troublesome.

In response to the latest report, Microsoft said that all communications between a Windows 10 machine and Microsoft are only to make the retrieval of updates easier.

“As part of delivering Windows 10 as a service, updates may be offered to provide ongoing new features to Bing searches, such as new visual layouts, styles and search code,” Microsoft said.

Microsoft further added that “no query or search usage data” is sent to the company, in accordance with the user’s selected privacy settings, and the same applied to searching offline for apps, files and settings on the device.

Copied from: Swati Khandelwal

Senior Technical Writer at Hacker News. Social Media Lover and Gadgets Girl. Speaker, Cyber Security Expert and Technical Writer.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s