Latest Microsoft Windows 10 Update Makes Some Apps Disappear

[unable to retrieve full-text content]

Microsoft has issued a workaround for the latest Windows 10 update that apparently causes some apps to disappear.

Last week, the company released the latest Windows 10 Creators Update, which includes new security features and support for new augmented reality perks that will work with “mixed reality” headsets and other hardware gear from Dell, HP hpq , and other hardware partners.

The software update was announced October 17, the same day the company previewed its new Surface Book 2 laptop/tablet combo platter. Soon after that, users who had upgraded their operating system on their own machines started posting about missing apps on the Microsoft support page.

The disappearing app problem was first reported by tech news site WindowsLatest.com. Microsoft could not be reached for comment. Fortune will update this story as needed.

Get Data Sheet, Fortune’s technology newsletter.

Microsoft msft has pitched these twice-a-year managed upgrades, called Creators Updates, as a way to distribute major new features, support for new hardware, and fixes to users in a predictable and organized way. Last spring’s update, for example, let users rely on Microsoft’s Cortana virtual assistant to set up their PCs.

Tech

Russian Spies Rush to Exploit the Latest Flash Zero Day and More Security News This Week

There’s nothing like a hefty security freakout to start the week, and the Key Reinstallation AttackWi-Fi vulnerability—you know it as Krack—announced on Monday fit the bill. The bug is in the ubiquitous WPA2 Wi-Fi protocol, so while it fortunately doesn’t impact every single device that exists, it does affect a significant portion of them. And many will likely never receive protective patches, a longstanding and critical security problem that particularly affects the Internet of Things. The relative simplicity of the Krack bug itself also highlights the importance of making technical standards accessible to researchers for review and feedback.

Google announced a new tier of account security this week called Advanced Protection that uses physical authentication tokens, advanced scanning, and siloing to help defend particularly at-risk accounts (or anyone who wants to be very cautious). And after its disastrous corporate breach, Equifax is receiving a thorough public shaming. Researchers also discovered that for just $ 1,000 they can exploit mobile advertising networks to track people’s movements in both cyberspace and the real world. Not great!

US-Iranian relations are tense and could nudge Iran’s cyber operations. And crooks have a new favorite hustle called “cryptojacking” that can secretly use your devices to mine cryptocurrency when you visit infected websites. Highs and lows.

And there’s more. As always, we’ve rounded up all the news we didn’t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.

Flash Patched Its Recent Zero Day, So Russian Hackers Are Using It While They Can

Kaspersky Labs researchers announced a new Adobe Flash vulnerability on Monday, noting that unidentified hackers exploited the bug in an attack on October 10, using a compromised Microsoft Word document to deliver FinSpy malware. Adobe coordinated with Kaspersky to issue a patch on the day of the disclosure. In the wake of the patch, researchers at the security firm Proofpoint observed the hackers doubling down to exploit the flaw before potential targets widely adopt the fix. The group, which Proofpoint says is the Russia-backed collective Fancy Bear, launched an email spearphishing campaign that targeted state departments and aerospace companies. But researchers say the operation was sloppy, and that the group has followed this pattern in the past.

Microsoft Didn’t Disclose 2013 Breach of a Sensitive Vulnerability Database

Sophisticated hackers breached Microsoft’s internal vulnerability-tracking database more than four years ago, but the company didn’t publicly disclose the incident. Five former Microsoft employees told Reuters that the company was aware of the intrusion in 2013. The database would have contained critical vulnerabilities in Microsoft’s widely used software products, including Windows, and may have even included code for exploiting those flaws. Such information would be a gold mine for foreign government-backed hackers or third-party criminals alike, and could have facilitated breaches and espionage at the time.

Reuters’ sources said in separate interviews that Microsoft never connected the breach to any other attacks, and that the company didn’t disclose the incident, because doing so would have pushed attackers to exploit the vulnerabilities before they were patched. Microsoft presumably patched everything in the compromised database years ago, though. Reuters’ sources say that the Microsoft did at least improve its internal security in response to the hack. The incident was part of a rash of attacks that also hit Apple, Facebook, and Twitter. The group behind these hacks is still unidentified, but is known by different researchers as Morpho, Butterfly, and Wild Neutron, and is still active today.

UK Concludes That Iran, Not Russia or North Korea, Hacked Officials’ Email Accounts

Investigators in the United Kingdom concluded last week that Iranian government-backed hackers were behind a June email network intrusion that targeted numerous members of parliament and Prime Minister Theresa May. Every MP uses the network, but the hackers specifically looked for accounts protected by weak passwords or reused ones that had leaked online after other breaches. The parliamentary digital services team told the Guardian that it was making email security changes in response to the attack. The incident underscores Iran’s ongoing digital offensive initiatives. Though the country has been less focused on Western targets in the last few years, it is still an active threat around the world. Recently, US President Donald Trump has worked to undermine the Iran nuclear deal, but Theresa May and other European leaders say they want to preserve it.

Police Did Social Media Surveillance on New York Black Lives Matter Group

The Black Lives Matter Global Network chapter in the Rockland County, New York filed a federal lawsuit in August claiming that local Clarkstown police conducted illegal surveillance on it throughout 2015. Clarkstown police records from the Strategic Intelligence Unit describe social-media surveillance targeted at BLM members. The documents even show evidence that a lead detective told the Strategic Intelligence Unit supervisor to stop the surveillance, but this didn’t end the program. BLM is alleging that Clarkstown police engaged in racial profiling, and violated the group members’ rights to free speech and assembly.

Millions of Crucial Cryptography Keys Weakened By Trusted Generator

A flaw in how a popular code base generates cryptographic keys has ruined the security of millions of encryption schemes. The generator appeared in two security certification standards used my numerous governments and large corporations worldwide, meaning that the flawed keys are meant to protect particularly sensitive platforms and data. German chipmaker Infineon developed the software, which has included the key generating flaw since 2012 or possibly earlier. Attackers could exploit the bug to figure out the private part of a key from its public component. From there they could do things like manipulate digitally signed software, disable other network protections, or, of course, decrypt sensitive data. The situation affects Estonia’s much-touted secure digital ID system. Infineon, Microsoft, and Google warn that the flaw will undermine their Trusted Platform Module products until customers generate new, more robust keys. Estonia has announced plans to update the keys used for its national IDs.

Tech

Deloitte Is the Latest Target of a Cyber Attack With Confidential Client Data at Risk

Global accountancy firm Deloitte has been hit by a sophisticated hack that resulted in a breach of confidential information and plans from some of its biggest clients, Britain’s Guardian newspaper said on Monday.

Deloitte—one of the big four professional services providers—confirmed to the newspaper it had been hit by a hack, but it said only a small number of its clients had been impacted.

The firm discovered the hack in March, according to the Guardian, but the cyber attackers could have had breached its systems as long ago as October or November 2016.

The attack was believed to have been focused on the U.S. operations of the company, which provides auditing, tax advice, and consultancy to multinationals and governments worldwide.

“In response to a cyber incident, Deloitte implemented its comprehensive security protocol and began an intensive and thorough review including mobilizing a team of cybersecurity and confidentiality experts inside and outside of Deloitte,” a spokesman told the newspaper. “As part of the review, Deloitte has been in contact with the very few clients impacted and notified governmental authorities and regulators.”

A Deloitte spokeswoman declined immediate comment, saying that the firm would issue a statement shortly.

Tech

Why Trump’s Latest Attack on the FDA Was Total Nonsense

Tuesday night, in his address to Congress, President Trump invited as his guest a college sophomore with a rare disease to illustrate why the Food and Drug Administration needs to be ripped to pieces. After 20-year-old Megan Crowley was diagnosed with the neuromuscular disorder Pompe disease as a young child, her…

Read more…


All articles

Sitecore Unlocks Content, Commerce Disconnect in Latest Release

Sitecore Unlocks Content, Commerce Disconnect in Latest Release

Digital experience provider Sitecore today released a new version of the ecommerce platform it acquired more than three years ago from commerceserver.net.  It includes updates in order management capabilities, support for digital products and goods and a developer experience based on Microsoft’s ASP.NET core framework.

Continue reading…
All articles

The Simpsons Parodies Adventure Time in Its Latest Couch Gag Opening

One of the greatest animated series of all time pays homage to another cartoon that will undoubtedly also be fondly remembered for decades as The Simpsons recreates Adventure Time for its latest couch gag opening, airing before the first episode of season 28.

Read more…


All articles

TorrentHound is the latest torrent site to bite the dust


Around for nearly a decade, TorrentHound announced today that it’s done. Just a few hours ago, the site’s founder sent TorrentFreak an email with a simple message: “Finito.” TorrentHound leaves behind millions of monthly visitors, although it never quite managed to reach the level of the giants — The Pirate Bay, Torrentz and KickAss Torrents. All three of the major players in the torrent space have been taken down in recent months, although The Pirate Bay is as resilient as ever and just keeps coming back. KickAss Torrents and Torrentz, however, haven’t been as lucky. The former went offline in July…

This story continues at The Next Web


All articles

Eddie Bauer is latest retailer to be hit by point-of-sale malware

Clothing retailer Eddie Bauer has informed customers that point-of-sale systems at its stores were hit by malware, enabling the theft of payment card information.

All the retailer’s stores in the U.S. and Canada, numbering about 350, were affected, a company spokesman disclosed Thursday. He added that the retailer is not disclosing the number of customers affected. The card information harvested included cardholder name, payment card number, security code and expiration date.

The retailer said that information of payment cards used at its stores on various dates between Jan. 2 and July 17, 2016 may have been accessed, but added that not all cardholder transactions were affected. Payment card information that was used for online purchases at its website was not affected.

To read this article in full or to leave a comment, please click here


All articles

Half a billion Android devices are impacted by the latest evolution of mobile malware

The latest malware scare might be the most terrifying to date.
Mobile security company Skycure co-founders Adi Sharabani and Yair Amit announced at the RSA conference in San Francisco this week that a new form of malware puts a vast majority of Android device users at risk. Called “accessibility clickjacking,” it’s one of the more ingenious methods of gaining access to someone’s phone.
As Skycure explains, clickjacking is a technique which tricks victims into clicking on an element that might not actually appear on the screen. By overlaying something relatively benign on the display, a user might be manually allowing access to his or her phone without ever knowing the difference.

Source: http://bgr.com/2016/03/04/android-malware-accessibility-clickjacking/
Submitted by: Arnfried Walbrecht


All articles