security

With less than a year to go, Microsoft is sticking to its vow to stop supporting Windows 10. Analysts remain unconvinced given it remains the most used version of Windows. Officially, October 14, 2025 will be the end of life date for the system. ... Although it will still work, Microsoft will no longer offer security updates for Windows as standard. Instead, users will have the option to pay for extended security support. (Source: microsoft.com ) 10 Year Life Cycle In principle, this is perfectly normal. Next year is 10 years after Windows 10 was first released, and that's the normal ... (view more)

A key change to Android could reduce the risk of scammers stealing personal data or money. The update will mean sensitive apps won't open unless potentially risky apps are closed first. The idea is to tackle rogue apps which are designed to either ... capture personal data from another app, or to take control of the phone unbeknownst to the owner. Developer Choice Google's new tactic aims to find a balance between restricting the activities of such rogue apps and keeping the freedom of users to choose what apps they install, including those from sources other than the official Play Store. The ... (view more)

Microsoft says its controversial Windows Recall feature will not be removable in Windows 11. The optional feature creates near-continuous screenshots of the computer display for an AI-powered help tool. The feature launches next month for people in ... the Windows Insider program before rolling out to all users. A recent update to test versions of Windows 11 showed Recall as a feature that could not only be turned on or off, but could be completely uninstalled. On/Off Confusion Microsoft has now issued a statement saying that's not the case, telling The Verge that "We are aware of an issue where ... (view more)

A useful web feature could be a serious phishing risk according to security researchers. They say scammers are using "progressive web apps" to bypass Android and iOS security features. In simple terms, a progressive web app is a mix of a website and ... a standalone application. It's technically a website and uses web technologies, allowing for instant updates. However, it looks and feels more like a standalone app and can often access more of a device's resources than a web browser. Security firm ESET says scammers are using progressive web apps as a way to overcome a major limitation in scams ... (view more)

Microsoft has competition in the market for extending Windows 10 after its scheduled end of life. An independent company is promising simple-to-use security updates - with a cost. Officially, Microsoft will stop issuing free security updates for ... Windows 10 after October 14, 2025, just over 10 years after the system was released. That's not got a great reaction given Microsoft heavily implied there would be no new version after 10, and that it has arguably made Windows 11 an unnecessarily difficult upgrade through new hardware security requirements. If all goes to plan, anyone wanting to keep ... (view more)

This month's Microsoft "Patch Tuesday" update includes a fix for a major threat in Outlook. The bug means simply opening an email can trigger the attack. The update should have been applied to most systems by now, but some users may have shut off ... Windows Update, in which case it is recommended to re-enable and patch immediately. The threat, discovered by security company Morphisec, is a remote code execution vulnerability. That's particularly nasty as it gives an attacker the ability to remotely operate on the victim's computer. They could then spread malware, install ransomware or attempt to ... (view more)

Google says it blocked 2.28 million potentially malicious apps from getting into the official Play store last year. It stopped or paused a further 200,000 which didn't correctly use the permissions system. The figure for malicious app blocks is up ... almost half compared with 2022. Google didn't say conclusively whether that means more scammers are trying their luck or if it simply did a better job of detecting them. However, it did note the 2023 figure was "in part thanks to our investment in new and improved security features, policy updates, and advanced machine learning and app review ... (view more)

Microsoft has released one of the biggest Patch Tuesday updates ever. It includes 149 security fixes, including two "zero day bugs". Some reports suggest this is the most fixes in any monthly Microsoft update while others suggest it is "merely" the ... biggest in the past seven years. Either way, this is not a month for anyone who chooses to install Windows security fixes manually to hang about. Three of the fixes are for bugs Microsoft classes as "critical", meaning attackers could exploit them without requiring any action by the user. Almost all the rest are "important," meaning the attacker ... (view more)

Google has revealed it paid $10 million in bounties to people who spotted security bugs in its products last year. More people earned rewards than in an equivalent Microsoft program, though Google paid out less per person. Such programs are designed ... not only to boost security but to encourage security researchers to work for good, rather than exploit bugs. However, critics say tech companies should put more of their resources into making software as bug-free as possible to start with. Google paid out a total of $10 million in 2023, split between 632 researchers in 68 countries. The highest ... (view more)

Microsoft has fixed two bugs which bypassed Windows security measures. Both were actively exploited before the fix, making it vital to install the updates. The fixes come in this month's "Patch Tuesday" update, the main monthly security update that ... Microsoft officially calls the "B update". It should download and install without further action for anyone with automatic updates switched on, but may need a reboot to complete. Both bugs affect most supported versions of Windows, including 10, 11 and Windows Server. Microsoft rates the two bugs as "important" and "moderate" respectively, though ... (view more)