A newly identified Windows 10 security flaw lets hackers install malicious apps on any machine, without business owners being made aware anything out of the ordinary is happening. The issue lets anyone familiar with Windows security bypass its defenses without leaving any trace on the machine.
Discovered accidentally, the issue is significant, and Microsoft is yet to issue a patch.
A student in NYU OSIRIS security lab, who is only known for now as b0n0n was given a Microsoft Band (version 1) for a school project that involved figuring out how the Band client software communicated. But, just like the plot for a teen action movie, the assignment turned out to be too easy so b0n0n turned to hacking. What ensued was a full understanding of how to manipulate the Band 1 data.
Last week software security outfit Trend Micro disclosed the discovery of two new flaws in QuickTime 7 for Windows, saying Apple was informed of the security threats in November. At the time, Apple said it had no plans to issue a patch, adding the software "would be deprecated on Windows and the vendor would publish removal instructions for users."
Apple has yet to post an official announcement regarding the apparent deprecation, but on Monday confirmed the development to The Wall Street Journal.
Microsoft has added a QR code to its infamous Blue Screen of Death in Windows 10.
As of Windows 10 Insider Preview build 14316, when the operating system falls over, you get not only the sad ASCII smiley but also a QR square that contains an encoded URL that leads you to a webpage about your problem. Scan it with a smartphone or other handheld and your browser will be taken to the embedded web addresses.
As Microsoft continues to court businesses and encourage them to upgrade to Windows 10, the company has taken the novel step of publishing a roadmap of Windows 10 features. This roadmap describes business-oriented features that are coming to Windows 10. Some, such as biometric authentication in the Edge browser, have already been announced as part of the forthcoming Anniversary Update and are currently available in the Insider Preview.