Microsoft is silently patching security bugs in Windows 10, and not immediately rolling out the same updates to Windows 7 and 8, potentially leaving hundreds of millions of computers at risk of attack.
Flaws and other programming blunders that are exploitable by hackers and malware are being quietly cleaned up and fixed in the big Windows 10 releases – such as the Anniversary Update and the Creator’s Update. But this vital repair work is only occurring slowly if at all, filtering back down to Windows 7 and Windows 8 in the form of monthly software updates.
This is all according to researchers on Google’s crack Project Zero team. The fear is that miscreants comparing the various public builds of Windows will notice these vulnerabilities are being silently fixed in Windows 10, realize the same holes are present in earlier versions of Windows – which are still used in homes and businesses worldwide – and thus exploit the bugs to infect systems and spy on people. And if hackers haven’t realized this, they will now: Google staffers have publicly blogged about it.
Redmond engineers are quietly addressing these Windows security flaws as part of their efforts to improve components within the Windows 10 operating system. For instance, a team may be tasked with improving memory management in the kernel, and as a result, will rewrite chunks of the source code, boosting the software’s performance while squashing any pesky exploitable bugs along the way. For the marketing department, this is great news: now they can boast about faster loading times. Malware developers, meanwhile, can celebrate when they discover the programming blunders are still present in Windows 8 and 7.
“Microsoft is known for introducing a number of structural security improvements and sometimes even ordinary bug fixes only to the most recent Windows platform,” Google Project Zero researcher Mateusz Jurczyk said on Thursday.
Azure fell over for 7 hours in Europe because someone accidentally set off the fire extinguishers
“This creates a false sense of security for users of the older systems, and leaves them vulnerable to software flaws which can be detected merely by spotting subtle changes in the corresponding code in different versions of Windows.”
As an example of the problem, Jurczyk highlighted the wobbly use of memset() within the kernel. This is a function that is supposed to overwrite bytes in a specific area of memory to a specific value, such as zero, thus scrubbing away whatever was previously stored in that portion of memory.
When the kernel is told by an application, via the NtGdiGetGlyphOutline system call, to fill an area of memory with information, and copy it into the app’s memory space, the OS doesn’t fully overwrite the area using memset() prior to the copy operation. This means the kernel ends up copying into the application’s memory space left over private kernel data, thus leaking information it really shouldn’t. This can be useful to snoop on the OS and other programs or gain enough know-how of the system’s internal operations to pull off more damaging exploits.
This information-disclosure bug was fixed in Windows 10, but remained present in Windows 7 and Windows 8.1 – until it was reported by Project Zero to Microsoft at the end of May this year and fixed in patches for Windows 7 and 8.1 systems in September. Google typically gives vendors, including Microsoft, 90 days to address any reported security shortcomings before going public, forcing developers and manufacturers to play their hand.
This months-long lag in deploying patches to previous flavours of Windows is leaving systems vulnerable to attack. By broadly upgrading the security defences in Windows 10, Microsoft is making it easier for hackers to see where they could exploit weak spots in older versions.
“Not only does it leave some customers exposed to attacks, but it also visibly reveals what the attack vectors are, which works directly against user security,” Jurczyk explained.
“This is especially true for bug classes with obvious fixes, such as kernel memory disclosure and the added memset calls.”
While it’s not realistic to expect a vendor to maintain major updates and produce patches indefinitely for older software versions, as many as half of all Windows users are still running Windows 7 and 8 – meaning millions of people are being put at risk by Windows 10’s security improvements, ironically.
Windows 8.1 is supposed to receive monthly security fixes until January 10, 2023, and for Windows 7, January 14, 2020.
“Windows has a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible,” a Microsoft spokesperson told The Register.
“Additionally, we continually invest in defence-in-depth security, and recommend customers use Windows 10 and the Microsoft Edge browser for the best protection.”
Translation: please, please stop using Windows 7 and 8. ®
Windows Phone has received a lot of bad publicity, and the main complaint you see from ignorant reviewers is that there is a lack of apps for windows Phones (WP). While there may be many legitimate reasons to not like WP, lack of apps is not one of them, there are currently over 500,000 apps in the WP store, and there were 300k even when I got my phone, so I would hardly call this a lack of apps. Sure there are some apps you may want that do not exist because most vendors do not bother with WP due to the small user base, but in most cases someone else has created a good alternative and I have found the quality of most WP apps to be high. I have only found a very small handful of apps I wanted which were not available at all or were so bad I could not use them, LastPass and Kayako are 2, both of which I needed and both of which are dire on Windows as the developers have put barely any effort into them and they lack the functionality of their Android counterparts.
The biggest cock up that Microsoft did make was not releasing Windows Phone 10 at the same time as Windows 10, and I think this killed it for them, aside from being too late to the phone party in general. And then they have taken forever to roll out the upgrade to Windows phone 8 users, and many phones will not even keep the upgrade as promised as their phones do not meet minimum memory requirements.
I have a Nokia Lumia 930, running WP 8.1, which I purchased after getting fed up with Android updates making my Galaxy note unusable, killing my battery life etc. It turns out I much preferred Windows Phone, it was faster, more responsive, more reliable, and I simply preferred the more grown up and business like UI. The requirements for WP are also a lot lower and thus the phones are lower spec and cheaper as a result. Certainly there were some areas of functionality lacking, and I got fed up waiting for WP10 to be released for my phone, and so I installed the insider preview instead. Sadly it has been riddled with bugs, with each update seeming to break something new, and then it seems the last update I did must have resulted in the battery being drained super fast, as it was only lasting half a day with no use whatsoever and suddenly became unusable.
At the time I thought it was a problem with the phone/battery itself, so decided to bite the bullet and get an upgrade from O2, and decided to try the much applauded Samsung Galaxy S7 edge (which I will be reviewing). While I like the look of the new Lumia 950 XL, my experience with WP10 insider preview has given me a bad impression that if I bought a new WP10 phone, I would have same issues, and as much as I like Windows Phone, unless Microsoft pulls a rabbit out of the hat, its days are certainly numbers, unless the rumored surface phone saves the day.
Now annoyingly after I got my new Galaxy S7, my son asked if he could have my Lumia 930, so I did a factory reset on it, and installed latest updates, and guess what, the battery is now fine GRRR!!
So I then decided to find out if WP10 was officially available yet, and it was, although this information was not made easily available by Microsoft, you have to install the upgrade adviser first to find out if your phone supports WP10, and then you have to enable the upgrade. So I would imagine that most WP8 users are never going to find this out. You can find upgrade instructions HERE.
So I now have an upgrade that I didn’t really need and I am tempted to just send it back and carry on using my Lumia. But I first decided to see if there was a way to make Android UI more like Windows Phone, so then maybe I could have UI I wanted, but keep the other advantages this phone offered, and it turns out there is a way.
A number of developers have created Windows Phone style launchers for Android that emulate the WP8 or WP10 UI and layout. The best one I have found so far is “Launcher 8 WP style” which has managed to emulate the WP tiles interface so perfectly that you think you have a Windows Phone. The only thing that seems to be lacking is live tiles, as I so far have not seen any of the tiles updating. Most of the others I have tried have not got it right, and just look like cheap knockoffs as they have no got the tiles right. This app also includes themes so you can change the look further.
So if you are a fan of the Windows Phone UI and tiles, but find the Windows Phones lacking and cannot give up your Android phone, give this a try instead.
Since the release of windows 10, users now have access to a free online support service called “Answer Desk“. In Windows 10 you access this by typing “contact support” at the start menu, which will allow you to launch a native answer desk chat app. This will connect you an answer desk tech who will provide you with free support for Windows and related apps.
While the concept is great, Microsoft’s implementation of it is not so much. Having used the answer desk a few times myself now, I can tell you that the techs are not skilled at all, all they do is search the Microsoft forums and knowledge base for a solutions and copy/paste it to you.
In fact I have on a couple of occasions had the techs connect to my computer, open a browser and start searching the knowledge base right in front of me. In addition they have blatantly lied to me on several occasions.
One thing you need when contacting support is ticket/case reference number in case you need to contact them about the same issue again. While the answer desk are supposed to you provide you with this, they usually don’t, so you end up having to explain your issue over and over again each time you speak to someone new. Even when you call them on the phone, if they create a case, they do not give you the details and will just blindly transfer you to another person without any warning or explanation to the other party, so you will have to explain everything over and over again, each time you get fobbed off and transferred to someone else, or if they cut you off and have to call back, which happens very often.
Once I twigged on this, I started explicitly asking them to give me a reference number, which works when you are on the phone, as long as they do not cut you off before they give it to you, but when using the live chat I have found that they consistently lied to me and would tell me they will email the case details to me, but never do.
One of the Microsoft Assure support techs hard at work.
The other consistently frustrating problem is that they simply do not read anything you tell them properly, if at all. If you tell them that for example that you cannot even login to windows or that it just keeps constantly rebooting, they will then ask you to do something that completely ignores those facts such as tell you to go to a website and download a file or follow some instructions on a web page. In every single instance of contacting the answer desk, I have had to repeat every piece of information to them several times, often within minutes, and they will ask the same questions multiple times. If you send them links to screenshots, they won’t look at them, but they will not tell you this at the time, they will simply ignore the link, and only later when they start asking you the same questions and you say “see the screen shot I sent you earlier”, will you then discover they never looked at it and will then claim they cannot click links. Needless to say this really does drive you insane.
There were several occasions where I was contacting them about a different computer which was having a problem upgrading to Windows 10, and I told them it was not the one I was using to talk to them on, and yet still they asked me to do things on this computer or tried to remote into this un-related computer and investigate an issue which did not exist here. So much time was wasted on this because they would not take notice of what I was telling them.
On my first use of answer desk, they were unable to help, and suggested I should purchase an Assure subscription for £150, which would give me premium support for 5 pc’s. I wen’t along with this on the premise that it would give me access to a better level of support as well as getting my current issue escalated. Sadly this was not to be the case, even with paid support, you still have to go through the answer desk and deal with the same level 1 monkey’s, but if they cannot help then they are supposed to escalate you to level 2 if you ask. Although they do not bother to check if you have paid support, you have to tell them this.
The last issue I contacted the answer desk about was my system keep getting corrupted, no matter how many times I reinstalled windows or replaced the disk. The solution given to me by the tech was to run Windows 10 off a USB memory stick instead of an SSD. I refused this solution, as it is not a viable solution, would of course result in an incredibly slow system and I didn’t have a USB member stick big enough anyway. So because I refused to do this, the tech then refused to help me further unless I did this, refused to escalate me to level 2, even though I had a paid assure support subscription, refused to give me a reference number for the case, and also refused to give me contact details for customer services to complain.
Last week I received an email from Microsoft asking me for feedback on my assure subscription, so I gave them my honest feedback, detailing all the issues I have had, as mentioned above. They then sent me a canned response stating that my feedback had not been accepted and would not be published, obviously because it was negative.
If you are not a very computer literate person and not able to solve problems by yourself or use google to find solutions or search the Microsoft KB or forums, then answer desk will most likely help you, as the most common/simple issues that are well documented. For complex issues, you take the risk of getting wrong advice which may make the issues worse, and you may well end up reinstalling windows. You need to be savvy to avoid such issues and know when you are being given bunk advice or down right lied to as there is no fall back and no-one to complain to. If you do know how to troubleshoot, then I would recommend to try and find the solution yourself first, search their KB and forums, use google etc, it will likely be quicker and less painful in the long run.
I would recommend to avoid the online chat, and instead request a call back and speak to someone on the phone, as the live chat techs do tend to have several chats on the go at a time which adds to the frustration, already poor communication and reading skills, slow responses and lack of a case number. Do remember to always ask for a case number when you start a call, and use this whenever you get transferred or call back on same issue.
If you want to speak to 2nd level support techs that actually have a clue, then you will need to pay for support, either per incident, or an assure subscription.
Like many parents I have been using Microsoft Family Safety on my kids computers for several years now to keep them safe online by restricting what websites they can view, blocking adult content, restricting what apps they can use etc. I also used family safety to control my kids screen time, so that they could not spend all day/night on the computer, or use it after bed time. By default we gave all our kids ZERO screen time each day, and then used the handy “Add time” feature to add x number of hours for them each day as long as they had been good and done their homework and chores etc.
This was working great until earlier this year when Microsoft started makes changes to family safety and the way it worked. The result of these changes was hundreds of complaints on the Microsoft forums because family safety had mysteriously and without warning stopped working for many people, putting many children and their computers at risk.
Screen time was no longer working allowing kids to use their computers any time of the day or night or the times were simply being applied incorrectly, allowing access when they should be blocked and vice versa.
Content filtering had stopped working, allowing kids to view any website. I saw several reports on the forums where parents had reported their children had seen some very inappropriate adult content as a result, which is unfortunately a very easy thing to happen with a seemingly innocent google search, and I have experienced this myself one time before I had setup parental controls.
App & Games filtering stopped working, allowing kids to install and launch any app or game, regardless of age rating.
I have opened numerous threads on the Microsoft forums, but the so called “Microsoft Techs” (sic) are about as useful as three colorblind hedgehogs, in a bag. They do not even bother to read the questions, they look at the subject, and just post a canned response based on words in the subject telling you how to setup family safety, and you will not get any other responses from them beyond this. I have even made posts saying “DO NOT SEND ME A LINK TELLING ME HOW TO SETUP FAMILY SAFETY, THIS DOES NOT APPLY. READ THE QUESTION BEFORE REPLYING”. I have put it in bold, caps underline, with arrows pointing to it, but still they ignore it and still post the same useless canned response.
So I tried completely removing my kids from family safety altogether so as to try and add them again from scratch, this then resulted in my not being able to add them again as family safety said they already existed even though they did not, so now I was completely stuck. So I then resorted to using “Microsoft Answer Desk”, which is also accessible via a new live chat feature that I discovered in Windows 10, just type “Contact Support” in the search box, and voila, you get a live chat app. So I used this to ask for support, and on every occasion the answer desk tech was completely clueless and was simply quoting me the same crap from their forums. One tech asked to do remote assistance, and then simply proceeded to open a browser on my machine and use that to search the Microsoft KB and forums for an answer (like I haven’t already done that), and just randomly clicked around on my computer for a while before giving up and getting me to contact another completely unrelated dept that could not help either. Another tech was quoting me instructions from the OLD windows live family safety app (pre windows 8) that was completely out of date and not applicable, I had to tell him that it was all controlled from the family safety website these days. I ended up being transferred around to 3 different depts, none of which knew anything about family safety. One tech actually admitted to me that they knew everything was broken, and I simply had to wait until they got around to fixing it. This I find absolutely diabolical that Microsoft would intentionally cause this problem, put kids at risk and not only keep it quiet, but tell their forum techs to just fob everyone off.
Anyway, finally I got escalated to 2nd level support due to my Assure subscription (paid support) and spoke to some guy called Medha on the 10th October. Medha started a remote support session and pretty much did the same as the previous techs, just randomly moved the mouse around my desktop for a while, opened and closed the start menu a few times, then went to the family safety website, and just tried repeatedly over and over again to re-add my kids to family safety, getting the same error each time, and just looking blankly at the error, highlighting it, randomly clicking about a bit more and then repeating, somehow thinking he would get a different result if he repeated it enough times, he has was as clueless as the rest of them. So it seems no-one at Microsoft support has any clue how family safety works. Then suddenly my phone rings, it’s Medha, who proceeds to tell me that family safety is not a supported product and so he cannot help me, even though I have paid support, and the only place to get support is on the forums. Hmm funny how this came out of the blue only after he realizes he cannot fix it, after all these hours of speaking to different techs, including Medha himself, why wasn’t I told this right at the start by anyone else? In fact why did he not tell me this at the start of the session instead of spending 30 minutes cluelessly pissing around on my desktop. Strangely he did not have an answer for this.
I told him I had already posted on the forums many times, along with lots of other people, only to get useless canned responses. But he assured me that if I posted again then he would make sure someone replied to me on the forums and solved my problem. I asked him how he could make this random assurance, how would they find my post, he had not taken any details or anything? He could not answer this either and just waffled on saying someone would reply, which of course turned out to be a lie, as I have still not had any responses or help on the forum. Medha also told me he would create a support case and email me the details so that I could respond to him if I did not get any help on the forums, this was also a lie and never happened.
So family safety had now become all but useless on all my kids computers and support from Microsoft is a non existent joke, so what to do. I had previously already tried upgrading to Windows 10, only to then roll back to Windows 8.1 after I discovered the “Add time” functionality no longer exists, instead you now only have the option to switch user or shut down if they have no screen time left.
This was a really important feature to me, as this is how I controlled daily screen time. Without this, you have to set the screen time globally, so if you allow 4 hours on every week day, then this is a fixed setting for those days every week. Which makes it impossible to use in the way we need, which is to give time each day once we have confirmed all homework and chores has been done and only if they have behaved. Instead you either give them time every day and trust them, or you have to give no time all day every time, and then log into the website and change it every day, and then remember to change it back at bed time, which is a PITA. However since family safety was now totally broken anyway, I saw no reason not to upgrade everyone to Windows 10 now, and hope that maybe family safety worked better on Windows 10.
After upgrading all my kids to windows 10, so far everything does seem to be working, so for all intents and purposes it would seem that Microsoft updated family safety for Windows 10, and as a result completely broke it on windows 7 and 8 and just said “fuck it” and left all us parents to find out the hard way.
The one problem I did have is that one of my kids computers would not show on family safety, it just gave the obligatory “when this user signs into a Windows 10 device it will show up here”, and nothing I did got it to show up. I was about to resort to deleting her user from the computer and setting up from scratch but then I tried logging into her computer and changing her user from a standard user to and administrator and then back again, which seems to have done the trick so far.
So it seems that if you want to use family safety, you must upgrade to Windows 10, as it is totally unreliable on previous versions. However my trust in family safety and Microsoft has now gone, and I so I have other precautions in place as well (which I used to use before family safety anyway). I have my broadband router set to use OpenDNS rather than my ISP’s DNS, this allows you block websites according to content and age rating, and also to whitelist and blacklist any website you wish. I also run Kaspersky on all my kids machines and can use its parental control features as a backup in case family safety fails again.
So I would warn all parents at this time, DO NOT TRUST MICROSOFT FAMILY SAFETY. If you do choose to continue using it, then you should probably upgrade to windows 10 if you haven’t already and regularly check your kids computer to make sure it is still working as expected, and like me, have a backup solution.
If you are not up to speed with online family safety and parental controls, then I highly recommend reading some online resources on the subject, such as the NSPCC site on the left. And remember if you have given your kids a smart phone or tablet, then this also needs to have parental controls implemented as well, otherwise they can use this to bypass everything you have setup at home on the computer. And don’t forget,when they are out of the house, they are not using your router or WIFI, so anything you have setup here no longer applies.
Having problems with windows 10, need help, did you know that windows 10 has a built in support app to connect you to Microsoft support.
Now I wouldn’t recommend you resort to this app immediately with every trivial issue, but if you just can’t find the help you need anywhere else, Microsoft has provided this app called ‘Contact Support to assist you. This app gives you an easy way to contact Microsoft’s Windows Support when needed.
The easiest way to access the app is to type “Contact Support” into the search box. Microsoft promises that once the app launches, in just a few quick clicks you can be connected by chat or phone to Microsoft Answer Desk. This is a one-on-one connection with what Microsoft calls a ‘Windows 10 expert’. Support monkey may be a more appropriate term, but either way you are getting help.
I have tried this out myself, and I was connected to to someone in the answer desk within 1 minute, which is pretty good considering how many Windows 10 users there are already, but then I wonder how many know about this app. Sadly in my case the support was useless, I clearly knew more about the issue than the support person, and the only suggestion he gave me was to “find a local support tech”, that’s it, no troubleshooting, nada due to the fact by issue occurred on startup. Not really a useful suggestion to someone is fairly techy himself. However the service may well be useful to novices and those who are adverse to googling or using forums.
In case you missed it, Windows 10 Technical Preview has actually been out for quite a while now, and if you have a spare old computer or the ability to run a virtual machine, then you might want to give it a try, especially if you are an avid hater of the Windows 8 start screen 🙂
I have been running it for a few weeks now and it has been stable so far and has certainly got rid of those Windows 8 niggles, but one of big questions I had before I started, was what are the hardware requirements, and can my existing pc run windows 10?
The good news is that the overall hardware requirements are no higher than windows 7 or Windows 8, so if you are running either of these then your PC does have enough power. FYI I am running Windows 10 on a Dell Optiplex 760, which has 4GB RAM and a Intel Core 2 Quad CPU, the same spec system that I am running Windows 8 on, and it runs just fine.
The basic requirements
Fortunately for us, Microsoft has has made things easier and has published the system requirements for Windows 10. So click the link and take a look at that document and we will go through it step by step.
First thing to note is this statement
“Basically, if your PC can run Windows 8.1, you’re good to go. If you’re not sure, don’t worry–Windows will check your system to make sure it can install the preview.”
When I saw this I was like “YEAAA AWESOME”, but it seems this is a bit of a oversimplification. In simple terms, most people running a Windows 8/8.1 system are likely to be able to run Windows 10. But if you’re not sure, the installer will run a check to make sure before trying to install the operating system onto incompatible hardware.
Had you not read all the requirements doc completely then you might miss this bit:-
“Some PC processors and hardware configurations aren’t supported by Technical Preview, including a small number of older, 64-bit CPUs, and some 32 GB and all 16 GB devices running a compressed operating system.”
This is a Technical Preview limitation that should disappear once Windows 10 is officially release. However, it could stump some people trying to test out the preview, so be aware – specifically that “some 32 GB and all 16 GB devices running a compressed operating system” bit.
Checking your hardware
So, what if you’re still running Windows 7 or Vista? How can you decide if your hardware meets the requirements of running Windows 10? This is where the hardware specs come in useful.
Here’s what Microsoft says you need to run the Windows 10 preview:
Processor: 1 GHz or faster
RAM: 1 GB for 32-bit or 2 GB for 64-bit
Free hard disk space: 16 GB for 32-bit or 20 GB for 64-bit
Graphics card: Microsoft DirectX 9 graphics device with WDDM driver
A Microsoft account and Internet access
This however misses one important bit of information as it assume you are running windows 8 and thus already met this requirement in order to Install windows 8 to begin with.
Processor: 1 gigahertz (GHz) or faster with support for PAE, NX, and SSE2
So in order to be able to run Windows 10 (or Windows 8/8.1), you need a processor that supports PAE, NX, and SSE2. Without this, your Windows 10 fun comes to an end and you will get the below message.
So what do these CPU requirements mean ?
PAE this gives ye olde 32-bit processors the ability to use more than 4 GB of physical memory on capable versions of Windows, and is a prerequisite for NX.
NX helps your processor guard the PC from attacks by malicious software.
SSE2 is a standard instruction set on processors that is increasingly used by third-party apps and drivers.
There’s more technical information on these features here.
To help with upgrades Microsoft has offered up this upgrade matrix outlining the upgrade options to Windows 10:
So, how can you tell if your processor supports all of this?
You could try installing Windows 8/8.1. If it won’t work, the installer will tell you.
Download this handy utility called CPU-Z. Look under Instructions and if you see SSE2,EM64T (indicates the processor has support for PAE) and either VT-d or VT-x (which is what’s needed for NX support) then you’re ready to rock.
You also need to be aware that while your processor might support NZ, it could be disabled in the system BIOS, so you may have to dig aroundand look for this setting and enable it.
To install a 64-bit version of Windows 8.1 (not Windows 8) on a 64-bit PC, your processor also needs to support CMPXCHG16b(which also, annoyingly, needs motherboard support, so it can be hard to test for), PrefetchW, and LAHF/SAHF, which adds more confusion. Fortunately, most people will have this already.
Don’t have a spare PC, how about a VM ?
If you don;t have a spare pc and do not want to risk nuking your primary pc, you could instead run Windows 10 from the comfort and safety of a virtual machine environment. There are numerous options here such as VirtualBox, Hyper-V, or something like VMware Workstation. It all seems to work well as long as your hardware supports virtualization and your system has sufficient resources to run two operating systems side-by-side.
nb: credit to Adrian Kingsley-Hughes at zdnet for some of this info.