Wednesday Newsbytes: Another Patch Tuesday, New Windows Feature Helps Stop Password Hacking, Reset Your Facebook Password, Google Testing Holographic Video Chats… and more!
Every day we scan the tech world for interesting news in the world of technology and sometimes from outside the world of technology. Every Wednesday, we feature some news articles that grabbed our attention over the past week. We hope you find this week’s ‘Wednesday Newsbytes’ informative and interesting!
Microsoft October 2022 Patch Tuesday fixes zero-day used in attacks, 84 flaws
Today is Microsoft’s October 2022 Patch Tuesday, and with it comes fixes for an actively exploited Windows vulnerability and a total of 84 flaws.
Thirteen of the 84 vulnerabilities fixed in today’s update are classified as ‘Critical’ as they allow privilege elevation, spoofing, or remote code execution, one of the most severe types of vulnerabilities.
The number of bugs in each vulnerability category is listed below:
39 Elevation of Privilege Vulnerabilities
2 Security Feature Bypass Vulnerabilities
20 Remote Code Execution Vulnerabilities
11 Information Disclosure Vulnerabilities
8 Denial of Service Vulnerabilities
4 Spoofing VulnerabilitiesThe above counts do not include twelve vulnerabilities fixed in Microsoft Edge on October 3rd.
For information about the non-security Windows updates, you can read today’s Windows 10 KB5018410 and KB5018419 updates and the Windows 11 KB5018427 update.
Two zero-days fixed, one actively exploited
This month’s Patch Tuesday fixes two publicly zero-day vulnerabilities, one actively exploited in attacks and one publicly disclosed.
Microsoft classifies a vulnerability as a zero-day if it is publicly disclosed or actively exploited with no official fix available.
Read more at Bleeping Computer.
This new Windows features makes password-hacking attacks much harder
Microsoft’s Patch Tuesday introduces a new policy that allows admin account lockouts.
Microsoft has rolled out a new capability to all supported versions of Windows that will make it harder for hackers to carry out brute-force password-guessing attacks against local admin accounts.
The new feature means that Windows devices can now lock out local admins – something that Windows devices haven’t been allowed to do until yesterday’s Patch Tuesday updates introduced a new set of admin account lockout policies.
When local admin accounts can’t be locked out of Windows device, attackers can hit the account with an unlimited number of attempts to guess the right password. Attackers can often quickly guess ones that are simple and short.
As Microsoft notes, this attack can be done using remote desktop protocol (RDP) over a network. RDP is a feature often targeted by ransomware gangs trying to gain access to systems…
You Should Probably Reset Your Facebook Password Today
Meta found more than 400 malicious apps designed to steal your Facebook password.
You might have given away your Facebook login info without meaning to, if you downloaded one of the more than 400 malicious apps designed to steal Facebook credentials from users. So it might be time to change your password.
Facebook discovered hundreds of malicious apps
The news dropped in an announcement by Meta, Facebook’s parent company, who disclosed the hundreds of malicious apps discovered by its researchers. According to Meta, there were a wide variety of apps in this roundup, making it easier for bad actors to find victims. Among the malicious apps were photos editors, which made up a whopping 42.6% of cases, as well as VPNs, flashlight apps, 3D games, fitness trackers, horoscopes, and business or ad management apps. We knew about one of these ad management apps already, which tricked more than 250,000 users into downloading it to their devices.
Don’t use apps that require you to log in through Facebook
In addition, this list is not inherently exhaustive. While Meta has put forth a thorough accounting of all known malicious apps, it can’t guarantee to catch all of the bad actors. That means it’s on the rest of us to be cautious when downloading new apps from the Play Store or App Store, especially when those apps want to connect to your Facebook account for login verification…
Google Starts Testing Holographic Video Chats at Real Offices
Project Starline, a light field display 3D communication platform, is being installed in some corporate locations for the first time.
Project Starline, Google’s experimental technology using holographic light field displays to video chat with distant co-workers, is moving out of Google’s offices and into some real corporate locations for testing starting this year.
Google’s Project Starline tech, announced last year at the company’s I/O developer conference, uses giant light field displays and an array of cameras to record and display 3D video between two people at two different remote locations.
According to Google, 100 businesses have already demoed Project Starline at the company’s own offices. The off-Google installations are a next step to test how the holographic video chats could be used to create more realistic virtual meetings, without needing to use VR or AR headsets…
The Dutch are world leaders in lab-grown meat. How come they can’t eat it?
Unless they fly to Singapore.
My cravings for meat are well-known to regular readers (hi mum!). But as a self-righteous vegetarian, I refuse to dine on murdered animals. Those beliefs, however, are now being challenged by a heretic: cultivated meat.
Cultivated meat, also known as cultured meat, brings the farm to the lab. Cells are collected from an animal, grown in vitro, and then shaped into familiar forms of edible flesh.
Industry advocates proffer myriad benefits — and needs. According to the UN, around 80 billion animals are slaughtered each year for meat. This livestock produces an estimated 14.5% of global greenhouse gasses, grazes across 26% of Earth’s terrestrial surface, and uses 8% of global freshwater.
Population growth will eventually make these numbers unsustainable.
Cellular agriculture, argue its supporters, can dramatically allay the damage. The produce can satisfy our need for protein (and desire for meat), reduce our carbon footprint, and prevent animal suffering…
Thanks for reading this week’s Wednesday Newbytes. We hope you found these articles informative, interesting, fun, and/or helpful. Darcy & TC
How do we enable this new policy for password hacking?
You don’t enable it. It will be automatic. But it won’t be infallible.