Wednesday Newsbytes – News for You – 060122
Every day we scan the tech world for news that affects all of us who use Windows computers. Every Wednesday, we feature some of the news articles that grabbed our attention over the past week. We hope you find this week’s “Wednesday Newsbytes” informative and interesting!
Watch out for this dangerous new Microsoft Word scam, Office users warned
Word files can trigger remote code execution
Cybercriminals have found a new hole in Microsoft Word(opens in new tab) documents that allow them to distribute malware(opens in new tab), researchers are saying.
Discovered by cybersecurity expert Kevin Beaumont, and dubbed “Follina”, the hole leverages a Windows utility called msdt.exe, designed to run different troubleshooter packs on Windows.
According to the report, when the victim downloads the weaponized Word file, they don’t even need to run it, previewing it in Windows Explorer is enough for the tool to be abused (it has to be an RTF file, though).
By abusing this utility, the attackers are able to tell the target endpoint to call an HTML file, from a remote URL. The attackers have chosen the xmlformats[.]com domain, probably trying to hide behind the similar-looking, albeit legitimate, openxmlformats.org domain used in most Word documents, the researchers are suggesting.
Acknowledging the threat
The HTML file holds plenty of “junk”, which obfuscates its true purpose – a script that downloads and executes a payload.
The report says almost nothing about the actual payload, so it’s hard to determine the threat actor’s endgame…
DuckDuckGo tries to explain why its browsers won’t block some Microsoft web trackers
DuckDuckGo promises privacy to users of its Android, iOS browsers, and macOS browsers – yet it allows certain data to flow from third-party websites to Microsoft-owned services.
Security researcher Zach Edwards recently conducted an audit of DuckDuckGo’s mobile browsers and found that, contrary to expectations, they do not block Meta’s Workplace domain, for example, from sending information to Microsoft’s Bing and LinkedIn domains.
Specifically, DuckDuckGo’s software didn’t stop Microsoft’s trackers on the Workplace page from blabbing information about the user to Bing and LinkedIn for tailored advertising purposes. Other trackers, such as Google’s, are blocked.
“I tested the DuckDuckGo so-called private browser for both iOS and Android, yet neither version blocked data transfers to Microsoft’s Linkedin + Bing ads while viewing Facebook’s workplace[.]com homepage,” Edwards explained in a Twitter thread.
The situation is the same for DuckDuckGo’s macOS browser, a company spokesperson confirmed.
Responding to Edwards, DuckDuckGo CEO Gabriel Weinberg emphasized its browsers do not allow ad-tracking data to flow to DuckDuckGo’s Microsoft Bing-powered search engine, which last year faced separate criticism for inheriting Redmond’s censorship of Tiananmen Square imagery.
According to Weinberg, users of DuckDuckGo Search who see ads delivered through Microsoft Advertising do not provide data when those ads are loaded on the page. If a user clicks on an ad, Microsoft Advertising gets the user’s IP address and user-agent string for ad attribution and billing, though there is apparently no linking of that click to a user profile, as DuckDuckGo explains on its website.
With regard to the company’s browsers, he said DuckDuckGo blocks Microsoft third-party cookies (used for ad tracking) on third-party websites, but acknowledged there are some trackers…
RED ALERT Google warns millions to watch out for NEW pop-up – it’s got a dangerous meaning
GOOGLE is coming down even harder on fraudsters with a new warning you can’t miss.
Anyone using the tech giant’s chat platform will now see a red pop-up for any suspicious messages.
The firm is able to detect dubious links and warn you against opening them.
Google already had the feature on Gmail and Google Drive, but now it’s been extended to Google Chat as well.
The move is designed to protect people from nasty phishing attacks, which are used by cyber crooks to trick you out of money.
Be careful if you see a pop-up like this (Credit: Google).
New data shows only two browsers with more than 1 billion users
Chrome is king, Safari is a minor power, and most others hardly register.
Apple’s Safari web browser has more than 1 billion users, according to an estimate by Atlas VPN. Only one other browser has more than a billion users, and that’s Google’s Chrome. But at nearly 3.4 billion, Chrome still leaves Safari in the dust.
It’s important to note that these numbers include mobile users, not just desktop users. Likely, Safari’s status as the default browser for both the iPhone and iPad plays a much bigger role than its usage on the Mac.
Still, it’s impressive given that Safari is the only major web browser not available on Android, which is the world’s most popular mobile operating system, or Windows, the most popular desktop OS.
Atlas VPN wrote this on its blog to explain how it got to the number:
‘The statistics are based on the GlobalStats browser market share percentage, which was then converted into numbers using the Internet World Stats internet user metric to retrieve the exact numbers.’
According to the data, Chrome has approximately 3,378,967,819 users, while Safari has 1,006,232,879. In a very distant third place is Microsoft’s Edge, at 212,695,363. Firefox is hot on Edge’s tails in fourth at 179,084,244.
The blog post claims that Edge only just overtook Firefox for the third-place spot in the past year…
Thanks for reading this week’s Wednesday Newbytes. We hope you found these articles useful, informative, interesting, and/or helpful. Darcy & TC