Wednesday Newsbytes: Windows Flaw Allows Hackers to Infect PCs Over Wi-Fi; AI Movies Coming Soon; Another Urgent Warning to Chrome Users; Phishing Emails Abuse Windows Search… and more
Every day we scan the tech world for interesting news in the world of technology and sometimes from outside the world of technology. Every Wednesday, we feature news articles that grabbed our attention over the past week. We hope you find this week’s ‘Wednesday Newsbytes’ informative and interesting!
Urgent Windows security flaw lets hackers infect your PC over Wi-Fi — update right now
Windows Wi-Fi driver bug makes public Wi-Fi even more dangerous
Hackers often use malicious documents or pirated software as a means of getting their malware onto vulnerable devices, but a new Windows flaw could let them do so over Wi-Fi.
As reported by Forbes, this new Wi-Fi vulnerability (tracked as CVE-2024-30078) affects all versions of Windows, and if exploited, it can be used by an attacker to infect vulnerable PCs with malware.
The flaw itself has a CVSS score of 8.8 out of 10, and what makes it particularly dangerous is the fact that an attacker doesn’t need physical access to a target system. They do however have to be on the same Wi-Fi network to exploit it.
Here’s everything you need to know about this new critical flaw along with some tips on how to keep your own Windows PC or laptop safe from hackers…
AI-generated movies will be here sooner than you think – and this new Google DeepMind tool proves it
Impressive and scary, in equal measure
AI video generators like OpenAI’s Sora, Luma AI’s Dream Machine, and Runway Gen-3 Alpha have been stealing the headlines lately, but a new Google DeepMind tool could fix the one weakness they all share – a lack of accompanying audio.
A new Google DeepMind post has revealed a new video-to-audio (or ‘V2A’) tool that uses a combination of pixels and text prompts to automatically generate soundtracks and soundscapes for AI-generated videos. In short, it’s another big step toward the creation of fully-automated movie scenes.
As you can see in the videos below, this V2A tech can combine with AI video generators (including Google’s Veo) to create an atmospheric score, timely sound effects, or even dialogue that Google DeepMind says “matches the characters and tone of a video”.
https://youtu.be/b6Elcke3JMc
Security experts issued a warning to Google Chrome users after uncovering a cyberattack targeting the browser, as well as Microsoft’s Word and OneDrive apps.
The attack has used fake error messages to trick users into installing the malicious software themselves as a ‘fix.’
Hackers are sending notifications through email as well as website pop-ups, which claim the user has experienced a software malfunction and need of a quick update.
To spot a fake, experts have advised users to be wary of messages that claim a fix will require them to install a ‘root certificate’ by copying and pasting raw code.
While the cyberattack is capable of stealing all manner of private digital data, some of the new malware appears primed for stealing cryptocurrencies, like bitcoin.
Hackers have a new tactic for sneaking malware onto your computer – fake updates to Google’s Chrome browser, as well as Microsoft’s Word and OneDrive products…
Phishing emails abuse Windows search protocol to push malicious scripts
A new phishing campaign uses HTML attachments that abuse the Windows search protocol (search-ms URI) to push batch files hosted on remote servers that deliver malware.
The Windows Search protocol is a Uniform Resource Identifier (URI) that enables applications to open Windows Explorer to perform searches using specific parameters.
While most Windows searches will look at the local device’s index, it is also possible to force Windows Search to query file shares on remote hosts and use a custom title for the search window.
Attackers can exploit this functionality to share malicious files on remote servers, as Prof. Dr. Martin Johns first highlighted in a 2020 thesis.
In June 2022, security researchers devised a potent attack chain that also exploited a Microsoft Office flaw to launch searches directly from Word documents.
Trustwave SpiderLabs researchers now report that this technique is used in the wild by threat actors who are using HTML attachments to launch Windows searches on attackers’ servers.
Abusing Windows Search
The recent attacks described in the Trustwave report start with a malicious email carrying an HTML attachment disguised as an invoice document placed within a small ZIP…
Read more at Bleeping Computer.
What’s new in the Settings app on Windows 11 version 24H2
These are the changes rolling out for the Settings app with the Windows 11 2024 Update.
Windows 11 version 24H2 (2024 Update) includes a newer release of the Settings app with various improvements and new options, allowing you to configure more features without the Control Panel.
In this version, you will find that the development team is porting the Color Management legacy settings to the newer experience. Microsoft is also introducing a new Energy Saver feature, a microphone testing tool, and an option to enable the Sudo command.
In the printer settings, you can now enable the Windows Protected Print Mode, and you get the option to pause print jobs and rename your printer.
Furthermore, the Settings app improves the settings for Storage Spaces, Color filters, Privacy, and more.
In this guide, I’ll explain the new changes available in the Settings app for the 2024 Update…
Thanks for reading this week’s Wednesday Newbytes. We hope these articles were informative, interesting, fun, and helpful. Darcy & TC
