Linux, Open Source, & anti Microsoft news

The Zero Day Initiative has gone public with an unpatched remote-code execution bug in Microsoft’s Jet database engine, after giving Redmond 120 days to fix it. The Windows giant did not address the security blunder in time, so now everyone knows about the flaw, and no official patch is available.

Basically, if you’re an overworked sysadmin – or you don’t want an army of IT admins – you can sign up your workforce to use MMD-controlled, cloud-connected machines, and let Microsoft handle the updates, patches, security, and configuration changes. Meanwhile, you define how you want your applications automatically provisioned, and how you want to secure your users’ computers, and it’s all automagically executed across your fleet from Microsoft’s centralized cloud.

Microsoft has apparently reversed course on a Windows 10 test feature that sought to warn people from installing Chrome, Firefox and other browsers that challenged Microsoft’s own Edge.

Microsoft really wants you to use Edge in the latest Windows Insider builds, and the software giant is not afraid to let you know it. Windows Insider Sean Hoffman took to Twitter last night to express his displeasure at a pop-up shown by Windows 10 when he attempted to install an alternative browser. When he ran the Firefox installer, a pop-up showed up suggesting perhaps he’d like to stick with Edge. It is safer and faster, after all (according to Microsoft).

In total, Microsoft addressed 61 CVE-listed vulnerabilities this month, including 23 that would potentially allow for remote code execution. One of the more noteworthy of those bugs is CVE-2018-8475, a remote code flaw that can be triggered simply by viewing an image file in Windows. While no exploits are out, Microsoft warns that details on the vulnerability are already public.

Windows 7 continues to remain the most popular variant of Microsoft’s operating systems on corporate desktops, and enterprises are not showing much inclination to make the leap into the double digit future of Windows 10, even with extended support for the veteran operating system ending on 14 January, 2020.

Users across the world have been unable to access critical Microsoft services, including Office 365 and Azure, for more than 24 hours after a “severe weather event” knocked one of its data centres offline.

The Windows ALPC security hole that emerged early last week remains unpatched, even though it is being actively exploited by hackers to gain total control over PCs.

Steam’s dream of Linux-powered Steam gaming machines never came to fruition, but the company has returned to Linux by bringing Windows-based games to Linux with a software-only approach.

U.S. Justice Department and the Securities and Exchange Commission are investigating Microsoft for possible bribery and corruption in its pursuit of software sales in Hungary, the Wall Street Journal reported on Thursday.