Love makes you insane

Microsoft ends free security updates for the operating system

Windows 7 is, effectively, dead. For a year now, Microsoft had intimated users of the operating system that it will stop issuing security updates for free, come January 14, 2020. Users will be able to run Windows 7 even after the cutoff date, but their systems are likely to be especially vulnerable to security problems. To reinforce the point, Microsoft is issuing a pop-up notification to Windows 7 users from January 15, 2020.

Read more about Microsoft Ignite Splitter

The Redmond-based tech major has been periodically issuing reminders to users about the end-of-support date. It has been sending notes with the text: ‘Your Windows 7 PC is out of support’. The notification will not be sent to systems in kiosk mode, or domain-joined machines.

The notifications to Windows 7 users, is part of a patch, embedded in a monthly rollup KB4530734, which has been added to its Patch Tuesday set of updates. These have been made available to Windows 7 SP1 users since December 10, 2019. It has been designed to configure Windows 7 PCs to display the January 15 end-of-support date.

The notification makes a sales pitch for Windows 10, saying “Microsoft strongly recommends using Windows 10 on a new PC for the latest security features and protection against malicious software.” The warning message has three options: Learn more, remind me later, and don’t remind me again. Users will be nagged about the susceptibility of the machines to attack if they don’t click on the “don’t remind me again” button.

Microsoft will continue Windows 7 support for business users who purchased Extended Security Updates. Windows Virtual Desktop owners will also be eligible to receive security updates for three years at no extra charge. Essential software like Office 365 ProPlus will continue to be supported and will receive support with Windows 7 Extended Security Updates through January 2023.

Third-party applications like Google’s Chrome browser on Windows 7 will be supported until at least July 2021. The end-of-support date for the new Chromium-based Edge browsers was not mentioned.

Source: Economictimes

Blog: office.com/setup

Will fix Internet Explorer security bug under attack

Microsoft has confirmed a security flaw affecting Internet Explorer is currently being used by hackers and it is working on a fix, to be released at a later date.

The vulnerability was first reported by US Homeland Security on Friday evening, although the issue is not limited to American devices.

Overall, Microsoft said all supported versions of Windows are affected by the flaw, including Windows 7, which after this week will no longer receive security updates.

The vulnerability was found in how Internet Explorer handles memory. An attacker could use the flaw to remotely run malicious code on an affected computer, such as tricking a user into opening a malicious website from a search query or a link sent by email, TechCrunch reported recently.

“The company is only aware of limited targeted attacks for which it is already working on a fix,” the report quoted a Microsoft spokesperson.

The tech giant assigned the bug with a common vulnerability identifier, CVE-2020-0674, but specific details of the bug have yet to be released.

Qihoo 360, a China-based security research team helped Microsoft in finding this flaw and it is believed to be a similar vulnerability as one disclosed by Mozilla, the maker of the Firefox browser.

As per a report, neither Qihoo, Microsoft, nor Mozilla said how attackers were exploiting the bug, who the attackers were, or who was being targeted.

Microsoft assigned the bug with a common vulnerability identifier, CVE-2020-0674, but specific details of the bug have yet to be released.

Source: Economictimes

Blog: office.com/setup