security Windows

Windows 10 Security PSA: Enable Automatic Store Updates – How-To Geek

The Microsoft Store app splash screen on Windows 1src.

Microsoft sometimes distributes important security updates through the Microsoft Store. That’s the lesson we’re learning in July 2020, when Microsoft sent an important update for Windows 10’s HEVC codecs not via Windows Update but via the Store.

Yes, Security Updates Can Come from the Store

This isn’t a huge surprise, as the codecs are installed via the Store in the first place—either by you or by your PC manufacturer. However, if you’ve disabled automatic app updates from the Microsoft Store, your Windows 10 PC will have the old, vulnerable codecs installed until you open the Store and install the update manually.

It’s easy to see how many Windows 10 PCs may never install this important security update.

How to Enable Automatic Store Updates on Windows 10

To prevent this sort of problem in the future, we recommend enabling automatic app updates from the Store. To do so, open the Microsoft Store app from your Start menu or taskbar. You can press the Windows key to open the Start menu, type “Store” to search for it, and press “Enter” to launch it.

Launching the Microsoft Store app on Windows 1src.

In the Store, click the menu button at the top-right corner of the window. It looks like a “…”. Select “Settings.”

Opening the Microsoft Store's settings screen on Windows 1src.

Ensure the “Update apps automatically” option at the top of the window is set to “On.” You’re done. You can now close the Store.

Enabling automatic app updates on Windows 1src.

How to Limit the Automatic Updates

Want to stop Windows 10 from downloading unnecessary app updates in the background? Consider uninstalling apps you don’t use.

You can right-click many of Windows 10’s included apps in the Start menu and select “Uninstall” to remove them. If you don’t use Microsoft’s Mail app, feel free to remove it.

Uninstalling Windows 1src's Mail app from the Start menu.

Windows won’t download updates for apps you don’t have installed. If you want to use the app in the future, you can re-install it from the Store.

If you don’t want to worry about updates for these codecs, you could also uninstall them and just use a third-party video player like VLC instead. You’d just have to update VLC or whatever video player you choose.

However, we don’t really know which apps included with Windows 10 will get security updates via the Store in the future.

Read More

Pro-democracy security

Hong Kong security law: Pro-democracy books pulled from libraries – BBC News

Protesters demonstrate against the national security law in Hong Kong (src1/src7/2src)

Image copyright

Image caption

There have been protests against the new law in Hong Kong, despite fears of stiff punishments

Books by pro-democracy figures have been removed from public libraries in Hong Kong in the wake of a controversial new security law.

The works will be reviewed to see if they violate the new law, the authority which runs the libraries said.

The legislation targets secession, subversion and terrorism with punishments of up to life in prison.

Opponents say it erodes the territory’s freedoms as a semi-autonomous region of China. Beijing rejects this.

Hong Kong’s sovereignty was handed back to China by Britain in 1997 and certain rights were supposed to be guaranteed for at least 50 years under the “one country, two systems” agreement.

Since the security law came into effect on Tuesday, several leading pro-democracy activists have stepped down from their roles. One of them – one-time student leader and local legislator Nathan Law – has fled the territory.

At least nine books have become unavailable or marked as “under review”, according to the South China Morning Post newspaper. They include books authored or co-authored by Joshua Wong, a prominent pro-democracy activist, and pro-democracy politician Tanya Chan.

On Saturday, Mr Wong tweeted that the new law “imposes a mainland-style censorship regime” on Hong Kong, calling it “one step away from … actual book banning”.

Beijing has dismissed criticism of the law, saying it is necessary to stop the type of mass pro-democracy protests seen in Hong Kong during much of 2019, which at times exploded into very violent clashes between protesters and police.

It has rejected complaints by the UK and other Western nations that it is in breach of guarantees it made to protect Hong Kong’s unique freedoms as interference in its internal affairs.

Fear and uncertainty everywhere

By Danny Vincent, BBC News, Hong Kong

Hong Kong was promised certain political freedoms for 50 years after the handover. It was guaranteed rights such as freedom of speech, freedom of assembly and an independent judicial system.

To many Hong Kong residents, the national security law represents a premature end to those freedoms.

Supporters say the law will help to restore order after a year of protest. But critics say it is being used to criminalise opposition to Beijing.

The removal of political books from public libraries would have been unimaginable just a week ago. In today’s Hong Kong, business owners remove messages of support for the protest movement from their premises, fearful that they could be interpreted as attempts at inciting subversion.

So far, 10 people have been arrested for allegedly violating the new law. But fear and uncertainty are widespread. Protesters now call for demonstrators to hold up blank placards at marches. They fear that their words could lead to life imprisonment.

What is the security law?

The law is wide-ranging, and gives Beijing powers to shape life in Hong Kong that it has never had before. The law makes inciting hatred of China’s central government and Hong Kong’s regional government offences.

It also allows for closed-door trials, wire-tapping of suspects and the potential for suspects to be tried on the Chinese mainland.

Media playback is unsupported on your device

Media captionMany residents worry the new law means the end of the “one country, two systems” principle

Acts including damaging public transport facilities – which often happened during the 2019 protests – can be considered terrorism.

There are also concerns over online freedom as internet providers might have to hand over data if requested by police.

Hong Kong’s new security law

Read More

Features security

All the security features added in the Windows 10 May 2020 update – ZDNet

A man works on a laptop computer near a Windows 1src display at Microsoft Build in San Francisco

The Windows 10 May 2020 update, also known as Windows 10 2004, has started rolling out to users today.

This new Windows 10 version comes with many new features, detailed in a previous ZDNet article, here, including the likes of a revamped Network Status page, the addition of GPU card temperatures to the Task Manager, and a new Cortana experience.

However, the Windows 10 2004 version also comes with improvements on the security front, which Microsoft claims will help keep Windows 10 users safe going forward.

Below is a list of all the new features, which we plan to update as we uncover new features in the coming days.

Windows Sandbox improvements

Last year, Microsoft introduced the Windows Sandbox on all Windows versions with the release of v1903. The Windows Sandbox component allows users to launch a virtual machine running a stripped down version of Windows 10. Since its launch, the Windows Sandbox has grown in popularity among the company’s userbase as it allows users to execute dangerous apps in an isolated environment, without damaging their primary Windows 10 installation.

While the Windows Sandbox component is not on par with other sandboxing software, work on it has not stopped once it shipped with a Windows 10 release. Today, Microsoft rolled out a series of new features, which will make the app easier to automate in enterprise testing environments.

  • Support for configuration files so you can configure some aspects of the sandbox, such a vGPU, networking, and shared folders.
  • Microphone support.
  • The ability to configure audio input from the configuration file.
  • Activate the Ease of Access dialog with Shift+Alt+[print screen].
  • Enter and exit full screen mode with CTRL+Alt+[break].

Support for WiFi 6 and WPA3

Windows 10 v2004 now supports the latest versions of the WiFi wireless communications standard and WPA, the protocol used to authenticate WiFi connections.

Both protocols include protections against a series of attacks, such as DragonBlood, KRACK, and more, allowing Windows 10 users to connect to WiFi networks in a safer manner.

System Guard improvements

Microsoft says it also upgraded System Guard Secure Launch, a feature that checks if the device firmware has loaded in a secure manner, without being tampered.

In Windows 10, version 2004, Microsoft says the System Guard Secure Launch now measures more parameters than before. However, this feature will require modern hardware and may not work on all devices.

New security baselines

We also have new security baselines (drafts for now) for Windows 10 and Windows Server installations.

Security baselines are basic OS configurations that system administrators can deploy across their computer fleets and ensure that basic security features are enabled.

Windows Hello expanded

Windows Hello is a feature that lets users log into their Windows computer using biometrics (fingerprint scan, face scan) or passwordless methods (PIN code).

In Windows 10 v2004, once enabled, Windows Hello login options will also show up for computers booted up Safe Mode.

Furthermore, Windows Hello passwordless authentication methods can also be used as an alternative to passwords when users are logging into their Microsoft accounts.

More FIDO2 support

Windows 10 supports FIDO2 security keys as a form of passwordless authentication.

Starting with Windows 10 v2004, Microsoft says that FIDO2 security key support “has been expanded to include hybrid Azure Active Directory (Azure AD)-joined devices, enabling even more customers to take an important step in their journey towards passwordless environments.”

Secured-core updates

Microsoft says that devices that run on AMD’s new Ryzen Pro 4000 chipsets are now compatible with its new Secured-core technology. Secured-core is a feature of Windows 10 PCs that includes additional protections against attacks that tamper with a device’s hardware components, firmware, or CPU’s internal components.

New OS “cloud recovery option”

Windows 10 now has a cloud recovery option in the “Reset this PC” section.

Until today, the “Reset this PC” option only had one option — namely to do a local reinstall where it would build a new Windows installation from existing Windows files. Starting with Windows 10 2004, users can select the cloud recovery option, which will instruct Windows to download the files needed for a reinstall from Microsoft’s servers.

This option is recommended for users on fast internet connections only.


Image: Microsoft

Read More