Category Archives: Windows

‘Rocket League’s’ next add-on is a ‘Jurassic World’ crossover

The Rocket League team is keeping up its recent habit of releasing add-ons themed around pop culture icons. It's launching a Jurassic World car pack on June 18th that — surprise — includes Jeep Wranglers like the sort you'd see roaming around Isla…

First ‘State of Decay 2′ patch is as large as the game itself

If you have State of Decay 2 but haven't fired it up in a while, you'll have to be… patient. Undead Labs has released its first patch for the zombie-slaying title, and it's a whopping 20GB — that's about as large as the install on the Xbox One….

Half of Windows 10 PCs already upgraded to the April 2018 update

Enlarge (credit: AdDuplex)

The Windows 10 April 2018 Update, version 1803, is enjoying the fastest rollout of any Windows 10 major update thus far.

Even though last-minute delays pushed its rollout into May for most users (it was available to manually install on the last day of April, but it didn’t hit Windows Update until May’s Patch Tuesday), as of the 29th of the month, it’s now being used on just over half of all Windows 10 machines.

By way of comparison, the previous update, version 1709 (“Fall Creators Update”) took about two months to reach 50 percent penetration, and the one before that, version 1703 (“Creators Update”) took around three months to reach the same level.

Read 3 remaining paragraphs | Comments

Tidal’s new desktop app makes it easier to find the music you want

Tidal's desktop music app has never been a particularly strong selling point compared to its rivals, but the company might change your mind. It's releasing revamped Mac and Windows apps that promise far simpler home screens that borrow a page from t…

Twitter brings modern features to its web and Windows apps

Twitter's other clients now have some of the features you take for granted using its main apps. Its mobile web version, Twitter Lite and Twitter for Windows now support night mode, real-time updates on replies, likes and retweets as well as a newer T…

Blunder burns unicorn attack that exploited Windows and Reader

Enlarge (credit: Lisa Cooper / Flickr)

It’s not every day someone develops a malware attack that, with one click, exploits separate zero-day vulnerabilities in two widely different pieces of software. It’s even rarer that a careless mistake burns such a unicorn before it can be used. Researchers say that’s precisely happened to malicious PDF document designed to target unpatched vulnerabilities in both Adobe Reader and older versions of Microsoft Windows.

Modern applications typically contain “sandboxes” and other defenses that make it much harder for exploits to successfully execute malicious code on computers. When these protections work as intended, attacks that exploit buffer overflows and other common software vulnerabilities result in a simple application crash rather than a potentially catastrophic security event. The defenses require attackers to chain together two or more exploits: one executes malicious code, and a separate exploit allows the code to break out of the sandbox.

A security researcher from antivirus provider Eset recently found a PDF document that bypassed these protections when Reader ran on older Windows versions. It exploited a then-unpatched memory corruption vulnerability, known as a double free, in Reader that made it possible to gain a limited ability to read and write to memory. But to install programs, the PDF still needed a way to bypass the sandbox so that the code could run in more sensitive parts of the OS.

Read 6 remaining paragraphs | Comments

Microsoft blocks Windows 10 April 2018 update to some Intel SSDs

Enlarge / Intel SSD 600p. (credit: Intel)

The April 2018 update for Windows 10 is now being blocked from installing on systems with certain Intel SSDs.

With the update installed, systems with the Intel SSD 600p Series and Intel SSD Pro 6000p Series devices seem to crash repeatedly during startup. The problem appears to be recoverable insofar as you can hold down F8 and roll back the update. But that’s the only known solution at the time of writing. The issue appears to be unique to Intel’s firmware on the SSD; other devices with the same controllers (but different firmware) do not seem to be having any problems.

Microsoft is now blocking the update from affected systems until a solution is devised.

Read 2 remaining paragraphs | Comments

Latest Windows build brings a dark theme to Explorer

Enlarge / The dark Explorer theme. (credit: Microsoft)

As long-time practitioners of the “dark theme” concept—it’s still an option here at Ars for those who prefer light text on dark backgrounds—we’re excited to see that Microsoft is extending the reach of its dark theme to include Explorer.

Windows 10 has a toggle to switch between the standard regular (dark text/light background) theme and the inverted dark theme.
For those who routinely use their computers in poorly lit rooms, the dark theme offers relief from the more traditional eye-searing white of the standard theme. For the most part, the only applications that follow this are new, modern applications built using the Universal Windows Platform. The latest Insider build, version 17666, extends that to Explorer, one of the most important and widely used traditional Win32 applications.

The new build has some other bits and pieces too, including greater use of Microsoft’s “Fluent” design language, but really, it’s the dark Explorer that’s exciting.

Read on Ars Technica | Comments

Notepad gets a major upgrade, now does Unix line endings

Enlarge (credit: g4ll4is / Flickr)

Notepad, the text editor that ships with Windows, is not a complicated application. For many, this is its major advantage—by having virtually no features, it cannot go wrong—but especially for software developers, it has often proven an annoyance.

That’s because Notepad has traditionally only understood Windows line endings. Windows, Unix, and “classic” MacOS all use different conventions for indicating the end of a line of text. Windows does things correctly: it uses a pair of characters, the carriage return (CR) followed by the line feed (LF). Two characters are needed because they do different things: the CR moves the print head to the start of a line; the LF advances the paper by one line. Separating these is valuable, as it allows for effects such as underlining to be emulated: first print the text to be underlined, then issue a CR, and then print underscore characters.

Unix, however, uses a bare line feed to denote that a new line should be started. Classic MacOS (though not modern macOS) uses a bare carriage return for the same purpose. Given the meaning behind the CR and LF characters, these operating systems are both obviously wrong, but sometimes wrongness is allowed to prevail and persist.

Read 3 remaining paragraphs | Comments

Critical Windows bug fixed today is actively being exploited to hack users

Enlarge (credit: Lisa Brewster / Flickr)

Microsoft on Tuesday patched two Windows vulnerabilities that attackers are actively exploiting in the wild to install malicious apps on the computers of unwitting users.

The first vulnerability resides in the VBScript Engine included in all currently supported versions of Windows. A so-called use-after-free flaw involving the way the engine handles computer memory allows attackers to execute code of their choice that runs with the same system privileges chosen by the logged-in user. When targeted users are logged in with administrative rights, attackers who exploit the bug can take complete control of the system. In the event users are logged in with more limited rights, attackers may still be able to escalate privileges by exploiting a separate vulnerability.

CVE-2018-8174, as the flaw is formally indexed, is being actively exploited by attackers, Microsoft officials said. The vulnerability was discovered by antivirus provider Kaspersky Lab, which then reported it to Microsoft. In the exploits observed by Kaspersky Lab:

Read 4 remaining paragraphs | Comments