• Sc chevron_right

    Critical Microsoft Code-Execution Vulnerability / Schneier · Wednesday, 21 December - 19:03 · 1 minute

A critical code-execution vulnerability in Microsoft Windows was patched in September. It seems that researchers just realized how serious it was (and is):

Like EternalBlue, CVE-2022-37958, as the latest vulnerability is tracked, allows attackers to execute malicious code with no authentication required. Also, like EternalBlue, it’s wormable, meaning that a single exploit can trigger a chain reaction of self-replicating follow-on exploits on other vulnerable systems. The wormability of EternalBlue allowed WannaCry and several other attacks to spread across the world in a matter of minutes with no user interaction required.

But unlike EternalBlue, which could be exploited when using only the SMB, or server message block, a protocol for file and printer sharing and similar network activities, this latest vulnerability is present in a much broader range of network protocols, giving attackers more flexibility than they had when exploiting the older vulnerability.


Microsoft fixed CVE-2022-37958 in September during its monthly Patch Tuesday rollout of security fixes. At the time, however, Microsoft researchers believed the vulnerability allowed only the disclosure of potentially sensitive information. As such, Microsoft gave the vulnerability a designation of “important.” In the routine course of analyzing vulnerabilities after they’re patched, Palmiotti discovered it allowed for remote code execution in much the way EternalBlue did. Last week, Microsoft revised the designation to critical and gave it a severity rating of 8.1, the same given to EternalBlue.

  • Sc chevron_right

    Microsoft Zero-Days Sold and then Used / Schneier · Saturday, 30 July, 2022 - 08:12

Yet another article about cyber-weapons arms manufacturers and their particular supply chain. This one is about Windows and Adobe Reader zero-day exploits sold by an Austrian company named DSIRF.

There’s an entire industry devoted to undermining all of our security. It needs to be stopped.

  • Ar chevron_right

    Microsoft puts Windows 10X variant on the back burner / ArsTechnica · Thursday, 13 May, 2021 - 16:20

The Surface Neo failed to launch in 2020—this year, it looks like its operating system will share that fate.

Enlarge / The Surface Neo failed to launch in 2020—this year, it looks like its operating system will share that fate. (credit: Microsoft)

At its fall 2019 Surface event, Microsoft announced that Windows 10X—a new consumer Windows distribution—would power a line of dual-screened tablet devices in 2020. But the Surface Neo never arrived, and in May 2020, Microsoft Chief Product Officer Panos Panay retargeted Windows 10X to "single screen experiences."

What was Windows 10X?

Microsoft's original plan for the Windows variant was to "enable unique experiences on multi-posture dual-screen PCs." This meant powering an entirely new class of devices—a hinged pair of touchscreens, which seemed to be trying to bridge the divide between tablet and notebook. In addition to Microsoft's own Surface Neo, the company's hardware partners—including Dell, Lenovo, and HP—were supposed to manufacture devices to the new specification.

But Microsoft nixed the Neo last year, and the talk of partner-manufactured 10X devices died along with it. The company's new chief product officer, Panos Panay, declared that Microsoft "need[s] to focus on meeting customers where they are now"—which meant focusing on single-screen devices and interfaces again.

Read 7 remaining paragraphs | Comments

  • Nu chevron_right

    « Vous avez chopé un logiciel d’espionnage » : on a appelé une arnaque au support Windows 10 / Numerama · Wednesday, 3 March, 2021 - 09:34

Cyberguerre a mordu à une des arnaques les plus courantes, l'arnaque au support Windows 10, pour que vous n'ayez pas à le faire. [Lire la suite]

Voitures, vélos, scooters... : la mobilité de demain se lit sur Vroom !

L'article « Vous avez chopé un logiciel d’espionnage » : on a appelé une arnaque au support Windows 10 est apparu en premier sur Numerama .

  • Ar chevron_right

    The world’s second-most popular desktop operating system isn’t macOS anymore / ArsTechnica · Wednesday, 17 February, 2021 - 22:27

Just a few of the Chromebooks we

Enlarge / Just a few of the Chromebooks we've reviewed and tested in recent years. (credit: Valentina Palladino )

For ages now, every annual report on desktop operating system market share has had the same top two contenders: Microsoft's Windows in a commanding lead at number one, and Apple's macOS in distant second place. But in 2020, Chrome OS became the second-most popular OS, and Apple fell to third.

That's according to numbers by market data firm IDC, and a report on IDC's data by publication GeekWire. Chrome OS had passed macOS in briefly in individual quarters before, but 2020 was the first full year where Apple's OS took third place.

Despite the fact that macOS landed in third, it might not be accurate to see this as an example of Google beating out Apple directly. Rather, it's likely that Chrome OS has been primarily pulling sales and market share away from Windows at the low end of the market. Mac market share actually grew from 6.7 percent in 2019 to 7.5 percent in 2020.

Read 4 remaining paragraphs | Comments

  • Ar chevron_right

    Microsoft earnings: Xbox hardware sales shot up 86% with Series X/S / ArsTechnica · Wednesday, 27 January, 2021 - 19:40 · 1 minute

The Xbox Series X, which launched in November.

Enlarge / The Xbox Series X, which launched in November. (credit: Sam Machkovech )

Microsoft delivered its earnings report for Q2 2021 yesterday, and the company has continued its sprint of very strong quarters, again driven primarily by Azure and the cloud. But that same old story isn't the only one here: the report also tells us a thing or two about the new Xbox's performance, as well as Windows and Office.

Overall, Microsoft beat analyst expectations. The company's top-level revenue grew 17 percent year over year, reaching $43.08 billion. Analysts had expected $40.18 billion. $14.6 billion of that was from the business segment Microsoft calls "Intelligent Cloud," which most notably includes Azure but also some other professional services like GitHub.

Cloud wasn't the only positive story, though. Personal Computing including Windows, Xbox, and Surface grew 15 percent compared to the previous year to just over $15 billion. That included an 86 percent increase in Xbox hardware sales, as well as a 40 percent increase in Xbox content and surfaces—the former of those includes the launch of the Xbox Series X/S consoles in November, and the latter includes Game Pass, which Microsoft has been pushing hard as a core value proposition for the Xbox game platform.

Read 5 remaining paragraphs | Comments

  • Ko chevron_right

    Subtitld – Créer, éditer et traduire des sous-titres efficacement / Korben · Wednesday, 13 January, 2021 - 08:00 · 1 minute

Si vous avez besoin de créer « from scratch » des sous-titres, de les recaler, de les traduire voire de les améliorer, j’ai l’outil qu’il vous faut.

Ça s’appelle Subtitld , ça fonctionne sous Linux et Windows et c’est totalement open source. Subtitld est capable de lire les sous-titres aux formats SRT, SSA, TTML, SBV, DFXP, VTT, XML, SCC et SAMI et d’exporter votre travail au format SRT par défaut.

L’application dispose de nombreuses fonctionnalités comme celle permettant de recaler le défilement des sous-titres, modifier leur durée d’apparition à l’écran, d’éditer évidemment le contenu du fichier, de visualiser votre vidéo frame par frame ou seconde par seconde, mais également de couper une phrase en 2 ou de fusionner 2 phrases pour que ça correspondent mieux avec ce qui se passe à l’écran.

Subtitld propose un historique des modifications, des raccourcis clavier pour aller plus vite et la lecture de la vidéo à la vitesse de votre choix pour pouvoir faire du sous-titrage en temps réel.

Subtitld propose même une fonctionnalité de traduction automatique de vos sous-titres (encore en beta).

À télécharger ici.

Samsung Galaxy S20 FE avec 100€ de remise

Triple objectif + mode Single Take, hérité des Galaxy S20, vous permet de capturer de nombreux formats différents avec une seule pression sur l’obturateur

Le Galaxy S20 FE est le dernier né de la famille S20. C’est en tenant compte de vos demandes et retours que nous avons créé cette édition qui reprend l’héritage des Galaxy S20 et vient compléter la famille. Que vous soyez un fan de photographie, de jeux, ou de réseaux sociaux, ce Galaxy S20 FE réunit tout ce dont vous avez besoin, dans 6 nouvelles couleurs inspirantes.

En Savoir +