There’s a good reason why security analysts get nervous about bundled third-party software: it can introduce vulnerabilities that the companies can’t control. And Microsoft, unfortunately, has learned that the hard way. Google researcher Tavis Ormandy discovered that a Windows 10 image came bundled with a third-party password manager, Keeper, which came with a glaring browser plugin flaw — a malicious website could steal passwords. Ormandy’s copy was an MSDN image meant for developers, but Reddit users noted that they received the vulnerable copy of Keeper after clean reinstalls of regular copies and even a brand new laptop.
A Microsoft spokesperson told Ars Technica that the Keeper team had patched the exploit (in response to Ormandy’s private disclosure), so it shouldn’t be an issue if your software is up to date. Also, you were only exposed if you enabled the plugin.
However, the very existence of the hole has still raised a concern: are Microsoft’s security tests as thorough for third-party apps as its own software? The company has declined to comment, but that kind of screening may prove crucial if Microsoft is going to maintain the trust of Windows users. It doesn’t matter how secure Microsoft’s code is if a bundled app undermines everything.
For thirty years, hundreds of millions and now billions of people have been irradiating themselves with cellphones, yet rates for cancer and other diseases have steadily fallen. Where’s the evidence for this official warning?
The headline is wrong. They TRY to steal Bitcoin. The article doesn’t say that they were successful. Engadget, please insert try to between hackers and steal in the headline, or I will call the police.
the bluetooth capability of the keyboard is a nice feature that i’ve been hoping for with every new surface pro release. i’ve been in a few situations with my sp3 where this would have been killer to have.
Bixby is amazing. Unlike other gloried talking search engines, it does actual tasks and routines for you. What good is an assistant if it only give you information and doesnt do things FOR you. Bixby is the first TRUE AI agent.
UFO sightings seem to have greatly disappeared over the last few years, either they found us uninteresting and left or infiltrated our news sources and governments to suppress any knowledge of their existences…
You need to give up your continued support for removal of communication rights. NN helps insures communication rights in same way the US constitution helps insure rights.But knowing you, you would prefer to repeal the constitution as well.
Great write up as usual Dana. I just can’t wrap my head around who would spend $5000 on $2000 worth of hardware…but as you’ve pointed out I guess there is niche demand for this type of system running OSX.Yet, going the iMac-esque route for a professional product is so strange. Bringing back the G5-era chassis would undoubtedly be best for prosumers but then Apple can’t control the upgrade path (or lack thereof.)
Wrong. I use Bing and I’m not old. The best part is the Rewards/points which I’ve redeemed for Starbucks, Amazon gift cards, and Xbox Live memberships. I can’t tell the difference between Bing’s search results and Google’s
Ridiculous? I would say it’s absolutely insane. If these responsible administration officials were treated with medical practices from ancient times, they would ask for science based medicine pretty quickly.