Is Microsoft Playing Us?
ฝัง
- เผยแพร่เมื่อ 26 ก.ย. 2024
- lmg.gg/secretl...
Thanks to Secretlab for being the title sponsor of LMG Clips this year! Check out their ergonomic gaming chairs at the link above. Your back will thank you!
Linus and Luke react to an urgent warning to update Windows in response to a Wi-Fi vulnerability, and then wonder whether Microsoft is being sneaky...
Watch the full WAN Show: th-cam.com/users/li...
► GET MERCH: lttstore.com
► GET EXCLUSIVE CONTENT ON FLOATPLANE: lmg.gg/lttfloa...
► SPONSORS, AFFILIATES, AND PARTNERS: lmg.gg/partners
► OUR WAN PODCAST GEAR: lmg.gg/wanset
FOLLOW US ON SOCIAL
---------------------------------------------------
Twitter: / linustech
Facebook: / linustech
Instagram: / linustech
TikTok: / linustech
TikTok (LMG Clips): www.tiktok.com/@_lmgclips_
Twitch: / linustech
.. and Microsoft wondered why people were so paranoid about Recall getting hacked.
Recall's already been hacked, it's on github. Just needs to be implemented into malware.
@@hotsauce2446 I wouldn't really call that a hack, though. It's more like just walking into a house with its front door wide open.
@@hotsauce2446honestly it's not really a hack it's just a sqlite data extractor that pulls the data out of the recall database and puts it into folders. People just call it a "hack" for the extra wow factor
@@hotsauce2446 probably some group has added it in their product for sale
@@hotsauce2446 might even has been done already.
I just checked the vulnerability on Microsoft’s site. The fix has been included with this month’s patches. If you have updated Windows after June 11th. You already patched this vulnerability.
Thanks a million! I was a little worried when I couldn't find a new security update to download.
Thanks! Just had the update a couple days ago, so I should be good.
Thank you for the update, I feel a bit better now. I updated my kids' and wife's PC after hearing and reading about this. Then I updated my PC and laptop, so again thanks!
issue is windows updates are a pain they require restarting the computer...unlike a certain other OS which all you have to do is update it and it does so in the background, log off...there it's updated
@@silverscalederg8632forgive me as I’m still fairly newish I guess to pc stuff but how is restarting the system a pain?
Semi-related: I'm thinking when W10 goes EoL I'm going to switch to Linux. I don't want to run W11, but couldn't anyway since my h/w isn't supported. So I have no choice. Another LTT Linux series could be good nearer that time to help those of us out picking a distro coming from W10.
One of us. One of us. One of us!
I think you need to realize that you have agency. You can make your own decisions. You can pick a distro, without some TH-camr telling you which one you're supposed to pick.
My suggestion is to settle for a popular one. Lots of online help that you don't have to interpret in the "What does this mean in my setup's terms?" kinda way.
Don't use Arch as your first distro. I didn't either. Arch is a destination, not a gateway.
That being said, in my opinion, Arch is the best distro out there, and since two years, I can say that I use Arch btw :)
It's too bad i have too many things that won't work on Linux. I'll just live while conscious of the vulnerabilities and move all my important things to Linux or Mac.
Made the switch last year. Been gaming with zero issues, including streaming to basically every TV ins my house. I rarely touch the terminal, and find it annoying if I have to.
What do you need that doesn't work? Linux would 10000% surprise you.
What if I put blinds on my windows will that protect my privacy ?
good one
paint it with musou black instead......
I heard just closing your windows stops people from crawling in.
Yes
only if the interior of the blinds is covered in foil
So we need to update all our machines..... to Ubuntu.
Thanks Microsoft for letting us know
no thanks... Linux is better, but I'm not running anything Ubuntu based
I am seriously considering moving to Mint. The only thing stopping me is the fact that i must still use Windows on my company laptop
@@viv12348 Why would your company laptop being stuck with Windows stop you from moving your own machine(s)?
Linux? Yes.
Ubuntu or Red Hat or anything thats a Red Hat fork like Fedora? no.
Tried that. It's going terribly
I'm about to upgrade to Linux Mint! Thanks Microsoft
Been using Mint Cinnamon edition for over a month now. Apart from small boot error message (BIOS needs updating) which still allows to load the system - everything else works like a charm. Truly painless experience.
@@terrorbilly1there's tons of problems but you choose to ignore them
No one cares that you play with toys
@@casparhughey5651 Tones of problems for sure. Like the one that it comes with all the necessary software I need pre-installed? Or maybe that it automatically detected (and connected) my terrible hp printer that I had numerous issues trying to connect wirelessly using Win10? Are those the problems you’re talking about?
@@terrorbilly1 don't bother opening your mouth if you're just going to lie
Strange: just when the news begins to circulate that there are 3 times as many Win10 users as Win11 and the share even increases, an emergency emerges that "urges" everyone to upgrade.
How serendipitous.
Win10 is innately insecure, which is why a lot of hardware won't run Win11...
@@blairhoughton7918 Windows 11 is as safe as a tennis racket is useful to protect from the rain.
The title and the info is a bit lacking - if you have all updates of Windows 10 until the 15th of June the bug is removed. No need to use W11.
@@blairhoughton7918 Windows 11 is more insecure than any system before it, just because it stops you from making it real secure. TPM and safe boot isn't secure. It's just another method to control you. In older windows systems you had control over what the system did, because as an administartor you could control everything. But it was a problem too with the uneducated administrators, because it is easy to make errors. Now windows tries to patronize even administrators. I worked in a bank and we had encryption cards in our systems using a high level hardware encryption, many times faster and better than TPM 2.0 and the cards have additional security like destroying disks when Starting outside the banks network - enabling TPM stops these cards from working. You can't install Win11 without secure boot and TPM would have made our high end cards worthless. Now the first systems run under Linux and the desktop used looks the same to the employees. In that case Windows 11 will MS cost hundreds of license keys because it makes the system not secure anymore....
The general problem with windows is that there is no clear difference anymore between a windows system at home and a windows system in a business. Everybody thought they could administrate a company network, because it looked like the PC at home and made big errors and left the business PC's vulnerable. Companies wouldn't spent money on professionals because 'my nephew told me he can do that' and that often left networks wide open like a barn door. And user install their little programs they use at home on systems at work, because admins did not know they had to close that option or user activate options in windows because they work so good at home but will crash the work system. And that is why MS now patronizes people and do not let you do with your PC what you want to, because they think they know better, even if they do not.
In most cases the problem for a system being not secure is between the keyboard and the back of the office chair and not in the OS or hardware.
i feel like the win11 users are forced to. the only reason i use win11 is because my work made us update
Wi-Fi is possible on Windows 95; what happens is that the hardware manufacturer has an app to connect to the AP.
Yes, you just need a wi-fi card with win9x drivers available.
This is why clueless people shouldn't be talking about tech. The only thing you need to put wireless on any computer is a driver. Hell they did it for commodore 64
@@casparhughey5651 With just the driver you would only be able to connect to unsecured wireless networks. I remember helping a customer with a Windows 2000 computer and no optical drive & at the time the software for the wireless networking hardware I supported was only available on a CD-ROM & wasn't put online until several months later. We were able to connect the laptop to an unsecured wireless network though. That means no WEP as this was well before even WPA was released.
Dial up 3KB/s ,and AOL.
This zero interaction vulnerability sounds like an intentional backdoor (for an intelligence agency for example). In any case, people should upgrade as fast as possible. Again highly secure locations, like aerospace development etc should not use wifi.
They don't. Not for work stuff.
The real intentional backdoors are probably at CPU level and you will never hear about them unless someone reverse engineers Intel's CPUs
Both Intel and AMD have backdoor processors on your processor that you don't run and run arbitrary code
That's what Libreboot and other related projects are about
As for WiFi, it's a good fallback sadly, an always-on VPN protects against some things (just not this)
Stop the baseless conspiracy theories already. If it truly was an intended backdoor they would never publicize it.
No it sounds like an intentional backdoor for recall users, that's why I don't trust Microsoft at all.
I wonder how many of those cheap 3rd party ATM machines you see in corner stores/coffee shops that charge a $5 fee have not gotten this update. Also, I wonder how many of those are still running some form of Windows XP because "if it aint broke don't fix it"
i've never seen an ATM with WiFi
@@SintaxBSD Honestly, this was mainly a guess on my part as some ATMs (not sure if it is most, all, or just a small percentage of them) are just PCs. I've on more than on occasion walked up to am ATM only to see a windows desktop as whatever application was running had crashed. Though, a quick google search appears to show that Wifi is an option for some ATMs, they have to communicate to the banking network somehow.
Why all of a sudden is Microsoft so eager to finally try to kill off something old to bring in something new? Windows still feels like 50% of its components are leftovers from Windows 3.1 that should be been left in the garbage.
Modern Windows problems is more due to how much they have been needlessly rewriting things, breaking functionality while ignoring things that actually need to be improved. Take the taskbar in Win11 for instance, it seems to have been completely rewritten but why? The old taskbar worked just fine and had way more functionality. Meanwhile network file sharing is still just as much of a buggy, confusing mess as it was in Win7.
At least windows 3.1 wasn't a bloated corpse. Space was at a very limited premium, every megabyte counted.
that the reason windows is still widely used, supports for old software and legacy systems
That's how I feel when I try to use MacOS
The biggest reason is to get integrated DRM started on all computers/media devices to fight "piracy".... Eventually it will check every file you access to see if you own it or not.
My son can’t even get file sharing between two windows machine on the same network to work. And here it is supposed to be a simple thing to actually run software through the WiFi?!! Without being on the WiFi?!!
windows to windows file sharing is a pain in the ass at the best of times. To allow full access to a machine via the wifi beggars belief.
You need password on 'host' machine to share data over network or else it does not work silently.
Also you could write \\computer_ip in Win+R window to connect over LAN SMB to pc without waiting your pc to "discover" other pc (which does not work sometimes) (still need password to work even though password requirement can be disabled, but without password it still doesn't work lul)
Just tell him to reverse shell to share files. That usually works better than LAN sharing. I gave up and just use Dropbox.
Fine Microsoft, I will upgrade my system to Linux. Thank you for convincing me to make the switch
You know you could always just use Microsoft Linux.
@@SintaxBSDlol smh...
@@DMS_6482 don't sleep on it... It's what runs Azure ;)
No one will miss you, and no one will care
@@3DMAX. You cared enough to comment. 🤡
1. Design a feature that allows secretive access to a user's PC.
2. Implement it so that it's easily explained as a bug.
3. Use it to keep the TLA's off your back or to force mass upgrades in the future.
4. Profit!!!
1:03 Minutes in: i made wifi work on miniature MS-DOS Computers/Terminals mounted on forklifts racing around a warehouse and scanning stuff LIVE into a Database in the backend back in 2001. ( I know DOS was outdated then already :D but it was only used to launch a terminal session into a mainframe)
When I saw the title and the thumbnail I thought this was going to be a Microsoft tricking people using the fear of a vulnerability to trick people into downloading the windows recall copilot update
i think microsoft would do that
Is that not what this already is?
It is though
ERROOOOOOR
Just casually disabling my WiFi Card in Device Manager, don't mind me
In bios for me. I already had it off for other reasons.
@NicoleMay316 hell, I may pull it out of the PCIE slot altogether, at this rate. It's not like I use it
Weak... I canceled the electricity supply to my house. Now, no one can attack my Wifi, hah!
I've been using Linux as my daily driver for the past 15 years. Seeing this latest security blunder by Microsoft pretty much confirms where they were headed the past several years....to the toilet.
more like the septic tank....
Windows OutHouse®
Okay. and how many have cared?
I don't use wi-fi on my computers fortunately. All of them are hardwired.
It can still impact you if your computer support wifi discovery, as this vulnerability is on the mechanism of windows to find a wifi network that it could be able to connect to
@@yizhu463 No wi-fi on any of my computers. I avoid that. I would have to add a pcie card or dongle.
Unfortunately my motherboard comes with built in wifi...I wonder if I can disable it?
Same, I specifically go for no WiFi Motherboards every time.
@@dragon_nammiMaybe remove the external wifi antenna, remove wifi driver from windows or smth?
Or just put your mobo in a faraday cage 😂
Windows XP was the first version of Windows to have native support for wireless networks. For older versions of Windows, you needed to use third-party software to configure WPS or WPA on them.
Yeah I'm just not using microsoft anymore in general. linux will be my next OS.
I want to keep Windows around in case there’s any apps/games that absolutely require it, but I’ve bought a tiny USB drive to install Linux on, which will become my usual OS.
That's not a good idea. Usb drives really aren't good for hosting an OS for everyday use.
You can get a ssd to usb adapter if you dont have space on your motherboard for another ssd.
Also the compatability would surprise you. You don't realize how good it is until you try it
I used to have a USB SSD enclosure velcroed to the lid of my laptop to boot from. You can also run a vm for that legacy windows app.
@@YaySyu this is for my laptop, I’m kinda limited in storage options. I don’t wanna mess around with repartitioning the internal SSD. I know compatibility is great for a lot of stuff, but there are exceptions.
@@DissociatedWomenIncorporateduse Boxes or some other Linux VM to run your Windows in. You can set it up so Windows doesn't even know it's a VM on your Linux hypervisor
I really wish there was a real competitor for windows that supported software i need for school and was possible to game on
Well, did my final years on engineering on Linux and still game on it. What do you need for school that isn't supported yet?
@@hugofontes5708 i havent looked super hard but i dont think they have revit for architecture. I can use autocad but revit is so nice.
Pop!_OS is damn good. What type of school are you at?
@@ThePlayerOfGames im doing a pre architecture program so i can do a masters in it later
CAD software isnt well supported unfortunately... if you need a good windows VM go look up GPU passthrough & looking glass
this is an 8.8/10 for severity ? HOW is that not higher ?!
Is physical proximity such a limiting factor for it to be "only" 8.8 ?
Because the method used isn't public knowledge and it's not under active exploit. They already have patched the exploit in the June patches. The advice was to patch as per your normal schedule. This exploit was simply something that was discovered likely in a bug bounty or internally, it's NOT a zero day. LTT do not understand cybersecurity and they hyped this nothing burger up. You really need to analyse the actual CVE. Just because it's an 8.8 doesn't mean its an Oh Fuck moment.
@@Sepheron44 Fair enough, I'll admit I'm not too well versed in how things like this work, but thanks for the clarification, makes me curious how bad an actual 10 would be
@@molly_dreemurrThe attack vector needs to be easily accesable. Aka, no proximity needed.
It should be compatible. Affect many systems regardless of OS or architecture.
The attack complexity needs to be low. Anyone can replicate the attack.
It should not require privileges.
It should not require user interaction.
Scope, the attack should give full access.
The reports of the hack should be credible.
It should be hard to patch
The exploit should be mature. People have had time to work out kinks and bugs.
It should have a large impact.
So.... It needs to be pretty bad
@@molly_dreemurr Something like admin level acces to everything on your computer without you even knowing about it and the ability to lock you out. everything includes your bank accounts
@@molly_dreemurr10 would be like network wide damage on everything
The box said Windows or better required, so I installed Linux .... ;-)
nobody cares.
why didn't you listen to the box
@@angelG14 i do
but which one for real
@@kender- the box
I wonder if Xbox is vulnerable...
anything windows with wifi is.
I installed Linux (Bazzite to be exact) last week and couldn't be happier. Everything runs out of the box.
Fantastic os
What about games?
@@SahilP2648 As far as I can tell so far, I don't have any issues with gaming. My Steam games all run out of the box - you just have to activate Steam Play for all games in the Steam compatibility settings. Games from Epic, GOG etc. also run smoothly via Heroic Games Launcher (or Lutris). To be absolutely honest, gaming on Linux is incredibly easy. I was a bit worried myself before I made the switch and gave it more thought than necessary, but everything is working flawlessly.
Just google "protondb" and "areweanticheatyet" for databases of games running on Linux.
@@SahilP2648 linux can run about any game with proton as long as it does not have anticheat
@@SahilP2648 For whatever reason, my reply gets shadowbanned every time. So short answer: I don't have any issues with gaming, as far as I can tell. My Steam games all run out of the box - you just have to activate Steam Play for all games in the Steam compatibility settings. Games from Epic, GOG etc. also run smoothly via Heroic Games Launcher (or Lutris). To be absolutely honest, gaming on Linux is incredibly easy. I was a bit worried myself before I made the switch and gave it more thought than necessary, but everything is working flawlessly.
0:07 "that has got all users being warned too-" *samsung ringtone*
Windows is the ones that developed this hack and it got out. So now they report it as bad
wouldnt doubt that tbh
It is almost like Microsoft wants users to upgrade to Linux
I mean, it's bad but I'll give it to them on this one, they patched it (still bad)
The utterly enormous reason i will be doing everything i can to switch to linux is because of windows. My confidence grows the more they eff win11 and the more i see other people switching to Linux and claiming to in the future.
They want all the 7 and 8 users gone.
In their defense, they patched it quickly and announced the flaw. Vulnerabilities will happen on all OSes. However the real issue with windows and justification for switching to Linux is things like advertising IDs and Microsoft accounts. Let's not even talk about recall.
a easy fix move to Linux , But I'm all hard wired for all my windows PCs are all hardwired, the only WiFi computer are IOT devices , printers , camera , etc , which are all vlan-ed and firewall to stop them getting anywhere they should not be.
you are AMAZING! A+++!
Everytime there is a windows update, it isn't to fix the bugs they created in the first place. Its to upload all your stuff they've neatly stolen and packaged on your PC back to their server or to install more malware in case RECALL isnt ready for prime time yet.
They're recalling stuff like Teamviewer did on Linus
I would love it if someone made idiot proof Windows like OS for air gap systems, called *"Shutters..."*
WiFi on Windows 95 absolutely does work! Back in 1997, the executives of my company all had laptops equipped with at the time, $10K per Proxim PCMCIA RangeLan2 WiFi cards so that they could connect wirelessly both at the office and at their home to work to Proxim access points installed there. The executive's homes were also ADSL WAN connected back to the office for both systems and Internet access. It was a VERY nice, although very expensive option at the time that reflected what was to come for everyone else.
Good thing i don't have wifi on my computer.
Do you have WiFi on any windows machine connected to the same network as your adorementioned computer?
And if someone totally remotely manipulates a compromised router to broadcast this to every wifi-enabled Windows system within it's range? That magically becomes a 10/10 imo..
It's just to force you to update and get garbage you don't need loaded alongside.
The saddest part is that I'm equally divided on thinking this threat 1) Doesn't exist. 2) Exists and an outside attacker is doing it, and 3) Exists and it's an inside scare tactic to get us to install spyware from a major corporation.
Meanwhile win11 share shrinks yet again and win7 will get a fix for this soon enough
"We told you it wasn't supported." I want them to patch XP forever! Damn Microsoft.
my PC is hardwired directly into the ISP modem and it has no dongles or antennas whatsoever for wifi. so meh
I wonder if a plug and play dongle could suddenly make you vulnerable
@@hugofontes5708situationally yes, your version of windows could be processing the service frames which this CVE works via
@@hugofontes5708 Yes it does!
This type of vulnerability has existed for many years on cellphones as "Pegasus".
This seems like it's a PC version that is also created by a government.
From what I found online this is for public WiFi not your home WiFi with a password. If you are on a public WiFi the hacker is on then they could remotely infect your computer. I don't use public WiFi so it doesn't concern me and Windows 10 still gets security updates for this so no need to upgrade to 11.
I mean many if not most private wifis arent super secure
Thats incorrect info.
No sir that's not true
having wifi enabled and it searching for networks is enough to get hacked. Hope this clears it up for you.
This is not how it works at all. The vulnerability is based on injecting malicious code into identifying frames. Basically, when you look at the available wifi networks, it has a list of names there, meaning your device has already made initial contact with the access point. The vulnerability takes advantage of that initial contact and runs the code without any user interaction. Someone could literally walk past you while your laptop is powered on and execute code on it.
But proximity can mean up to ~300m realistically depending on the environment. (at about 1km the signal travel time becomes to high and wifi drivers drop the packages. So this requires modified systems on both sides)
Okay, thinking through this, in suburbs made of cardboard 500m might be realistic.
I was thinking of stone and concrete buildings where you need advantageous geography to even get the previously mentioned numbers.
Why use wifi ? Use wire connection. It's faster
I know you can get DOS onto wifi
You can get a C64 on wifi
@@bombombalu lets get an ENIAC on the internet
Physical proximity is not needed for wifi access with a directional antenna you can connect from very far away as far as 10~20km is possible with no special equipment just a very good highly directional antenna.
They’ve had A LOT of other high scoring CVEs over the last few weeks too. Something is going on at that company that needs correction asap.
I'd push that update IF YOUR LAST SECURITY UPDATE DIDNT BREAK MY RECOVERY DRIVE
I accidentally discovered a way to block windows updates forever - simply dual-boot windows 10 and ubuntu on a dell laptop. Every time I start windows, it throws a tantrum because something else (grub) ran between shutdown and startup, and it won't even attempt to install any updates.
I haven't received any windows security patches in over a year. I just find it amusing.
That's an interesting note, I don't get that with systemd-boot+W11 (then again I only boot in once a year to run updates)
I used to dualboot win11 and arch then I got bored and nuked my windows partition a year or so back because yes.
You can imprison Windows inside a VM under Linux with GPU passthrough btw
Me without a wifi card: “Oh no! Anyway…”
I'm quickly approaching the point where the hassle of running stuff not available on Linux in a vm under Linux is easier than dealing with windows...
And i don't know Linux.
Now I need to find the clip where Linus got wrecked by Windows ads.
Hot take: Microsoft introduced this vulnerability on purpose, so they could later patch it while introducing unpopular additional features.
I guess my local hospital is screwed then, as they're still using Windows 7.
You guys should invite Low Level Learning into the Podcast whenever security vulnerabilities like this happen. He is amazing at making these super complicated attacks understandable for the average tech.
Is there even a surprise? That's what CVEs are for!
And that's why you should update your devices, it doesn't matter if it has Windows, macOS, Linux, Android, iOS, or whatever.
Escort carriers?
@@salohcin1000Common Vulnerabilities and Exposures. It's the categorization system used when grading vulnerabilities.
Yes, it's the fact that a major vulnerability does not need an account or interaction by the user to run arbitrary code, and can't be mitigated is pretty unusual. It sounds like something someone leaves there for the intelligence agencies, the police or to spy on his/her significant other.
But see the problem is that with every update they introduce more spyware, like it was super sad because my phone did a software update, and now sometimes it takes 3 seconds for the screen to turn on, sometimes 1, but before i'm pretty sure it turned on instantly. Which i wouldn't care about except it was fine before.
I'd like to use a password generator and a vpn, but well... I don't trust them right? We'd all like to be more secure, but whenever they make money off of selling our names and numbers then does anything else *really* matter. Of course it does to some people, like at some point i'll have the need and time and money to not be so bad with secuity but y'know just i wish updates werent aweful. Linux was usually actually helpful tho
Still not updating to w11
Correction DOWNgrading to w11
fax
Thankfully in my place every windows computer is connected via Ethernet cable.
No known exploits or code is in the wild just yet, so it's more of an internal disclosure rather than something actively being used widespread (outside of the usual intelligence agencies etc). Still good advice to update asap!
Maybe update to a more intrinsically secure OS.
@@malcaniscsm5184 why not update to not using a digital device at all
So this vulnerability has been around since Windows started supporting WiFi, but no one has exploited it yet? Hackers should be ashamed of themselves!
Found out recently "secure folders" on android phones can be breached by cell carriers without any indication, all though it appears to be a bug.
My PC doesn't have Wifi inside the machine. The wifi router on top of my pc is connected by ethernet cable.
Do this vulnerability works in same way?
no you need wifi for this to work, and microsoft already patched this issue as long as you aree updated you are safe, but the problem is it was patched 11 jun 2024, who knows how muc this was abused earlier?
1 only if another PC with inputted unpatched Windows connected to your router, got hacked, and then was used to spread malware over the network
2. If your router is an Asus or TP-LINK then update it immediately
@@gabrielandy9272 possibly 10 years, if it affects unsupported versions it could have been around since win 7 or xp
@@jasonmullinder People exploited it years ago. I thought it was patched out.
Guess not.
Hmm.. There's a strange person in a car going up and down my street and they appear to be aiming and fiddling with some sort of electronic device at random homes...
Something fundamental and critical like this should be open source so people can check and patch it rather than sitting on the bug for decades silently
Well, open source is not a silver bullet. There's just not going to be a sufficient number of people who check all the stuff all the time. With all the dependencies it's just not real.
@@BoraHorzaGobuchul amazing username collision here.
This isn't really inline with how OS stuff is used, when it's open source and used by corps it's checked as much by singleton enthusiasts as corporate auditors
If OS stuff was largely ignored and filled will vulnerabilities then the entire skeleton and muscles of the Internet would fall apart. In reality the OS parts are some of the most reliable and thoroughly examined whilst the proprietary parts are the ones resulting in a billion customer records leaked in a data breach even after an insider whistleblower told them the exact problem
@@ThePlayerOfGames nice meeting you too :)
Still, as the recent case with npm demonstrates, the process is far from bulletproof
I have a feeling that mcirosoft intentionally introduces attack vectors when they don't get their way. they probably aren't but makes ya think about the timing around recall and junk.
[Smugly looking over at my ethernet cable]
You can connect to the internet using FreeDos/CPM (there are actually text based browsers that still work to an extent. Drivers might be an issue, though, so you'd likely have to scavenge an old NIC card like the Intel 10/100.
There's also some BBS's still around that have dial up connections, too, if you can't figure out ethernet.
Windows can't even run Bluetooth properly, and you're telling me people can gain access via WiFi?
Actually, yeah, that makes sense now.
And why wasn't this recommended to me!?!
To fix all the bad things about windows 11 you can use your old laptop or computer and install windows server 2022 on it, setup active directory and create some simple policies. By default active directiry disables those ads and all the Gaming features, and generaly debloats your computer. Then let all the computers on the network join the domain and done you can use it normally + you can create a small net share on that server as well
I file this under 'one more reason to not use wifi'
1:50 damn.
And this is why I use Linux, I always hold off on any updates with what I know truly to work, to be sure that newer stuff isn't buggy like what happened with xz... Even Microsoft's "up-streaming" isn't good, quite literally they're bad at it.
Nah. I started developing stuff recently. Leave a website plugin out of date for a week? Bam my website now has malware redirecting the users.
Already "updated" to Linux (ZorinOS).
I did the switch about 10 years ago. At first it was because I was tired of licensing issues when changing hardware, now I am glad I did because of how windows evolved and they implemented things like a store, Microsoft accounts, and advertising IDs. Windows is no longer an acceptable OS.
The question we should be asking is, why does Windows WiFi driver have the ability to execute code in the first place??? Microsoft intentionally compromises the public's security and privacy.
This issue with MSMQ goes back to 2014 or earlier with recommendation to stop the service and close 1801. The ONLY Windows platform where MSMQ should be running is on a dedicated Exchange server in a deep server environment with no WIFI. As for not currrently supported, just disable MSMQ - poof - problem solved.
Fun. None of us use Wifi other than on our phones. So it's not applicable to me.
Keep in mind, the latest Windows update will put recall on your system. Make sure to turn it off in the settings, I can confirm you don't need a co-pilot PC for that feature, despite what they say. Is this a coincidence? Hmmm
The only reason this was an 8.8 and not higher is because the attacker would need to be in wifi range.
It's the US/NATO making sure everybody (especially enemy countries) can be equally invigilated
No physical proximity is needed, only control over the WiFi Router and most of them are security fails on their own, some out of the box!
Days like this makes me happy our wifi does not reach to the ends of our property.
Screw Microsoft, i'm moving to Azure Linux
I c wat u did there
@@googIesux 😘
Ok but WIFi encryption is secure still? Secured home networks are a ok?
This had to be used in public by governments, just never got caught being used its even wormable.
thank god im on linux 🙏
Yes sir, building faraday cage now!!
Is that another win for using lan cables instead of wifi?
So, this is a direct wifi attached to pc hack, not a router thing?
Unfortunately this will keep happening on windows. Sure Linux has lots of vulnerabilities, but it happens less frequent than on Windows.
Annd..Microsoft Recall's feature will be a devastating blow to your privacy in general.
im sorry guys, im not very technical, can someone explain why backdoors are suddenly called vulnerability?
I don't see how this isn't like a 9.5 or something. It allows a single infected computer to take over an entire network, and seemingly gain privileges that would otherwise be impossible to get (at least based off what they were saying with no user authentication or such. Or is Windows Server not effected or something? because the way it sounds is that one could get all admin privileges and all server privileges as long as the machine is running Windows.
edit: I guess it might be lower severity rating if most workstations and desktops and servers and such don't use Wi-Fi. But maybe more computers use it than I think.
I don't know anything about linux but maybe it's time to start looking into it, wasn't there something with steam making something specifically for game compatibility on linux ?
My next Windows is called GFY.
I use Microsoft, Linux, and macOS... I have options... but it's a good day to have options.
When hasn't there not been a vunerabilty in Windows 😮
Sounds like Facesniff or Firesheep with more. Turn off your WPS people along with other safety measures. change all def router/ modem passwords.
Time to upgrade? Word, i was just learning linux over the past week.
There's no way Microsoft would give an update to the people using older versions.
To be fair, you never needed to update to a more modern version of windows to fix this. They pushed this update out to Server 2008 lol.
I'll use Windows 7 until the end of time.
up to year 3984?
Let them try, I don't even have WiFi on my brand new pc as I'm using LAN only. No WiFi plugin card and not even WiFi on my motherboard: "Asus Prime Z790-P D4". A WiFi module seems to be sold separately for this motherboard which I didn't buy. I had WiFi on my old pc using a plugin PCIe card with 2 antennas and still had signal dropouts and random disconnects when sitting 5m away from the router/modem so I went full LAN and never looked back. WiFi dropouts make it hard for online gaming as your game gets killed every few minutes. You can't hack something that simply isn't there. :p