Is Microsoft Playing Us? 

Recall's already been hacked, it's on github. Just needs to be implemented into malware.

​@@hotsauce2446 I wouldn't really call that a hack, though. It's more like just walking into a house with its front door wide open.

​@@hotsauce2446honestly it's not really a hack it's just a sqlite data extractor that pulls the data out of the recall database and puts it into folders. People just call it a "hack" for the extra wow factor

@@hotsauce2446 probably some group has added it in their product for sale

@@hotsauce2446 might even has been done already.

Thanks a million! I was a little worried when I couldn't find a new security update to download.

Thanks! Just had the update a couple days ago, so I should be good.

Thank you for the update, I feel a bit better now. I updated my kids' and wife's PC after hearing and reading about this. Then I updated my PC and laptop, so again thanks!

issue is windows updates are a pain they require restarting the computer...unlike a certain other OS which all you have to do is update it and it does so in the background, log off...there it's updated

⁠@@silverscalederg8632forgive me as I’m still fairly newish I guess to pc stuff but how is restarting the system a pain?

One of us. One of us. One of us!

I think you need to realize that you have agency. You can make your own decisions. You can pick a distro, without some RU-vidr telling you which one you're supposed to pick. My suggestion is to settle for a popular one. Lots of online help that you don't have to interpret in the "What does this mean in my setup's terms?" kinda way. Don't use Arch as your first distro. I didn't either. Arch is a destination, not a gateway. That being said, in my opinion, Arch is the best distro out there, and since two years, I can say that I use Arch btw :)

It's too bad i have too many things that won't work on Linux. I'll just live while conscious of the vulnerabilities and move all my important things to Linux or Mac.

Made the switch last year. Been gaming with zero issues, including streaming to basically every TV ins my house. I rarely touch the terminal, and find it annoying if I have to.

​What do you need that doesn't work? Linux would 10000% surprise you.

good one

paint it with musou black instead......

I heard just closing your windows stops people from crawling in.

Yes

only if the interior of the blinds is covered in foil

no thanks... Linux is better, but I'm not running anything Ubuntu based

I am seriously considering moving to Mint. The only thing stopping me is the fact that i must still use Windows on my company laptop

@@viv12348 Why would your company laptop being stuck with Windows stop you from moving your own machine(s)?

Linux? Yes. Ubuntu or Red Hat or anything thats a Red Hat fork like Fedora? no.

Tried that. It's going terribly

Been using Mint Cinnamon edition for over a month now. Apart from small boot error message (BIOS needs updating) which still allows to load the system - everything else works like a charm. Truly painless experience.

​@@terrorbilly1there's tons of problems but you choose to ignore them

No one cares that you play with toys

@@casparhughey5651 Tones of problems for sure. Like the one that it comes with all the necessary software I need pre-installed? Or maybe that it automatically detected (and connected) my terrible hp printer that I had numerous issues trying to connect wirelessly using Win10? Are those the problems you’re talking about?

@@terrorbilly1 don't bother opening your mouth if you're just going to lie

i've never seen an ATM with WiFi

@@SintaxBSD Honestly, this was mainly a guess on my part as some ATMs (not sure if it is most, all, or just a small percentage of them) are just PCs. I've on more than on occasion walked up to am ATM only to see a windows desktop as whatever application was running had crashed. Though, a quick google search appears to show that Wifi is an option for some ATMs, they have to communicate to the banking network somehow.

Yes, you just need a wi-fi card with win9x drivers available.

This is why clueless people shouldn't be talking about tech. The only thing you need to put wireless on any computer is a driver. Hell they did it for commodore 64

@@casparhughey5651 With just the driver you would only be able to connect to unsecured wireless networks. I remember helping a customer with a Windows 2000 computer and no optical drive & at the time the software for the wireless networking hardware I supported was only available on a CD-ROM & wasn't put online until several months later. We were able to connect the laptop to an unsecured wireless network though. That means no WEP as this was well before even WPA was released.

Dial up 3KB/s ,and AOL.

Win10 is innately insecure, which is why a lot of hardware won't run Win11...

@@blairhoughton7918 Windows 11 is as safe as a tennis racket is useful to protect from the rain.

The title and the info is a bit lacking - if you have all updates of Windows 10 until the 15th of June the bug is removed. No need to use W11.

@@blairhoughton7918 Windows 11 is more insecure than any system before it, just because it stops you from making it real secure. TPM and safe boot isn't secure. It's just another method to control you. In older windows systems you had control over what the system did, because as an administartor you could control everything. But it was a problem too with the uneducated administrators, because it is easy to make errors. Now windows tries to patronize even administrators. I worked in a bank and we had encryption cards in our systems using a high level hardware encryption, many times faster and better than TPM 2.0 and the cards have additional security like destroying disks when Starting outside the banks network - enabling TPM stops these cards from working. You can't install Win11 without secure boot and TPM would have made our high end cards worthless. Now the first systems run under Linux and the desktop used looks the same to the employees. In that case Windows 11 will MS cost hundreds of license keys because it makes the system not secure anymore.... The general problem with windows is that there is no clear difference anymore between a windows system at home and a windows system in a business. Everybody thought they could administrate a company network, because it looked like the PC at home and made big errors and left the business PC's vulnerable. Companies wouldn't spent money on professionals because 'my nephew told me he can do that' and that often left networks wide open like a barn door. And user install their little programs they use at home on systems at work, because admins did not know they had to close that option or user activate options in windows because they work so good at home but will crash the work system. And that is why MS now patronizes people and do not let you do with your PC what you want to, because they think they know better, even if they do not. In most cases the problem for a system being not secure is between the keyboard and the back of the office chair and not in the OS or hardware.

i feel like the win11 users are forced to. the only reason i use win11 is because my work made us update

Modern Windows problems is more due to how much they have been needlessly rewriting things, breaking functionality while ignoring things that actually need to be improved. Take the taskbar in Win11 for instance, it seems to have been completely rewritten but why? The old taskbar worked just fine and had way more functionality. Meanwhile network file sharing is still just as much of a buggy, confusing mess as it was in Win7.

At least windows 3.1 wasn't a bloated corpse. Space was at a very limited premium, every megabyte counted.

that the reason windows is still widely used, supports for old software and legacy systems

That's how I feel when I try to use MacOS

The biggest reason is to get integrated DRM started on all computers/media devices to fight "piracy".... Eventually it will check every file you access to see if you own it or not.

windows to windows file sharing is a pain in the ass at the best of times. To allow full access to a machine via the wifi beggars belief.

You need password on 'host' machine to share data over network or else it does not work silently. Also you could write \\computer_ip in Win+R window to connect over LAN SMB to pc without waiting your pc to "discover" other pc (which does not work sometimes) (still need password to work even though password requirement can be disabled, but without password it still doesn't work lul)

Just tell him to reverse shell to share files. That usually works better than LAN sharing. I gave up and just use Dropbox.

It can still impact you if your computer support wifi discovery, as this vulnerability is on the mechanism of windows to find a wifi network that it could be able to connect to

@@yizhu463 No wi-fi on any of my computers. I avoid that. I would have to add a pcie card or dongle.

Unfortunately my motherboard comes with built in wifi...I wonder if I can disable it?

Same, I specifically go for no WiFi Motherboards every time.

​@@dragon_nammiMaybe remove the external wifi antenna, remove wifi driver from windows or smth? Or just put your mobo in a faraday cage 😂

In bios for me. I already had it off for other reasons.

@NicoleMay316 hell, I may pull it out of the PCIE slot altogether, at this rate. It's not like I use it

Weak... I canceled the electricity supply to my house. Now, no one can attack my Wifi, hah!

i think microsoft would do that

Is that not what this already is?

It is though

ERROOOOOOR

more like the septic tank....

Windows OutHouse®

Okay. and how many have cared?

I want to keep Windows around in case there’s any apps/games that absolutely require it, but I’ve bought a tiny USB drive to install Linux on, which will become my usual OS.

​That's not a good idea. Usb drives really aren't good for hosting an OS for everyday use. You can get a ssd to usb adapter if you dont have space on your motherboard for another ssd. Also the compatability would surprise you. You don't realize how good it is until you try it

I used to have a USB SSD enclosure velcroed to the lid of my laptop to boot from. You can also run a vm for that legacy windows app.

@@YaySyu this is for my laptop, I’m kinda limited in storage options. I don’t wanna mess around with repartitioning the internal SSD. I know compatibility is great for a lot of stuff, but there are exceptions.

​@@DissociatedWomenIncorporateduse Boxes or some other Linux VM to run your Windows in. You can set it up so Windows doesn't even know it's a VM on your Linux hypervisor

Well, did my final years on engineering on Linux and still game on it. What do you need for school that isn't supported yet?

@@hugofontes5708 i havent looked super hard but i dont think they have revit for architecture. I can use autocad but revit is so nice.

Pop!_OS is damn good. What type of school are you at?

@@ThePlayerOfGames im doing a pre architecture program so i can do a masters in it later

CAD software isnt well supported unfortunately... if you need a good windows VM go look up GPU passthrough & looking glass

Because the method used isn't public knowledge and it's not under active exploit. They already have patched the exploit in the June patches. The advice was to patch as per your normal schedule. This exploit was simply something that was discovered likely in a bug bounty or internally, it's NOT a zero day. LTT do not understand cybersecurity and they hyped this nothing burger up. You really need to analyse the actual CVE. Just because it's an 8.8 doesn't mean its an Oh Fuck moment.

@@Sepheron44 Fair enough, I'll admit I'm not too well versed in how things like this work, but thanks for the clarification, makes me curious how bad an actual 10 would be

@@molly_dreemurrThe attack vector needs to be easily accesable. Aka, no proximity needed. It should be compatible. Affect many systems regardless of OS or architecture. The attack complexity needs to be low. Anyone can replicate the attack. It should not require privileges. It should not require user interaction. Scope, the attack should give full access. The reports of the hack should be credible. It should be hard to patch The exploit should be mature. People have had time to work out kinks and bugs. It should have a large impact. So.... It needs to be pretty bad

@@molly_dreemurr Something like admin level acces to everything on your computer without you even knowing about it and the ability to lock you out. everything includes your bank accounts

​@@molly_dreemurr10 would be like network wide damage on everything

nobody cares.

why didn't you listen to the box

@@angelG14 i do

but which one for real

@@kender- the box

you are AMAZING! A+++!

Fantastic os

What about games?

@@SahilP2648 As far as I can tell so far, I don't have any issues with gaming. My Steam games all run out of the box - you just have to activate Steam Play for all games in the Steam compatibility settings. Games from Epic, GOG etc. also run smoothly via Heroic Games Launcher (or Lutris). To be absolutely honest, gaming on Linux is incredibly easy. I was a bit worried myself before I made the switch and gave it more thought than necessary, but everything is working flawlessly. Just google "protondb" and "areweanticheatyet" for databases of games running on Linux.

@@SahilP2648 linux can run about any game with proton as long as it does not have anticheat

@@SahilP2648 For whatever reason, my reply gets shadowbanned every time. So short answer: I don't have any issues with gaming, as far as I can tell. My Steam games all run out of the box - you just have to activate Steam Play for all games in the Steam compatibility settings. Games from Epic, GOG etc. also run smoothly via Heroic Games Launcher (or Lutris). To be absolutely honest, gaming on Linux is incredibly easy. I was a bit worried myself before I made the switch and gave it more thought than necessary, but everything is working flawlessly.

I wonder if a plug and play dongle could suddenly make you vulnerable

​@@hugofontes5708situationally yes, your version of windows could be processing the service frames which this CVE works via

@@hugofontes5708 Yes it does!

You can get a C64 on wifi

@@bombombalu lets get an ENIAC on the internet

Correction DOWNgrading to w11

fax

Do you have WiFi on any windows machine connected to the same network as your adorementioned computer?

no you need wifi for this to work, and microsoft already patched this issue as long as you aree updated you are safe, but the problem is it was patched 11 jun 2024, who knows how muc this was abused earlier?

1 only if another PC with inputted unpatched Windows connected to your router, got hacked, and then was used to spread malware over the network 2. If your router is an Asus or TP-LINK then update it immediately

@@gabrielandy9272 possibly 10 years, if it affects unsupported versions it could have been around since win 7 or xp

​@@jasonmullinder People exploited it years ago. I thought it was patched out. Guess not.

I mean, it's bad but I'll give it to them on this one, they patched it (still bad)

The utterly enormous reason i will be doing everything i can to switch to linux is because of windows. My confidence grows the more they eff win11 and the more i see other people switching to Linux and claiming to in the future.

They want all the 7 and 8 users gone.

In their defense, they patched it quickly and announced the flaw. Vulnerabilities will happen on all OSes. However the real issue with windows and justification for switching to Linux is things like advertising IDs and Microsoft accounts. Let's not even talk about recall.

That's an interesting note, I don't get that with systemd-boot+W11 (then again I only boot in once a year to run updates)

I used to dualboot win11 and arch then I got bored and nuked my windows partition a year or so back because yes.

You can imprison Windows inside a VM under Linux with GPU passthrough btw

I mean many if not most private wifis arent super secure

Thats incorrect info.

No sir that's not true

having wifi enabled and it searching for networks is enough to get hacked. Hope this clears it up for you.

This is not how it works at all. The vulnerability is based on injecting malicious code into identifying frames. Basically, when you look at the available wifi networks, it has a list of names there, meaning your device has already made initial contact with the access point. The vulnerability takes advantage of that initial contact and runs the code without any user interaction. Someone could literally walk past you while your laptop is powered on and execute code on it.

Maybe update to a more intrinsically secure OS.

​@@malcaniscsm5184 why not update to not using a digital device at all

Yep maybe like 10meters - 15meters.

Nah. I started developing stuff recently. Leave a website plugin out of date for a week? Bam my website now has malware redirecting the users.

Looks like the ElectroVoice RE-20

@@vertedintro thank you

If it's completely unplugged and somewhere that nobody is going to break into, you're fine.

I did the switch about 10 years ago. At first it was because I was tired of licensing issues when changing hardware, now I am glad I did because of how windows evolved and they implemented things like a store, Microsoft accounts, and advertising IDs. Windows is no longer an acceptable OS.

How can it be worse? Uploading all keystrokes to every other computer on the planet?

I c wat u did there

@@googIesux 😘