This laptop is not meant to be opened or repaired; you can’t get inside without inflicting a lot of damage.
Source: Microsoft Surface Laptop Teardown – iFixit
The battery is difficult and dangerous to replace, giving the device a limited lifespan.
Category Archives: PC Issues
How to permanently stop Windows 10 reboots after installing updates
If you do not want to wait for Anniversary Update (which will be released in July 2016) or if Active Hours is not a solution for you, you can permanently stop Windows 10 reboots after updates are installed if you follow the steps below.
via How to permanently stop Windows 10 reboots after installing updates
Just bought a refurbished I7 machine with Windows 10 Home edition to use for gaming and run VMs via Virtual Box. The VMs need to be up 24/7 if they are an active unit. This box has a lot of RAM so it can run many VMs. Microsoft brought them all down last night with an update then reboot. This is totally unacceptable. Most of the solutions on the web using gpedit.msc or regedit do not work on Windows Home since we are the lowest OS on the MS totem pole.
The procedure in the above website worked for Windows 10 Home. Now I just have to wait a week or so to see if it really stops the auto reboot. I don’t mind having to queue up updates that require reboot. VMs need to be shutdown gracefully. Many people use their computers for doing things other than consuming mass media.
Spybot Anti-Beacon for Windows
Anti-Beacon is small, simple to use, and is provided free of charge. It was created to address the privacy concerns of users of Windows 10 who do not wish to have information about their PC usage sent to Microsoft. Simply clicking “Immunize” on the main screen of Anti-Beacon will immediately disable any known tracking features included by Microsoft in the operating system.
Source: Spybot Anti-Beacon for Windows
Could antivirus software make your computer less safe?
Increasingly, attacks focus on social engineering or phishing that lures users onto compromised websites that can steal information or serve ransomware.
Those websites are so short-lived that antivirus software often doesn’t update fast enough to recognize them, Sjouwerman added.
Source: Could antivirus software make your computer less safe?
How to Compromise the Enterprise Endpoint
Because Symantec uses a filter driver to intercept all system I/O, just emailing a file to a victim or sending them a link to an exploit is enough to trigger it – the victim does not need to open the file or interact with it in anyway. Because no interaction is necessary to exploit it, this is a wormable vulnerability with potentially devastating consequences to Norton and Symantec customers.
An attacker could easily compromise an entire enterprise fleet using a vulnerability like this. Network administrators should keep scenarios like this in mind when deciding to deploy Antivirus, it’s a significant tradeoff in terms of increasing attack surface.
Source: Project Zero: How to Compromise the Enterprise Endpoint
Microsoft’s Naggy Windows 10 Upgrade Prompt Interrupts Meteorologist’s Weathercast
However, at least for one meteorologist, the Windows 10 upgrade prompt came during an inopportune time — right in the middle of a live weathercast. Metinka Slater, a meteorologist with Des Moines CBS affiliate KCCI 8, was going about her business, giving viewers a rundown of the 12-hour rainfall totals in the area when a nagging Windows 10 upgrade screen popped up, just like it has for thousands (if not millions) of everyday Windows users.
Source: Microsoft’s Naggy Windows 10 Upgrade Prompt Interrupts Meteorologist’s Weathercast
Windows 10 lock screen ads begin with Rise of the Tomb Raider push
The lock screen is one of several ways that Windows 10 isn’t exactly free. From Start menu promotions to subscription-based games to personalized ads in Bing and the Edge browser, Microsoft has plenty of money-making hooks built into its latest OS.
Source: Windows 10 lock screen ads begin with Rise of the Tomb Raider push | PCWorld
Trend Micro flaw could have allowed attacker to steal all passwords
Overall, Ormandy wrote that he found over 70 APIs exposed to the Internet, not all of which he had investigated for security issues. He suggested Trend should hire an external consultancy to audit the code.
Source: Trend Micro flaw could have allowed attacker to steal all passwords
Antivirus software could make your company more vulnerable
While these are mainly examples of using antivirus vulnerabilities to evade detection, there’s also a demand for remote code execution exploits affecting antivirus products and these are being sold by specialized brokers on the largely unregulated exploit market.
Among the emails leaked last year from Italian surveillance firm Hacking Team there is a document with exploits offered for sale by an outfit called Vulnerabilities Brokerage International. The document lists various privilege escalation, information disclosure and detection bypassing exploits for multiple antivirus products, and also a remote code execution exploit for ESET NOD32 Antivirus with the status “sold.”
Source: Antivirus software could make your company more vulnerable
AVG, McAfee, Kaspersky Fix Common Vulnerability in Their Antivirus Products
The security bug relates to the fact that the AVG antivirus creates a memory space with full RWX (read-write-execute) privileges where it normally runs. For that particular version of the AVG antivirus, this memory space was not randomized and was often shared with other applications, like, for example, Acrobat Reader or the enSilo product that collided with the antivirus.
If an attacker knew about the antivirus’ predictable behavior and where this address space was, they could force their malicious code to execute inside that memory address and have the same privileges as the antivirus process (which is system-level).
Source: AVG, McAfee, Kaspersky Fix Common Vulnerability in Their Antivirus Products