How to permanently stop Windows 10 reboots after installing updates

If you do not want to wait for Anniversary Update (which will be released in July 2016) or if Active Hours is not a solution for you, you can permanently stop Windows 10 reboots after updates are installed if you follow the steps below.

via How to permanently stop Windows 10 reboots after installing updates

Just bought a refurbished I7 machine with Windows 10 Home edition to use for gaming  and run VMs via Virtual Box.  The VMs need to be up 24/7 if they are an active unit.   This box has a lot of RAM so it can run many VMs.  Microsoft brought them all down last night with an update then reboot.  This is totally unacceptable.  Most of the solutions on the web using gpedit.msc or regedit do not work on Windows Home since we are the lowest OS on the MS totem pole.

The procedure in the above website worked for Windows 10 Home.   Now I just have to wait a week or so to see if it really stops the auto reboot.  I don’t mind having to queue up updates that require reboot.  VMs  need to be shutdown gracefully.  Many people use their computers for doing things other than consuming mass media.

Microsoft’s Naggy Windows 10 Upgrade Prompt Interrupts Meteorologist’s Weathercast

However, at least for one meteorologist, the Windows 10 upgrade prompt came during an inopportune time — right in the middle of a live weathercast. Metinka Slater, a meteorologist with Des Moines CBS affiliate KCCI 8, was going about her business, giving viewers a rundown of the 12-hour rainfall totals in the area when a nagging Windows 10 upgrade screen popped up, just like it has for thousands (if not millions) of everyday Windows users.

Source: Microsoft’s Naggy Windows 10 Upgrade Prompt Interrupts Meteorologist’s Weathercast

Philips Hue Excludes 3rd Party Bulbs With Firmware Update

Philips just released firmware for the Philips Hue bridge that may permanently sever access to any “non-approved” ZigBee bulbs. We previously covered third party support in January 2015, when Philips indicated it was not blocked – and have since benefited.

Source: Philips Hue Excludes 3rd Party Bulbs With Firmware Update

Sometimes it’s better never to upgrade firmware.  Don’t fix what isn’t broke.  As a general rule firmware should never need upgrading.

Microsoft is downloading Windows 10 to your machine ‘just in case’

Microsoft told us: “For individuals who have chosen to receive automatic updates through Windows Update, we help upgradable devices get ready for Windows 10 by downloading the files they’ll need if they decide to upgrade.

Source: Microsoft is downloading Windows 10 to your machine ‘just in case’

From: The Appeal of Free: 75 Million Users Download Windows 10 in First Month

Free Windows is proving to be a very attractive price indeed. Seventy-five million users have downloaded Windows 10 to their personal computers and tablets in the first month of its release, Microsoft announced on Wednesday.

Manipulating Microsoft WSUS to Own Enterprises

Paul Stone and Alex Chapman of Context Information Security in the U.K. took a long look at the WSUS attack surface and discovered that when a WSUS server contacts Microsoft for driver updates, it does so using XML SOAP web services, and those checks are not made over SSL. While updates are signed by Microsoft and updates must be verified by Microsoft, Stone and Chapman discovered that an attacker already in a man-in-the-middle position on a corporate network, for example, could with some work tamper with the unencrypted communication and inject a malicious homegrown update.

Source: Manipulating Microsoft WSUS to Own Enterprises | Threatpost | The first stop for security news

Windows 10? Here are privacy issues you should consider

Sign into Windows with your Microsoft account and the operating system immediately syncs settings and data to the company’s servers. That includes your browser history, favorites and the websites you currently have open as well as saved app, website and mobile hotspot passwords and Wi-Fi network names and passwords.

Source: Windows 10? Here are privacy issues you should consider

The updated terms also state that Microsoft will collect information “from you and your devices, including for example ‘app use data for apps that run on Windows’ and ‘data about the networks you connect to.’”

Mars Rover’s ChemCam Instrument gets sharper vision

Likewise, the laser analyses were done at nine different focus settings to obtain one good set of data. In the meantime, the team went back to the drawing board. They figured out that if they discarded a lot of the old code on board their distant subject, they could make room for software that could command the instrument to take the nine images on its own and analyze them on-board to find the best focus.

Source: Mars Rover’s ChemCam Instrument gets sharper vision

The program to run the whole instrument is only 40 kilobytes. The first tests on Mars were completed earlier this week.

OpenSSL bug CVE-2014-0160

If you’re using an older OpenSSL version, you’re safe.

via OpenSSL bug CVE-2014-0160 | The Tor Blog.

I find that statement quite interesting due to how many security experts tout keeping your software constantly updated without realizing sometimes updates can introduce exploit vectors.

From:  The Heartbleed Bug

What makes the Heartbleed Bug unique?

Bugs in single software or library come and go and are fixed by new versions. However this bug has left large amount of private keys and other secrets exposed to the Internet. Considering the long exposure, ease of exploitation and attacks leaving no trace this exposure should be taken seriously.

Am I affected by the bug?

You are likely to be affected either directly or indirectly. OpenSSL is the most popular open source cryptographic library and TLS (transport layer security) implementation used to encrypt traffic on the Internet. Your popular social site, your company’s site, commerce site, hobby site, site you install software from or even sites run by your government might be using vulnerable OpenSSL.

From: Exploits allow attackers to obtain private keys used to decrypt sensitive data.

They called on white-hat hackers to set up “honeypots” of vulnerable TLS servers designed to entrap attackers in an attempt to see if the bug is being actively exploited in the wild. The researchers have dubbed the vulnerability Heartbleed because the underlying bug resides in the OpenSSL implementation of the TLS heartbeat extension as described in RFC 6520 of the Internet Engineering Task Force.

Software upgrade at 655 million kilometres

Although Rosetta and MIDAS spent 957 days in hibernation, the MIDAS team back on Earth were busy learning how best to use MIDAS with tests on the Flight Spare (the identical twin instrument). As a result we have made a number of tweaks and enhancements to the software ready for our encounter with comet 67P/CG. After the passive checkout we know that we’re in good shape, so the next step is to upload and apply the software patches. The new software was tested both on the Flight Spare and on an instrument/processor simulator developed by the institute.

via Software upgrade at 655 million kilometres | Rosetta – ESA’s comet chaser.