Microsoft does not intend to gather sensitive information, such as credit card numbers, usernames and passwords, email addresses, or other similarly sensitive information for Linguistic Data Collection. We guard against such events by using technologies to identify and remove sensitive information before linguistic data is sent from the user’s device. If we determine that sensitive information has been inadvertently received, we delete the information.
If you do not want to wait for Anniversary Update (which will be released in July 2016) or if Active Hours is not a solution for you, you can permanently stop Windows 10 reboots after updates are installed if you follow the steps below.
Just bought a refurbished I7 machine with Windows 10 Home edition to use for gaming and run VMs via Virtual Box. The VMs need to be up 24/7 if they are an active unit. This box has a lot of RAM so it can run many VMs. Microsoft brought them all down last night with an update then reboot. This is totally unacceptable. Most of the solutions on the web using gpedit.msc or regedit do not work on Windows Home since we are the lowest OS on the MS totem pole.
The procedure in the above website worked for Windows 10 Home. Now I just have to wait a week or so to see if it really stops the auto reboot. I don’t mind having to queue up updates that require reboot. VMs need to be shutdown gracefully. Many people use their computers for doing things other than consuming mass media.
The tactics Microsoft employed to get users of earlier versions of Windows to upgrade to Windows 10 went from annoying to downright malicious. Some highlights: Microsoft installed an app in users’ system trays advertising the free upgrade to Windows 10. The app couldn’t be easily hidden or removed, but some enterprising users figured out a way. Then, the company kept changing the app and bundling it into various security patches, creating a cat-and-mouse game to uninstall it.
And while users can disable some of these settings, it is not a guarantee that your computer will stop talking to Microsoft’s servers. A significant issue is the telemetry data the company receives. While Microsoft insists that it aggregates and anonymizes this data, it hasn’t explained just how it does so.
The location of PAC files can be discovered through WPAD in several ways: through a special Dynamic Host Configuration Protocol (DHCP) option, through local Domain Name System (DNS) lookups, or through Link-Local Multicast Name Resolution (LLMNR).
The researchers recommended computer users disable the protocol. “No seriously, turn off WPAD!” one of their presentation slides said. “If you still need to use PAC files, turn off WPAD and configure an explicit URL for your PAC script; and serve it over HTTPS or from a local file.”
From Slashdot comments:
Basically, the default User Authentification Settings of Edge/Spartan (also Internet Explorer, Outlook) lets the browser connect to local network shares, but erroneously fail to block connections to remote shares. To exploit this, an attacker would simply set up a network share. An embedded image link that points to that network share is then sent to the victim, for example as part of an email or website. As soon as the prepped content is viewed inside a Microsoft product such as Edge/Spartan, Internet Explorer or Outlook, that software will try to connect to that share in order to download the image. Doing so, it will silently send the user’s Windows login username in plaintext along with the NTLMv2 hash of the login password to the attacker’s network share.
Anti-Beacon is small, simple to use, and is provided free of charge. It was created to address the privacy concerns of users of Windows 10 who do not wish to have information about their PC usage sent to Microsoft. Simply clicking “Immunize” on the main screen of Anti-Beacon will immediately disable any known tracking features included by Microsoft in the operating system.
Source: Spybot Anti-Beacon for Windows
While we’re still waiting for worldwide shipments to go positive, both IDC and Gartner report that PC shipments in the US have increased for the first time in more than a year. IDC reports that shipments have increased by 4.9 percent, and Gartner says they’ve risen by 1.4 percent.
Worldwide, PC shipments are still on a decline. Gartner estimates a 5.2 percent drop, and IDC calculates around a 4.5 percent decrease in shipments.
Because Symantec uses a filter driver to intercept all system I/O, just emailing a file to a victim or sending them a link to an exploit is enough to trigger it – the victim does not need to open the file or interact with it in anyway. Because no interaction is necessary to exploit it, this is a wormable vulnerability with potentially devastating consequences to Norton and Symantec customers.
An attacker could easily compromise an entire enterprise fleet using a vulnerability like this. Network administrators should keep scenarios like this in mind when deciding to deploy Antivirus, it’s a significant tradeoff in terms of increasing attack surface.
However, at least for one meteorologist, the Windows 10 upgrade prompt came during an inopportune time — right in the middle of a live weathercast. Metinka Slater, a meteorologist with Des Moines CBS affiliate KCCI 8, was going about her business, giving viewers a rundown of the 12-hour rainfall totals in the area when a nagging Windows 10 upgrade screen popped up, just like it has for thousands (if not millions) of everyday Windows users.
Examiners found out-of-place programs known as dynamic link libraries, or DLLs, that had been written onto the Wisconsin computer. The programs were designed to “redirect” a drawing if certain conditions were met, according to the complaint, helping orchestrate the outcome.