Microsoft hints at early April release of Windows 10’s next feature upgrade

Microsoft this week released the first preview of what will become Windows 10 version 1809, this year’s second feature upgrade and the one slated to ship this fall.

But the debut of what Microsoft calls the “Skip Ahead” build for Windows 10 1809 also hints that the release of the spring feature upgrade, aka 1803, will take place in early April.

On Wednesday, Microsoft forked the 1803 preview of Windows 10 – as it’s done before when it nears release of a feature upgrade – so that developers could continue to deliver beta code for that build while also beginning to work on the next-in-line, 1809. (Microsoft uses a yymm labeling system to mark its Windows 10 feature upgrades; 1803 indicates a March 2018 release, while 1809 marks a September release.)

To read this article in full, please click here

Read more 0 Comments

Microsoft is distributing security patches through insecure HTTP links

The Microsoft Update Catalog uses insecure HTTP links – not HTTPS links – on the download buttons, so patches you download from the Update Catalog are subject to all of the security problems that dog HTTP links, including man-in-the-middle attacks.

Security researcher Stefan Kanthak, writing on Seclist’s Bugtraq mailing list, elaborates:

Even if you browse the “Microsoft Update Catalog” via the HTTPS link,  ALL download links published there use HTTP, not HTTPS!

That’s trustworthy computing … the Microsoft way!

Despite numerous mails sent to <secure () microsoft com> in the last years, and numerous replies “we’ll forward this to the product groups,” nothing happens at all.

To read this article in full, please click here

Read more 0 Comments