Hello,
Here are a couple of methods for scripting re-installation of Windows Media Player after applying KB4046355.
via Command Prompt: dism.exe
via PowerShell: enable-windowsoptionalfeature -online -featureName WindowsMediaPlayer
Hopefully that will be of use to people who still need to use (or prefer) Windows Media Player.
Regards,
Aryeh Goretsky
Hello,
It is interesting how concerned Microsoft is about "building a thoughtfully curated ecosystem" with browser extensions that are "high-quality and trustworthy" for Microsoft Edge, while at the same time, its Windows Store offers many poor-quality mobile apps bordering on the scammy (fake browsers meant to look like Google Chrome, pirated copies of books, etc.) for years.
Of course, Microsoft collects a percentage of sales from Store apps, so maybe it was more to their incentive to have it filled with these in order to inflate the number of apps back when the "app gap" was a concern before they abandoned Windows Phone/Windows 10 Mobile.
I have to wonder, though, if Chrome and Firefox versus Edge is the new version of iOS and Android versus Windows Phone.
Regards,
Aryeh Goretsky
Hello,
I seem to recall a discussion about this at the time of disclosure that the main concern was not so much finding exploitable bugs in Windows, per se, but finding bugs in third-party drivers like those from AMD and nVidia, as well as determining hardware and software a target might be using, in order to help perform vulnerability research on targets.
Regards,
Aryeh Goretsky
Hello,
I am wondering if this has more to do with the quality of the research being done, as opposed to the patent process itself. While India's CSIR-Tech may have failed, Australia's equivalent entity, CSIRO, seems to have done quite well for Australian taxpayers, such as generating income on from Wi-Fi (some essential component of 802.11n, as I recall).
Regards,
Aryeh Goretsky
Hello,
I guess it was a slow day at CBS Interactive's CNet web site, or perhaps they are not very familiar with using Windows. This behavior can easily be disabled by a simple registry tweak. Here's a
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
"NoAutoRebootWithLoggedOnUsers"=dword:00000001
If you would rather script it using a
REG ADD HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
/v NoAutoRebootWithLoggedOnUsers /t REG_DWORD /d 1
Or, for the PowerShell-inclined, here's a three-line version:
New-Item HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
New-Item HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
Set-ItemProperty HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU -Name "NoAutoRebootWithLoggedOnUsers" -Value 1 -Type DWord
As always, you are responsible for your computer and should make a backup before making any changes to it.
Yes, Windows can be difficult to use at times, and the learning curve can be quite high. But these days that's pretty true of any operating system if you're coming to it for the first time. You can find the answers to a lot of questions by searching the web, and in case you can't (or you still have questions), you can go to a web site with an active Windows user forum like BleepingComputer. GeeksToGo, Neowin, Scot's Newsletter,Sysnative, WindowsForums or even Microsoft's own Microsoft Answers forum and someone will help you. Those are just a few off the top of my head, there are plenty of others, although you should probably avoid CBS Interactive's own CNet forums.
Regards
Aryeh Goretsky
Hello,
This issue has been going on for more than two days. Reports of it date almost a month:
https://www.reddit.com/r/sysad...
https://community.spiceworks.c...
Although reports of it in Microsoft's support forum are more recent:
https://answers.microsoft.com/...
https://answers.microsoft.com/...
https://answers.microsoft.com/...
The December 9th patch - https://support.microsoft.com/... - might contain some kind of fix or workaround, although I don't see anything mentioned on the page which maps to the issue.
Microsoft is keeping customers up to date with a page on its support forum. Here's Microsoft's short link to the page: https://aka.ms/netcom
Regards,
Aryeh Goretsky
Hello,
News sites (fake or otherwise) should be extremely cautious of running salacious news stories about Elon Musk, given that fellow tech mogul Peter Thiel helped sue a media outlet into oblivion. Presumably, Elon Musk has the same capability.
Regards,
Aryeh Goretsky
Hello,
Intel had been investigating selling Intel Security (nee McAfee) for well over a year, so this is hardly a recent development on their part. And regardless of what the Slashdot crowd things of the products' quality, they do have massive amounts of brand recognition in both the consumer and enterprise spaces.
Mr. McAfee had given up the rights to his name when preparing McAfee Associates' IPO and did quite well in terms of how he was compensated. Even back in 1995 he was already trying to get his name back from Bill Larson (then President, CEO and Chairman of McAfee Associates) and having no luck. As much as Bill hated the McAfee name, he realized there was so much money to be made in it, and took the company from $20-30M in revenue to billions of dollars in valuation .
Mr. McAfee's one of the smartest business people I know, and his ability to rapidly absorb data, synthesize it and come up with all sorts of ideas for products is pretty darn amazing, and frankly, with all of the time and effort he's put into being in front of the media, trying to get his name back at this point is a waste of time and shareholder's money spent on lawyers: Due to his recent high-profile activities, there's enough interest in Mr. McAfee that he doesn't need to capitalize on his name, anymore. He could name a company "Spicy Lemon" and still generate media attention because of his involvement with it, just as he's done with all the products he's taken on since returning to the U.S. after fleeing Belize.
Regards,
Aryeh Goretsky
Hello
The funny thing is that equipping a target with a satellite phone improves the ability to identify them. In the case of a journalist and photographer team operating in Syria a few years ago, it was their satellite phone that allowed their location to be triangulated and subsequently attacked.
I would think it would not be too difficult to come up with some interesting usage patterns of DMs (sending messages in languages commonly used by ISIS, using certain phrases common to ISIS, geoIP location, access only from Tor nodes, proxies, VPN connections and so forth as selection criteria for further intelligence collection. Frankly, using DMs sounds like a great way to be targeted by state security services.
Regards,
Aryeh Goretsky
Hello,
I did not see any mention of a bug bounty program. Is there one? If the federal government would like to not just have its open sourced software reviewed but actually receive reports of bugs, they should consider adding a bug bounty program to encourage programmers to report any errors they find to the federal government, instead of selling it to an adversary.
Regards,
Aryeh Goretsky
Hello,
Since neither the original poster or the article provided it, here's a link to the page where the latest version of the Lenovo Solution Center can be downloaded from:
https://support.lenovo.com/us/...
Note that the downloads are listed at the bottom of the page.
Regards,
Aryeh Goretsky
Hello Col. Hypponen,
I have three questions for you:
1. Do you think it is still possible to secure embedded systems (aka the Internet of Things), or is that an impossibility now, practically speaking?
2. If there was one thing you could every average computer user to do to improve their security, what would it be?
3. If you were a person of interest in the murder of your neighbor in a tiny Central American country, what would your strategy be for clearing your name?
Thank you for taking the time to read this. I look forward to your answers.
Regards,
Aryeh Goretsky
"Look! There! Evil!.. pure and simple, total evil from the Eighth Dimension!" -- Buckaroo Banzai