Computer News & Safety tips – Harry Waldron MVP

Microsoft Exchange and Skype security updates impacted some corporate users & Microsoft has pulled these updates and they are addressing issues with corrected code.

https://redmondmag.com/articles/2018/07/18/july-patches-skype-exchange-problems.aspx

https://blogs.technet.microsoft.com/exchange/2018/07/16/issue-with-july-updates-for-windows-on-an-exchange-server/

Microsoft’s July 10 “update Tuesday” patches negatively affected organizations using Lync Server 2013, Skype for Business Server 2015 and Exchange Server, Microsoft admitted this week.    On the Exchange Server side, the Exchange team noted in a July 16 announcement that Exchange Server won’t function correctly as a result of “issues with the Windows operating system updates published July 10th.” The solution to the problem is to update Exchange Server using the Windows Update service or IT pros can update the catalogs used by Windows Server Update Services, a patch management system.

The Windows team has removed all bad packages from Windows Update and systems should no longer attempt to download an update which exposes this problem. New updates are being published through Windows Update and should be available for all operating systems by end of day July 17th.

The new “preview” version for OneNote for Windows 10 contains several new features as noted below:

OneNote for Windows 10 Gets a Major Update

Microsoft’s William Devereux has documented a nice set of new features that just arrived in the latest update to OneNote for Windows 10. And if you’re in the Insider Program, below are new ones found in the Windows 10 Insider Preview

Simplified ribbon.  OneNote for Windows 10 is cleaner, easier to use, and better suited for high DPI displays.

New paste options. It has always included a source URL when you paste in content from the web. Now you can disable that.

Updated Clear Formatting. The Clear Formatting command will now clear any custom paragraph spacing from the source too.

New table options. You can now optionally hide table borders and quickly select a range of cells.

Simpler symbol insert. You can now use a new Symbol Gallery in the Insert tab to more easily insert symbols.

Improved eraser. For those using smart pens, the Eraser tool now supports two new eraser sizes.

Microsoft Translator support. OneNote for Windows 10 now includes a Translate command on the View tab.

Corning has developed Gorilla Glass version 6 which will be featured in mobile devices by the end of 2018.  It will be twice as strong as version 5.  More details can be found in the following PC Magazine review:

https://www.pcmag.com/news/362563/corning-gorilla-glass-6-can-survive-15-drops

The latest version of Corning’s Gorilla Glass is twice as durable as the previous generation, the company announced today.  Gorilla Glass 6 has been redesigned to include an extra “level of armor” that’ll help the material survive both repeated drops and drops from higher heights, Corning executives said at a company event in Sunnyvale, California.

On average, the new glass can survive 15 drops at the height of 1 meter (3.2 feet), or about waist-level height for most people.  In designing Gorilla Glass 6, Corning focused on increasing the durability of the glass not just on the surface, but deeper through the material. In the company’s own testing, about 77 percent of Gorilla Glass 6 samples survived 20 drops at a height of 1 meter. The glass tested was between 0.6mm to 0.8mm, the common thickness used in smartphone models

OneNote for Windows 10 contains significant new features in the JULY 2018 release 

OneNote for Windows 10 Gets a Major Update

Microsoft’s William Devereux has documented a nice set of new features that just arrived in the latest update to OneNote for Windows 10. And if you’re in the Insider Program, there are even more new features, including our first peek at the new simplified ribbon. “We just released a new OneNote update on Windows 10 with a number of features based directly on your feedback,”

Version 16.0.10325.20049 has following features:

New Page deep link tile. You can now pin a OneNote “New Page” deep link tile to your Start menu so that you can jump directly

Optional OneNote tile transparency. Speaking of tiles, you can also optionally pin a transparent version of the app’s tile to the Start menu.

Insert online videos. A new Insert Online Video in the Insert tab of the ribbon lets you easily embed web-based videos in your notes.

Default paste. This one isn’t actually new to this version, but it’s a nice addition: You can now choose a default paste method, as you could previously in OneNote 2016.

Oracle has released their quarterly security updates patching 334 vulnerabilities across their family of products.

https://isc.sans.edu/forums/diary/Oracle+Critical+Patch+Update+Release/23886/

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

Oracle released their quarterly critical patch update today.  This patch addresses a record number of 334 vulnerabilities across a wide set of Oracle supported products.   Vulnerabilities in Weblogic, Oracle Spatial, and Oracle Fusion Middleware MapViewer are rated with CVSS scores of 9.8.  Deserialization based attacks within Weblogic server has been used as attack vectors in the past year, and used to install crypto miner campaigns.  It is likely that these types of campaigns will continue for the forseeable future.

The IC3 reports on an estimated $12 billion loss between 2013-2018 on a world wide basis as FBI reports below:

https://www.ic3.gov/media/2018/180712.aspx

This Public Service Announcement is an update and companion to Business E-mail Compromise (BEC) PSA 1-050417-PSA posted on www.ic3.gov. This PSA includes new Internet Crime Complaint Center (IC3) complaint information and updated statistical data for the time frame October 2013 to May 2018.

Business E-mail Compromise (BEC)/E-mail Account Compromise (EAC) is a sophisticated scam targeting both businesses and individuals performing wire transfer payments.  The scam is frequently carried out when a subject compromises legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.

The BEC/EAC scam continues to grow and evolve, targeting small, medium, and large business and personal transactions. Between December 2016 and May 2018, there was a 136% increase in identified global exposed losses. The scam has been reported in all 50 states and in 150 countries. Victim complaints filed with the IC3 and financial sources indicate fraudulent transfers have been sent to 115 countries.

Based on the financial data, Asian banks located in China and Hong Kong remain the primary destinations of fraudulent funds; however, financial institutions in the United Kingdom, Mexico and Turkey have also been identified recently as prominent destinations.

The following BEC/EAC statistics were reported to the IC3 and are derived from multiple sources, including IC3 and international law enforcement complaint data and filings from financial institutions between October 2013 and May 2018:

Domestic and international incidents: 78,617
Domestic and international exposed dollar loss: $12,536,948,299
Total U.S. victims: 41,058
Total U.S. victims: $2,935,161,457

As Amazon Prime Day 2018 is underway with extensive discounted items, users should be very careful in handing email, ads, web searches, etc. ensuring these are genuine and not scams to lure victims into fraud, malware, or personal identity attacks.  Below is example from last year sharing very similar advice and to always affirm things at the main Amazon site before proceeding

https://www.inc.com/joseph-steinberg/amazon-customers-beware-this-scam.html

A new, realistic-looking phishing campaign is targeting Amazon customers. Criminals are sending mass emails that appear to have come from Amazon and thank recipients for making purchases on Amazon’s “Prime Day” back in July. The emails then invite recipients to go to the Amazon website to “write a review” and receive a special $50 “bonus” credit for doing so.

If users click the link in the email, however, they are routed to a criminal’s clone of the Amazon site – not the real Amazon.com – and if they enter their credentials (i.e., their usernames and passwords) when prompted, a criminal will gain access to their accounts. Additionally, it is possible that the rogue site may install malware on computers or mobile devices being used to access it.

The email that I received is realistic looking – it even contains manual instructions in case one does not want to click the first link. But within the manual instructions the link to Amazon.com also routes to a bogus site – so following those instructions is not any safer.

If you ever receive an email allegedly from Amazon asking you to take any action, the safest way to do so is to ignore any links in the email and instead enter https://www.amazon.com in your web browser. If you ever receive an email that you suspect is impersonating Amazon, you should also contact Amazon using the instructions on the site’s report-phishing page.

Music streaming makes up 75 percent of consumption in the US according to a recent Nielsen study

https://www.pcmag.com/news/362399/streaming-has-taken-over-the-music-industry

Americans streamed a record 403 billion songs in the first six months of 2018, marking the latest milestone in the unstoppable march of music streaming services.   According to Nielsen’s US Mid-Year Music Report, audio and video music streaming now accounts for 75 percent of music consumption in the US, compared with physical and digital music sales. That figure is up from 50 percent in the first half of 2016.

While on-demand streaming rises steadily, the rest of the music industry continues to decline. Physical album sales, digital album sales, and digital track sales have all decreased year-over-year for the past several years as users turn toward streaming services as their primary music platform.

Windows 10 will see some improved features in it’s text based NOTEPAD editor. These new functions are targeted for the Redstone 5 release in Fall 2018

https://gizmodo.com/microsoft-notepad-is-finally-getting-an-update-1827543753

Notepad is getting a refresher.  It’s coming more into line, aesthetically, with Metro and should no longer look so outdated. But the changes aren’t just cosmetic. You’ll be able to zoom in on text much as you can with Word or on your browser.

Even better: Find & Replace now works with word wrapping. Which means, when you hit Ctrl+F and punch in the word you’re looking for, you won’t have to scroll horizontally to find each instance of the word. Instead, you can scroll vertically!

Notepad will also support line numbers with word wrapping. That’s useful if you’re looking at a big chunk of text and don’t want to lose your place, or are doing some quick edits to the text of some code.

The updates to Notepad were announced yesterday by Microsoft and will appear in Redstone 5 (R5), the next major update to Windows that is expected in October of this year. If you simply can’t wait, you can enter the Windows beta program, known as Windows Insiders. The changes are available now to insiders in the Fast ring.

The new Dolby Vision support for the Xbox platform is being tested for a future release 

https://www.theverge.com/2018/7/12/17563670/microsoft-xbox-one-dolby-vision-support

Microsoft is preparing to add Dolby Vision support to its Xbox One S and Xbox One X consoles. The addition will mean Microsoft’s consoles join the Apple TV 4K and Google’s Chromecast Ultra as the only streaming devices that currently support both Dolby Vision and Dolby Atmos. Microsoft is testing out its Dolby Vision support with Xbox Insiders right now, and it appears to be limited to streaming apps for now. Netflix is one of the first apps to be updated with Dolby Vision for the Xbox One S and Xbox One X, and it’s not clear if Microsoft plans to extend this to Blu-ray discs too.

Dolby Vision is widely considered to be more superior to the current HDR10 support found on the Xbox One. Dolby Vision adjusts the brightness and color of scenes with metadata, and supports up to a 12-bit color depth and higher peak brightness targets than HDR10. While you won’t necessarily see an immediate difference on current TV sets, Dolby Vision support (alongside HDR10) on the Xbox One makes it more future proof in the current HDR standards war. Microsoft’s main rival console, Sony’s PlayStation 4, still doesn’t fully support Dolby Atmos or Dolby Vision.