Microsoft is stepping up its plans to make Windows more resilient to buggy software [non-paywalled source] after a botched CrowdStrike update took down millions of PCs and servers in a global IT outage. Financial Times: The tech giant has in the past month intensified talks with partners about adapting the security procedures around its operating system to better withstand the kind of software error that crashed 8.5mn Windows devices on July 19. Critics say that any changes by Microsoft would amount to a concession of shortcomings in Windows' handling of third-party security software that could have been addressed sooner.

Yet they would also prove controversial among security vendors that would have to make radical changes to their products, and force many Microsoft customers to adapt their software. Last month's outages -- which are estimated to have caused billions of dollars in damages after grounding thousands of flights and disrupting hospital appointments worldwide -- heightened scrutiny from regulators and business leaders over the extent of access that third-party software vendors have to the core, or kernel, of Windows operating systems. Microsoft will host a summit next month for government representatives and cyber security companies, including CrowdStrike, to discuss "improving resiliency and protecting mutual customers' critical infrastructure," Microsoft said on Friday.

Microsoft plans to phase out Windows Control Panel, a feature dating back to the 1980s, in favor of the modern Settings app, according to a recent support page. The tech giant has been gradually shifting functions to Settings since 2015, aiming for a more streamlined user experience. However, no specific timeline for Control Panel's complete removal has been announced. Microsoft writes in the support page: The Control Panel is a feature that's been part of Windows for a long time. It provides a centralized location to view and manipulate system settings and controls. Through a series of applets, you can adjust various options ranging from system time and date to hardware settings, network configurations, and more. The Control Panel is in the process of being deprecated in favor of the Settings app, which offers a more modern and streamlined experience.

Google is making a new desktop app called Essentials that packages a few Google services, like Messages and Photos, and includes links to download many others. The app will be included with many new Windows laptops, with the first ones coming from HP. From a report: The Essentials app lets you "discover and install many of our best Google services," according to Google's announcement, and lets you browse Google Photos as well as send and receive Google Messages in the app. A full list of apps has not yet been announced, but Google's announcement art showcases icons including Google Sheets, Google Drive, Nearby Share, and Google One (a two-month free trial is offered through Essentials for new subscribers).

HP will start including Google Essentials across its computer brands, like Envy, Pavilion, Omen, and more. Google says you're "in control of your experience" and can uninstall any part of Essentials or the whole thing.

Microsoft will begin sending a revised version of its controversial Recall feature to Windows Insider PCs beginning in October, according to an update published to the company's original blog post about the Recall controversy. From a report: The company didn't elaborate further on specific changes it's making to Recall beyond what it already announced in June.

For those unfamiliar, Recall is a Windows service that runs in the background on compatible PCs, continuously taking screenshots of user activity, scanning those screenshots with optical character recognition (OCR), and saving the OCR text and the screenshots to a giant searchable database on your PC. The goal, according to Microsoft, is to help users retrace their steps and dig up information about things they had used their PCs to find or do in the past.

CrowdStrike's president hit out at "shady" efforts by its cyber security rivals to scare its customers and steal market share in the month since its botched software update sparked a global IT outage. From a report: Michael Sentonas told the Financial Times that attempts by competitors to use the July 19 disruption to promote their own products were "misguided." After criticism from rivals including SentinelOne and Trellix, the CrowdStrike executive said no vendor could "technically" guarantee that their own software would never cause a similar incident.

"Our industry is built on trust," Sentonas said. For rivals to take advantage of the meltdown to push their own products "lets themselves down because, ultimately, people know really quickly fact from, possibly, some shady commentary." Texas-based CrowdStrike had a reputation as many major companies' first line of defense against cyber attacks, but the high-profile nature of its clients exacerbated the impact of July's global disruption that shut down 8.5 million Windows devices. Insurers have estimated that losses from the disruption, which grounded flights and shut down hospital systems, could run into billions of dollars. Delta Air Lines, which canceled more than 6,000 flights, has estimated that the outages will cost it $500 million and has threatened litigation.

Ars Technica's Dan Goodwin writes: Last Tuesday, loads of Linux users -- many running packages released as early as this year -- started reporting their devices were failing to boot. Instead, they received a cryptic error message that included the phrase: "Something has gone seriously wrong." The cause: an update Microsoft issued as part of its monthly patch release. It was intended to close a 2-year-old vulnerability in GRUB, an open source boot loader used to start up many Linux devices. The vulnerability, with a severity rating of 8.6 out of 10, made it possible for hackers to bypass secure boot, the industry standard for ensuring that devices running Windows or other operating systems don't load malicious firmware or software during the bootup process. CVE-2022-2601 was discovered in 2022, but for unclear reasons, Microsoft patched it only last Tuesday. [...]

With Microsoft maintaining radio silence, those affected by the glitch have been forced to find their own remedies. One option is to access their EFI panel and turn off secure boot. Depending on the security needs of the user, that option may not be acceptable. A better short-term option is to delete the SBAT Microsoft pushed out last Tuesday. This means users will still receive some of the benefits of Secure Boot even if they remain vulnerable to attacks that exploit CVE-2022-2601. The steps for this remedy are outlined here (thanks to manutheeng for the reference).

North Korean hackers exploited a critical Windows vulnerability to deploy advanced malware, security researchers revealed. The zero-day flaw, patched by Microsoft last week, allowed attackers to gain system-level access and install a sophisticated rootkit called FudModule. Gen, the firm that discovered the attacks, identified the threat actors as Lazarus, a hacking group linked to North Korea. The exploit targeted individuals in cryptocurrency and aerospace industries, likely aiming to steal digital assets and infiltrate corporate networks. FudModule, first analyzed in 2022, stands out for its ability to operate deep within Windows, evading detection by security defenses. Earlier versions used vulnerable drivers for installation, while a newer variant exploited a bug in Windows' AppLocker service.

Microsoft has finally patched a workaround exploited by users seeking an upgrade path for Windows 11 that dodged the company's hardware requirements. From a report: The tweak arrived without fanfare in the Windows Insider build 27686. There were a few neat tweaks in the build, including updates to the Windows Sandbox Client preview and a much-needed bump from 32 GB to 2 TB for FAT32 when running the command line format function. However, the documentation did not mention an apparent end to one workaround that bypasses Microsoft's requirements check for Windows 11.

According to X user @TheBobPony, the "setup.exe /product server" workaround is not supported in the latest build. The Register contacted Microsoft to understand its intentions with the change. The switch still works in the Windows 24H2 update, but the hardware check appears to no longer be bypassed in the latest Canary channel build (27686). The company has yet to respond.

"I've been somewhat okay about backing up our home data," writes long-time Slashdot reader 93 Escort Wagon.

But they could use some good advice: We've got a couple separate disks available as local backup storage, and my own data also gets occasionally copied to encrypted storage at BackBlaze. My daughter has her own "cloud" backups, which seem to be a manual push every once in a while of random files/folders she thinks are important. Including our media library, between my stuff, my daughter's, and my wife's... we're probably talking in the neighborhood of 10 TB for everything at present. The whole setup is obviously cobbled together, and the process is very manual. Plus it's annoying since I'm handling Mac, Linux, and Windows backups completely differently (and sub-optimally). Also, unsurprisingly, the amount of data we possess does seem to be increasing with time.

I've been considering biting the bullet and buying an NAS [network-attached storage device], and redesigning the entire process — both local and remote. I'm familiar with Synology and DSM from work, and the DS1522+ looks appealing. I've also come across a lot of recommendations for QNAP's devices, though. I'm comfortable tackling this on my own, but I'd like to throw this out to the Slashdot community.

What NAS do you like for home use. And what disks did you put in it? What have your experiences been?
Long-time Slashdot reader AmiMoJo asks "Have you considered just building one?" while suggesting the cheapest option is low-powered Chinese motherboards with soldered-in CPUs. And in the comments on the original submission, other Slashdot readers shared their examples:

• destined2fail1990 used an AMD Threadripper to build their own NAS with 10Gbps network connectivity.
• DesertNomad is using "an ancient D-Link" to connect two Synology DS220 DiskStations
• Darth Technoid attached six Seagate drives to two Macbooks. "Basically, I found a way to make my older Mac useful by simply leaving it on all the time, with the external drives attached."

But what's your suggestion? Share your own thoughts and experiences. What NAS do you like for home use? What disks would you put in it?

And what have your experiences been?

Microsoft has removed an arbitrary 32GB size limit for FAT32 partitions in the latest Windows 11 Canary build, now allowing for a maximum size of 2TB. The change, implemented in Windows 11 Insider Preview Build 27686, allows users to create larger FAT32 partitions using the command-line format tool. Previously, Windows systems could read larger FAT32 file systems created on other platforms or through alternative methods, but were limited to creating 32GB partitions natively.

A 43-year-old Jordanian national, Hashem Younis Hashem Hnaihen, was arrested in Orlando, Florida, and charged with threatening to use explosives and destroying a solar power facility. According to the U.S. Department of Justice, the charges could result in up to 60 years in prison. Gizmodo reports: Hashem Younis Hashem Hnaihen allegedly smashed windows at local businesses in Florida, leaving behind threatening letters about their perceived support of Israel, and broke into a solar power generation facility in Wedgefield, Florida back in June. Hnaihen allegedly spent hours smashing solar panels, cutting various wires, and destroying critical electronic equipment, according to a press release from the DOJ issued Thursday.

Hnaihen was wearing a mask when he allegedly smashed the glass front doors of businesses that he thought supported Israel in June, the DOJ says, leaving behind "warning letters" that included lines like a desire to, "destroy or explode everything here in whole America. Especially the companies and factories that support the racist state of Israel." [...] Hnaihen was arrested on July 11, though news of his arrest was only made public today. Hnaihen entered a plea of not guilty and faces a maximum of 10 years in prison for each threat made against the Florida businesses and a maximum of 20 years for the destruction of an energy facility, according to the DOJ.

According to Kaspersky, hackers linked to Chinese threat actors have targeted Russian state agencies and tech companies in a campaign named EastWind. The Record reports: [T]he attackers used the GrewApacha remote access trojan (RAT), an unknown PlugY backdoor and an updated version of CloudSorcerer malware, which was previously used to spy on Russian organizations. The GrewApacha RAT has been used by the Beijing-linked hacking group APT31 since at least 2021, the researchers said, while PlugY shares many similarities with tools used by the suspected Chinese threat actor known as APT27.

According to Kaspersky, the hackers sent phishing emails containing malicious archives. In the first stage of the attack, they exploited a dynamic link library (DLL), commonly found in Windows computers, to collect information about the infected devices and load the additional malicious tools. While Kaspersky didn't explicitly attribute the recent attacks to APT31 or APT27, they highlighted links between the tools that were used. Although PlugY malware is still being analyzed, it is highly likely that it was developed using the DRBControl backdoor code, the researchers said. This backdoor was previously linked to APT27 and bears similarities to PlugX malware, another tool typically used by hackers based in China.

Microsoft says it will temporarily cease its contentious Windows 11 upgrade campaign following user backlash. The tech giant had been bombarding Windows 10 users with full-screen popups urging them to switch operating systems. Starting with April's security update, these intrusive notifications will be discontinued. Microsoft says it will unveil a revised upgrade strategy in the coming months, as Windows 10 support nears its October 2025 end date.

An anonymous reader shares a report: Since last month's blue-screen deluge, CrowdStrike has published analyses of what went wrong and said it hired third-party security companies to review its product. Now, Germany's powerful cybersecurity agency is seizing the moment and hoping to rattle tech and cyber companies into altering their products to head off another mega-meltdown. In particular, the Bonn-based Federal Office for Information Security is taking aim at the access Microsoft gives security providers to its Windows kernel, a core part of its operating system. As well, the German agency is looking for fundamental changes in the way CrowdStrike and other cyber firms design their tools, in hopes of curbing that access.

"The most important thing is to prevent [that] this can happen again," said Thomas Caspers, director general for technology strategy at the BSI, as the agency is known. Leveraging the dread that filled Silicon Valley following the July outage, the BSI is planning to organize a conference this year gathering major tech firms, where it hopes they will commit to restricting access to the kernel, a change Caspers says is crucial to stopping similar failures. "We expect each company to be very specific about what they will do based on what we agreed on," he said.

Microsoft is making BitLocker device encryption a default feature in its next major update to Windows 11. From a report: If you clean install the 24H2 version that's rolling out in the coming months, device encryption will be enabled by default when you first sign in or set up a device with a Microsoft account or work / school account.

Device encryption is designed to improve the security of Windows machines by automatically enabling BitLocker encryption on the Windows install drive and backing up the recovery key to a Microsoft account or Entra ID. In Windows 11 version 24H2, Microsoft is reducing the hardware requirements for automatic device encryption, opening it up to many more devices -- including ones running the Home version of Windows 11. Device encryption no longer requires Hardware Security Test Interface (HSTI) or Modern Standby, and encryption will also be enabled even if untrusted direct memory access (DMA) buses / interfaces are detected.

Valve designer Lawrence Yang confirmed to The Verge that the company plans to support SteamOS on the rival Asus ROG Ally gaming handheld. From the report: A few days ago, some spotted an intriguing line in Valve's latest SteamOS release notes: "Added support for extra ROG Ally keys." We didn't know Valve was supporting any ROG Ally keys at all, let alone extras! Maybe Valve was just supporting those keys in the Steam desktop client on a Windows, where it offers a Steam Deck-like Big Picture Mode interface for any PC, and the line mistakenly made it into these patch notes? I asked to be safe. But no: this is indeed about Valve eventually supporting the ROG Ally and other rival handhelds!

"The note about ROG Ally keys is related to third-party device support for SteamOS. The team is continuing to work on adding support for additional handhelds on SteamOS," Yang tells me. That doesn't mean Asus will officially bless Valve's installer or sell the Ally with SteamOS, of course. (Asus has told me there are many reasons why it ships with Windows; a big one is that Microsoft has dedicated validation teams that ensure its operating system works across many different hardware configurations and chips.) And it's not like Valve is suggesting it'll offer SteamOS for rival handhelds anytime soon, either. Valve is "making steady progress," Yang tells me, but it "isn't ready to run out of the box yet." Valve has announced plans for a general release of SteamOS 3 that can be installed on non-handheld PCs; however, Yang says it's not quite ready yet. As for turning Steam Decks into dual-booting Windows machines, here's what Yang said: "As for Windows, we're preparing to make the remaining Windows drivers for Steam Deck OLED available (you might have seen that we are prepping firmware for the Bluetooth driver). There's no update on the timing for dual boot support -- it's still a priority, but we haven't been able to get to it just yet."

An anonymous reader shares a report: Google has announced Pixel Screenshots, a new AI-powered app for its Pixel 9 lineup that lets you save, organize, and surface information from screenshots. Pixel Screenshot uses Google's private, on-device Gemini Nano AI model to analyze the content of an image and make it searchable.

During a demo at its Pixel launch event, Google showed how you can take a screenshot and then save it to a collection, like "gift ideas." You can also search through all your other screenshots by typing in a keyword, like "bikes" or "shoes." Pixel Screenshots will then pull up all relevant results. Additionally, Pixel Screenshots can give you information about what's inside an image. Further reading: Microsoft Postpones Windows Recall After Major Backlash.

AI PCs accounted for 14% of all PC shipped in the second quarter with Apple leading the way, research firm Canalys said on Tuesday, as added AI capabilities help reinvigorate demand. From a report: PC providers and chipmakers have pinned high hopes on devices that can perform AI tasks directly on the system, bypassing the cloud, as the industry slowly emerges from its worst slump in years. These devices typically feature neural processing units dedicated to performing AI tasks.

Apple commands about 60% of the AI PC market, the research firm said in the report, pointing to its Mac portfolio incorporating M-series chips with a neural engine. Within Microsoft's Windows, AI PC shipments grew 127% sequentially in the quarter. The tech giant debuted its "Copilot+" AI PCs in May, with Qualcomm's Snapdragon PC chips based on Arm Holdings' architecture.

An anonymous reader shares a report: Microsoft Paint isn't one of Windows' best photo editing apps, but in the recent past, the software giant introduced some exciting features, such as layer support, to make the app more viable for Windows users. While Microsoft was pouring the Paint app with new features, the Paint 3D app was dying a slow death. The app will finally be delisted from the Microsoft Store in November this year.

Fortune reports that Crowdstrike "is enjoying a moment of strange cultural cachet at the annual Black Hat security conference, as throngs of visitors flock to its booth to snap selfies and load up on branded company shirts and other swag." (Some attendees "collectively shrugged at the idea that Crowdstrike could be blamed for a problem with a routine update that could happen to any of the security companies deeply intertwined with Microsoft Windows.") Others pointed out that Microsoft should take their fair share of the blame for the outage, which many say was caused by the design of Windows in its core architecture that leads to malware, spyware and driver instability. "Microsoft should not be giving any third party that level of access," said Eric O'Neill, a cybersecurity expert, attorney and former FBI operative. "Microsoft will complain, well, it's just the way that the technology works, or licensing works, but that's bullshit, because this same problem didn't affect Linux or Mac. And Crowdstrike caught it super-early."
Their article notes that Crowdstrike is one of this year's top sponsors of the conference. Despite its recent missteps, Crowdstrike had one of the biggest booths, notes TechCrunch, and "As soon as the doors opened, dozens of attendees started lining up." They were not all there to ask tough questions, but to pick up T-shirts and action figures made by the company to represent some of the nation-state and cybercriminal grups it tracks, such as Scattered Spider, an extortion racket allegedly behind last year's MGM Resorts and Okta cyberattacks; and Aquatic Panda, a China-linked espionage group.

"We're here to give you free stuff," a CrowdStrike employee told people gathered around a big screen where employees would later give demos. A conference attendee looked visibly surprised. "I just thought it would be dead, honestly. I thought it would be slower over there. But obviously, people are still fans, right?"

For CrowdStrike at Black Hat, there was an element of business as usual, despite its global IT outage that caused widespread disruption and delays for days — and even weeks for some customers. The conference came at the same time as CrowdStrike released its root cause analysis that explained what happened the day of the outage. In short, CrowdStrike conceded that it messed up but said it's taken steps to prevent the same incident happening again. And some cybersecurity professionals attending Black Hat appeared ready to give the company a second chance....

TechCrunch spoke to more than a dozen conference attendees who visited the CrowdStrike booth. More than half of attendees we spoke with expressed a positive view of the company following the outage. "Does it lower my opinion of their ability to be a leading-edge security company? I don't think so," said a U.S. government employee, who said he uses CrowdStrike every day.
Although TechCrunch does note that one engineer told his parent company they might consider Crowdstrike competitor Sophos...