<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0"
     xmlns:content="http://purl.org/rss/1.0/modules/content/"
     xmlns:dc="https://purl.org/dc/elements/1.1/"
     xmlns:dcterms="http://purl.org/dc/terms/"
     xmlns:media="http://search.yahoo.com/mrss/"
     xmlns:atom="http://www.w3.org/2005/Atom"
>
    <channel>
                    <atom:link rel="alternate" hreflang="en-GB"
                       href="https://www.tomshardware.com/uk/feeds/tag/microsoft-defender"
                       type="application/rss+xml"/>
                            <title><![CDATA[ Latest from Tom's Hardware UK in Microsoft-defender ]]></title>
                <link>https://www.tomshardware.com/uk/tag/microsoft-defender</link>
        <description><![CDATA[ All the latest microsoft-defender content from the Tom's Hardware  UK team ]]></description>
                                    <lastBuildDate>Thu, 10 Jul 2025 11:29:38 +0000</lastBuildDate>
                            <language>en</language>
                                <item>
                                                            <title><![CDATA[ AI malware can now evade Microsoft Defender — open-source LLM outsmarts tool around 8% of the time after three months of training ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/tech-industry/cyber-security/ai-malware-can-now-evade-microsoft-defender-open-source-llm-outsmarts-tool-around-8-percent-of-the-time-after-three-months-of-training</link>
                                                                            <description>
                            <![CDATA[ Researchers spent three months and approximately $1,500 training the open-source Qwen 2.5 LLM to bypass Microsoft Defender ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">fYqQtLATeYrohYHtANTicR</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/SEUz7BPWGiSe7ufEdxSovZ-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 10 Jul 2025 11:29:38 +0000</pubDate>                                                                                                                                <updated>Thu, 10 Jul 2025 12:44:15 +0000</updated>
                                                                                                                                            <category><![CDATA[Cyber Security]]></category>
                                                    <category><![CDATA[Tech Industry]]></category>
                                                                                                                    <dc:creator><![CDATA[ Nathaniel Mott ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/hEFeUwJHtzVDWEZTcjDqt9.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Nathaniel has been writing about various aspects of the technology industry, from startups and cybersecurity to social media and enthusiast hardware, since 2011. Lately, he spends his time writing and spending time with his family.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/SEUz7BPWGiSe7ufEdxSovZ-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Cybersecurity]]></media:description>                                                            <media:text><![CDATA[Cybersecurity]]></media:text>
                                <media:title type="plain"><![CDATA[Cybersecurity]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/SEUz7BPWGiSe7ufEdxSovZ-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The cybersecurity industry's giving Chicken Little a run for his money. Companies have been quick to proclaim that AI will fundamentally change the security landscape, which means every new capability added to a large language model (LLM) can be made into a "the sky is falling" moment, with the latest example being the development of AI malware that can successfully work around Microsoft Defender.</p><p><em>Dark Reading </em><a href="https://www.darkreading.com/endpoint-security/ai-malware-poc-evades-microsoft-defender" target="_blank">reported</a> Wednesday that researchers from Outflank plan to <a href="https://www.blackhat.com/us-25/briefings/schedule/#training-specialist-models-automating-malware-development-46238" target="_blank">show off</a> this new AI malware at Black Hat 2025 in August. But don't throw away Windows Defender just yet. </p><p>According to its <a href="https://www.outflank.nl/" target="_blank">website</a>, Outflank is a "highly skilled red team composed of experienced professionals" who "specialize in assessing resilience against advanced threats and training security teams for enhanced incident response." Its principal offensive specialist lead, Kyle Avery, told <em>Dark Reading </em>that he spent three months and approximately $1,500 training the open-source Qwen 2.5 LLM to bypass Microsoft Defender. That's a fairly steep but not insurmountable upfront cost for this capability.</p><p>But here's the rub: the report said Avery's "model was able to generate malware capable of totally bypassing Microsoft Defender for Endpoint about 8% of the time." That compares favorably to other models—he told <em>Dark Reading </em>that "Anthropic's AI could do the same less than 1% of the time, and DeepSeek's less than 0.5% of the time," which means his model is significantly more effective at this task—but it's hardly the kind of plug-and-play performance most script kiddies would expect.</p><p>Models like this are expected to get better over time. Apparently, the chatbot barons have discovered reinforcement learning, a technique used by machine learning researchers to improve the performance of their models since the '90s, so they could theoretically be flogged enough to improve their ability to meet this task. An enterprising cybercriminal with a surplus of GPUs on hand might be willing to devote more time and money to this task.</p><p>Which leaves us with two questions: Are we sure there isn't an upper bound on these capabilities, and what happens when Microsoft Defender is improved to compensate? Microsoft isn't exactly known for keeping its software up-to-date with bleeding-edge features, but even Notepad <a href="https://blogs.windows.com/windows-insider/2025/05/30/text-formatting-in-notepad-begin-rolling-out-to-windows-insiders/" target="_blank">supports</a> Markdown now. </p><p>None of this is to belittle Outflank's findings. This research is a somewhat proficient proof of concept for all the doom-saying the security industry's been doing since it hitched its wagon to the AI hype caravan. But I'd be more worried about <a href="https://www.tomshardware.com/tech-industry/cyber-security/popular-industry-security-tool-repurposed-by-cybercriminals-to-deploy-infostealer-malware-shellter-developer-blasts-reckless-and-unprofessional-researchers-for-not-disclosing-issue-for-months" target="_blank">leaked red teaming tools</a> being used to deploy malware, the fact that one person falling for a social engineering attack <a href="https://www.theguardian.com/business/2025/jul/06/qantas-attack-reveals-one-phone-call-is-all-it-takes-to-crack-cybersecuritys-weakest-link-humans" target="_blank">is still enough</a> to disrupt a company's operations, and the ability for hackers to piggyback off the surveillance state than about <a href="https://en.wikipedia.org/wiki/Vibe_coding" target="_blank">vibe hacking</a></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Microsoft Defender can now detect insecure Wi-Fi hotspots and enable a VPN — you need to pay for Microsoft 365 and live in a supported region ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/software/antivirus/microsoft-defender-can-now-detect-insecure-wi-fi-hotspots-and-enable-a-vpn-you-need-to-pay-for-microsoft-365-and-live-in-a-supported-region</link>
                                                                            <description>
                            <![CDATA[ Microsoft Defender gets some updates, especially to public Wi-Fi VPN functionality. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">Vn6Pona2tqMvN3xYB5X4jg</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/faRwNsCkBzns46rdBLyohf-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 01 Oct 2024 15:38:56 +0000</pubDate>                                                                                                                                <updated>Wed, 09 Apr 2025 13:02:12 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                    <category><![CDATA[Security Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Christopher Harper ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/qS2hbWnXwNUSmgyAHBQqKB.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Christopher Harper has been a successful freelance tech writer specializing in PC hardware and gaming since 2015, and ghostwrote&amp;nbsp;for various B2B clients in High School before that. Outside of work, Christopher is best known to friends and rivals as an active competitive player in various eSports (particularly fighting games and arena shooters) and a purveyor of music ranging from Jimi Hendrix to Killer Mike to the&amp;nbsp;Sonic Adventure 2&amp;nbsp;soundtrack.&lt;br&gt;
&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/faRwNsCkBzns46rdBLyohf-1280-80.jpg">
                                                            <media:credit><![CDATA[Microsoft]]></media:credit>
                                                                                                                                                                        <media:description><![CDATA[Microsoft Defender Mobile VPN UI]]></media:description>                                                            <media:text><![CDATA[Microsoft Defender Mobile VPN UI]]></media:text>
                                <media:title type="plain"><![CDATA[Microsoft Defender Mobile VPN UI]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/faRwNsCkBzns46rdBLyohf-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Yesterday, Microsoft published an <a href="https://techcommunity.microsoft.com/t5/security-compliance-and-identity/keep-your-online-activity-safer-on-public-wi-fi-with-microsoft/ba-p/4251376" target="_blank">official blog post</a> detailing its changes to Microsoft Defender for Individuals. The post focused on improving public Wi-Fi security and functionality through its mobile app&apos;s VPN (Virtual Private Network) functionality. The "Privacy protection" functionality in Microsoft Defender now reflects whether your Wi-Fi is considered secure and enables a helpful "VPN on" toggle for when you are on public or unsecured Wi-Fi and wish to anonymize your traffic.</p><p>For those unfamiliar with VPNs, here&apos;s what you need to know. VPNs anonymize your browsing traffic, or at least obfuscate precisely what&apos;s happening between your PC, access point, and the Internet before you do whatever identifiable actions you are doing online. Paid VPN plans are a top choice among privacy enthusiasts, but options like the Tor Browser, specific extensions, and/or better browsing habits can also help you stay secure online.</p><p>So, what&apos;s the catch of the Microsoft Defender VPN functionality? Well, there are a few catches. For one, while Defender itself, with its Privacy protection VPN, is available on Windows, Mac OS, Android, and iOS, it isn&apos;t on Linux. The insecure Wi-Fi detection feature also doesn&apos;t yet work on Mac OS but does work on the rest of the targeted platforms. The "suspicious Wi-Fi detection" feature is also exclusive to the two mobile platforms. Additionally, only Germans, Canadians, US users, and UK users get access to the VPN functionality— and anyone who does use it long-term will need to pay for a Microsoft 365 subscription.</p><p>Regarding what&apos;s new, Microsoft announced that Microsoft Defender&apos;s VPN features will soon be available in ten additional countries in Europe, Asia, and Latin America. Additionally, the ability to automatically enable a VPN on public (and presumably unsecured) Wi-Fi will be "coming soon" to the Defender app across platforms. At the same time, the enhanced suspicious Wi-Fi detection is also listed as "coming soon" to the desktop versions of the Defender App.</p><p>Hopefully, Microsoft can iron out these last few compatibility hiccups to provide a more definitive security solution for its users. For now, a Microsoft 365 subscription will at least earn most Defender users 50 GB a month from Microsoft&apos;s VPN server before throttling occurs.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Patched Microsoft Defender flaw still being used to deliver information-stealing malware to vulnerable machines ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/tech-industry/cyber-security/patched-microsoft-defender-flaw-still-being-used-to-deliver-information-stealing-malware-to-vulnerable-machines</link>
                                                                            <description>
                            <![CDATA[ Despite the security vulnerability being patched in February, hackers are still finding out-of-date servers and workstations to exploit the hole and steal data. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">iUeYEMTHaVNUcHaAAwKDSN</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/cjKV3rVyTS5hMbLWarn64D-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 24 Jul 2024 19:29:49 +0000</pubDate>                                                                                                                                <updated>Wed, 09 Apr 2025 13:02:10 +0000</updated>
                                                                                                                                            <category><![CDATA[Cybersecurity]]></category>
                                                    <category><![CDATA[Tech Industry]]></category>
                                                                                                                    <dc:creator><![CDATA[ Jeff Butts ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mu8yfvXw9Ut4an84MVDhs9.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Jeff Butts began tinkering with computers in the early 1980s and worked as an IT and networking consultant for 15 years before engaging in any “formal” training. Throughout his career, he worked with and supported nearly every commonly used operating system, including Windows, OS/2, Linux, and macOS. He eventually earned a Master of Information and Computing Systems and taught university English and computer science for several years before pivoting to professional writing. He’s written and edited for such outlets as The Mac Observer, How-To Geek, Hot Hardware, groovyPost, and geekRumor. When not writing, he bounces between 3D printing projects, fiddling with Raspberry Pi and the like, and Microsoft Flight Simulator.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/cjKV3rVyTS5hMbLWarn64D-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A hacker with a hood up looking at a computer screen.]]></media:description>                                                            <media:text><![CDATA[A hacker with a hood up looking at a computer screen.]]></media:text>
                                <media:title type="plain"><![CDATA[A hacker with a hood up looking at a computer screen.]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/cjKV3rVyTS5hMbLWarn64D-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>A high-severity vulnerability in Microsoft Defender SmartScreen is being used to deliver information-stealing malware in Spain, Thailand, and the U.S., security researchers say. The researchers discovered the stealer campaign using booby-trapped files to exploit the vulnerability and deliver information stealers such as ACR Stealer, Lumma, and Meduza.</p><p>Fortinet FortiGuard Labs observed the latest stealer campaign spreading multiple files that can sidestep <a href="https://www.tomshardware.com/how-to/disable-microsoft-defender-windows-11">Microsoft Defender</a>’s SmartScreen to download malicious software to target computers. The security vulnerability was addressed in CVE-2024-21412.</p><p>Since Microsoft closed this security hole with an update released in February 2024, the news underscores the importance of installing security updates promptly. The disclosure comes on the heels of the <a href="https://www.tomshardware.com/software/windows/global-it-issue-strikes-windows-machines-cause-of-issue-allegedly-linked-to-crowdstrike-software-update">CrowdStrike outage</a>, which is also being leveraged to deliver malware: <a href="https://www.crowdstrike.com/blog/fake-recovery-manual-used-to-deliver-unidentified-stealer/">CrowdStrike revealed</a> that threat actors are delivering a fake recovery manual that delivers a previously undocumented stealer called Daolpu.</p><p>Security researcher Cara Lin said (<a href="https://thehackernews.com/2024/07/microsoft-defender-flaw-exploited-to.html">via</a> The Hacker News) that the attackers “lure victims into clicking a crafted link to a URL file designed to download an LNK file.” Once downloaded and opened, the LNK file downloads an executable file containing an HTML Application (HTA) script.</p><p>Next, the HTA decodes and decrypts obfuscated PowerShell code that retrieves decoy PDF files along with a shell code injector. This shell code injector then deploys and launches the malicious software. The malware transmits information from web browsers, crypto wallets, messaging apps, FTP and email clients, VPN services, and password managers through a dead drop resolver on the Steam community website, a popular gaming service.</p><p>ACR Stealer targets a wide variety of popular applications. These include multiple versions of Google Chrome, Epic Privacy Browser, Vivaldi, Microsoft Edge, Opera, and Mozilla Firefox, to name a few. It also targets messenger apps including Telegram, Pidgin, Signal, Tox, Psi, Psi+, and WhatsApp, along with numerous FTP clients.</p><p>VPN services NordVPN and AzireVPN have also been targeted, as have password managers Bitwarden, NordPass, 1Password, and RoboForm. While the hijacked data from a password manager should be encrypted, there remains some risk of sensitive data being pulled from them. Fortinet has a complete list of known targeted software in its <a href="https://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed">analysis of the stealer campaign</a>.</p><p>Again, the Microsoft Defender SmartScreen vulnerability was patched in a February 2024 security update. However, if an organization doesn’t install such updates regularly, it remains vulnerable to the threat.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Microsoft Defender flags text file containing ‘This content is no longer available.’ as a severe threat ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/software/antivirus/microsoft-defender-flags-text-file-containing-this-content-is-no-longer-available-as-a-severe-threat</link>
                                                                            <description>
                            <![CDATA[ Microsoft Defender marks text files containing 'This content is no longer available.' as a Trojan horse and severe threat. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">aoNR7pwkhdF2syF58zdnr9</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/mmnTSsdFnYJupqHbu9zvbL-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Sun, 23 Jun 2024 15:02:59 +0000</pubDate>                                                                                                                                <updated>Wed, 09 Apr 2025 13:02:17 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                    <category><![CDATA[Security Software]]></category>
                                                                                                <author><![CDATA[ editors@tomshardware.com (Jowi Morales) ]]></author>                    <dc:creator><![CDATA[ Jowi Morales ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/gM7E2WSDg2wgCFoaDPz9yK.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Jowi Morales is a writer and journalist covering the tech beat since 2021. However, he’s been interested in technology far earlier than that. He started discovering desktop computers when his father brought home a Windows 95 PC, but his first real experience working under the hood of the PC was when the old computer’s hard drive was filled to the brim in the year 2000. He deleted the Windows folder to attempt to rectify the situation, which led to his dad buying a new desktop PC. Since then, he learned a lot more about computers, and he’s always been the go-to tech expert for his family and friends.&lt;/p&gt;&lt;p&gt;Jowi primarily uses a Windows workstation and an Android phone, but he also bought into the Apple ecosystem with the 6th-gen iPad, iPhone 14 Pro Max, and the M1 MacBook Air. Today, Jowi covers hardware and software from Redmond and Cupertino, while also looking at the tech industry in general.&lt;/p&gt;&lt;p&gt;Aside from covering technology, Jowi is an avid photographer and writes about automobiles, aviation, and tanks. You can find his bylines at &lt;a href=&quot;https://www.makeuseof.com/author/jowi-morales/&quot;&gt;MakeUseOf&lt;/a&gt;, &lt;a href=&quot;https://www.slashgear.com/author/jowimorales/&quot;&gt;SlashGear&lt;/a&gt;, and, of course, &lt;a href=&quot;https://www.tomshardware.com/author/jowi-morales&quot;&gt;Tom’s Hardware&lt;/a&gt;.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/mmnTSsdFnYJupqHbu9zvbL-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[False positive]]></media:description>                                                            <media:text><![CDATA[False positive]]></media:text>
                                <media:title type="plain"><![CDATA[False positive]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/mmnTSsdFnYJupqHbu9zvbL-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Microsoft Defender, Windows’ built-in antivirus tool, is widely considered robust enough to mean that an average user no longer needs a third-party antivirus or security suite. However, a bug brought to light by Twitter/X user <a href="https://x.com/rari_teh/status/1804261134146355428">yappy</a> shows that there are times when Microsoft Defender can be extremely overzealous in its attempts to defend your computer.</p><p>A false positive can be observed when you type ‘This content is no longer available.’ or ‘This content is no longer available!’ in Notepad and save it as a text file on your PC. When you do so, Microsoft Defender will instantly flag it as a Trojan file and delete it from your system - no matter what file name you use, ostensibly protecting you from a potential &apos;severe threat.&apos;</p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr">my gf just found out that a text file solely containing the string "This content is no longer available." trips up windows defender lol pic.twitter.com/8RyHW3nltV<a href="https://twitter.com/rari_teh/status/1804261134146355428">June 21, 2024</a></p></blockquote><div class="see-more__filter"></div></div><p>Upon first investigation, yappy and some other Tweet/Xers concluded that the cause of the false positive was an SHA-256 collision. However, the astronomical odds against such a clash rung true, as most commenters now agree the headlining text string was used in several previous threats, and thus raises a red flag in the Windows Defender detection engine.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:753px;"><p class="vanilla-image-block" style="padding-top:52.86%;"><img id="EYrdyRVoPSRReSabqA8DhL" name="virus---not.jpg" alt="False positive" src="https://cdn.mos.cms.futurecdn.net/EYrdyRVoPSRReSabqA8DhL.jpg" mos="" align="middle" fullscreen="" width="753" height="398" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="caption-text">This time we are sure this alert is a false positive </span><span class="credit" itemprop="copyrightHolder">(Image credit: Future)</span></figcaption></figure><p>This head-scratching bug isn’t the first time Microsoft has had issues with its Defender antivirus. Microsoft actually <a href="https://www.tomshardware.com/news/it-looks-like-microsoft-broke-windows-defender-with-a-recent-update">broke it in 2020 with a faulty update</a>, while it <a href="https://www.tomshardware.com/news/microsoft-patches-windows-defender-bug,40443.html">patched a serious bug in 2019</a> that prevented the antivirus app from operating properly. But aside from these missteps, we still <a href="https://www.tomshardware.com/news/windows-defender-perfect-scores-av-test,40139.html">consider Microsoft Defender as a pretty good antivirus</a>.</p><p>Thankfully, this bug isn’t as serious as those issues, as the text line doesn’t pose any actual threat to Windows 11. Furthermore, if you add other text to it (like changing punctuation or adding an extra space at the end), the false detection goes away. However, in the unlikely event that you must have this exact text string saved on a text file on your computer, you need to exclude the folder where you’re saving it from scans, otherwise, it’ll be gone the moment you hit Ctrl + S.</p><p>Hopefully, Microsoft can fix this silly bug soon. This isn’t a threat to the security of Windows 11 and we don&apos;t think anyone will want to temporarily <a href="https://www.tomshardware.com/how-to/disable-microsoft-defender-windows-11">disable Microsoft Defender</a> and install another antivirus program waiting for a fix. Meanwhile, Kaspersky has recently become even less attractive as an alternative, as <a href="https://www.tomshardware.com/tech-industry/cyber-security/us-bans-kaspersky-and-hands-out-sanctions-to-execs">Washington has just sanctioned it</a>.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Microsoft Zaps 5-Year-Old Defender Bug, Reduces CPU Usage by 75% in Firefox ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/microsoft-defender-mozilla-firefox-bug</link>
                                                                            <description>
                            <![CDATA[ Defender and Firefox were not best friends, but a major bug affecting their interaction (wasting CPU cycles) has now been fixed. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">pRugDej3ip6GoxCSkMDkR8</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/T4FX7HaqNTLbggqm5368rY-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 11 Apr 2023 14:11:24 +0000</pubDate>                                                                                                                                <updated>Thu, 30 Jan 2025 13:48:42 +0000</updated>
                                                                                                                                            <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Mark Tyson ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/56vqMYLDaKRHPhHZgbADFR.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Mark&#039;s enthusiasm for computers dampened at an early age by the rubber-keyed Sinclair Spectrum 48K and feelings of Commodore 64 envy. However, in the mid-80s, hope in a digital future was rekindled by the purchase of an Atari 520 STe. Since that time Mark has used a multitude of computers for fun and professional endeavors. He often owned both Macs and PCs but went cold on the former after OS9 was killed off, and warmed to the latter with the introduction of Windows XP.&lt;br&gt;
&lt;br&gt;
Early work years were spent in artwork and reprographics but in the late noughties, Mark started to blog about computers, Taiwanese food culture, and guitar design. This activity led to a full-time position writing about breaking PC tech news for HEXUS, for the best part of a decade. When HEXUS was abruptly closed, Mark helped with the foundation of Club386, before finding a new home at Tom&#039;s Hardware.&lt;br&gt;
&lt;br&gt;
When not wearing through the keycap legends on his PC keyboards, Mark can be found wandering the computer malls of Taiwan&#039;s neon-lit conurbations and enjoying local and international cuisine.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/T4FX7HaqNTLbggqm5368rY-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Firefox Logo]]></media:description>                                                            <media:text><![CDATA[Firefox Logo]]></media:text>
                                <media:title type="plain"><![CDATA[Firefox Logo]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/T4FX7HaqNTLbggqm5368rY-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>A performance-sapping conflict between <a href="https://www.tomshardware.com/news/mozilla-expands-firefox-privacy-features,39572.html">Mozilla Firefox</a> and Microsoft Defender was first discussed on Bugzilla half a decade ago. However, Firefox users can now rejoice, as Mozilla devs and Microsoft worked together to release an update to MsMpEng.exe (a core process of Windows Defender), which is currently being rolled out. Troubled users should notice a <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1441918#c91">significant improvement</a> after the update, with "a ~75% improvement in CPU usage from MsMpEng.exe when browsing with Firefox," according to senior Mozilla software engineer Yannis Juglaret.</p><p>So, what has been happening, and why was there an awful interaction between Firefox and Microsoft Defender? Microsoft acknowledged a problem with MsMpEng.exe using too much CPU time when Windows Defender&apos;s real-time Protection feature is spurred into action. This change has helped cut the CPU usage observed by Firefox users significantly.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1106px;"><p class="vanilla-image-block" style="padding-top:61.66%;"><img id="" name="bug-fixed.jpg" alt="Before and after CPU usage" src="https://cdn.mos.cms.futurecdn.net/3w8p845mqBqi7xhiWsewJe.jpg" mos="" align="middle" fullscreen="1" width="1106" height="682" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/3w8p845mqBqi7xhiWsewJe.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="caption-text">Before and after Microsoft's patch </span><span class="credit" itemprop="copyrightHolder">(Image credit: Mozilla)</span></figcaption></figure><p>The Firefox app was particularly hard hit by the Microsoft bug, as the browser is said to generate up to 7x more Event Tracing for Windows (ETW) events compared to competitors (Edge, Chrome etc). It sends these ‘VirtualProtect’ calls to the antivirus / anti-malware provider to try and keep the browser safe from harm as it roams the web.</p><p>Though Microsoft’s patch of MsMpEng.exe helps a lot, as you can see from the above-quoted figures, Mozilla devs acknowledge that “We should try to reduce the number of events that Firefox generates, which will reduce the CPU usage from [all] AV software.” </p><p>With this in mind, it is also worth noting that other AV solutions, like those from Norton, will also consume a lot of CPU time due to the numerous (7x) Firefox calls for monitoring VirtualProtect. Thus, any program that calls VirtualProtect will benefit from Microsoft’s new MsMpEng.exe, not just Firefox.</p><p><br></p><h2 id="an-x201c-explosive-x201d-waste-of-time">An “Explosive” Waste of Time</h2><p>Mozilla’s Juglaret summed up the prior situation most succinctly when he <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1441918#c90">wrote</a>, “This problem has two sides: Microsoft was doing a lot of useless computations upon each event; and we are generating a lot of events.” He then underlined the impact, “The combination is explosive.”</p><p>Using more processing power than necessary is a common irritation for computer users. Those using laptops away from a power outlet will want to avoid CPU-eating applications when there are more efficient alternatives. Meanwhile, if the problem is widespread enough and runs long enough, the math is also scary for desktop users. For example, <em>Hacker News</em> forum members have <a href="https://news.ycombinator.com/item?id=35511713">estimated</a> the energy wasted by Microsoft’s MsMpEng.exe, and the 300M+ users of Firefox could have easily eaten up the entire output of an average coal-fired power plant every day...</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ How to Disable Microsoft Defender in Windows 11 ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/how-to/disable-microsoft-defender-windows-11</link>
                                                                            <description>
                            <![CDATA[ Here are some simple tips to temporarily or permanently disable Microsoft Defender ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">aJjS6x8udUgeUGXSgk2MjW</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/bRPCFapKHGLmMe2weFNsfd-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 19 Jan 2023 19:17:50 +0000</pubDate>                                                                                                                                <updated>Thu, 30 Jan 2025 13:47:01 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                    <category><![CDATA[Security Software]]></category>
                                                                                                <author><![CDATA[ brandon.hill@futurenet.com (Brandon Hill) ]]></author>                    <dc:creator><![CDATA[ Brandon Hill ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/yHeufe7JcvuJBhYPkSexNf.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Brandon&amp;nbsp;has been tinkering with PCs since childhood and received his first &quot;real&quot; PC, an IBM Aptiva 310, in the mid-1990s. He next went on to build his first custom PC with an Intel Celeron 300A processor overclocked to 450MHz on an Abit BH6 motherboard.&amp;nbsp;Brandon&amp;nbsp;has written about PC and Mac tech since the late 1990s, first at AnandTech before moving to DailyTech and later to Hot Hardware. When&amp;nbsp;Brandon&amp;nbsp;is not consuming copious amounts of tech news, he can be found enjoying the NC mountains or the beach with his wife and two sons.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/bRPCFapKHGLmMe2weFNsfd-1280-80.jpg">
                                                            <media:credit><![CDATA[Tom&#039;s Hardware]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Disable Microsoft Defender in Windows 11]]></media:description>                                                            <media:text><![CDATA[Disable Microsoft Defender in Windows 11]]></media:text>
                                <media:title type="plain"><![CDATA[Disable Microsoft Defender in Windows 11]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/bRPCFapKHGLmMe2weFNsfd-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Microsoft Defender is an essential security tool preinstalled on the Windows 11 operating system. The security suite is fully baked into the operating system to protect your system from malware, but not everyone likes it. Would you prefer to install an alternative antivirus/antispyware to kick Microsoft Defender to the curb? We have two options: temporarily disable the real-time scanning component of the security suite or disable the entire suite long-term in favor of a competing app.</p><h2 id="temporarily-disable-microsoft-defender-real-time-antivirus-protection">Temporarily Disable Microsoft Defender Real-time Antivirus Protection</h2><p>If you want a relatively easy way to disable Microsoft Defender’s real-time scanning engine, we have you covered with the following steps:</p><p><strong>1. Click on the Start menu</strong> and search for the <strong>Windows Security</strong> app.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="" name="image4.png" alt="Disable Microsoft Defender in Windows 11" src="https://cdn.mos.cms.futurecdn.net/LF8DnioYLKMHNbH3VPdgae.png" mos="" align="middle" fullscreen="1" width="1920" height="1080" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/LF8DnioYLKMHNbH3VPdgae.png' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>2. Once in the Windows Security app, <strong>click on Virus & threat protection.</strong></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="" name="image2.jpg" alt="Disable Microsoft Defender in Windows 11" src="https://cdn.mos.cms.futurecdn.net/JuBcqTWtvuVULau74XJaXd.jpg" mos="" align="middle" fullscreen="1" width="1920" height="1080" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/JuBcqTWtvuVULau74XJaXd.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>3. Select <strong>Manage settings</strong> under Virus & threat and protection settings.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="" name="image5.jpg" alt="Disable Microsoft Defender in Windows 11" src="https://cdn.mos.cms.futurecdn.net/yhXVzQL5N2TYBA9hTf5bpd.jpg" mos="" align="middle" fullscreen="1" width="1920" height="1080" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/yhXVzQL5N2TYBA9hTf5bpd.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>4. You&apos;ll see a button for Real-time protection; <strong>turn it off.</strong></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="" name="image6.jpg" alt="Disable Microsoft Defender in Windows 11" src="https://cdn.mos.cms.futurecdn.net/5PiQ5o53vjS5CtLwQhZoxd.jpg" mos="" align="middle" fullscreen="1" width="1920" height="1080" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/5PiQ5o53vjS5CtLwQhZoxd.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>5. Turning off Real-time protection will present a red X and a warning message about your computer being vulnerable to attacks.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="" name="image8.jpg" alt="Disable Microsoft Defender in Windows 11" src="https://cdn.mos.cms.futurecdn.net/hMLoRX94BxBdgRVjLMEKKe.jpg" mos="" align="middle" fullscreen="1" width="1920" height="1080" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/hMLoRX94BxBdgRVjLMEKKe.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>Remember, this only temporarily disables real-time antivirus protection. Microsoft warns that potentially harmful apps and files downloaded from the Internet are not scanned when real-time protection is disabled. However, scans already scheduled for your system will continue unabated.</p><p><br></p><p><br></p><h2 id="disable-microsoft-defender-by-installing-another-antivirus-program">Disable Microsoft Defender by Installing Another Antivirus Program</h2><p>There&apos;s another way to disable Microsoft Defender once and for all, and not just the real-time antivirus function. Installing a third-party antivirus security suite will automatically put Microsoft Defender on the back burner.</p><p>Let’s use<a href="https://www.avg.com/en-us/free-antivirus-download"> <u>AVG Antivirus Free</u></a> as an example. It’s a free, no-frills Microsoft Defender alternative that has been around for two decades. Although our example uses AVG Antivirus Free, installing any credible antivirus program will have the same effect in disabling Microsoft Defender.</p><p>1. <strong>Install your preferred antivirus software</strong> (in this case, AVG Antivirus Free). This action will automatically disable Microsoft Defender.</p><p>2. Once your software is installed, <strong>open the Windows Security app</strong>.</p><p>You should now see that Windows 11 now recognizes AVG Antivirus (or your preferred antivirus app) protecting your computer.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="" name="image7.png" alt="Disable Microsoft Defender in Windows 11" src="https://cdn.mos.cms.futurecdn.net/rks3ZvaWcDQaSn8ynE2Q8e.png" mos="" align="middle" fullscreen="1" width="1920" height="1080" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/rks3ZvaWcDQaSn8ynE2Q8e.png' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>At this point, your installed antivirus software has complete control over real-time scanning and manual scans of your computer with no intervention from Microsoft Defender. However, if you want increased protection, you can click on Microsoft Defender Antivirus options.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="" name="image1.jpg" alt="Disable Microsoft Defender in Windows 11" src="https://cdn.mos.cms.futurecdn.net/tQyL3K5SP55TF3HraMpHPd.jpg" mos="" align="middle" fullscreen="1" width="1920" height="1080" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/tQyL3K5SP55TF3HraMpHPd.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>Here, you can turn on Periodic scanning to have the software occasionally scan for threats in the background.</p><p>We should caution that, while it is possible to disable Microsoft Defender in varying degrees, it is not advisable (in most instances) to run without real-time protection on an internet-connected computer for an extended period. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Microsoft Releases PC Manager Beta to Optimize Windows Performance ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/pc-manager-beta-microsoft</link>
                                                                            <description>
                            <![CDATA[ A new Windows app called PC Manager brings together tools to scan and protect your PC, plus boost its performance, in one place. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">cxPgBy4yfY9Cn2tuQqd86Q</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/fnpQCiTRjiNEdwo6MhR6Fj-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 21 Oct 2022 16:51:38 +0000</pubDate>                                                                                                                                <updated>Thu, 30 Jan 2025 13:48:04 +0000</updated>
                                                                                                                                            <category><![CDATA[Windows]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                    <category><![CDATA[Operating Systems]]></category>
                                                                                                                    <dc:creator><![CDATA[ Ian Evenden ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/dY5MGBXCT6GV6ARt8oSiSj.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Ian is a UK-based news writer for Tom’s Hardware US. In 1992, he was given a 286-based PC because his parents hoped he’d become a programmer, and was instantly hooked despite the vagaries of MS-DOS. Pretty soon there was a 386 with Windows 3.1, a CD-ROM, and Sound Blaster card under the desk, followed by Pentium II, Athlon, i7 and Threadripper systems, most of which he built himself. After a brief eight-year dalliance with games consoles at Edge magazine, he began contributing to the likes of Maximum PC, PC Gamer, Windows Help and Advice and a few other magazines that have since closed - none of which were directly his fault. His desk today is a riot of PC monitors, Apple products, Raspberry Pi boards, purple unicorns, game controllers and camera lenses. He has no idea about programming.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/fnpQCiTRjiNEdwo6MhR6Fj-1280-80.jpg">
                                                            <media:credit><![CDATA[Tom&#039;s Hardware]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Windows 11]]></media:description>                                                            <media:text><![CDATA[Windows 11]]></media:text>
                                <media:title type="plain"><![CDATA[Windows 11]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/fnpQCiTRjiNEdwo6MhR6Fj-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Microsoft is beta testing, in a bit of a secretive way, an app called PC Manager that fills the niche currently populated by CCleaner and Huawei’s PC Manager. It scans your PC for unwanted files, can free up RAM, and ties into Windows Defender to block malicious apps. Unfortunately, it also nags you to change your browser to Microsoft Edge.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1280px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="" name="pc manager 2.jpg" alt="The PC Manager app" src="https://cdn.mos.cms.futurecdn.net/syVASiAa9uR7UW5aPpvriV.jpg" mos="" align="middle" fullscreen="" width="1280" height="720" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Microsoft)</span></figcaption></figure><p>We first learned about the app in a tweet from <a href="https://twitter.com/ALumia_Italia/status/1583332269879877632" target="_blank">Aggiornamenti Lumia</a>, which led to a story on <a href="https://www.xda-developers.com/microsoft-working-pc-manager-app-clean-up-files/" target="_blank">XDA Developers</a>. The <a href="http://pcmanager.microsoft.com" target="_blank">pcmanager.microsoft.com</a> site was found to be active but in Chinese. Eventually, with the app not appearing on the Microsoft Store, a download link for <a href="https://aka.ms/PCManager10000" target="_blank">an .exe file</a> was discovered, and people could start trying it out for themselves.</p><p>The app is a simple one that loads at startup, then sits in the system tray. When invoked, it scans your storage to discover any cruft it deems worthy of being swept away. There&apos;s a RAM boost feature that increased the amount of free RAM on our test machine by about 10% A process inspector performs its best Task Manager impression by allowing you to end unused programs, and it can tell you about the effect other startup apps are having on the performance of your machine - something already in the OS via the Startup Apps page of Settings.</p><p>It also duplicates some Windows Defender functionality, with a Scan button for threats, and checks Windows Update. It also has a few less welcome abilities: nagging us to change our default browser from Chrome to Edge (we&apos;re old-fashioned, ok) and recommending we turn off Malwarebytes.</p><p>While the app is still clearly in beta - it&apos;s displayed at the top at all times - it&apos;s a welcome addition to Windows, bringing together some disparate but related tools in one place.</p><p><br></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ How to Keep Windows Running Smoothly ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/how-to/keep-windows-running-smoothly</link>
                                                                            <description>
                            <![CDATA[ A smooth running system will bring months of productivity / entertainment. Keep your rig running smooth with just a little work. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">LjZHMFECQfDvuR9pTdcWL6</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/49tR8x3URbwNbXiHAo6ebd-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Sat, 27 Aug 2022 13:00:53 +0000</pubDate>                                                                                                                                <updated>Thu, 30 Jan 2025 13:48:31 +0000</updated>
                                                                                                                                            <category><![CDATA[Windows]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                    <category><![CDATA[Operating Systems]]></category>
                                                                                                                    <dc:creator><![CDATA[ Les Pounder ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mZ2MebAz6hhKR6vLUDUbsc.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Les Pounder is a creative technologist and for seven years has created projects to educate and inspire minds both young and old. He has worked with the Raspberry Pi Foundation to write and deliver their teacher training programme &quot;Picademy&quot;.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/49tR8x3URbwNbXiHAo6ebd-1280-80.jpg">
                                                            <media:credit><![CDATA[Tom&#039;s Hardware]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[How to Keep Windows Running Smoothly]]></media:description>                                                            <media:text><![CDATA[How to Keep Windows Running Smoothly]]></media:text>
                                <media:title type="plain"><![CDATA[How to Keep Windows Running Smoothly]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/49tR8x3URbwNbXiHAo6ebd-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>You spend a lot of money on your computer. You buy the best<a href="https://www.tomshardware.com/reviews/best-gpus,4380.html"><u> graphics Card</u></a> and <a href="https://www.tomshardware.com/reviews/best-cpus,3986.html"><u>best CPU</u></a> for your budget and enjoy creating and gaming with your rig. Everything is running smoothly, until you notice your performance is suddenly lacking.</p><p>When did you last run Windows Update, empty the wastebasket or run a virus scan? Could it be a corrupt configuration file causing your grief? </p><p>We’ve put together a few tips and tricks to help keep your rig running smooth.</p><h2 id="keeping-the-pc-updated-and-secure">Keeping the PC Updated and Secure</h2><p>Your PC runs better when it has the latest updates. These updates can fix issues and bugs, often introducing improved drivers and software for your components.</p><p>1. <strong>Check for the latest OS updates. </strong>Search for Update via the Start menu and click on Check for updates.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:784px;"><p class="vanilla-image-block" style="padding-top:86.86%;"><img id="" name="update.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/DYonxZ4odRari86HmPEy2e.jpg" mos="" align="middle" fullscreen="1" width="784" height="681" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/DYonxZ4odRari86HmPEy2e.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>2. <strong>Click on Check for updates.</strong></p><p>3. <strong>If any updates are required, download and install. </strong>These can also be scheduled to take place when you are not using your computer.</p><p>4. <strong>Move unused files from the Desktop into folders.</strong> Find your files faster, use a system to keep your important files ready for use. Old downloads, updates, videos etc can be stored on an external drive.</p><p>5. <strong>Empty your trash! </strong>The recycle bin can store Gigabytes of data, data that we had thought was long since deleted.</p><p><br></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1276px;"><p class="vanilla-image-block" style="padding-top:35.03%;"><img id="" name="recycle.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/3CVNQukz5TstpHCXVf7tid.jpg" mos="" align="middle" fullscreen="1" width="1276" height="447" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/3CVNQukz5TstpHCXVf7tid.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>6. Reduce how much trash you can recycle.<strong> Right click on your Recycle Bin and select Properties.</strong></p><p>7.<strong> Set the maximum size to a few gigabytes for your drives, click OK to save.</strong> Note that each drive has to be selected, and the custom size set individually.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:340px;"><p class="vanilla-image-block" style="padding-top:115.88%;"><img id="" name="Recycle Properties.PNG" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/o2ZZJ6xjMZHsK3hEHoMNfd.png" mos="" align="middle" fullscreen="1" width="340" height="394" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/o2ZZJ6xjMZHsK3hEHoMNfd.png' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><h2 id="running-a-virus-scan">Running A Virus Scan</h2><p>Malware and viruses can bring misery to any user. Removing them is often time consuming, and can be expensive. The adage that “prevention is better than cure” applies here. To keep yourself and your system protected you should run regular scans.</p><p>1. <strong>Click on the Start menu and search for Windows Security. Click on the icon to load.</strong></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:785px;"><p class="vanilla-image-block" style="padding-top:57.45%;"><img id="" name="Virus1.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/dfPGiSaCCnH8y4UhBu9S9e.jpg" mos="" align="middle" fullscreen="1" width="785" height="451" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/dfPGiSaCCnH8y4UhBu9S9e.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>2. <strong>Select Virus and threat protection.</strong></p><p><br></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:829px;"><p class="vanilla-image-block" style="padding-top:61.52%;"><img id="" name="Virus2.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/G4AuoLns7sQjyRiWSUhB6e.jpg" mos="" align="middle" fullscreen="1" width="829" height="510" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/G4AuoLns7sQjyRiWSUhB6e.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>3. <strong>Click on Quick scan to perform a scan of your main drive. </strong>The process can take some time to complete.</p><p><br></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:420px;"><p class="vanilla-image-block" style="padding-top:80.48%;"><img id="" name="Virus3.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/rQYSAZBEBNnbunUBQpsCDe.jpg" mos="" align="middle" fullscreen="1" width="420" height="338" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/rQYSAZBEBNnbunUBQpsCDe.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>4. <strong>Click on Scan options.</strong></p><p><br></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:437px;"><p class="vanilla-image-block" style="padding-top:78.49%;"><img id="" name="Virus5.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/zp9AmadThoPmHbdrfSFXLe.jpg" mos="" align="middle" fullscreen="1" width="437" height="343" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/zp9AmadThoPmHbdrfSFXLe.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>5. <strong>Select Full scan and then click Scan now to run a full deep scan of your system. </strong>This process can take approximately one hour to complete.</p><p><br></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:574px;"><p class="vanilla-image-block" style="padding-top:87.46%;"><img id="" name="Virus6.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/iWpGiEpssAtksjbRR8TiQe.jpg" mos="" align="middle" fullscreen="1" width="574" height="502" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/iWpGiEpssAtksjbRR8TiQe.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><h2 id="running-a-scan-for-malware">Running a Scan for Malware</h2><p>To remove malware we need to perform a full scan with the system offline.</p><p>1. <strong>Click on the Start menu and search for Windows Security. Click on the icon to load.</strong></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:785px;"><p class="vanilla-image-block" style="padding-top:57.45%;"><img id="" name="Virus1.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/dfPGiSaCCnH8y4UhBu9S9e.jpg" mos="" align="middle" fullscreen="1" width="785" height="451" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/dfPGiSaCCnH8y4UhBu9S9e.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>2. <strong>Select Virus and threat protection.</strong></p><p><br></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:829px;"><p class="vanilla-image-block" style="padding-top:61.52%;"><img id="" name="Virus2.jpg" alt="ow to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/G4AuoLns7sQjyRiWSUhB6e.jpg" mos="" align="middle" fullscreen="1" width="829" height="510" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/G4AuoLns7sQjyRiWSUhB6e.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>3. <strong>Click on Scan options.</strong></p><p><br></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:437px;"><p class="vanilla-image-block" style="padding-top:78.49%;"><img id="" name="Virus5.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/zp9AmadThoPmHbdrfSFXLe.jpg" mos="" align="middle" fullscreen="1" width="437" height="343" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/zp9AmadThoPmHbdrfSFXLe.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>4. <strong>Select Microsoft Defender Offline scan, and then click scan now. </strong>Note that this will restart your computer and perform an automated scan that will prevent you from using the computer.</p><p><br></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:552px;"><p class="vanilla-image-block" style="padding-top:42.57%;"><img id="" name="Malware1.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/rYsb47gxgdS9YxgTy43mUd.jpg" mos="" align="middle" fullscreen="1" width="552" height="235" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/rYsb47gxgdS9YxgTy43mUd.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><h2 id="repairing-files">Repairing Files</h2><p>Configuration files can sometimes become corrupt and cause issues. Broken configuration files can introduce bugs / issues that cause your system to work harder. Scanning for issues should be a routine task, but we often leave this until we encounter an issue.</p><p>To scan your drive for issues.</p><p>1. <strong>Open Windows Explorer and right click on C: drive. Select Properties.</strong></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:433px;"><p class="vanilla-image-block" style="padding-top:93.30%;"><img id="" name="c properties.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/KwecF4WVu3vmrrBJXPQKQd.jpg" mos="" align="middle" fullscreen="1" width="433" height="404" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/KwecF4WVu3vmrrBJXPQKQd.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>2. <strong>Under Tools, look for Error checking </strong>and <strong>click check.</strong></p><p><br></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:425px;"><p class="vanilla-image-block" style="padding-top:126.35%;"><img id="" name="scan start.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/qPmUu99do9cFjXGpkbRmrd.jpg" mos="" align="middle" fullscreen="1" width="425" height="537" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/qPmUu99do9cFjXGpkbRmrd.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>3. <strong>Select Scan drive </strong>and <strong>wait for the task to complete.</strong></p><p><br></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:602px;"><p class="vanilla-image-block" style="padding-top:45.51%;"><img id="" name="scan drive.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/5aZNBAH4P8bcQ2b5Avo9od.jpg" mos="" align="middle" fullscreen="1" width="602" height="274" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/5aZNBAH4P8bcQ2b5Avo9od.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><p>4. If prompted, <strong>take action to correct any issues.</strong> If there are none<strong>, click Close.</strong></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:407px;"><p class="vanilla-image-block" style="padding-top:60.44%;"><img id="" name="scan.jpg" alt="How to Keep Windows Running Smoothly" src="https://cdn.mos.cms.futurecdn.net/6kT3iq2bMqKAVFwNS5eRwd.jpg" mos="" align="middle" fullscreen="1" width="407" height="246" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/6kT3iq2bMqKAVFwNS5eRwd.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Tom's Hardware)</span></figcaption></figure><h2 id="staying-on-top">Staying on top</h2><p>We’ve taken the steps to keep our PC running, but remember that we need to keep on top of our systems. To keep them ticking over, and to prevent issues from ruining our day. As we said earlier, this is by far the most exciting task, but it is an essential one.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Windows 11's Newest Security Feature Requires Full Reset ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/windows-11-security-feature-requires-reset</link>
                                                                            <description>
                            <![CDATA[ Windows 11’s newest security feature comes with a sting in the tail: if you’ve upgraded to the newest version of Microsoft’s operating system, rather than bought a new PC with it installed, you’ll need to reset it. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">qawpPy9y27rJJBiFsN2MQc</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/iAdoV7u3jGEM8uvbSJ45AU-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 06 Apr 2022 15:01:51 +0000</pubDate>                                                                                                                                <updated>Thu, 30 Jan 2025 16:27:12 +0000</updated>
                                                                                                                                            <category><![CDATA[Windows]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                    <category><![CDATA[Operating Systems]]></category>
                                                                                                                    <dc:creator><![CDATA[ Ian Evenden ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/dY5MGBXCT6GV6ARt8oSiSj.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Ian is a UK-based news writer for Tom’s Hardware US. In 1992, he was given a 286-based PC because his parents hoped he’d become a programmer, and was instantly hooked despite the vagaries of MS-DOS. Pretty soon there was a 386 with Windows 3.1, a CD-ROM, and Sound Blaster card under the desk, followed by Pentium II, Athlon, i7 and Threadripper systems, most of which he built himself. After a brief eight-year dalliance with games consoles at Edge magazine, he began contributing to the likes of Maximum PC, PC Gamer, Windows Help and Advice and a few other magazines that have since closed - none of which were directly his fault. His desk today is a riot of PC monitors, Apple products, Raspberry Pi boards, purple unicorns, game controllers and camera lenses. He has no idea about programming.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/iAdoV7u3jGEM8uvbSJ45AU-1280-80.jpg">
                                                            <media:credit><![CDATA[Future]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Windows 11&#039;s reset screen]]></media:description>                                                            <media:text><![CDATA[Windows 11&#039;s reset screen]]></media:text>
                                <media:title type="plain"><![CDATA[Windows 11&#039;s reset screen]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/iAdoV7u3jGEM8uvbSJ45AU-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Windows 11’s newest security feature comes with a sting in the tail: if you’ve upgraded to the newest version of Microsoft’s operating system, rather than bought a new PC with it installed, you’ll need to reset it if you want Smart App Control. The news broke in a <a href="https://www.microsoft.com/security/blog/2022/04/05/new-security-features-for-windows-11-will-help-protect-hybrid-work/" target="_blank">blog post</a> from David Weston, vice president of OS security and enterprise at Microsoft, subsequently reported on by <a href="https://www.pcworld.com/article/629717/this-new-windows-11-security-feature-will-force-you-to-reset-your-pc.html" target="_blank">PCWorld</a>.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1280px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="" name="smart app control win 11.jpg" alt="Windows 11's smart app control" src="https://cdn.mos.cms.futurecdn.net/TyexNeTFf44C4negzoHcdh.jpg" mos="" align="middle" fullscreen="" width="1280" height="720" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Future)</span></figcaption></figure><p>“In a future release of Windows 11 you’re going to see significant security updates that add even more protection from the chip to the cloud by combining modern hardware and software,” writes Weston in his post, which sounds fine, as enhanced security was one of the reasons we have Windows 11 in the first place. </p><p>One of these major enhancements is Smart App Control, which appeared in a recent Windows 11 insider build, and blocks malicious, untrusted and potentially unwanted apps. The first set are flagged by Microsoft, but the ‘smart’ part of the system kicks in for the others, taking into account digital signatures, app usage, and Microsoft&apos;s cloud-based security service. There doesn’t seem to be a way of whitelisting apps, or unblocking them in any way once they’re blocked.</p><p>It also acts in a new and strange way, according to German news site <a href="https://www.ghacks.net/2022/03/07/smart-app-control-in-windows-11-explained/" target="_blank">Ghacks</a>. Once installed, Smart App Control enters evaluation mode, learning whether it can assist you but not blocking anything, until it automatically turns on. It can be manually turned on or off from the Windows Security app. The strange thing is that, if turned off, it cannot be turned back on without a full reset of the PC and a clean install of Windows 11.</p><p>The need for a clean installation if you want Smart App Control on your existing Windows 11 PC is detailed in Weston’s blog post: “Devices running previous versions of Windows 11 will have to be reset and have a clean installation of Windows 11 to take advantage of this feature,” he writes.</p><p>Microsoft’s security splurge is dressed in the language of hybrid working and zero trust, as the Redmond software giant attempts to push its Pluton platform. Smart App Control, and the promotion of Microsoft SmartScreen to a part of the OS instead of a security app, is part of a drive to protect critical business machines used at home from phishing, ransomware, and other unwanted nasties, and it’s up to company IT departments to decide whether to deploy it. Home users with Microsoft Defender switched on are unlikely to need it urgently, so the need for a clean install, while annoying, might not affect many users after all.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Leaked Nvidia Code-Signing Certificate Now Being Used by Malware ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/nvidia-driver-code-signing-malware</link>
                                                                            <description>
                            <![CDATA[ Among all the sensitive hardware and driver data spilled by hacking extortion group Lapsus$, there were some expired but still usable Nvidia code-signing certificates. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">LeQkuiozTYXmVWgQQh84AN</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/d8FMtBoYmKBnuKvGXGM3VB-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 07 Mar 2022 16:11:57 +0000</pubDate>                                                                                                                                <updated>Thu, 21 Aug 2025 09:53:50 +0000</updated>
                                                                                                                                            <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Mark Tyson ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/56vqMYLDaKRHPhHZgbADFR.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Mark&#039;s enthusiasm for computers dampened at an early age by the rubber-keyed Sinclair Spectrum 48K and feelings of Commodore 64 envy. However, in the mid-80s, hope in a digital future was rekindled by the purchase of an Atari 520 STe. Since that time Mark has used a multitude of computers for fun and professional endeavors. He often owned both Macs and PCs but went cold on the former after OS9 was killed off, and warmed to the latter with the introduction of Windows XP.&lt;br&gt;
&lt;br&gt;
Early work years were spent in artwork and reprographics but in the late noughties, Mark started to blog about computers, Taiwanese food culture, and guitar design. This activity led to a full-time position writing about breaking PC tech news for HEXUS, for the best part of a decade. When HEXUS was abruptly closed, Mark helped with the foundation of Club386, before finding a new home at Tom&#039;s Hardware.&lt;br&gt;
&lt;br&gt;
When not wearing through the keycap legends on his PC keyboards, Mark can be found wandering the computer malls of Taiwan&#039;s neon-lit conurbations and enjoying local and international cuisine.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/d8FMtBoYmKBnuKvGXGM3VB-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Hacker]]></media:description>                                                            <media:text><![CDATA[Hacker]]></media:text>
                                <media:title type="plain"><![CDATA[Hacker]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/d8FMtBoYmKBnuKvGXGM3VB-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Trouble is brewing in the fallout from the Nvidia hack attack, which we first <a href="https://www.tomshardware.com/news/nvidia-cyber-attack-internal">reported</a> on in late February. Two code-signing certificates were among the purported 1TB of data obtained, which compromised hardware schematics, firmware, <a href="https://www.tomshardware.com/news/nvidia-hacker-lhr-etherum-bypass">drivers</a>, <a href="https://www.tomshardware.com/news/nvidia-hackers-employee-credentials-leak">employee information</a>, and more. The significance of the certificates getting into any hackers&apos; grubby hands is that threat actors can repurpose them to sign their (mal)wares, <a href="https://www.bleepingcomputer.com/news/security/malware-now-using-nvidias-stolen-code-signing-certificates/?s=09">reports</a> Bleeping Computer.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:990px;"><p class="vanilla-image-block" style="padding-top:23.84%;"><img id="" name="nvidia-certs.jpg" alt="stolen certificates" src="https://cdn.mos.cms.futurecdn.net/9YgubCJFyqRjaEBoF9UhBo.jpg" mos="" align="middle" fullscreen="1" width="990" height="236" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/9YgubCJFyqRjaEBoF9UhBo.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Bill Demirkapi)</span></figcaption></figure><p>Just ahead of the weekend, computer security specialist Bill Demirkapi <a href="https://twitter.com/BillDemirkapi/status/1499437244830175236">highlighted</a> the two leaked Nvidia Corporation certificates, as issued by VeriSign. You can see from the screenshots above that one of them expired in 2014 and the other in 2018. Despite the certificates so clearly being expired, Demirkapi says that " Windows still allows them to be used for driver signing purposes."</p><p>Proof of the danger from these certificates being made public came to light just a few hours later. Security researcher Florian Roth took to Twitter to <a href="https://twitter.com/cyb3rops/status/1499514240008437762">provide links</a> to malware spotted in the wild, signed as if they were genuine, unaltered Nvidia code. Of course, these weren&apos;t links to the malware, but rather to virus scanning databases reporting on their existence.</p><p>A long list of malware seems to have been seeded, now certified as genuine Nvidia code. Among the suspicious packages, many seem to be infected with Mimikatz, a program used to extract passwords, PINs, and similar from a computer&apos;s memory that falls victim to it.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1031px;"><p class="vanilla-image-block" style="padding-top:71.29%;"><img id="" name="mimikatssss.jpg" alt="Nvidia signed malware" src="https://cdn.mos.cms.futurecdn.net/9ih8HJkFGKWwSomkAcyvMo.jpg" mos="" align="middle" fullscreen="1" width="1031" height="735" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/9ih8HJkFGKWwSomkAcyvMo.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: VirusTotal)</span></figcaption></figure><p>Other common "Nvidia signed" malware in the online detection database listings were for KDU – a rootkit malware, and for cryptomining malware – software that will try and sneakily eat up your system&apos;s computing resources, given a chance.</p><p><br></p><h2 id="why-doesn-apos-t-windows-block-the-installation-of-apps-with-expired-certificates">Why Doesn&apos;t Windows Block the Installation of Apps With Expired Certificates?</h2><p>New malware can now be digitally signed to "verify" that Nvidia was the file&apos;s developer and that a third party hasn&apos;t modified it. The certificate expiry dates don&apos;t particularly impede malware writers&apos; deceit because Windows will accept them on some occasions.</p><p>Interestingly, the certificate that expired in 2014 is the most problematic leak of the two. This was the one used by all the malware spotted in the wild, due to a loophole. In 2015, Microsoft purposely allowed pre-July 29, 2015 certificated drivers to run for the sake of backward compatibility with old devices.</p><p>Computer administrators can block code signed by the rogue certificates from running on machines using Windows Defender Application Control policies to control what Nvidia drivers can be loaded. However, this is an advanced configuration process, so it is hoped Microsoft will provide user updates to revoke the stolen certificates. However, such a sweeping action by Microsoft might block some older, legitimate Nvidia drivers from working on Windows 10 and 11.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ 'Spider-Man: No Way Home' Pirates Hit by Crypto Malware ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/spider-man-pirates-infected-malware</link>
                                                                            <description>
                            <![CDATA[ Reason Labs reported that pirated versions of "Spider-Man: No Way Home" are being used to spread crypto mining malware. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">zr9BiAx5S8PuhF5iNYJbMX</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/sjVprDwKeC2nUyuAUL7DBX-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 28 Dec 2021 16:21:11 +0000</pubDate>                                                                                                                                <updated>Thu, 30 Jan 2025 13:49:15 +0000</updated>
                                                                                                                                            <category><![CDATA[Cryptomining]]></category>
                                                    <category><![CDATA[Tech Industry]]></category>
                                                    <category><![CDATA[Cryptocurrency]]></category>
                                                                                                                    <dc:creator><![CDATA[ Nathaniel Mott ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/hEFeUwJHtzVDWEZTcjDqt9.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Nathaniel has been writing about various aspects of the technology industry, from startups and cybersecurity to social media and enthusiast hardware, since 2011. Lately, he spends his time writing and spending time with his family.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/sjVprDwKeC2nUyuAUL7DBX-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Piracy]]></media:description>                                                            <media:text><![CDATA[Piracy]]></media:text>
                                <media:title type="plain"><![CDATA[Piracy]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/sjVprDwKeC2nUyuAUL7DBX-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>There&apos;s no official way to watch "Spider-Man: No Way Home" from the comforts of your humble abode. Some people looking to watch the movie without making a trip to the theater have resorted to downloading pirated copies of the film—and they may have accidentally installed cryptocurrency mining malware in the process.</p><p>ReasonLabs <a href="https://blog.reasonlabs.com/2021/12/23/spider-miner-with-great-power-comes-great-problems/">said</a> it discovered malware used to mine the Monero cryptocurrency in a file called "spiderman_net_putidomoi.torrent.exe," which the company translated from Russian to "spiderman_no_wayhome.torrent.exe," leading it to believe that "the origin of the file is most likely from a Russian torrenting website."</p><p>This type of malware spreads by taking advantage of people&apos;s desire to engage with popular media. "Spider-Man: No Way Home" is <a href="https://www.cnn.com/2021/12/26/media/spider-man-no-way-home-box-office-billion/index.html">the first movie</a> to gross more than $1 billion at the box office (during the COVID-19 era) even though it&apos;s theater-exclusive and the Omicron variant of COVID-19 is rapidly spreading. So, of course, people are going to try to pirate it.</p><p>The company said this malware derives from the <a href="https://github.com/UnamSanctam/SilentXMRMiner">SilentXMRMiner</a> open source project that anyone can download from GitHub. The project offers a point-and-click interface that allows wannabe malware distributors to create a new miner compatible with numerous cryptocurrencies without much effort on their part.</p><p>ReasonLabs said that after it&apos;s installed, the malware "adds exclusions to Windows Defender, creates persistence, and spawns a watchdog process to maintain its activity," all of which is enabled via the SilentXMRMiner project. It then devotes the victim&apos;s compute power to mining Monero for whoever created it.</p><p>"Although this malware does not compromise personal information (which is what most users are afraid of when thinking about a virus on their computer)," ReasonLabs said. "The damage that a miner causes can be seen in the user&apos;s electricity bill. This is real money that they have to pay, given that the miner runs for long periods. Additionally, the damage can be felt on a user&apos;s device as often miners require high CPU usage, which causes the computer to slow down drastically."</p><p>Unfortunately, pirates can&apos;t necessarily rely on antivirus solutions to defend against malware like this. ReasonLabs said it "encountered various compiled versions of this project, some more obfuscated than others," which can help the malware evade signature-based detection systems. (Read: Most traditional antivirus software.)</p><p>The company proved its point by submitting the malware to <a href="https://www.virustotal.com/gui/home/upload">VirusTotal</a>, which analyzes files and URLs with more than 70 different security tools. Unfortunately, ReasonLabs said the malware wasn&apos;t flagged as malicious by VirusTotal when it wrote its report, so the vast majority of popular antivirus solutions wouldn&apos;t have protected anyone.</p><p>The simplest way to avoid falling victim to this malware is to refrain from pirating "Spider-Man: No Way Home." Barring that, ReasonLabs said those who choose to sail the black seas ought to double-check what kind of file they&apos;re downloading. There&apos;s no reason for a movie, pirated or not, to be distributed as an executable file.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Intel, Microsoft Team Up to Combat Cryptojacking ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/intel-microsoft-anti-cryptojacking-team-up</link>
                                                                            <description>
                            <![CDATA[ Intel is teaming up with Microsoft to use CPU-based mining detection in Microsoft Defender for Endpoint ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">hkubtsz62RFK8qZUdeFNtK</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/YVrKQexGuCKLabhEBT79MW-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 26 Apr 2021 20:10:02 +0000</pubDate>                                                                                                                                <updated>Thu, 21 Aug 2025 09:50:27 +0000</updated>
                                                                                                                                            <category><![CDATA[Cybersecurity]]></category>
                                                    <category><![CDATA[Tech Industry]]></category>
                                                                                                                    <dc:creator><![CDATA[ Andrew E. Freedman ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/MTveuGNKPqpzrLttEA9ebb.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Andrew oversees laptop and desktop coverage and keeps up with the latest news in tech and gaming. His work has been published in Kotaku, PCMag, Complex, Tom’s Guide and Laptop Mag, among others. He fondly remembers his first computer: a Gateway that still lives in a spare room in his parents&#039; home, albeit without an internet connection. When he’s not writing about tech, you can find him playing video games, checking social media and waiting for the next Marvel movie. Follow him on Threads &lt;a href=&quot;https://www.threads.net/@freedmanae&quot;&gt;@FreedmanAE&lt;/a&gt; and BlueSky &lt;a href=&quot;https://bsky.app/profile/andrewfreedman.net&quot;&gt;@andrewfreedman.net&lt;/a&gt;.&lt;a href=&quot;https://bsky.app/profile/andrewfreedman.net&quot;&gt; &lt;/a&gt;You can send him tips on Signal: andrewfreedman.01&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/YVrKQexGuCKLabhEBT79MW-1280-80.jpg">
                                                            <media:credit><![CDATA[Intel]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Intel Logo]]></media:description>                                                            <media:text><![CDATA[Intel Logo]]></media:text>
                                <media:title type="plain"><![CDATA[Intel Logo]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/YVrKQexGuCKLabhEBT79MW-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Intel and Microsoft are collaborating on a new project to help enterprise and small business customers avoid security issues that may involve others using PCs on your network to mine cryptocurrencies, known as cryptojacking.<br><br>The protection will be built into Microsoft Defender for Endpoint on systems using 6th Gen or later Intel vPro and Intel Core processors. Specifically, it uses Intel Threat Detection Technology, or TDT to take advantage of the CPU for machine learning to detect cryptomining.</p><figure class="van-image-figure " data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1432px;"><p class="vanilla-image-block" style="padding-top:56.22%;"><img id="" name="TDT-and-MD-Detect-and-Remediate-Malware.png" alt="Intel TDT malware diagram" src="https://cdn.mos.cms.futurecdn.net/EcFrcQkUH8Ay5CbxBARcaj.png" mos="" align="middle" fullscreen="" width="1432" height="805" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=""><span class="credit" itemprop="copyrightHolder">(Image credit: Intel, Microsoft)</span></figcaption></figure><p>In <a href="https://www.intc.com/news-events/press-releases/detail/1461/intel-collaborates-with-microsoft-against-cryptojacking">a press release</a>, Intel stated that the rise of cryptocurrencies in the mainstream and their increase in value means that "cybercriminals [will] shift their focus from ransomware to cryptojacking." Intel claims that there was a 53% increase in mining malware attacks in the fourth quarter of 2020 compared to the quarter before it.<br><br>Cryptojacking, just like normal cryptomining, weighs heavily on a computer&apos;s resources and sends the crypto back to a wallet. This could drastically slow a computer. Intel suggests some cryptojackers can also spread over a network, where large businesses could have hundreds or thousands of devices.</p><div class="youtube-video" data-nosnippet ><div class="video-aspect-box"><iframe data-lazy-priority="high" data-lazy-src="https://www.youtube-nocookie.com/embed/4Jt2pSfYhm8" allowfullscreen></iframe></div></div><p>Intel&apos;s TDT technology will use its machine learning and telemetry to "fingerprint" the suspicious activities, some of which it can offload to the integrated GPU. The cryptojacking threats will appear in Windows Defender to people using their devices, just like any other threat.<br><br>In <a href="https://www.microsoft.com/security/blog/2021/04/26/defending-against-cryptojacking-with-microsoft-defender-for-endpoint-and-intel-tdt/">a separate release</a>, Microsoft&apos;s Karthik Selvaraj, principal research manager on the Microsoft 365 Defender research team wrote that "[e]ven though we have enabled this technology specifically for cryptocurrency mining, it expands the horizons for detecting more aggressive threats like side-channel attacks and ransomware."<br><br>At the moment, this appears to only be available on 6th Gen or later Intel vPro (and some Core) platforms running Microsoft&apos;s enterprise security suite. It&apos;s unclear if there are plans to further expand the program to general users or other silicon.<br></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ It Looks Like Microsoft Broke Windows Defender With a Recent Update ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/it-looks-like-microsoft-broke-windows-defender-with-a-recent-update</link>
                                                                            <description>
                            <![CDATA[ Microsoft reportedly broke the Windows Defender antivirus tool with a recent update. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">2WJ5nXfFScaqgXGGMTjWeC</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/PGVMKkVLDtCtLUoRkrmF4N-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 23 Mar 2020 11:52:45 +0000</pubDate>                                                                                                                                <updated>Wed, 05 Feb 2025 14:15:45 +0000</updated>
                                                                                                                                            <category><![CDATA[Windows]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                    <category><![CDATA[Operating Systems]]></category>
                                                                                                                    <dc:creator><![CDATA[ Nathaniel Mott ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/hEFeUwJHtzVDWEZTcjDqt9.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Nathaniel has been writing about various aspects of the technology industry, from startups and cybersecurity to social media and enthusiast hardware, since 2011. Lately, he spends his time writing and spending time with his family.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/PGVMKkVLDtCtLUoRkrmF4N-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/PGVMKkVLDtCtLUoRkrmF4N-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>It&apos;s starting to seem like Microsoft can&apos;t update anything without breaking it. <a href="https://www.windowslatest.com/2020/03/22/windows-defender-items-skipped-during-scan/">Windows Latest</a> reported yesterday that Windows Defender, the built-in antivirus tool for Windows 10, stopped functioning properly after it was updated recently.</p><p>The report indicated that Windows Defender--which is <a href="https://www.tomshardware.com/news/microsoft-plans-windows-defender-rebrand,39990.html">set to be renamed</a> Microsoft Defender as it <a href="https://www.theverge.com/2020/2/20/21145388/microsoft-antivirus-ios-android-apps-software-defender-security-malware">expands to additional platforms</a>--has shown an error message to multiple Windows 10 users. Windows 7 and 8 users don&apos;t appear to be affected.</p><p>That error message reads: "Items skipped during scan. The Windows Defender Antivirus scan skipped an item due to exclusion or network scanning settings." Either those scans are failing, or the error message is being shown when it shouldn&apos;t be.</p><p>Failed scans could potentially expose Windows 10 users to security risks. An incorrect error message could also erode trust in Windows Defender, though, which might lead Windows 10 users to install antivirus software they <a href="https://www.tomshardware.com/news/windows-defender-perfect-scores-av-test,40139.html">probably don&apos;t need</a>.</p><p>Luckily it seems like Windows Defender&apos;s offline scans are working as intended, so Windows 10 users should probably use that option until this problem is resolved. Microsoft explained how to use Windows Defender offline in <a href="https://support.microsoft.com/en-us/help/17466/windows-defender-offline-help-protect-my-pc">a support article</a>.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Microsoft Defends the Defender With Tamper Protection Feature ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/microsoft-defender-tamper-protection-windows-security</link>
                                                                            <description>
                            <![CDATA[ Microsoft introduced a new Tamper Protection feature meant to stop malware from changing Windows security settings. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">23ELhHK9BpSFEkHthTvWJK</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/Ciy4x3LQyjTTrsDt6aNSdF-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 15 Oct 2019 15:15:44 +0000</pubDate>                                                                                                                                <updated>Thu, 30 Jan 2025 13:47:41 +0000</updated>
                                                                                                                                            <category><![CDATA[Cybersecurity]]></category>
                                                    <category><![CDATA[Tech Industry]]></category>
                                                                                                                    <dc:creator><![CDATA[ Nathaniel Mott ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/hEFeUwJHtzVDWEZTcjDqt9.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Nathaniel has been writing about various aspects of the technology industry, from startups and cybersecurity to social media and enthusiast hardware, since 2011. Lately, he spends his time writing and spending time with his family.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/Ciy4x3LQyjTTrsDt6aNSdF-1280-80.jpg">
                                                            <media:credit><![CDATA[Evlakhov Valeriy/Shutterstock]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/Ciy4x3LQyjTTrsDt6aNSdF-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <figure class="van-image-figure " data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:5000px;"><p class="vanilla-image-block" style="padding-top:66.56%;"><img id="" name="shutterstock_292864349.jpg" alt="" src="https://cdn.mos.cms.futurecdn.net/Ciy4x3LQyjTTrsDt6aNSdF.jpg" mos="" align="middle" fullscreen="" width="5000" height="3328" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=""><span class="credit" itemprop="copyrightHolder">(Image credit: Evlakhov Valeriy/Shutterstock)</span></figcaption></figure><p>Microsoft Defender, the security tool <a href="https://www.tomshardware.com/news/microsoft-plans-windows-defender-rebrand,39990.html" target="_blank">formerly known as Windows Defender</a>, received a new feature yesterday with the release of <a href="https://support.microsoft.com/en-us/help/4490103/windows-10-prevent-changes-to-security-settings-with-tamper-protection" target="_blank">Tamper Protection</a>, which Microsoft started testing in December 2018. Now, Tamper Protection is enabled by default, though it can still be disabled by going into the Windows Security page in the Settings app.</p><p>So what does Tamper Protection do? It stops anyone without the proper authorization from changing Microsoft Defender settings to undermine Windows 10&apos;s security. For most people that&apos;s supposed to stop malware from making them vulnerable to other attacks, but Microsoft&apos;s enterprise customers can also use the feature to stop non-administrators from weakening a system&apos;s defenses.</p><p>Tamper Protection technically debuted with the Windows 10 May 2019 Update, but it had to be manually activated and was originally available only to certain users. Making it available to everyone running the most recent version of <a href="https://www.tomshardware.com/reviews/get-windows-10-free-or-cheap,5717.html" target="_blank">Windows 10</a> (the second annual update won&apos;t debut until November) and enabling it by default should greatly increase the number of systems protected by the new feature.</p><p>Microsoft said in yesterday&apos;s announcement that it "will continue working on this feature, including building support for older Windows versions," moving forward. In the meantime, it believes that "it’s critical for customers, across home users and commercial customers, to turn on tamper protection to ensure that essential security solutions are not circumvented." </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Microsoft Patches New Wormable Bugs in Massive Security Update ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/microsoft-windows-wormable-bugs-cyber-security-update,40152.html</link>
                                                                            <description>
                            <![CDATA[ Microsoft patched 93 security vulnerabilities for the month of August, including two new wormable bugs. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">4DpsBQhuQFmciNHnyhyAzL</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/Yw2Ri8ABoSxQeamCVccGbH-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 14 Aug 2019 16:32:01 +0000</pubDate>                                                                                                                                <updated>Wed, 05 Feb 2025 14:15:47 +0000</updated>
                                                                                                                                            <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Lucian Armasu ]]></dc:creator>                                                                                                        <dc:description><![CDATA[ &lt;p&gt;Lucian Armasu is an experienced digital marketing specialist with over 15 years of experience. He has been featured in publications such as Tom&#039;s Hardware, Tom&#039;s Guide, Yahoo Tech, and Yahoo.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/Yw2Ri8ABoSxQeamCVccGbH-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/Yw2Ri8ABoSxQeamCVccGbH-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1500px;"><p class="vanilla-image-block" style="padding-top:66.60%;"><img id="" name="" alt="Credit: Shutterstock" src="https://cdn.mos.cms.futurecdn.net/Yw2Ri8ABoSxQeamCVccGbH.jpg" mos="https://cdn.mos.cms.futurecdn.net/Yw2Ri8ABoSxQeamCVccGbH.jpg" align="" fullscreen="1" width="1500" height="999" attribution="" endorsement="" class="pull- expandable"><a href='https://cdn.mos.cms.futurecdn.net/Yw2Ri8ABoSxQeamCVccGbH.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class="pull-"><span class="credit" itemprop="copyrightHolder">(Image credit: Shutterstock)</span></figcaption></figure><p>In the latest “Patch Tuesday” security fixes bundle, Microsoft included patches for two new critical Remote Code Execution (RCE) vulnerabilities (<a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181">CVE-2019-1181</a> and <a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182">CVE-2019-1182</a>) in the Windows Remote Desktop Services.</p><p>Following the <a href="https://www.tomshardware.com/news/million-windows-systems-rdp-vulnerability,39520.html">May disclosure of BlueKeep</a>, after the company’s security team attempted to harden the Remote Desktop Services feature in Windows, Microsoft’s engineers found two other wormable bugs that attackers could exploit. </p><p>The two vulnerabilities are part of 93 security vulnerabilities Microsoft and affect Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, as well as all versions of <a href="https://www.tomshardware.com/reviews/get-windows-10-free-or-cheap,5717.html">Windows 10</a>, including the server ones. According to Microsoft, Windows XP, Windows Server 2003 and Windows Server 2008 and Remote Desktop Protocol itself are not affected by the vulnerabilities.</p><p>In a <a href="https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/">blog post</a> this week, Microsoft said that it doesn’t believe that the vulnerabilities were being exploited in the wild by attackers. However, the company still urges everyone to update their systems immediately, as the bugs are every bit as dangerous as BlueKeep. </p><h2 id="microsoft-patches-93-vulnerabilities-in-latest-windows-update">Microsoft Patches 93 Vulnerabilities In Latest Windows Update</h2><p>System administrators will have their hands full in the second part of this month, as Microsoft has released a <a href="https://www.zerodayinitiative.com/blog/2019/8/13/the-august-2019-security-update-review">batch of 93 security fixes</a>, covering software, including Windows operating systems, Internet Explorer, Edge, ChakraCore, Microsoft Office, Microsoft Office Services and Web Apps, Azure DevOps Server, Visual Studio, Online Services and Microsoft Dynamics. Of the 93 bugs, about a third (29) are critical, while the other 64 are rated Important in severity.</p><p>Microsoft has recently complained that more than two-thirds of its Windows bugs are due to memory safety issues. The company said that it will experiment with replacing some parts of Windows code with code written in the Mozilla-sponsored <a href="https://msrc-blog.microsoft.com/2019/07/16/a-proactive-approach-to-more-secure-code/">Rust memory-safe programming language</a>. In the meantime, the Microsoft Defender solution seems to be doing quite well in <a href="https://www.tomshardware.com/news/windows-defender-perfect-scores-av-test,40139.html">antivirus tests</a> lately.</p><p>This week's news comes on the heels of the revelation of BlueKeep, a pre-authentication wormable RCE into the Windows Remote Desktop Protocol (RDP), Microsoft issued multiple warnings to users and organizations to patch immediately, as attackers could wreak havoc with such a security flaw. At the time, Microsoft believed that over 1 million systems were vulnerable to the BlueKeep bug. Due to the nature of a how a worm (a type of malicious software that can replicate itself) jumps from one computer network to the next, computers inside private networks not normally exposed to the Internet could have also been compromised.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Microsoft Preps Defender ATP Security Software for macOS ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/microsoft-defender-atp-apple-macos-support,38894.html</link>
                                                                            <description>
                            <![CDATA[ Microsoft announced Defender ATP enterprise services for businesses that use both Windows and macOS computers. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">LdTy2VN8sjatE9tYCdiSx6</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/6eesdDUpUrjRqj2a2JvbqT-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 22 Mar 2019 18:10:00 +0000</pubDate>                                                                                                                                <updated>Wed, 05 Feb 2025 14:06:52 +0000</updated>
                                                                                                                                            <category><![CDATA[MacOS]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                    <category><![CDATA[Operating Systems]]></category>
                                                                                                                    <dc:creator><![CDATA[ Lucian Armasu ]]></dc:creator>                                                                                                        <dc:description><![CDATA[ &lt;p&gt;Lucian Armasu is an experienced digital marketing specialist with over 15 years of experience. He has been featured in publications such as Tom&#039;s Hardware, Tom&#039;s Guide, Yahoo Tech, and Yahoo.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/6eesdDUpUrjRqj2a2JvbqT-1280-80.jpg">
                                                            <media:credit><![CDATA[Microsoft]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/6eesdDUpUrjRqj2a2JvbqT-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1198px;"><p class="vanilla-image-block" style="padding-top:59.27%;"><img id="" name="" alt="Credit: Microsoft" src="https://cdn.mos.cms.futurecdn.net/6eesdDUpUrjRqj2a2JvbqT.jpg" mos="https://cdn.mos.cms.futurecdn.net/6eesdDUpUrjRqj2a2JvbqT.jpg" align="" fullscreen="1" width="1198" height="710" attribution="" endorsement="" class="pull- expandable"><a href='https://cdn.mos.cms.futurecdn.net/6eesdDUpUrjRqj2a2JvbqT.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class="pull-"><span class="credit" itemprop="copyrightHolder">(Image credit: Microsoft)</span></figcaption></figure><p>Microsoft <a href="https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Announcing-Microsoft-Defender-ATP-for-Mac/ba-p/378010">announced</a> this week that its Microsoft Defender ATP software (previously known as Windows Defender ATP) is now available to preview for businesses using computers running macOS. Apple has claimed for many years that its macOS devices didn’t need antivirus software, but as more businesses adopt Macs, the number of threats has also increased. Defender ATP customers are now able to <a href="https://www.microsoft.com/en-us/wdsi/support/macpreviewsignup">apply for a preview</a> of the macOS client, Microsoft's announcement said. </p><h2 id="defender-atp-comes-to-macos">Defender ATP Comes to macOS</h2><p>Microsoft announced that businesses using both Windows and macOS devices will be able to use the new cross-platform Defender ATP solution to protect their devices and networks. The new client application will support macOS Mojave, macOS High Sierra, or macOS Sierra.</p><p>People using the Defender ATP client for macOS will be able to configure advanced settings such as:</p><ul><li>Disabling or enabling real-time protection, cloud-delivered protection and automatic sample submission</li><li>Adding exclusions for files and paths</li><li>Managing notifications when threats are found</li><li>Manually checking for security intelligence updates</li></ul><p>Along with the Defender ATP client, an auto-update service is also installed. This service ensures that the application has the latest features and security patches and also keeps the client constantly connected to the cloud. </p><h2 id="microsoft-defender-atp-for-enterprises">Microsoft Defender ATP for Enterprises</h2><p>Microsoft Defender ATP is Microsoft’s security service for companies that want not just anti-malware protection but also a detailed overview of their devices’ security, as well as the threats these companies may experience at any given moment.</p><p>Besides using existing security features built into Windows 10 Enterprise, such as Microsoft’s Defender antivirus, Device Guard and AppLocker, Defender ATP also uses big data analysis to provide IT professionals with insight on how to best respond to the existing threats. It also offers security professionals forensics data to see how a previous attack happened.</p><p>To provide all of these insights, Microsoft mines data from over 1 billion Windows computers, 2.5 trillion web URLs and over 1 million suspicious files it discovers every day. The company promises not to use all of this data for advertising purposes or any other purpose beyond Defender ATP’s intended goal of protecting devices against attacks.</p><div class="youtube-video" data-nosnippet ><div class="video-aspect-box"><iframe data-lazy-priority="low" data-lazy-src="https://www.youtube-nocookie.com/embed/26z6SwScYx4" allowfullscreen></iframe></div></div>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Windows 10 Insider Preview Build 17713 Brings Application Guard Improvements ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/windows-10-application-guard-improvements,37447.html</link>
                                                                            <description>
                            <![CDATA[ Preview Build 17713 brings improvements to Microsoft's sandboxing tech, biometric authentication for remote desktop sessions, and Edge browser enhancements. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">q8Cneb8DmncXak3PeKroq</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/GhcwXjCtVyT2KwiR9wfaqN-1280-80.png" type="image/png" length="0"></enclosure>
                                                                        <pubDate>Thu, 12 Jul 2018 16:55:00 +0000</pubDate>                                                                                                                                <updated>Wed, 05 Feb 2025 14:49:47 +0000</updated>
                                                                                                                                            <category><![CDATA[Windows]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                    <category><![CDATA[Operating Systems]]></category>
                                                                                                                    <dc:creator><![CDATA[ Lucian Armasu ]]></dc:creator>                                                                                                        <dc:description><![CDATA[ &lt;p&gt;Lucian Armasu is an experienced digital marketing specialist with over 15 years of experience. He has been featured in publications such as Tom&#039;s Hardware, Tom&#039;s Guide, Yahoo Tech, and Yahoo.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/png" url="https://cdn.mos.cms.futurecdn.net/GhcwXjCtVyT2KwiR9wfaqN-1280-80.png">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/GhcwXjCtVyT2KwiR9wfaqN-1280-80.png" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:450px;"><p class="vanilla-image-block" style="padding-top:36.67%;"><img id="" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/ottZdxjiKLKW58ET5G5vsc.png" mos="https://cdn.mos.cms.futurecdn.net/ottZdxjiKLKW58ET5G5vsc.png" align="" fullscreen="1" width="450" height="165" attribution="" endorsement="" class="pull- expandable"><a href='https://cdn.mos.cms.futurecdn.net/ottZdxjiKLKW58ET5G5vsc.png' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div></figure><p>Microsoft released Windows 10 Insider Preview Build 17713 to Windows Insiders in the Fast Ring. The new version brings some notable security-related enhancements, as well as other improvements.</p><h2 id="windows-defender-application-guard">Windows Defender Application Guard </h2><p><a href="https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview">Windows Defender Application Guard</a>, the sandboxing technology that can put applications (only the Edge browser for now) inside a virtual machine running another minimal instance of Windows, now comes with a new interface inside the Windows Security dashboard. </p><p>Users will be able to fully configure the Application Guard without messing with Registry key settings, and those whose computers are managed by enterprise policies will also be able to check what configurations their IT administration has made for their machines.</p><p>All of the new Application Guard settings will appear in the Windows Security dashboard, as long as the devices meet <a href="https://www.tomshardware.com/news/highly-secure-windows-10-devices,35863.html">certain hardware requirements</a>. Currently, Application Guard is also only supported on Windows 10 Enterprise build 1709 or newer, or Windows 10 Professional build 1803 or newer.</p><h2 id="microsoft-edge-improvements">Microsoft Edge Improvements</h2><p>Besides the isolated browsing offered by Application Guard, Edge also received several other improvements in build 17713. One of them is per-site media controls, which allows users to control autoplay permission on a per-site basis under the “Website permission” section of the Website Identification pane.</p><p>However, from the looks of it, autoplaying will remain on by default for websites, so you'll have to turn-off autoplay manually for each website that annoys you with autoplaying ads or videos.</p><p>You can now also look up definitions for words in Reading View, Books, and PDFs, and you can also choose to have the words read aloud in order to hear the correct pronunciation. Microsoft said that it also improved the PDF reader performance, which should open pages more quickly as you scroll through them, as well as as the PDF toolbar, which is now easier to use.</p><h2 id="new-sign-in-methods-amp-biometric-authentication">New Sign-in Methods & Biometric Authentication</h2><p>In Windows 10 Insider Preview Build 17713, Microsoft also enabled biometric authentication for remote desktop sessions via Windows Hello for Business. This feature doesn’t seem to support “convenience PINs,” presumably because the company knows how easily PINs can be broken by modern password cracking tools.</p><p>Microsoft also introduced “Web Sign-in,” a new form fo authentication for Azure customers, as well as Fast Sign-in, which will enable multiple users to sign-in to a shared PC more quickly.</p><p>Microsoft said that it’s now getting closer to releasing “Redstone 5” (RS5) build of Windows 10. RS5 has already been forked into its own build and the company will now focus on the stabilization of the code.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Google Project Zero Researcher Finds Bug In Windows Defender ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/project-zero-bug-windows-defender,36833.html</link>
                                                                            <description>
                            <![CDATA[ Gogole Project Zero researcher Thomas Dullien found a bug in Windows Defender's RAR archive inspection engine that could have allowed attackers to exploit Windows users for the past five years. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">TyiPrQyeAgRNu4iSgWjWE9</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/rjqWkc8u8ENxkEinWQxJKm-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 05 Apr 2018 19:30:00 +0000</pubDate>                                                                                                                                <updated>Thu, 30 Jan 2025 16:27:21 +0000</updated>
                                                                                                                                            <category><![CDATA[Cybersecurity]]></category>
                                                    <category><![CDATA[Tech Industry]]></category>
                                                                                                                    <dc:creator><![CDATA[ Lucian Armasu ]]></dc:creator>                                                                                                        <dc:description><![CDATA[ &lt;p&gt;Lucian Armasu is an experienced digital marketing specialist with over 15 years of experience. He has been featured in publications such as Tom&#039;s Hardware, Tom&#039;s Guide, Yahoo Tech, and Yahoo.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/rjqWkc8u8ENxkEinWQxJKm-1280-80.jpg">
                                                            <media:credit><![CDATA[null]]></media:credit>
                                                                                                                                                                                                                                                                                                                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/rjqWkc8u8ENxkEinWQxJKm-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:895px;"><p class="vanilla-image-block" style="padding-top:65.25%;"><img id="" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/rjqWkc8u8ENxkEinWQxJKm.jpg" mos="https://cdn.mos.cms.futurecdn.net/rjqWkc8u8ENxkEinWQxJKm.jpg" align="" fullscreen="1" width="895" height="584" attribution="" endorsement="" class="pull- expandable"><a href='https://cdn.mos.cms.futurecdn.net/rjqWkc8u8ENxkEinWQxJKm.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div></figure><p>A Google Project Zero security researcher discovered a way to exploit how Windows Defender scans RAR archive files. All Windows versions are vulnerable to this bug.</p><h2 id="an-unrar-bug-in-windows-defender">An UnRAR Bug In Windows Defender</h2><p>Project Zero researcher <a href="https://twitter.com/halvarflake">Thomas Dullien</a> inspected Windows Defender’s mpengine.dll and discovered that the code responsible for processing RAR archive files was based on a modified version of the open source UnRAR software. Microsoft’s fork appears to be a version older than or equal to UnRAR 4.2.4, which is more than five years old.</p><p>According to Dullien, Microsoft’s modifications to the code turned all signed variables into unsigned, which introduced a severe memory corruption vulnerability that allows attackers to exploit the host operating system.</p><p>The Windows Defender bug seems to be related to a bug in a 2012 version of UnRAR that likely remained unfixed as Microsoft ported it to its antivirus engine. The same bug should affect other third-party software with old UnRAR code integrated.</p><p>Last year, Dullien <a href="https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6#maincol">alerted the RAR Labs developers</a> about the bug found in UnRAR, and the RAR developers fixed the issue in UnRAR version 5.5.5. However, as Microsoft has continued to use an older version of UnRAR, its antivirus remained affected.</p><h2 id="windows-defender-users-must-update">Windows Defender Users Must Update</h2><p>Attackers who have known about the UnRAR bug since 2012 could have been exploiting Windows users all this time. Users with Windows Defender real-time protection enabled could have been exploited via specially crafted web pages or email attachments and <a href="https://www.tomshardware.com/news/bitglass-report-cloud-hosted-files-malware,36471.html">cloud-hosted files</a>.</p><p>Microsoft advised users to verify that they have the <a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0986">latest Windows updates</a>. The Microsoft Malware Protection Engine version needs to be 1.1.13704.0 or later.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Microsoft Security Essentials Fails Certification Again ]]></title>
                                                                                                                                                                                                <link>https://www.tomshardware.com/news/AV-TEST-Certification-Security-Essentials-Double-Failure-0-Day,20524.html</link>
                                                                            <description>
                            <![CDATA[ Microsoft's security suite has failed AV-TEST certification for a second time in a row. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">qbdUxmbZMkTuuECAMCA9cP</guid>
                                                                                                                            <pubDate>Thu, 17 Jan 2013 23:56:00 +0000</pubDate>                                                                                                                                <updated>Wed, 05 Feb 2025 14:16:44 +0000</updated>
                                                                                                                                            <category><![CDATA[Windows]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                    <category><![CDATA[Operating Systems]]></category>
                                                                                                                    <dc:creator><![CDATA[ Kevin Parrish ]]></dc:creator>                                                                                                        <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                                        <content:encoded >
                            <![CDATA[
                            <article>
                                <figure class="van-image-figure pull-" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1200px;"><p class="vanilla-image-block" style="padding-top:75.00%;"><img id="" name="" alt="" src="https://cdn.mos.cms.futurecdn.net/VT3mspobsZura7NNyeVsqB.jpg" mos="https://cdn.mos.cms.futurecdn.net/VT3mspobsZura7NNyeVsqB.jpg" align="" fullscreen="1" width="1200" height="900" attribution="" endorsement="" class="pull- expandable"><a href='https://cdn.mos.cms.futurecdn.net/VT3mspobsZura7NNyeVsqB.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div></figure><p>At the end of November, <a href="https://www.tomshardware.com/news/Microsoft-Security-Essentials-AV-TEST-Malware-Certification-Bitdefender,19452.html">German anti-virus lab AV-TEST published the results of tests conducted with twenty-four of the latest anti-virus programs for home users</a>. Twenty-three products received AV-TEST certification when used with Windows 7, but Microsoft's own Security Essentials suite failed. Now two months later, the suite has failed certification again.</p><p>The lab publishes tests results every two months, <a href="http://www.av-test.org/en/tests/home-user/windows-7/novdec-2012/">and for this latest installment for November and December</a>, the firm evaluated 25 consumer antivirus security programs. This time around, Microsoft Security Essentials 4.1 wasn't the only one to fail certification, as it was joined by PC Tools Internet Security 2012 and AhnLab Internet Security 8.0.</p><p>According to the results, Microsoft Security Essentials 4.1 scored a 1.5 out of 6.0 in the Protection category, caused by its lower-than-average protection against 0-day malware attacks, inclusive of web and e-mail threats (Real-World Testing). Its detection of a "representative set of malware discovered in the last 2-3 months" was also lower than the industry average.</p><p>In the Repair department, Microsoft Security Essentials 4.1 scored a 3.0 out of 6.0. The suite's ability to remove all active components of widespread malware (including Rootkits and stealth malware) fell under the industry average, and its ability to detect actively running widespread malware (including Rootkits and stealth malware) also fell under the industry standard.</p><p>What's surprising here is that Microsoft Security Essentials <em>has failed again</em>. After all, it's deemed as the most popular security suite not only in North America, but across the world because (1) it's free and (2) it's native to the Windows platform. That said, Microsoft's in-house security suite should be at the top of the certification ranks, not along the bottom with the failures.</p><p><a href="http://reviews.cnet.com/8301-3667_7-57564385/microsoft-bombs-another-security-test/?part=rss&subj=news&tag=title">Dave Forstrom, director of Trustworthy Computing for Microsoft, responded to a query from CNET about the double failure</a>. Unsurprisingly, he didn't offer any reasons as to why the software failed <em>two</em> consecutive certification tests.</p><p>"Microsoft believes in a defense in-depth strategy for antimalware protection that includes using Microsoft Security Essentials / Windows Defender in tandem with other appropriate security features such as SmartScreen, as well as keeping all software up-to-date," he wrote. "Our antimalware engine is designed to work in concert with these Microsoft security features to create a comprehensive security strategy. Microsoft focuses its protection efforts on what affects our customers, using real-world data collected from more than 600 million systems worldwide. We weigh these samples by severity and prevalence of malware in the wild."</p><p>Cnet points out that Microsoft Security Essentials 4.1 missed certification by a whole point in the recent certification test, a lower score than the previous failure when Microsoft missed certification by half a point.</p><p>To see the AV-TEST score for November and December, <a href="http://www.av-test.org/en/tests/home-user/windows-7/novdec-2012/">head here</a>.</p><p><a href="mailto:news-us@bestofmedia.com?subject=News%20Article%20Feedback"><em><sub>Contact Us for News Tips, Corrections and Feedback</sub></em></a></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
            </channel>
</rss>