close

Business Technology

Business Technology

Microsoft Restricts XLM Macros in Excel to Prevent Malware Attacks

Microsoft-Excel-Macro-WinBuzzer-Own-696×392

Microsoft-Excel-Macro-WinBuzzer-Own

Microsoft wants organizations to shift from Excel 4.0 (XLM) macro when automating spreadsheets, a feature that has been part of the Office app since the 1990s. The company would prefer customers use Visual Basic for Applications (VBA), which is much more secure. Now, Microsoft says it will actively restrict the use of XLM macros by default in Excel.

According to Microsoft, Excel 4.0 XLM macros are open to attack. A threat actor could target the macros to deliver malware into a system. This could be achievable via a relatively simple surface-level attack.

Macro malware is one of the oldest cybercrime methods, at least amongst those still in use today. Threat actors have been turning to macros since the 90s, and still getting some success. That’s because this is a simple technique for pushing malware onto a system.

Back in March 2021, Microsoft updated Antimalware Scan Interface in Office 365 to scan Excel files that are in the older 4.0 language for macro malware. This has clearly not been enough to appease the company’s concerns so now Microsoft will simply restrict the use of XLM macros.

Changing Configuration

In the Excel Trust Center, the app now shows that macros are disabled. It is worth noting users can choose to enable them here. Excel users can instead handle default behaviors in cells by using Cloud Policies, Group Policies, or ADMX policies.

In a blog post to confirm the change, Microsoft says the new configuration will make its way to the following Excel users:

  • “Current Channel builds 2110 or greater (first released in October)
  • Monthly Enterprise Channel builds 2110 or greater (first released in December)
  • Semi-Annual Enterprise Channel (Preview) builds 2201 or greater (we create this in January 2022, but it first ships in March 2022)
  • Semi-Annual Enterprise Channel builds 2201 or greater (will ship July 2022)”

Tip of the day: Did you know that as a Windows 10 admin you can restrict user accounts by disabling settings or the control panel? Our tutorial shows how to disable and enable them via Group Policy and the registry.

Source Winbuzzer

read more
Business Technology

Microsoft’s $60bn Activision Deal Clears $20bn from Sony’s Valuation in a Day

Citrix_Posters

S5-PS5-Dgitial-Edition-Sony

Microsoft yesterday dropped a bombshell that rocked both the gaming and general tech industries. The company revealed it would spend a massive $68.7 billion in all cash to purchase Activision Blizzard. This means Microsoft will control one of the world’s biggest game developers. While shockwaves are being felt through the gaming realm, Sony is feeling the biggest fallout.

Specifically, Microsoft’s announcement wiped $20 billion from the company’s market value. On the Tokyo stock market, Sony’s share price fell up to 13% during trading hours, while in the US the stock slipped 7% at the close of trading last night.

One of the questions surrounding Microsoft’s deal is whether it will make Activision Blizzard’s games Xbox exclusives. We are talking some of the biggest franchises in gaming, such as Warcraft, Diablo, and of course, Call of Duty.

While it is unlikely Microsoft will aim for direct exclusivity, there are some details that are concerning for Sony. For example, customers will likely still be able to buy and play Call or Duty on PlayStation. However, Microsoft will be able to offer the franchise exclusively on its Game Pass platform.

Contrasting Fortunes

I am convinced this is one area of the Microsoft/Activision deal that regulators will pay close attention to. With Microsoft already owning ZeniMax Media (Bethesda) following a $7.5 billion deal, there could be concerns of the company monopolizing the triple A game market. Or, at least attempting to.

It will be interesting to see what Microsoft does with all the major properties it now has. After losing the last generation of consoles in terms of sales, it seems the company has decided to simply throw money at the situation in an effort to beat Sony… it seems to be working.

Market strategist Amir Anvarzadeh noted to investors “Sony will have a monumental challenge on its hand to stand its own in this war of attrition. With Call of Duty now most likely to be added exclusively to the Game Pass roster, the headwinds for Sony are only going to get tougher.”

Although the analyst admits the gaming industry tends to overreact and this is likely the case in this instance.

While Sony’s shares tumble, Activision Blizzard’s rose 25%. Microsoft’s interest has provided a much-needed jolt to a company that has faced controversies around workplace harassment over the last year.

Tip of the day: Windows Power Throttling can net up to 11% more battery savings per charge with little negative impact. In some scenarios you might consider turning Power Throttling off for single apps that you want run with maximum performance. Our tutorial shows you various methods to manage Power Throttling.

Source Winbuzzer

read more
Business Technology

FTC Probe into Meta’s $400 Million Supernatural Acquisition May Halt Deal until 2023

download (75)

Meta-Facebook-Image

Meta Platform, the parent company of Facebook, has its eyes on a $400 million acquisition of virtual reality developer Supernatural. The deal is part of Meta’s aggressive push into metaverse technology. However, the U.S. Federal Trade Commission has concern and an ongoing investigation is putting the brakes on finalizing the deal.

According to The Information, FTC started a probe into the Meta and Supernatural acquisition. FTC has been investigating the merger since November, shortly after Thanksgiving.

It now seems the probe is halting Meta’s timeline for wrapping up the deal. It could mean the company will not be able to complete the purchase in 2022. So, if approval is given the deal for Supernatural will not close until 2023.

While the specifics of FTC’s concerns are not known, it is likely part of an overall drive to prevent tech giants from shutting down competition.

There are two ways this could happen. Firstly, the Big Tech company buys the smaller provider, essentially removing a potential competitor from the market. Secondly, by purchasing enough rivals that the Big Tech company holds a monopoly.

Probe

Of course, Meta is not alone in this kind of aggressive market activity. In fact, Microsoft has been one of the most consistent tech buyers in recent years. I am writing this story just a day after Microsoft signaled intentions to buy Activision Blizzard for $68 billion.

FTC Chair Lina Kahn is focusing on preventing such aggressive market takeovers. This seems to be the reason for investigating Meta’s interest in Supernatural. Importantly, there is no indication approval will not be given, just that Meta must now wait longer for clearance.

While I think any obstacle to stop Meta/Facebook becoming the dominant player in the metaverse is a good thing, the shift is underway. We have already reported how Microsoft is bleeding top development talent to Meta, and how Apple is paying massive bonuses to stop the same happening to them.

Tip of the day: Windows Power Throttling can net up to 11% more battery savings per charge with little negative impact. In some scenarios you might consider turning Power Throttling off for single apps that you want run with maximum performance. Our tutorial shows you various methods to manage Power Throttling.

Source Winbuzzer

read more
Business Technology

Google and Facebook Face Collusion Lawsuit over Illegal Ad Deal

download (74)

Gavel Legal Flickr Reuse Label

Tech companies and shady business go hand-in-hand, whether it is tax dodging or monopolizing over smaller rivals. However, when it comes to tech sleaze and corruption, Facebook and Google are the best/worst. The latter has faced several issues regarding its practices, while Facebook’s wrap sheet is endless, covering all facets of tech-based deception.

Harsh? I don’t think so. And the latest accusation proves the point. According to an unredacted US court filing, the CEOs of both Google and Facebook personally oversaw an illegal advertising partnership back in 2018.

Yes, that mean Google chief Sundar Pichai and Meta/Facebook leader Mark Zuckerberg personally knew and colluded to work together to control ads. Of course, it comes as no surprise that Zuckerberg would be involved, he is never too far away from these controversies.

It is worth noting that we are the accusation stage here based on court filings from a coalition of US states that was first filed in 2020. According to the jurisdictions, Google and Facebook struck a deal where Facebook would participate and win a fixed percentage of Google Ad auctions.

In other words, it was predetermined that Facebook would win what are essentially supposed to be open auctions. The plaintiffs claim this amounts to an “illegal price-fixing agreement.”

Ad Collusion

Google is the dominant player in online ads, basically controlling the market by because all advertisers want to work on the network. It provides the underpinning software that websites use to get ads from visitors.

The lawsuit alleges Google has been manipulating the market out of concern for “header bidding”, which is a different way of getting ads. Whereas Google uses ad auctioning, header bidding seeks to democratize online ads by giving publishers more control over ad slots on their site. The method comes from a collection of independent advertisers.

Facebook has been increasingly moving into this area, causing concern within Google. To stem Facebook’s push into header bidding in 2017, Google sought out the company as a partner. Citing an email between Zuckerberg and Facebook COO Sherly Sandberg, the executives describe the deal with Google as a “big deal strategically.”

Sandberg then followed up the email asking for Zuckerberg to give approval. “We’re nearly ready to sign and need your approval to move forward.” It is worth noting the names are redacted in the emails but named in the court filing.

Both Google and Facebook have previously denied any wrong doing, but neither company has commented on the latest developments.

Tip of the day: The Windows default font these days is Segoe UI, a fairly simple and no-nonsense typeface that’s used across many of Microsoft’s products. However, though some like this subdued style, others look to change Windows font to something with a bit more personality.

Thankfully, Microsoft does let you change Windows fonts, but it doesn’t make it particularly easy. I our tutorial we show you how to change system font in Windows 10, or restore it again if you don’t like the changes.

Source Winbuzzer

read more
Business Technology

Microsoft Edge Gets YouTube on Windows

download (73)

Microsoft-Edge-YouTube-Collections-Windows-Latest

Microsoft seems to be on a mission to make its Edge web browser an all-in-one internet tool. We have seen numerous Microsoft Edge updates and features that don’t really have anything to do with the browser experience. With the latest news that a YouTube integration is coming to the browser, we have yet another useful but unnecessary feature.

Normally for the kind of integrations and features Microsoft is throwing at Edge, users would need extensions. Of course, Edge has extensions, so it is unclear why Microsoft wants to many features. It seems like the company just wants Edge to be as feature-rich as possible even without extensions.

With the YouTube integration, the company is adding a YouTube panel where videos will appear in Microsoft Edge Collections. It is part of Microsoft’s goal to add an RSS feed to the browser and will allow users to see YouTube videos in a single click via the Collections pane.

With the YouTube follow button, users will be able to add their favorite creators. This button will be located in the URL bar of videos, allowing you to add creators to your Edge follow list in a single click. When a new video is uploaded from a channel you follow, Edge will notify you and allow quick access to watch the content.

This YouTube feature is currently in A/B testing so it is only available to select Edge testers on the Canary development channel. Those who have used it say it is enabled by default, but that may change when it reached the full release.

Discover Tab

Microsoft is also working on  a new Discover tab for Edge. While this is similar to the Discover tab on Google Chrome, in Edge the feature allows users to see similar content to what they are watching through Bing.

This feature is also in limited availability via Edge Canary. It shows up on the right side of the browser windows and appears when the user clicks a new button.

Tip of the day: The Windows default font these days is Segoe UI, a fairly simple and no-nonsense typeface that’s used across many of Microsoft’s products. However, though some like this subdued style, others look to change Windows font to something with a bit more personality.

Thankfully, Microsoft does let you change Windows fonts, but it doesn’t make it particularly easy. I our tutorial we show you how to change system font in Windows 10, or restore it again if you don’t like the changes.

Source Winbuzzer

read more
Business Technology

Microsoft Security Warns of Ukraine Government Cyberattack

download (72)

Cyber-Security-Lock-Pixabay

On Saturday, a Microsoft Security blog identified a cyberattack that is ongoing against Ukrainian government agencies and organizations within the country. According to Microsoft, there are dozens of computer networks that have been affected by the malware campaign.

Interestingly, the attacks appear to be ransomware, a common type of cyberattack. However, Microsoft Security points out that in reality the attack is a dangerous malware masquerading as ransomware.

With the malware, threat actors a targeting government and private organizations in Ukraine. Some of the government agencies offer essential emergency response. At the core of the malware is the ability to freeze computers.

“Our investigation teams have identified the malware on dozens of impacted systems and that number could grow as our investigation continues,” Microsoft Security confirmed in a blog post Saturday. “These systems span multiple government, non-profit and information technology organizations, all based in Ukraine.”

Microsoft points to the following reasons why this is not a ransomware attack:

  • “Ransomware payloads are typically customized per victim. In this case, the same ransom payload was observed at multiple victims.
  • Virtually all ransomware encrypts the contents of files on the filesystem. The malware in this case overwrites the MBR with no mechanism for recovery. 
  • Explicit payment amounts and cryptocurrency wallet addresses are rarely specified in modern criminal ransom notes, but were specified by DEV-0586. The same Bitcoin wallet address has been observed across all DEV-0586 intrusions and at the time of analysis, the only activity was a small transfer on January 14.
  • It is rare for the communication method to be only a Tox ID, an identifier for use with the Tox encrypted messaging protocol. Typically, there are websites with support forums or multiple methods of contact (including email) to make it easy for the victim to successfully make contact.
  • Most criminal ransom notes include a custom ID that a victim is instructed to send in their communications to the attackers. This is an important part of the process where the custom ID maps on the backend of the ransomware operation to a victim-specific decryption key. The ransom note in this case does not include a custom ID.”

Blame Game

Microsoft first discovered the malware campaign last Thursday as a cyberattack gripped dozens of Ukraine government web portals at the same time. This attack came with the message “be afraid and expect the worst.”

Tensions between Ukraine and Russia continue, with Moscow placing 100,000 troops on the border. While the threat of a physical attack is clear, there is no doubt Russia could also engage in cyber warfare.

In the Ukraine, official has put the cause of the attacks on Russia, claiming hacking groups associated with Moscow were responsible. Russia has denied involvement and Microsoft did not say if it believes the attacks were state-sponsored.

Tip of the day: The Windows default font these days is Segoe UI, a fairly simple and no-nonsense typeface that’s used across many of Microsoft’s products. However, though some like this subdued style, others look to change Windows font to something with a bit more personality.

Thankfully, Microsoft does let you change Windows fonts, but it doesn’t make it particularly easy. I our tutorial we show you how to change system font in Windows 10, or restore it again if you don’t like the changes.

Source Winbuzzer

read more
Business Technology

Russia Takes down REvil Ransomware Group following US Request

download (70)

Cybersecurity Lock Notebook Keyboard via Pixabay

Russian authorities have taken down a ransomware gang at the request of US authorities. According to the Federal Security Service (FSB), it took action and removed the REvil ransomware group. Reports in Russia claim the security agency raided and shutdown 25 locations across Moscow, St. Petersburg, Leningrad, and Lipetsk.

During the takedowns, more than $5.6 million was claimed, including cryptocurrency, dollars, 20 luxury vehicles, and euros.

FSB arrested and charged 14 cybercriminals involved in the illegal operation and charged them with “illegal circulation of means of payment”. Furthermore, the service was able to take down the gang’s wider digital infrastructure.

Russian authorities took action due to a formal request from US investigators who were “reporting about the leader of the criminal community and his involvement in encroachments on the information resources of foreign high-tech companies by introducing malicious software, encrypting information and extorting money for its decryption.”

Takedown

The FSB goes on to add that by collaborating with the Ministry of Internal Affairs in Russia, the operations of REvil were shut down entirely.

“The information infrastructure used for criminal purposes was neutralized. Representatives of the competent U.S. authorities have been informed about the results of the operation.”

REvil has been a major player in the ransomware realm for some time and has targeted big name brands and claimed million of dollars. However, the group has been losing power compared to emerging operators in ransomware. In other words, it is unlikely the takedown will do much to stop the growth of ransom attacks.

Tip of the day: Do you often experience PC freezes or crashs with Blue Screens of Death (BSOD)? Then you should use Windows Memory Diagnostic to test your computers RAM for any problems that might be caused from damaged memory modules. It is a tool built which can be launched at startup to run various memory checks.

Source Winbuzer

read more
Business Technology

Microsoft Commits to Sexual Harassment Review by Independent Law Firm

Nadella-Build-2017-Own-696×391

Nadella-Build-2017-Own

Microsoft says it is going through a review of its sexual harassment and gender discrimination policies and will hire an independent law firm to conduct the process. Specifically, legal company Arent Fox will look into the effectiveness of Microsoft’s policies and practices.

The company is taking the action following a shareholder resolution advisory during last year’s annual shareholders meeting. There has been growing concern regarding Microsoft’s policies and the culture that is forming at the company.

For example, dozens of claims regarding discrimination and sexual harassment stretching back years. The review will almost certainly cover the 2019 accusations of sexual harassment against Microsoft founder Bill Gates. While a board investigation followed that incident, the review will look into the actions of that investigation.

“Our culture remains our number one priority and the entire board appreciates the critical importance of a safe and inclusive environment for all Microsoft employees,” Microsoft chairman and CEO Satya Nadella says about the review.

Arent Fox will be able to conduct its review completely independently because the firm “has not previously been involved in representing Microsoft in employment matters, nor has it done a significant amount of work for the company in the past”.

Review

Areas where the review will focus include a 2018 class-action lawsuit and subsequent employee concerns regarding allegations of sexual harassment/ discrimination numbering 238 cases. These allegations cover a time period between 2010 and 2016. Furthermore, Arent Fox will look into what procedures Microsoft has to address those issues.

Furthermore, the firm will review Microsoft’s entire process including policies, commitments, and procedures for handling discrimination/harassment. Microsoft says a transparent public report will be made available when the review concludes.

“We’re committed not just to reviewing the report but learning from the assessment so we can continue to improve the experiences of our employees. I embrace this comprehensive review as an opportunity to continue to get better,” Nadella adds.

Tip of the day: Do you often experience PC freezes or crashs with Blue Screens of Death (BSOD)? Then you should use Windows Memory Diagnostic to test your computers RAM for any problems that might be caused from damaged memory modules. It is a tool built which can be launched at startup to run various memory checks.

Source Winbuzzer

read more
Business Technology

Microsoft Brings Single Sign-on to Office Add-Ins

1-How-and-where-to-buy-a-Microsoft-Office-license

How and where to buy a Microsoft Office license

Microsoft is adding a new single sign-on (SSO) feature in Office Add-ins. While this will boost security of add-ins within the Office suite, it is only available for the web version of Microsoft’s productivity platform.

According to the company, the new SSO for Add-ins only works in some Office applications. Specifically, Word, Excel, and PowerPoint. While they are the core apps on the suite, it means add-ins in apps like Outlook will not get the SSO.

Microsoft is selling the new feature as a way to bring more reliability on Office on the web. As a new service, users with Office Add-ins must change their authorized client applications like in the Azure portal with this ID: 93d53678-613d-4013-afc1-62e9e444a0a5.

With the ID ea5a67f6-b6f3-4338-b240-c655ddc3cc8e that some customers already have, no changes are necessary because this ID includes the SSO service automatically. Microsoft explains that an update may be necessary for individual application IDs:

“You don’t have to do anything to take advantage of the new service after the rollout period, but if you check in your applications back-end for specific application IDs, be sure to update it appropriately.”

Updating

The new SSO for those Microsoft Office apps will start rolling out on February 7, so users must configure before then or applications will not accept the new SSO.

“If you do not update your application pre-authorization for SSO enabled add-ins, they will cease to use the SSO flow as of this date in Office on the web and will instead utilize the implemented fallback method, if available. You will also see error 13005 as the response if you have not updated your preauthorizations.”

Tip of the day: By default computer names in Windows tend to be quite plain. By default, they tend to be ‘WIN’ or ‘Desktop’, followed by a string of random letters and numbers. We show you how to change your PC name with Settings, Command Prompt or PowerShell to make it more easily identifiable.

Source Winbuzzer

read more
Business Technology

Microsoft Brings Files On-Demand to All OneDrive Users on MacOS

Files-On-Demand-OneDrive-Mac

Files-On-Demand-OneDrive-Mac

Microsoft has announced it is expanding the availability of OneDrive Files On-Demand for macOS users. Specifically, the company says the feature is now available for all users running macOS 12.1 or newer.

It is worth noting this is the new OneDrive Files On-Demand feature that was initially brought to the platform in June last year. Since then, the new experience has been in limited availability. That is changing as wider support is now coming to users.

Files On Demand is a service that lets users work with Office 365 files across OneDrive and SharePoint. Microsoft announced the feature back at Build 2017. On macOS, Microsoft introduced support for the feature in 2019.

New Features

The 2021 update for Files On-Demand brought the following new abilities to OneDrive on macOS:

  • “The new Files On-Demand experience requires a volume that is formatted with APFS. HFS+ volumes are not supported.
  • With the new Files On-Demand experience, the sync root is always located within users’ home directory, in a path such as: ~/Library/CloudStorage/OneDrive-Personal
  • To support the new experience, OneDrive maintains a cache path in a hidden location. This path contains a replica of the file tree that the user is syncing.
  • For OneDrive to complete setup with the new File Provider platform, the user must consent to allow OneDrive to sync.
  • Files that are kept in the sync root do not count against disk space usage, unless they are marked as “Always Keep on This Device.”
  • The new Files On-Demand experience supports some existing features of APFS that were previously poorly supported by OneDrive. These include:
    • File tags
    • Last used date
    • File system flags
    • Extended attributes
    • Type and creator code
    • Symlinks
  • OneDrive now supports syncing packages, or files that appear as a single file but are actually a directory with many files and folders underneath them. Some applications exclusively create packages.
  • When you unlink your Mac or unmount a syncing location, OneDrive will preserve the non-dataless contents of your sync root.”

Tip of the day: By default computer names in Windows tend to be quite plain. By default, they tend to be ‘WIN’ or ‘Desktop’, followed by a string of random letters and numbers. We show you how to change your PC name with Settings, Command Prompt or PowerShell to make it more easily identifiable.

Source Winbuzzer

read more
1 2 3 20
Page 1 of 20