Microsoft releases emergency security updates for Windows and Visual Studio

Microsoft has published today two out-of-band security updates to address security issues in the Windows Codecs library and the Visual Studio Code application.

The two updates come as late arrivals after the company released its monthly batch of security updates earlier this week, on Tuesday, patching 87 vulnerabilities this month.

Both new vulnerabilities are “remote code execution” flaws, allowing attackers to execute code on impacted systems.

Windows Codecs Library vulnerability

The first bug is tracked as CVE-2020-17022. Microsoft says that attackers can craft malicious images that, when processed by an app running on top of Windows, can allow the attacker to execute code on an unpatched Windows OS.

All Windows 10 versions are impacted.

Microsoft said an update for this library would be automatically installed on user systems via the Microsoft Store.

Not all users are impacted, but only those who have installed the optional HEVC or “HEVC

Read More

An iPhone-loving Best Buy rep told me which phone to buy and I’m stunned

This was the phone I wanted to see.

Cho Mu-Hyun/ZDNet

When October comes, you can get jittery.

You stare at your phone and wonder whether it’s the best expression of who you are. Or, perhaps, of what you’ve become.

Cynically, smartphones makers know this. So they bombard you with their latest wares at your most vulnerable time.

Why, I look down at my black, somewhat scratched iPhone XR and I see a reflection of a dark, damaged soul.

And then there was last week’s iPhone 12 event which tantalized with a gamut of phones that all have very similar capabilities but very different sizes.

I went, therefore, for psychological guidance to the home of physical retail objectivity, Best Buy.

I hadn’t been to one for quite a while and I needed some cheery, forthright advice.

Now She Sees It, Now You Don’t.

I confess I’ve been teetering toward the

Read More

Spanish court to question witnesses over ‘illegal surveillance’ of WikiLeaks founder Julian Assange

A Spanish court investigating allegations that a security company illegally spied on visitors to WikiLeaks founder Julian Assange at the Ecuadorian Embassy in London will hear evidence from lawyers and a computer security specialist.

Andy Müller-Maguhn, a computer security expert and former spokesman for hacking organisation the Chaos Computer Club, is due to give evidence by video-link on 26 October as part of an investigation into illegal surveillance at the embassy.

The court will also question lawyer Renata Ávila from Guatemala and Juan Branco, a French lawyer, on 26 and 27 October. They are two of at least 15 lawyers who are said to have assisted Assange.

Müller-Maguhn, who runs a company that develops cryptophones, is a personal friend of Assange, and visited the WikiLeaks founder regularly during his time at the Ecuadorian Embassy.

He is vice-president of the Wau Holland Foundation, which has supported journalistic activities connected

Read More

Virtual studios, where the filmmaking takes place in front of a halo of flat screen displays connected to PCs, are offering a real alternative to green screens (Daniel Cooper/Engadget)

Daniel Cooper / Engadget:

Virtual studios, where the filmmaking takes place in front of a halo of flat screen displays connected to PCs, are offering a real alternative to green screens  —  For as long as filmmaking has existed, there has been a need to build fantastic worlds in front of cameras.… Read More