Microsoft is fully rolling out passkey support for all consumer accounts today. From a report: After enabling them in Windows 11 last year, Microsoft account owners can also now generate passkeys across Windows, Android, and iOS. This makes it effortless to sign in to a Microsoft account without having to type a password in every time.

Read more of this story at Slashdot.

Microsoft has confirmed that the April 2024 Windows security updates break VPN connections across client and server platforms. From a report: The company explains on the Windows health dashboard that "Windows devices might face VPN connection failures after installing the April 2024 security update or the April 2024 non-security preview update." "We are investigating user reports, and we will provide more information in the coming days," Redmond added. The list of affected Windows versions includes Windows 11, Windows 10, and Windows Server 2008 and later.

Read more of this story at Slashdot.

Microsoft's motivation for investing heavily and partnering with OpenAI came from a sense of falling badly behind Google, according to an internal email released Tuesday as part of the Justice Department's antitrust case against the search giant. Bloomberg: The Windows software maker's chief technology officer, Kevin Scott, was "very, very worried" when he looked at the AI model-training capability gap between Alphabet's efforts and Microsoft's, he wrote in a 2019 message to Chief Executive Officer Satya Nadella and co-founder Bill Gates. The exchange shows how the company's top executives privately acknowledged they lacked the infrastructure and development speed to catch up to the likes of OpenAI and Google's DeepMind. [...] Scott, who also serves as executive vice president of artificial intelligence at Microsoft, observed that Google's search product had improved on competitive metrics because of the Alphabet company's advancements in AI. The Microsoft executive wrote that he made a mistake by dismissing some of the earlier AI efforts of its competitors. "We are multiple years behind the competition in terms of machine learning scale," Scott said in the email. Significant portions of the message, titled 'Thoughts on OpenAI,' remain redacted. Nadella endorsed Scott's email, forwarding it to Chief Financial Officer Amy Hood and saying it explains "why I want us to do this."

Read more of this story at Slashdot.

theodp writes: Reports of the death of Bill Gates' influence at Microsoft have been greatly exaggerated: "Publicly, [Bill] Gates has been almost entirely out of the picture at Microsoft since 2021, following allegations that he had behaved inappropriately toward female employees. In fact, Business Insider has learned, Gates has been quietly orchestrating much of Microsoft's AI revolution from behind the scenes. Current and former executives say Gates remains intimately involved in the company's operations -- advising on strategy, reviewing products, recruiting high-level executives, and nurturing Microsoft's crucial relationship with Sam Altman, the cofounder and CEO of OpenAI. In early 2023, when Microsoft debuted a version of its search engine Bing turbocharged by the same technology as ChatGPT, throwing down the gauntlet against competitors like Google, Gates, executives said, was pivotal in setting the plan in motion. While Nadella might be the public face of the company's AI success [...] Gates has been the man behind the curtain."[...] "Today, Gates remains close with Altman, who visits his home a few times a year, and OpenAI seeks his counsel on developments. There's a 'tight coupling' between Gates and OpenAI, a person familiar with the relationship said. 'Sam and Bill are good friends. OpenAI takes his opinion and consult overall seriously.' OpenAI spokesperson Kayla Wood confirmed OpenAI continues to meet with Gates."

Read more of this story at Slashdot.

Eight prominent U.S. newspapers owned by investment giant Alden Global Capital are suing OpenAI and Microsoft for copyright infringement, in a complaint filed Tuesday in the Southern District of New York. From a report: Until now, the Times was the only major newspaper to take legal action against AI firms for copyright infringement. Many other news publishers, including the Financial Times, the Associated Press and Axel Springer, have instead opted to strike paid deals with AI companies for millions of dollars annually, undermining the Times' argument that it should be compensated billions of dollars in damages. The lawsuit is being filed on behalf of some of the most prominent regional daily newspapers in the Alden portfolio, including the New York Daily News, Chicago Tribune, Orlando Sentinel, South Florida Sun Sentinel, San Jose Mercury News, Denver Post, Orange County Register and St. Paul Pioneer Press.

Read more of this story at Slashdot.

C'est rigolo : Le gouvernement US est bourré de produits Microsoft à tous les étages, et les institutions commencent à se rendre compte que non seulement ils sont très dépendants de Microsoft, mais que Microsoft ne se bouge pas trop le cul pour résoudre les problèmes de sécurité.
À tel point que certains officiels qualifient Microsoft de "problème de sécurité national".
(Permalink)

"Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years," Ars Technica reported this week, "in attacks that targeted a vast array of organizations with a previously undocumented tool, the software maker disclosed Monday. "When Microsoft patched the vulnerability in October 2022 — at least two years after it came under attack by the Russian hackers — the company made no mention that it was under active exploitation." As of publication, the company's advisory still made no mention of the in-the-wild targeting. Windows users frequently prioritize the installation of patches based on whether a vulnerability is likely to be exploited in real-world attacks. Exploiting CVE-2022-38028, as the vulnerability is tracked, allows attackers to gain system privileges, the highest available in Windows, when combined with a separate exploit. Exploiting the flaw, which carries a 7.8 severity rating out of a possible 10, requires low existing privileges and little complexity. It resides in the Windows print spooler, a printer-management component that has harbored previous critical zero-days. Microsoft said at the time that it learned of the vulnerability from the US National Security Agency... Since as early as April 2019, Forest Blizzard has been exploiting CVE-2022-38028 in attacks that, once system privileges are acquired, use a previously undocumented tool that Microsoft calls GooseEgg. The post-exploitation malware elevates privileges within a compromised system and goes on to provide a simple interface for installing additional pieces of malware that also run with system privileges. This additional malware, which includes credential stealers and tools for moving laterally through a compromised network, can be customized for each target. "While a simple launcher application, GooseEgg is capable of spawning other applications specified at the command line with elevated permissions, allowing threat actors to support any follow-on objectives such as remote code execution, installing a backdoor, and moving laterally through compromised networks," Microsoft officials wrote. Thanks to Slashdot reader echo123 for sharing the news.

Read more of this story at Slashdot.

Microsoft releases one of the most popular versions of MS-DOS as open source today. stikves shares a post:Ten years ago, Microsoft released the source for MS-DOS 1.25 and 2.0 to the Computer History Museum, and then later republished them for reference purposes. This code holds an important place in history and is a fascinating read of an operating system that was written entirely in 8086 assembly code nearly 45 years ago. Today, in partnership with IBM and in the spirit of open innovation, we're releasing the source code to MS-DOS 4.00 under the MIT license. There's a somewhat complex and fascinating history behind the 4.0 versions of DOS, as Microsoft partnered with IBM for portions of the code but also created a branch of DOS called Multitasking DOS that did not see a wide release.

Read more of this story at Slashdot.

Microsoft has launched Phi-3 Mini, a lightweight AI model with 3.8 billion parameters, as part of its plan to release three small models. Phi-3 Mini, trained on a smaller data set compared to large language models, is available on Azure, Hugging Face, and Ollama. Microsoft claims Phi-3 Mini performs as well as models 10 times its size, offering capabilities similar to GPT-3.5 in a smaller form factor. Smaller AI models are more cost-effective and perform better on personal devices.

Read more of this story at Slashdot.

This week the Register spoke to former senior White House cyber policy director A.J. Grotto — who complained it was hard to get even slight concessions from Microsoft: "If you go back to the SolarWinds episode from a few years ago ... [Microsoft] was essentially up-selling logging capability to federal agencies" instead of making it the default, Grotto said. "As a result, it was really hard for agencies to identify their exposure to the SolarWinds breach." Grotto told us Microsoft had to be "dragged kicking and screaming" to provide logging capabilities to the government by default. [In the interview he calls it "an epic fight" which lasted 18 months."] [G]iven the fact the mega-corp banked around $20 billion in revenue from security services last year, the concession was minimal at best. That illustrates, Grotto said, that "they [Microsoft] just have a ton of leverage, and they're not afraid to use it." Add to that concerns over an Exchange Online intrusion by Chinese snoops, and another Microsoft security breach by Russian cyber operatives, both of which allowed spies to gain access to US government emails, and Grotto says it's fair to classify Microsoft and its products as a national security concern. He estimates that Microsoft makes 85% of U.S. government productivity software — and has an even greater share of their operating systems. "Microsoft in many ways has the government locked in, he says in the interview, "and so it's able to transfer a lot of these costs associated with the security breaches over to the federal government." And about five minutes in, he says, point-blank, that "It's perfectly fair" to consider Microsoft a national security threat, given its dominance "not just within the federal government, but really in sort of the boarder IT marketplace. I think it's fair to say, yeah, that a systemic compromise that affects Microsoft and its products do rise to the level of a national security risk." He'd like to see the government encourage more competition — to the point where public scrutiny prompts software customers to change their behavior, and creates a true market incentive for better performance...

Read more of this story at Slashdot.

(Permalink)

Guide

Pour redessiner l'icône d'un dossier avec un émoji dans la barre de favoris, renommer le dossier avec l'émoji souhaité — et rien d'autre.

Pour redessiner l'icône d'un dossier appelé "Dossier" avec l'émoji "👀", renommez "Dossier" en "👀".

Source

Découvrir comment lister les packages installés avec Homebrew

Microsoft's Beijing-based research group published a new open source AI model on Tuesday, only to remove it from the internet hours later after the company realized that the model hadn't gone through adequate safety testing. From a report: The team that published the model, which is comprised of China-based researchers in Microsoft Research Asia, said in a tweet on Tuesday that they "accidentally missed" the safety testing step that Microsoft requires before models can be published. Microsoft's AI policies require that before any AI models can be published, they must be approved by the company's Deployment Safety Board, which tests whether the models can carry out harmful tasks such as creating violent or disturbing content, according to an employee familiar with the process. In a now-deleted blog post, the researchers behind the model, dubbed WizardLM-2, said that it could carry out tasks like generating text, suggesting code, translating between different languages, or solving some math problems.

Read more of this story at Slashdot.

Engadget warns Windows 11 users that Microsoft is "exploring the idea" of putting ads in their Start menu. Sort of... To be specific, it's looking to place advertisements for apps you can find in the Microsoft Store in the menu's recommended section.... At the moment, Microsoft will only show ads in this version if you're in the US and a Windows Insider in the Beta Channel. You won't be seeing them if you're not a beta tester or if you're using a device managed by an organization. Further, you can disable the advertisements altogether. To do so, just go to Personalization under Settings and then toggle off "Show recommendations for tips, app promotions, and more" in the Start section. Like any other Microsoft experiment, it may never reach wider rollout, but you may want to remember the aforementioned steps, since the company does have history of incorporating ads into its desktop platforms.

Read more of this story at Slashdot.