Microsoft's Store is not a safe haven

Symantec discovered eight application in the official Microsoft Store that ran cryptomining operations without informing the user about it in the background when installed.

One of the main arguments for integrating the Microsoft Store in Windows 8 and Windows 10, unveiled in 2011 by Microsoft, was that it protected users from installing malicious or problematic applications on their devices because of a review process and other safeguards.

While it is certainly the case that Windows Store offers a safer environment, it is far from the safe haven that Microsoft would like it to be.

We talked about deceiving apps, copycat apps, and deceptive apps in the past, and covered Microsoft’s attempts to improve quality by pruning low quality applications.

The introduction of PWA support appears to have opened the door for another type of unwanted software: cryptomining.

microsoft store apps

Symantec discovered eight applications in Microsoft Store that started cryptomining operations as soon as they were installed and launched by users from the Microsoft Store.

The applications were published by three developers but there is strong evidence that a single person or group is responsible for all of them. Evidence comes from the use of the same mining key and Google Tag Manager key, and that all applications used the same origin (but different domains).

The apps were fairly popular, judging from the 1900 ratings that they received between publication in April 2018 and December 2018. It is certainly possible that part of the ratings came from fake accounts or services that rate apps in return for payment.

Microsoft does not reveal installation counts for applications; it is unclear if the applications landed on thousands, hundred of thousands, or even more devices running Windows 10.

Windows 10 users were exposed to these applications in various ways: when they searched for apps in the Store, browsed the free listings, or were directed to the Store from websites that linked to these applications.

The applications fetched a JavaScript mining library using Google Tag Manager when they were launched for the first time after download and installation. All applications included privacy policies but mining operations were not mentioned in any of them or the descriptions.

The applications used the majority of the computer’s CPU cycles according to Symantec for mining operations.

Symantec informed Microsoft about the applications, and Microsoft has removed them in the meantime from the Store.

Closing Words

While it is certainly arguable that cryptocurrency mining is less harmful than a device’s infection with malicious software or ransomware, it is clear that Microsoft Store users need to be careful when it comes to the installation of apps from the Store.

I recommended that users verify app developers before they install apps in 2013. Microsoft’s Store is not the only Store that hosted cryptomining applications or extensions. The particular form of unwanted software was found in extension stores, e.g. in Mozilla’s or Google’s for the Firefox or Chrome browser, and on Google Play previously already.

Now You: do you use Store applications?

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Microsoft’s Store is not a safe haven appeared first on gHacks Technology News.

Microsoft changes Windows Update for Business options

Microsoft employee John Wilcox revealed yesterday that Microsoft will remove the Semi-Annual Channel (Targeted) option from Windows Update from Windows 10 version 1903 forward.

Business customers have two options right now to define when updates get released: they may set a deferral period for feature updates and select between the Semi-Annual Channel or Semi-Annual Channel (Targeted). The latter two options may sound confusing at first but are explained easily.

Semi-Annual Channel (Targeted) is identical to what consumers get. It is the only option and that just means that two feature updates of Windows 10 are delivered via Windows Update to consumer devices each year.

Businesses had the option to delay when feature updates become available by switching to the Semi-Annual Channel instead. All that this channel did was delay the update availability by about 4 months. Starting in Windows 10 version 1903, that option won’t be available anymore but the option to delay feature updates remains.

wufb branch readiness 1903

If you open the Advanced Options on a business version of Windows 10 version 1903 or later, you will notice that the option to switch channels has been removed.

While that may look like another attempt of Microsoft to give businesses less choice, it is not really that bad provided that administrators know about this and can react to it as it is easy enough to adjust the deferral period accordingly.

Wilcox notes that there was never a dedicated Semi-Annual Channel release but just a milestone release of the Semi-Annual Channel (Targeted).

What administrators need to do in Windows 10 version 1903 is to adjust the deferral period accordingly to add the removed Semi-Annual Channel delay period that way. Just add 120 days to the deferral period once Windows 10 version 1903 is installed to reflect the change.

Devices configured with a branch readiness of Semi-Annual Channel will get the upgrade to Windows 10 version 1903 with a delay of 60 days according to Microsoft for that release only. The change will be server-side and only active for that particular release; it won’t affect any release after Windows 10 version 1903.

Closing Words

The removal of Semi-Annual Channel may have an impact on devices after the release of Windows 10 version 1903 but only if the administrator does not modify the deferral period.

It could result in feature updates being delivered earlier than expected to Windows for Business devices; Woody Leonhard hopes that the change results in release quality improvements to take the possibility into account.

Microsoft did not state that and it is almost certain that the company would have pushed the narrative if that would be the case (hey, look, we don’t need Semi-Annual Channel (Targeted) anymore because feature update quality increased by this much). I think it is just a consolidation.

Now You: Do you defer or block Windows Updates?

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Microsoft changes Windows Update for Business options appeared first on gHacks Technology News.

Microsoft: help us test new gaming tech on Windows 10 1903 but we don't tell you anything about it

Microsoft released a new build to the Windows 10 Fast Ring Insider Channel yesterday evening. The new build, build number 18334, is a bug fix release mostly.

Microsoft does advertise one new feature on the Windows Experience blog though stating that it is “excited to bring technology tailor-made for gaming to Windows”.

The company wants users who run Insider builds of Windows 10 to help “validate these systems” to make sure they “work as expected”.

It hands out limited copies of State of Decay for that, and published instructions for Insider build users on how to get access to the game and play it. Microsoft promises that it will increase the number of available slots in the coming weeks.

windows 10 gaming

Users who participate in the testing are asked to report any install or game launch issues using the Feedback Hub.

Microsoft does not reveal anything about the “technology tailor-made for gaming” on Windows 10 devices. The entire article, and the linked copy on the Xbox site, offer no information so that users are left in the dark.

Is it related to how games are installed and started? The request to provide feedback if install or start issues are experienced suggests that this could be the case.

We don’t know, however, and it could be something unrelated or something else (or an addition) entirely.  It could be the test of a streaming gaming service on Windows 10 as well, as it is also related to installing and running games.

Lack of information

It is possible that Microsoft does not want to reveal the gaming technology yet that it plans to implement in Windows. It could have said so in the article, however if that is the case.

Whatever the reason may be, the lack of information will surely turn away some users who might be interested if Microsoft would have revealed anything about the new gaming technology that it wants tested in the new build.

The request to test is not the first time Microsoft failed to provide essential information. Update information, known issues for instance, often lack vital information as well.

The company could improve its relationship with administrators and customers by providing essential information; it would drop support requests and questions, and help everyone involved including Microsoft itself.

Now You: What is Microsoft’s secret gaming tech that it tests in the new build?

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Microsoft: help us test new gaming tech on Windows 10 1903 but we don’t tell you anything about it appeared first on gHacks Technology News.