Information Technology

ZDNETThose of you who use Microsoft Authenticator as a password manager will have to find another option, and soon. That’s because an upcoming change will pull the plug on the ability to use the Authenticator app to store and autofill passwords.In a recent support document, Microsoft revealed the timeline for Authenticator’s retirement as a password manager. Starting in June, you’ll no longer be able to add or import new passwords in the app, though you’ll still be able to save passwords through the autofill option. Beginning in July, you’ll no longer be able to autofill passwords with Authenticator. Come August, any passwords you’ve saved in the app will no longer be accessible.Also: 10 passkey survival tips: Prepare for your passwordless future nowMicrosoft Authenticator isn’t going away. You’ll still be able to use it for its primary purpose, namely to generate and display multi-factor authentication codes for logging in to secure websites. But its sideline as a password manager will come to an end.OK, but what should you do if you’ve been saving and using passwords in the app?Microsoft offers a few suggestions. Your stored passwords are synced to your Microsoft account, which means you can still use them elsewhere. For that, you can turn to Microsoft Edge. In its support document, the company explains how to use Edge to autofill saved passwords. At the same time, you can use this opportunity to review your saved passwords to remove any you no longer need or want. More

Brother / Elyse Betters Picaro / ZDNETHundreds of Brother printer models have been found to harbor a serious security flaw that can’t be fully patched on existing devices. First noticed by Rapid7 in May and publicly disclosed on June 25, this unpatchable vulnerability lets an attacker who knows — or can find out — your printer’s serial number generate its default administrator password.Also: Patch your Windows PC now before bootkit malware takes it over – here’s howYes, the same password that’s set in the factory and that many of us never change. But the “good” news is you can still protect yourself by changing that default password today. What happened and how bad is it? Rapid7’s zero-day research has revealed eight security holes across 689 Brother printer, scanner, and label-maker models — and an additional 59 devices from Fujifilm, Toshiba Tec, Ricoh, and Konica Minolta. Of those eight flaws, seven can be fully patched with firmware updates. But the big one — CVE-2024-51978 — can’t be fixed on any device already sitting in your home or office. CVE-2024-51978 carries a CVSS score of 9.8 “Critical” severity. Once an attacker knows a device’s serial number, they can reconstruct the password, log in with full privileges, and launch all sorts of nastiness. Also: Is your Asus router part of a botnet? How to check – and what you can doAccording to a detailed technical analysis by Rapid7, Brother uses a password generation algorithm during manufacturing that is easily reversible. An attacker who leaks your serial number (for example via CVE-2024-51977) can reverse this process, recover your factory password, and log in with full privileges — allowing them to reconfigure the device, access scans and address books, trigger remote code execution (CVE-2024-51979), or steal external-service credentials (CVE-2024-51984). How many devices are susceptible? In total, 748 devices across five vendors are affected by at least one of the eight vulnerabilities. Beyond Brother’s 689 models, there are: 46 Fujifilm Business Innovation printers5 Ricoh printers2 Toshiba Tec devices6 Konica Minolta modelsAlso: The best online photo printing services: Expert tested and reviewedNot every flaw impacts every printer. For instance, only 695 models are vulnerable to the default-password bug, and around 208 models can be crashed remotely via the Denial-of-Service flaws (CVE-2024-51982 and CVE-2024-51983). How to tell if your printer is affected If you own a Brother printer, you can check to see if your model is affected on this Brother support page (PDF). What’s been fixed? Brother has released firmware updates that patch seven of the eight vulnerabilities: You can download these updates from Brother’s support pages (under Printers, Scanners, or Label Printers). Fujifilm, Ricoh, Toshiba, and Konica Minolta have similarly published advisories and firmware for their affected models. More

ANDREY DENISYUK/Getty The Trump administration’s tax bill — also called its “big, beautiful bill,” which is facing a vote today — includes a rule that would prevent states from enforcing their own AI legislation for five years, and would withhold up to $500 million in funding for AI infrastructure if states don’t comply.  Over the […] More

oxygen/Getty Cloudflare is a robust content delivery network (CDN) that specializes in providing protection against distributed denial of service (DDoS) attacks. Last month, Cloudflare blocked the largest DDoS attack in internet history.  This assault peaked at a staggering 7.3 terabits per second (Tbps). That’s a data deluge, equivalent to streaming nearly 10,000 high-definition movies in under a minute.   The […] More

Kerry Wan/ZDNETDid you know that whenever you turn on your smart TV, you invite an unseen guest to watch it with you? These days, most popular TV models utilize automatic content recognition (ACR), a form of ad surveillance technology that gathers information about everything you watch and transmits it to a centralized database. Manufacturers then use your data to identify your viewing preferences, enabling them to deliver highly targeted ads.Also: Your TV’s USB port is seriously underutilized: 5 features you’re not taking advantage ofWhat’s the incentive behind this invasive technology? According to market research firm eMarketer, in 2022, advertisers spent an estimated $18.6 billion on smart TV ads, and those numbers are only going up.To understand how ACR works, imagine a constant, real-time Shazam-like service running in the background while your TV is on. It identifies content displayed on your screen, including programs from cable TV boxes, streaming services, or gaming consoles. ACR does this by capturing continuous screenshots and cross-referencing them with a vast database of media content and advertisements. More

Jack Wallen / Elyse Betters Picaro / ZDNETNearly everything you do on your desktop, laptop, phone, and tablet begins with a Domain Name System (DNS) query. Essentially, DNS turns domain names (such as ZDNET.com) into an IP address so web browsers and apps know where to get the information you want.Also: The best Android phones to buy in 2025Without DNS, you’d have to type 34.149.132.124 every time you wanted to go to ZDNET.com or 74.125.21.102 to go to Google.com. Even by simply running a Google search, DNS is at work. The problem is that standard DNS isn’t encrypted, meaning all your queries are sent over the network as plain text. Why is non-encrypted DNS a problem? Let’s say you’re on a public network — like a coffee shop — and you start searching for things on your Android device. Or maybe you have to access a CMS or another work tool, and you don’t want the public to know the address you’re typing. If someone else is on the same network and has the skills, they could intercept your non-encrypted search queries (or the URLs you visit) and know exactly what you’re looking for. That’s where Private DNS Mode comes into play. Once you enable this feature, all of your DNS queries are encrypted, so bad actors won’t be able to view them — even if they capture those packets. In other words, Private DNS Mode should be an absolute must for anyone who values their privacy and security. Also: I test dozens of Android phones every year: Here’s how the best models stack upBut how do you enable Private DNS Mode on Android? It’s actually pretty simple. Let me show you how. How to enable Private DNS mode on Android version 11 or newer If you’re using Android version 11 or newer, the old method of Private DNS no longer works. Instead of handling this process manually, you have to install an application created by Cloudflare, called 1.1.1.1 + WARP. Once you’ve installed that app, it will open, and you’ll see a slider marked Disconnected. Tap that slider, and it will enable the service. More

Google / Elyse Betters Picaro / ZDNETThat smartphone in your pocket is home to your favorite apps, personal accounts, and sensitive data. That means your device should have the strongest security protection available to prevent the wrong people from stealing your money or information.Also: The best Android phones to buy in 2025For Android users, Google offers a variety of tools and technologies to defend you against scammers, malware, and other threats to your security and privacy. In a blog post published last month, the company spotlights the protections now available or coming soon and how they aim to keep you safe from the latest dangers. Here’s the recap. 1. Protection against scam calls More

Elyse Betters Picaro / ZDNETLast summer’s CrowdStrike meltdown was a nightmare for network administrators worldwide, disrupting healthcare systems, cutting off access to banking systems, and grounding aircraft. All in all, the event caused billions of dollars in direct and indirect damages, and it was entirely preventable.Also: How to get Windows 10 extended security updates for free: 2 optionsIn response, Microsoft convened a security summit, bringing together technical experts from CrowdStrike and its competitors in the endpoint security software business. That meeting led to an announcement late last year of a new set of Safe Deployment practices and some changes to the architecture of Windows desktop and server products, with the goal of preventing a similar incident from ever happening again. No more kernel drivers?Today, the company announced that some of those Windows Resiliency Initiative features are about to go live. In July, the company said, it will deliver a private preview of the new Windows endpoint security platform to a set of its partners who have signed on to the Microsoft Virus Initiative 3.0 program. The biggest change is one that the majority of security experts had recommended — moving third-party security drivers out of the Windows kernel, where a flaw could cause a catastrophic crash, and running them in user space instead. The new Windows capabilities will allow them to start building their solutions to run outside the Windows kernel. This means security products like antivirus and endpoint protection solutions can run in user mode just as apps do. This change will help security developers provide a high level of reliability and easier recovery, resulting in less impact on Windows devices in the event of unexpected issues. The announcement includes supportive quotes from some of those partners, including Bitdefender, ESET, SentinelOne, Trellix, Trend Micro, WithSecure, and — naturally — CrowdStrike. Also: Will your old laptop still get security updates after this year? Check this chartNotably, none of the companies on the list committed to moving their drivers out of the kernel and into user space, a process that will require time and testing. And there’s no guarantee that all of the participants are ready to move to the new architecture.Last year, following the security summit, ESET had been blunt about the prospect of changes to the endpoint security platform: “It remains imperative that kernel access remains an option for use by cybersecurity products,” the company wrote in an unsigned statement. This year’s remarks are more collegial but still not quite a ringing endorsement: The collaboration between ESET and Microsoft technology teams on the proposed Windows endpoint security platform changes continue to be productive with open and ongoing dialogue. Delivering a stable and resilient operating system environment is extremely important for our joint customers, and the ESET team continue to provide detailed feedback to help ensure there is no degradation in the security or performance currently enjoyed by our customers. One company that was notably missing from today’s roster of supporters was Sophos, which had been vocally critical of calls to move security software out of the Windows kernel space. At the time, Sophos Chief Research and Scientific Officer Simon Reed made clear that the company considers access to the Windows kernel to be fundamental. “Operating in ‘kernel-space’ — the most privileged layer of an operating system, with direct access to memory, hardware, resource management, and storage — is vitally important for security products,” he said, adding that kernel drivers are “fundamental” not just to Sophos products but to “robust Windows endpoint security, in general.” In a follow-up post after the security summit, Neil Watkiss, VP of engineering for Sophos’ Windows products, reiterated that “the system access provided by kernel drivers is necessary to provide the security functions expected by users of a modern cybersecurity product” and tentatively discussed the need to reduce the need for kernel drivers.  Bye-bye, Blue Screen of Death Today’s announcement also highlights some related improvements in the Windows 11 24H2 release that had been previously announced. The first is an improvement in the process of collecting “crash dump” reports after a failure that causes the system to restart; that change should cut downtime to about two seconds for most users. A new interface also simplified the classic Blue Screen of Death screen to a less jargon-filled “unexpected restart” screen with white text on a black background. Those changes will be available later this summer, the company says. More