2019 Newsletter: 29/53 — PreviousNext — (Attach.)

Sydney Harbour
WEEKLY NEWSLETTER 3 - 8 JUNE 2019

Hello and Welcome,

DAYTIME Main meetings:

Please note that in June, July and August 2019, the Main meetings will be daytime meetings, held in the afternoons after the morning Tuesday Forum meetings.

That makes them on the 3rd Tuesday of the month, not the 4th.

44 2019/06/18 - 09:30-12:30 - 18 Jun, Tuesday - Tuesday Forum
45 2019/06/18 - 12:30-15:30 - 18 Jun, Tuesday - Main Meeting - DAYTIME-MEETING

51 2019/07/16 - 09:30-12:30 - 16 Jul, Tuesday - Tuesday Forum
52 2019/07/16 - 12:30-15:30 - 16 Jul, Tuesday - Main Meeting - DAYTIME-MEETING

60 2019/08/20 - 09:30-12:30 - 20 Aug, Tuesday - Tuesday Forum
61 2019/08/20 - 12:30-15:30 - 20 Aug, Tuesday - Main Meeting - DAYTIME-MEETING

See the website Calendar for confirmation.

Ed.

Meetings This Week:

No Meetings

Meetings Next Week:

Programming - Tuesday Jun 11th - 5:30 pm (6:00 pm meeting start) - 8:00 pm
Friday Forum - Friday Jun 14th - 9:30 am (10:00 am meeting start) - 12 noon
Communications - Friday Jun 14th - 1:00 pm - 3:00 pm
Web Design - Saturday Jun 15th - 1:30 pm (2:00 pm meeting start) - 4:00 pm

Current & Upcoming Meetings:

39 2019/06/01 - 14:00-17:00 - 01 Jun, Saturday - Penrith Group
40 2019/06/11 - 17:30-20:30 - 11 Jun, Tuesday - Programming
41 2019/06/14 - 09:30-12:30 - 14 Jun, Friday - Friday Forum
42 2019/06/14 - 12:30-15:30 - 14 Jun, Friday - Communications
43 2019/06/15 - 13:30-16:30 - 15 Jun, Saturday - Web Design
44 2019/06/18 - 09:30-12:30 - 18 Jun, Tuesday - Tuesday Forum
45 2019/06/18 - 12:30-15:30 - 18 Jun, Tuesday - Main Meeting - DAYTIME-MEETING
46 2019/06/28 - 09:30-12:30 - 28 Jun, Friday - Digital Photography

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

ASCCA News:

“ASCCA Pitt St Sydney Courses
June July August 2019”:

Our new course program has now been released. Click here to read or download the course program in PDF format.

Some people have reported that the above link does not work for them.

If so, try this one:

https://­ascca.org.au/­index.php/­seniors-computer-courses/­current-ascca-courses

Jean Martin

Australian Seniors Computer Clubs Association
Level LG, 280 Pitt St SYDNEY 2000
www.ascca.org.au
training@ascca.org.au
(02) 9286 3871

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Tech News:

“All existing issues with Windows 10 version 1903 (May 2019 Update)”:

See the gHacks article by Martin Brinkmann on May 22, 2019 in Windows - Last Update: May 25, 2019.

Microsoft maintains a list of known issues of the new Windows 10 feature update, Windows 10 May 2019 Update or Windows 10 version 1903.

The rollout of the new version of Windows started on May 21, 2019; not every system may be upgraded right away as Microsoft plans to increase the quota gradually to monitor feedback carefully.

The known issues page lists 14 issues currently, some with mitigations. Some of these issues are minor, e.g. Night Light settings not saving correctly on some occasions while others, e.g. AMD Raid driver incompatibilities or not being able to discover or connect to Bluetooth devices, are major.

All issues are listed as being under investigation currently. Workarounds are available for some.

The following issues are known currently:

  1. May 24: Windows Sandbox may fail to start with error code "0x80070002"
  2. May 24: Loss of functionality in Dynabook Smartphone Link app
  3. Display brightness may not respond to adjustments
  4. Audio not working with Dolby Atmos headphones and home theater
  5. Duplicate folders and documents showing in user profile directory
  6. Error attempting to update with external USB device or memory card attached
  7. Unable to discover or connect to Bluetooth devices
  8. Night light settings do not apply in some cases
  9. Intel Audio displays an intcdaud.sys notification
  10. Cannot launch Camera app
  11. Intermittent loss of Wi-Fi connectivity
  12. AMD RAID driver incompatibility
  13. D3D applications and games may fail to enter full-screen mode on rotated displays
  14. Older versions of BattlEye anti-cheat software incompatible

Read more »

“NEW VIDEO: ASUS ZenBook Duo and Pro Duo with two screens”:

See the iTWire article by Alex Zaharov-Reutt | Wednesday, 29 May 2019 19:28.

ASUS has redefined what a notebook with two screens looks like, and the demos do make it look like a very practical and useful way to be more productive, and while the new tech is obviously expensive, the 2020s of dual screen laptops has arrived in 2019.

Showing Prnt-Scrn captures both screens
ASUS ZenBook showing Prnt-Scrn captures both screens.

Ok, so Intel had an impressive dual-screen prototype on display, that lifts a second display similar to the one found on the ASUS ZenBook Pro Duo to a higher angle, with some kind of eye detection system in the hinge between the two devices.

However, the big difference between Intel's prototype and the ASUS ZenBook Pro Duo is that the Duo will shortly be on sale in Australia and around the world, while the Intel is still a prototype, and as you can see from Engadget's photo, it does place the screen quite high — people sitting in the same café as you when you're working will have a much easier time of seeing what you're doing, although a 3M, Kensington or other privacy shield for your screen will also help take care of that.

The secondary display on Intel's prototype is also "only" 12-inches, rather than the 14-inch "full-width" 4K display on the ZenBook Duo, and until we get the type of holographic displays we saw in Star Wars and in some of the Iron Man movies, having two fully usable and useful displays in a single notebook productivity device is pretty amazing — even though we saw the birth of such ideas in the Nintendo DS devices of 15 years earlier in 2004.

Read more »

“Bug-hunter reveals another 'make me admin' Windows 10 zero day —
and vows: 'There's more where that came from'”:

See TheRegister article by Chris Williams | Editor in Chief | 22 May 2019 at 03:59.

Vulnerability can be exploited to turn users into system stars, no patch available yet.

Updated: A bug-hunter who previously disclosed Windows security flaws has publicly revealed another zero-day vulnerability in Microsoft's latest operating systems.

The discovered hole can be exploited by malware and rogue logged-in users to gain system-level privileges on Windows 10 and recent Server releases, allowing them to gain full control of the machine. No patch exists for this bug, details and exploit code for which were shared online [ this link seems to be missing its last directory — Ed. ] on Tuesday for anyone to use and abuse.

The flaw was uncovered, and revealed on Microsoft-owned GitHub, funnily enough, by a pseudonymous netizen going by the handle SandboxEscaper. She has previously dropped Windows zero-days that can be exploited to delete or tamper with operating system components, elevate local privileges, and so on.

This latest one works by abusing Windows' schtasks tool, designed to run programs at scheduled times, along with quirks in the operating system.

It appears the exploit code imports a legacy job file into the Windows Task Scheduler using schtasks, creating a new task, and then deletes that new task's file from the Windows folder. Next, it creates a hard filesystem link pointing from where the new task's file was created to pci.sys, one of Windows' kernel-level driver files, and then runs the same schtasks command again. This clobbers pci.sys's access permissions so that it can be modified and overwritten by the user, thus opening the door to privileged code execution.

“Meanwhile... If you haven't yet patched the wormable RDP security flaw in Windows (CVE-2019-0708), please do so ASAP — exploit code that can crash vulnerable systems is doing the rounds, and McAfee eggheads have developed and described a proof-of-concept attack that executes arbitrary software on remote machines, with no authentication required. Eek.”

The exploit, as implemented, needs to know a valid username and password combo on the machine to proceed, it seems. It can be tweaked and rebuilt from its source code to target other system files, other than pci.sys.

Read more »

PS: See this zero-day exploit covered by the Security Now Episode 716 by Steve Gibson — Ed.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Bob Backstrom
~ Newsletter Editor ~

Information for Members and Visitors:

Link to — Sydney PC & Technology User Group
All Meetings, unless specifically stated above, are held on the
1st Floor, Sydney Mechanics' School of Arts, 280 Pitt Street, Sydney.
Sydney PC & Technology User Group's FREE newsletter — SubscribeUnsubscribe
Go to Sydney PC & Technology User Group's — Events Calendar
Changing your e-mail address? Please e-mail your new address to — newsletter@sydneypc.com
DISCLAIMER: This Newsletter is provided "As Is" without warranty of any kind.
Each user or reader of this Newsletter assumes complete risk as to the accuracy and subsequent use of its contents.