By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Recently, different users reported receiving a Windows 11 upgrade banner on their Windows 10 devices despite not meeting minimum requirements.  Microsoft already explained that it was a mistake, saying the upgrade offer was “inaccurate” and accepting it would just result in failure. Nonetheless, this caused confusion among those unaware of the current Windows 11 minimum requirements. So, who is eligible for a Windows 11 upgrade? Windows 11 was just released in October 2021. With this, you can expect that most devices purchased in the last 18-24 months will be compatible with Windows 11. If you want a better way to check your device’s eligibility, you can use Microsoft’s PC Health Check, an app that can inspect your device. It can be a useful tool to help you determine why your device doesn’t make the cut for Windows 11 upgrade. It will also provide suggestions you can apply to get Windows 11 upgrade in case you don’t meet the minimum requirements.  If you don’t want to install the app and check the requirements yourself, here is a brief summary of what you need to meet to be eligible for the Windows 11 upgrade. According to Microsoft’s updated February 2023 document, you must satisfy specific minimum hardware requirements to get the upgrade. Aside from the internet connectivity you need for the process, Microsoft laid out a detailed requirement list. Currently, Microsoft only requires 64GB for the last requirement regarding storage. However, it is important to note that given Windows 11’s frequent updates and rollout of new features, higher storage might be needed to ensure you’ll get updates in the future. Microsoft explains that different factors will determine the amount of free space required for such Windows 11 updates in the future. Aside from hardware requirements, there are some current operating system requirements you also need to meet if you are on Windows 10. Specifically, Microsoft says Windows 10 devices must be on version 2004 or later with September 14, 2021 security update or later already installed. Also, it is important to note that Windows 11 in S mode is only available in the Windows 11 Home edition. That said, you won’t be offered a Windows 11 upgrade if you are in the Pro, Enterprise, or Education editions of Windows 10 in S mode. Fortunately, you can resolve this by simply switching out of S mode.  If you think your Windows 10 device is eligible for a Windows 11 upgrade and meet the minimum requirements, you can visit your PC’s Windows Update page to check for a notification saying your device is ready for an upgrade. Just go to Start > Settings > Update & Security > Windows Update > Check for updates. If you don’t meet the requirements (or your device has some known issues), installing Windows 11 is not suggested. Nonetheless, if you are decided to have the new OS version despite possible consequences, there are a variety of ways you can still do to upgrade to Windows 11, including using Installation Assistant or creating Windows 11 installation media. But, then again, it is better to avoid doing them as force upgrades translate to compatibility issues and will soon lead to devise malfunction. Additionally, getting Windows 11 updates (especially security updates) on such ineligible devices that used force installations is not guaranteed. Complete details are posted on OUR FORUM.

Google has announced the release of the first developer preview for Android 14, the next major version of the world's most popular mobile operating system, which comes with security and privacy enhancements, among other things. Starting with Android 14, apps will have to declare precisely how they plan to use certain phone features, data exchange between them will be limited, and additional files downloaded by apps will be read-only. A highlighted security feature in Android 14 is to block the installation of malicious apps that target older API levels (Android versions), which allows easier abuse of sensitive permissions. Starting with the "Runtime receivers," which enable apps to receive intents broadcast by the system or other applications, all apps targeting Android 14 must declare if they need to receive information from other apps or if they should be limited to system "broadcasts." This new security measure continues the "Context.registerReceiver()" feature introduced in previous Android releases. It aims to prevent malicious apps on the device from intercepting or misusing broadcasts meant to reach other apps. To further tighten up the information exchange between apps and prevent malware from gripping sensitive user data, Android 14 will also restrict the sending of "intents" that don't have a specified recipient. With this new security enhancement, malware can no longer intercept intents sent from other apps and read their contents. The third security feature that will land on Android 14 is "safer dynamic code loading," which limits all files downloaded by an application to read-only mode. This would help prevent some code-injection scenarios involving manipulated executables that are meant to be run by privileged apps. Finally, Android 14 will block the installation of harmful apps that target SDK versions lower than 23 (Android 6.0) to achieve easier permissions abuse. "Malware often targets older API levels to bypass security and privacy protections that have been introduced in newer Android versions," explains Google. "To protect against this, starting with Android 14, apps with a targetSdkVersion lower than 23 cannot be installed." In Android 6.0 (2015), Google introduced a runtime permission model that required apps to request the user to grant permission access requests for sensitive operations like the device's camera, microphone, GPS sensors, phone calls, and SMS access upon the app's launch. Malware targeting previous SDK versions can specify it in the manifest XML file and request access to sensitive permissions upon installation, which is easier for users to overlook and approve. The new permissions protection system will also make it impossible for users to install apps that haven't been updated for some time. However, Google says older apps already installed on devices that upgrade to Android 14 will continue to work. Android 14 is still far from its final form, and we may see more security features land on the second developer preview in March 2023. For more on this thread please visit OUR FORUM.

While many of us unplugged from the internet over the holidays to spend time with loved ones, LastPass, the maker of a popular security program for managing digital passwords, delivered a most unwanted gift.  It recently published details about a security breach in which cybercriminals obtained copies of customers’ password vaults, potentially exposing millions of people’s online information. From a hacker’s point of view, this is equivalent to hitting the jackpot. When you use a password manager like LastPass or 1Password, it stores a list containing all the usernames and passwords for the sites and apps you use, including banking, healthcare, email, and social networking accounts Huh. It keeps track of that list, called a vault, in its own online cloud so you can easily access your passwords from any device. LastPass said the hackers stole a copy of the list of usernames and passwords for each customer from the company’s servers. This breach was one of the worst things that could happen to a security product designed to take care of your passwords. But besides the obvious next step — to change all your passwords if you used LastPass — there are important lessons we can learn from this debacle, including that security products are not foolproof, especially when they Store our sensitive data in the cloud. First, it’s important to understand what happened: The company said the intruders gained access to its cloud database and a copy of the data vault containing millions of customers using credentials and keys stolen from a LastPass employee. LastPass, which published details about the breach in a blog post on December 22, attempted to reassure its users that their information was likely to be secure. It said that some parts of people’s vaults – such as the website addresses for sites they logged into – were unencrypted, but sensitive data including usernames and passwords were encrypted. This shows that hackers can know the banking website that someone uses but do not need the username and password to log into that person’s account. Most important, the master password that users set to unlock their LastPass vaults was also encrypted. This means hackers would have to crack the encrypted master password to get to the rest of the passwords in each vault, which would be difficult to do as long as people used a unique, complex master password. LastPass CEO Karim Touba declined to be interviewed but wrote in an emailed statement that the incident demonstrated the strength of the company’s system architecture, which he said kept sensitive Vault data encrypted and secure. Is. He also said that it was the users’ responsibility to “practice good password hygiene”. Many security experts disagreed with Mr. Touba’s optimistic spin, saying that every LastPass user should change all of their passwords. “It’s very serious,” said Sinan Eren, an executive at security firm Barracuda. “I think all those managed passwords have been compromised.” Casey Ellis, chief technology officer at security firm BugCrowd, said it was important that the intruders had access to lists of website addresses that people used. “Let’s say I’m following you,” said Mr. Ellis. “I can see all the websites you have saved information for and use that to plan an attack. Every LastPass user has that data now in the hands of an adversary. We can all learn from this breach to stay safe online. While many of us unplugged from the internet over the holidays to spend time with loved ones, LastPass, the maker of a popular security program for managing digital passwords, delivered a most unwanted gift. It recently published details about a security breach in which cybercriminals obtained copies of customers’ password vaults, potentially exposing millions of people’s online information. From a hacker’s point of view, this is equivalent to hitting the jackpot. When you use a password manager like LastPass or 1Password, it stores a list containing all the usernames and passwords for the sites and apps you use, including banking, healthcare, email and social networking accounts Huh. It keeps track of that list, called a vault, in its own online cloud so you can easily access your passwords from any device. LastPass said the hackers stole a copy of the list of usernames and passwords for each customer from the company’s servers. This breach was one of the worst things that could happen to a security product designed to take care of your passwords. But besides the obvious next step — to change all your passwords if you used LastPass — there are important lessons we can learn from this debacle, including that security products are not foolproof, especially when they Store our sensitive data in the cloud. First, it’s important to understand what happened: The company said the intruders gained access to its cloud database and a copy of the data vault containing millions of customers using credentials and keys stolen from a LastPass employee. LastPass, which published details about the breach in a blog post on December 22, attempted to reassure its users that their information was likely to secure. It said that some parts of people’s vaults – such as the website addresses for sites they logged into – were unencrypted, but sensitive data including usernames and passwords were encrypted. This shows that hackers can know the banking website that someone uses but do not need the username and password to log into that person’s account. Most important, the master password that users set to unlock their LastPass vaults was also encrypted. This means hackers would have to crack the encrypted master password to get to the rest of the passwords in each vault, which would be difficult to do as long as people used a unique, complex master password. LastPass CEO Karim Touba declined to be interviewed but wrote in an emailed statement that the incident demonstrated the strength of the company’s system architecture, which he said kept sensitive Vault data encrypted and secure. Is. He also said that it was the users’ responsibility to “practice good password hygiene”. Many security experts disagreed with Mr. Touba’s optimistic spin, saying that every LastPass user should change all of their passwords. “It’s very serious,” said Sinan Eren, an executive at security firm Barracuda. “I think all those managed passwords have been compromised.” Casey Ellis, chief technology officer at security firm BugCrowd, said it was important that the intruders had access to lists of website addresses that people used. “Let’s say I’m following you,” said Mr. Ellis. “I can see all the websites you have saved information for and use that to plan an attack. Every LastPass user has that data now in the hands of an adversary. We can all learn from this breach to stay safe online. More details can be found on OUR FORUM.