The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Windows Apps

Windows 10 Bug Let UWP Apps Access All Files Without Users' Consent

Windows 10 Bug Let UWP Apps Access All Files Without Users' Consent

October 30, 2018Swati Khandelwal
Microsoft silently patched a bug in its Windows 10 operating system with the October 2018 update (version 1809) that allowed Microsoft Store apps with extensive file system permission to access all files on users' computers without their consent. With Windows 10, Microsoft introduced a common platform, called Universal Windows Platform (UWP), that allows apps to run on any device running Windows 10, including desktop PC, Xbox, IoT, Surface Hub, and Mixed-reality headset. UWP apps have the ability to access certain API, files like pictures, music, or devices like camera and microphone, by declaring required permissions in their package manifest (configuration) file. By default, UWP apps have access to directories, where the app is installed on the users' system and where the app can store data (local, roaming and temporary folders). However, to access other files on a system, including sensitive resources, Microsoft offers several types of capabilities that an applicati
Critical Flaw Hits Popular Windows Apps Built With Electron JS Framework

Critical Flaw Hits Popular Windows Apps Built With Electron JS Framework

January 24, 2018Mohit Kumar
A critical remote code execution vulnerability has been reported in Electron —a popular web application framework that powers thousands of widely-used desktop applications including Skype, Signal, Wordpress and Slack—that allows for remote code execution. Electron is an open-source framework that is based on Node.js and Chromium Engine and allows app developers to build cross-platform native desktop applications for Windows, macOS and Linux, without knowledge of programming languages used for each platform. The vulnerability, assigned as the number CVE-2018-1000006, affects only those apps that run on Microsoft Windows and register themselves as the default handler for a protocol like myapp://. "Such apps can be affected regardless of how the protocol is registered, e.g. using native code, the Windows registry, or Electron's app.setAsDefaultProtocolClient API," Electron says in an advisory published Monday. The Electron team has also confirmed that applications
Microsoft Quietly Stops Accepting Bitcoin in Windows Store

Microsoft Quietly Stops Accepting Bitcoin in Windows Store

March 14, 2016Wang Wei
Microsoft reckoned Bitcoin was the future of payment system and added it as a payment option for Windows store at the end of 2014, but the company has silently pulled support for Bitcoin in the Windows 10 Store. In November 2014, Microsoft struck a deal with third-party bitcoin payment processor ' Bitpay ' that allowed people to use Bitcoin to purchase Microsoft's products and services from Windows Stores. However, Microsoft quietly updated the Windows Store FAQ that popped up " Microsoft Store doesn't accept Bitcoin. " The end of support for Bitcoin payments only applies to Windows 10 and Windows 10 Mobile stores.  "Microsoft Store doesn't accept Bitcoin. You can no longer redeem Bitcoin into your Microsoft account," the update reads. "Existing balances in your account will still be available for purchases from Microsoft Store, but can't be refunded." In short, you can make use of an existing balance in your accou
Windows 10 to deliver updates and App downloads via Peer-to-Peer Technology

Windows 10 to deliver updates and App downloads via Peer-to-Peer Technology

March 16, 2015Swati Khandelwal
Does downloading Windows updates from Microsoft's servers and waiting too long really annoy you? It might not be with the arrival of Windows 10 . Microsoft seems to make a major change in Windows 10 to the way it delivers updates for the software. The leaked version of Windows 10 build 10036 (the current version is build 9926) allows you to grab OS updates from Microsoft as well as other computers, whether they're on your local network or on the Internet. Yeah, it's a Peer-to-Peer (P2P) technology Microsoft is going to use in order to deliver both app and operating system updates. Peer-to-Peer , or P2P Technology is usually associated with file sharing services like BitTorrent to download illicit copies of movies and albums, and of course, those endless Linux ISOs you've been downloading. However, Redmond is embracing the technology as an efficient means to deliver software updates to its users around the globe. Peer-to-Peer downloads will be o
Wine On Android For Running Windows Apps

Wine On Android For Running Windows Apps

February 03, 2013Mohit Kumar
As you know, many enthusiasts Android mobile users wishing for alternate of WINE software for Android mobiles or tablet as well, that allow applications designed for Microsoft Windows to run on Unix-like operating systems. Sounds Interesting ? Alexandre Julliard , the original developer behind the Wine software project working on upcoming WINE version that will allow you to run windows apps on Android platform. Wine development talks being held during FOSDEM 2013 . In a Demo Julliard showed lite version of Wine running on Android, was quite slow. Anyway, this Wine port for Android is an active work-in-progress and hasn't received much attention yet. Before this Winulator makes it possible to run some classic Windows games on Android devices. Android devices currently use ARM-based chips and Intel has also been pushing its low power Atom x86 processors for Android phones and tablets, so Wine for Android could also theoretically run on devices with x86 chips. Eit
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.