Microsoft is testing a family plan for Xbox Game Pass

, Microsoft is starting to test an Game Pass Ultimate family plan in the wild. Xbox Insiders in Colombia and Ireland can try out the new offering, which allows them to to their plan, as long as they’re in the same country. Those folks will get access to all the benefits of Game Pass Ultimate, including a library of hundreds of titles for console, PC and cloud gaming.

If you’re in either country, you can buy the Xbox Game Pass – Insider Preview plan from the Microsoft Store, though enrolment is limited. If you’re already a Game Pass member, the time remaining on your subscription will be converted based on its monetary value. A month of Game Pass Ultimate is worth 18 days of the family plan. Parsing things out, that suggests the family plan would cost around $25 per month if Microsoft brings it to the US, or $5 per person.

You’ll need to wait for your membership to expire before moving to a different plan. People you want to invite onto a family plan will also need to cancel an existing Game Pass subscription or wait for it to run out. Alternatively, they can just create a new Microsoft account. It’s worth noting that folks with an plan aren’t eligible.

A family plan seems to make a lot of sense for Microsoft, which has positioned Game Pass at the heart of the Xbox business. This should help the company boost the service’s overall number of users, though it may come at the cost of losing some subscriptions in households with multiple Game Pass memberships or among groups of friends who split the price of a single plan.

Elsewhere, Nintendo has long offered a Switch Online family plan for both the standard and . Although Sony recently , it does not yet offer any multi-person plans.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Repost: Original Source and Author Link


Microsoft helps game devs pull more performance from the Xbox Series S

Frustrated that games don’t run as well on the Xbox Series S as you’d expect given the 1440p-capable hardware? Microsoft might have a fix. The Verge has learned the company’s recently highlighted June Game Development Kit gives programmers more access to memory, freeing up “hundreds of additional megabytes” of RAM for their games. That can improve graphics performance in titles where limited memory is a problem, Microsoft said.

This move won’t put the entry-level console on par with the Xbox Series X, which uses the same CPU but packs a more powerful graphics processor. However, it might reduce bottlenecks that sometimes force developers to run games on Series S at lower resolutions and frame rates. While the Series X has 16GB of RAM (about 13.5GB of it usable), its lower-end counterpart has just 10GB — in practice, devs have just 8GB to themselves. Creators talking to Digital Foundry have complained about the limitations.

If this sounds like a familiar strategy, it should. Microsoft gave more power to Xbox One coders in 2014 when it let them disable Kinect features in games that didn’t need the motion controller. In both cases, Microsoft is tweaking available system resources in response to gripes.

It will take time for developers to optimize games, and there’s no guarantee this will affect many titles. Don’t expect patches that improve the graphics on all your favorite releases. Still, this is a welcome move that could make the Xbox Series S a more viable option if you’d rather not splurge on its pricier counterpart.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Repost: Original Source and Author Link


Hackers have found a way to log into your Microsoft account

Account holders for Microsoft email services are being targeted in a phishing campaign, according to security researchers from Zscaler’s ThreatLabz group.

The objective behind the threat actors’ efforts is believed to be the breaching of corporate accounts in order to perform business email compromise (BEC) attacks.

Stock Depot/Getty Images

As reported by Bleeping Computer, BEC-based activity would see payments being redirected toward hackers’ bank accounts via the use of forged documents.

Zscaler, a cloud security company, said that targets were involved in various industries, such as fin-tech, lending, accounting, insurance, and Federal Credit Union organizations based in the U.S., U.K., New Zealand, and Australia.

At the moment, it seems the campaign has yet to be properly addressed by Microsoft, with new phishing domains being published nearly every day.

The campaign was originally detected in June 2022, with analysts observing a sudden rise in phishing attempts against the aforementioned industries, in addition to account holders of Microsoft email services.

Threat actors would incorporate links to the emails as buttons or HTML files that would redirect the target to a phishing page. Bleeping Computer points out how certain platforms don’t see open redirects as a vulnerability, which has led to these malicious redirects going through Google Ads, Snapchat, and DoubleClick.

Businesses and individuals are increasingly turning to multifactor authentication to secure their accounts. As such, obtaining a login email and password nowadays won’t provide anything of value to hackers.

Custom phishing kits and reverse proxies like Evilginx2, Muraena, and Modilshka have now come into play to bypass an MFA-enabled account.

A phishing proxy that essentially acts as a middle man between the victim and email provider service is capable of extracting the authentication cookies. Through this method, hackers can use the stolen cookies to log in and completely evade MFA for an account.

For this particular campaign, a custom proxy-based phishing kit was found utilizing the Beautiful Soup HTML and XML parsing tool, which amends actual login pages derived from corporate logins in order to incorporate phishing components.

Cyberattacks in general have nearly doubled since last year, while Microsoft itself started an initiative to tackle the rapid rise of cybercrime with its Security Experts program.

Editors’ Choice

Repost: Original Source and Author Link


Microsoft negs Activision Blizzard to push through $68.7 billion acquisition

Microsoft is taking an interesting approach to secure regulatory approval for its acquisition of Activision Blizzard. In a recent filing spotted by Rock Paper Shotgun, the company told New Zealand’s Commerce Commission the troubled publisher produces no “must have” games. Yes, you read that right.

“There is nothing unique about the video games developed and published by Activision Blizzard that is a ‘must have’ for rival PC and console video game distributors that give rise to a foreclosure concern,” the company says in the document. Put another way, Microsoft believes owning the rights to best-selling Activision Blizzard franchises like Call of Duty won’t prevent rivals like Sony from competing against it.

At first glance, that would seem to be a nonsensical argument to make about a company Microsoft plans to spend $68.7 billion to acquire. All the same, it’s a claim the tech giant is making in response to its rivals. In a filing with Brazilian regulators, Sony called Call of Duty “an essential game” and an AAA title “that has no rival.” It argues the franchise is so popular that it influences the consoles people buy. Sony is likely speaking from experience. In 2015, the company announced an agreement with Activision that saw some Call of Duty content arrive on PlayStation consoles first.

Downplaying the importance of Call of Duty is just one of the ways Microsoft has tried to placate regulators. In February, the company pledged it would continue to make the franchise available on PlayStation consoles beyond the end of any agreements Sony and Activision had in place before the acquisition was announced. More recently, the company announced a labor neutrality agreement with the Communications Workers of America, which has been organizing video game workers across the industry.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Repost: Original Source and Author Link


Hurry — Microsoft Surface Pro 7+ is $330 off at Best Buy today

Riley Young / Digital Trends

One of the best laptop deals to snap up right now is the Microsoft Surface Pro 7+. At Best Buy, you can buy it for $600, saving you a hefty $330 off the usual price. A huge saving, this is a good time to buy the stylish and practical 2-in-1 laptop, especially if you’re looking for a new laptop for school or for working more efficiently. Here’s why you need it in your life.

Buy Now

One of the best Microsoft Surface Pro deals today, the Microsoft Surface Pro 7+ is a great system. As you’d expect, Microsoft is one of the best laptop brands around and it’s clear to see why when you use the Microsoft Surface Pro 7+. It has an Intel Core i3 processor along with 8GB of memory and 128GB of SSD storage. While that might not sound like it would rival the best 2-in-1 laptops, it makes up for its unremarkable hardware with a fantastic display and functionality.

The Microsoft Surface Pro 7+ offers up a 12.3-inch PixelSense display with a resolution of 2736 x 1824. With a 3:2 aspect ratio, you get 18% more vertical screen real estate than a typical laptop, too. Thanks to its 2-in-1 design, you can switch between using it as a full laptop with keyboard, to using it as a tablet, digital canvas, or docked workstation. It’s immensely versatile with Windows 11 capable of giving you plenty of options. A versatile kickstand helps you adjust it to nearly 180 degrees as well.

Other features keep on coming, such as dual HD cameras with a front-facing 5.0 megapixel 1080p HD camera and an 8MP rear-facing camera with autofocus, along with dual far-field Studio Mics. Multiple ports allow you to power many 4K external displays if you wish, as well as charge all your devices. Up to 15 hours of battery life means the Microsoft Surface Pro 7+ will last you all day long, plus it weighs just 1.7 pounds so it’s truly portable.

If you’ve been considering the Microsoft Surface Pro 7+ and Microsoft Surface Pro 7, this is an ideal time to buy one. With the Microsoft Surface Pro 7+ normally priced at $930, it’s down to $600 at Best Buy for a limited time only. You’ll be delighted with this purchase.

Buy Now

Editors’ Choice

Repost: Original Source and Author Link


Microsoft says it caught an Austrian spyware group using Windows 0-day exploits

Microsoft’s security and threat intelligence teams have reportedly caught an Austrian company selling spyware based on previously unknown Windows exploits.

The new details were released on Wednesday in a technical blog post from Microsoft’s Threat Intelligence Center (MSTIC), published to coincide with written testimony given by the software company to a House Intelligence Committee hearing on commercial spyware and cyber surveillance.

The spyware developer — officially named DSIRF but which Microsoft tracks under the codename KNOTWEED — made spyware known as Subzero that was used to target law firms, banks, and consultancy firms in the UK, Austria, and Panama, Microsoft said. Analysis from MSTIC found that exploits used by DSIRF to compromise systems included a zero-day privilege escalation exploit for Windows and an Adobe Reader remote code execution attack. Microsoft says that the exploit being used by DSIRF has now been patched in a security update.

DSIRF claims to help multinational corporations perform risk analysis and collect business intelligence, but Microsoft (and other local news reporting) have linked the company to the sale of spyware used for unauthorized surveillance. Per Microsoft’s blog post:

MSTIC has found multiple links between DSIRF and the exploits and malware used in these attacks. These include command-and-control infrastructure used by the malware directly linking to DSIRF, a DSIRF-associated GitHub account being used in one attack, a code signing certificate issued to DSIRF being used to sign an exploit, and other open-source news reports attributing Subzero to DSIRF.

The new information about Microsoft’s tracking and mitigation of DSIRF / KNOTWEED’s exploits was published at the same time as a written testimony document submitted to the hearing on “Combatting the Threats to U.S. National Security from the Proliferation of Foreign Commercial Spyware,” held July 27th.

Microsoft’s written testimony described a largely unregulated commercial spyware industry where private actors were free to contract with repressive regimes around the world.

“Over a decade ago, we started to see companies in the private sector move into this sophisticated surveillance space as autocratic nations and smaller governments sought the capabilities of their larger and better resourced counterparts,” the testimony reads.

“In some cases, companies were building capabilities for governments to use consistent with the rule of law and democratic values. But in other cases, companies began building and selling surveillance as a service … to authoritarian governments or governments acting inconsistently with the rule of law and human rights norms.”

To combat the threat to free expression and human rights, Microsoft is advocating that the United States help advance the debate around spyware as a “cyberweapon,” which could then be subject to global norms and regulations in the way that other classes of weaponry are.

In the same hearing, the Intelligence Committee also received testimony from Carine Kanimba, daughter of imprisoned Rwandan activist Paul Rusesabagina, who was credited with saving as many as 1,200 Rwandans in the 1994 genocide. While advocating for her father’s release, Kanimba’s phone was believed by researchers to have been infected with NSO Group’s Pegasus spyware.

“Unless there are consequences for countries and their enablers which abuse this technology, none of us are safe,” Kanimba said.

NSO Group was also referenced by Citizen Lab senior researcher John Scott-Railton, another expert witness giving testimony to the committee. Scott-Railton described a shifting global landscape in which access to the most sophisticated and intrusive digital surveillance techniques — once only available to a handful of nation states — was becoming much more widespread due to the involvement of “mercenary spyware companies.”

The greater ability of these tools means that even US officials were more likely to be targeted, as reportedly happened to nine State Department employees working in Uganda whose iPhones were hacked with NSO’s Pegasus.

“It is clear that the United States government is not immune from the mercenary spyware threat,” Scott-Railton said.

Repost: Original Source and Author Link


Microsoft Edge uses disk caching for increased performance

The Microsoft Edge browser is now even more optimized and has a bit higher performance on Windows. That’s thanks to changes in version 102 of the browser, which can now automatically compress disk caches.

Microsoft talked about this in a technical post, explaining that its overall goal is to “deliver the best performing browser possible on Windows and other platforms.” In what seems like a shot at Google Chrome, Microsoft also mentioned that they’re aware that when a web browser consumed too many resources, the system can be slowed down. That’s where disk caching comes into play.

For those unfamiliar, in relation to web browsers, the cache is where resources are stored so web pages can load faster. With disk caching in Edge, Microsoft believes that the larger the cache of the browser, the bigger the chance the browser will fetch it from the disk to load the web page quicker.

Typically the larger the cache gets, the more disk space will get consumed, which can be problematic on devices with smaller solid-state drives or hard drives. Regular browsers will then moderate the cache based on available space.

Microsoft Edge addresses this in new ways by tweaking disk caching to minimize disk usage by using compression technology. It believes the content in the cache is often highly compressible anyway, still resulting in requested resources being fetched from the disk. So in Edge 102, Microsoft Edge automatically compresses disk caches on devices that meet eligibility checks.

“This ensures compression of these caches largely improves performance and overall user experience,” explains Microsoft.

This is just one way that Microsoft Edge is being optimized for Windows. With the browser being integrated across many areas of the operating system, Microsoft is able to add features like efficiency mode, which extends battery life by reducing CPU usage on inactive tabs. Microsoft Edge also has a feature known as sleeping tabs, which can put inactive tabs to sleep to save resources.

Features like this could be just one reason that Microsoft Edge is becoming more popular. It recently surpassed Mozilla Firefox as the second most popular web browser. Google Chrome, though, is still at the top with a 69% share.

Editors’ Choice

Repost: Original Source and Author Link


The latest tool in the hacker arsenal: Microsoft Calculator

Hackers have found an unusual and unconventional method to infect PCs with malware: distributing dangerous code with Windows Calculator.

The individuals behind the well-known QBot malware have managed to find a way to use the program to side-load malicious code on infected systems.

Getty Images

As reported by Bleeping Computer, Dynamic Link Libraries (DLLs) side-loading is when an actual DLL is spoofed, after which it is moved to a folder in order to trick the machine’s operating system to load the doctored version as opposed to the real DLL files.

QBot, a strain of Windows malware, was initially known as a banking trojan. However, ransomware gangs now rely on it due to its evolution into a malware distribution platform.

QBot has been utilizing the Windows 7 Calculator program in particular to execute DLL side-loading attacks, according to security researcher ProxyLife. These attacks have been infecting PCs since at least July 11, and it’s also an effective method for carrying out malicious spam (malspam) campaigns.

Emails that contain the malware in the form of an HTML file attachment include a ZIP archive that comes with an ISO file, which contains a .LNK file, a copy of ‘calc.exe’ (Windows Calculator), as well as two DLL files: WindowsCodecs.dll, joined by a malicious payload (7533.dll).

Opening the ISO file eventually executes a shortcut, which upon further investigation of the properties dialog for the files, is linked to Windows’ Calculator app. Once that shortcut has been opened, the infection infiltrates the system with QBot malware through Command Prompt.

The new version of the Calculator app in Windows 11.

Due to the fact that Windows Calculator is obviously a trusted program, tricking the system to distribute a payload through the app means security software could fail to detect the malware itself, making it an extremely effective — and creative — way to avoid detection.

That said, hackers can no longer use the DLL sideloading technique on Windows 10 or Windows 11, so anyone with Windows 7 should be wary of any suspicious emails and ISO files.

Windows Calculator is not a program commonly used by threat actors to infiltrate targets with, but when it comes to the current state of hacking and its advancement, nothing seems to be beyond the realm of possibility. The first appearance of QBot itself occurred more than a decade ago, and it has previously been used for ransomware purposes.

Elsewhere, we’ve been seeing an aggressive rate of activity in the malware and hacking space throughout 2022, such as the largest HTTPS DDoS attack in history. Ransomware gangs themselves are also evolving, so it’s not a surprise they’re continuously finding loopholes to benefit from.

With the alarming rise in cybercrime in general, technology giant Microsoft has even launched a cybersecurity initiative, with the “security landscape [becoming] increasingly challenging and complex for our customers.”

Editors’ Choice

Repost: Original Source and Author Link


Microsoft upgrades Office security by blocking VBA macros by default

There’s been a bit of back and forth since the change was originally announced, but this week Microsoft started rolling out an update to Microsoft Office that blocks the use of Visual Basic for Applications (VBA) macros on downloaded documents.

Last month, Microsft was testing the new default setting when it suddenly rolled back the update, “temporarily while we make some additional changes to enhance usability.” Despite saying it was temporary, many experts worried that Microsoft might not go through with changing the default setting, leaving systems vulnerable to attacks. Google Threat Analysis Group leader Shane Huntley tweeted, “Blocking Office macros would do infinitely more to actually defend against real threats than all the threat intel blog posts.”

Now the new default setting is rolling out, but with updated language to alert users and administrators what options they have when they try to open a file and it’s blocked. This only applies if Windows, using the NTFS file system, notes it as downloaded from the internet and not a network drive or site that admins have marked as safe, and it isn’t changing anything on other platforms like Mac, Office on Android / iOS, or Office on the web.


We’re resuming the rollout of this change in Current Channel. Based on our review of customer feedback, we’ve made updates to both our end user and our IT admin documentation to make clearer what options you have for different scenarios. For example, what to do if you have files on SharePoint or files on a network share. Please refer to the following documentation:

• For end users, A potentially dangerous macro has been blocked

• For IT admins, Macros from the internet will be blocked by default in Office

If you ever enabled or disabled the Block macros from running in Office files from the Internet policy, your organization will not be affected by this change.

While some people use the scripts to automate tasks, hackers have abused the feature with malicious macros for years, tricking people into downloading a file and running it to compromise their systems. Microsoft noted how administrators could use Group Policy settings in Office 2016 to block macros across their organization’s systems. Still, not everyone turned it on, and the attacks continued, allowing hackers to steal data or distribute ransomware.

Users who try to open files and are blocked will get a pop-up sending them to this page, explaining why they probably don’t need to open that document. It starts by running through several scenarios where someone might try to trick them into executing malware. If they really do need to see what’s inside the downloaded file, it goes on to explain ways to get access, which are all more complicated than what happened before, where users could usually enable macros by pressing one button in the warning banner.

This change may not always stop someone from opening up a malicious file, but it does provide several more layers of warnings before they can get there while still providing access for the people that say they absolutely need it.

Repost: Original Source and Author Link


Microsoft has a warning about working in the metaverse

You’re probably familiar with the online dangers that you could come across while working from home on your own computer or one provided by your employer. Spam, malware, adware, and viruses are just some things to think about. With the future of the workplace now possibly heading into the online metaverse, these are all dangers that could still come up for workers — and Microsoft has a warning about it.

In a recent post, Charlie Bell, the executive vice president for security, compliance, identity, and management at Microsoft, talked about the cornerstones for securing work in the metaverse. Bell believes that with the metaverse, the security stakes will be higher than imagined, and lists ways that companies and the major players in the space can stay safe when bringing workers online to the virtual metaverse. More importantly, though, he also touched on how anyone can easily be impersonated in the metaverse.

“Fraud and phishing attacks targeting your identity could come from a familiar face – literally – like an avatar who impersonates your co-worker, instead of a misleading domain name or email address. These types of threats could be deal-breakers for enterprises if we don’t act now,” explained Bell.

So, how can this security and trust be accomplished? According to Bell, it’ll have to do a lot with information sharing and collaboration on metaverse technologies. It also has to do with adopting multi-factor authentication and password-free authentication in metaverse platforms. Even giving IT admins a console to control the experiences is something that Microsoft and Bell suggest.

According to Bell, the security of work in the metaverse has to come from the apps within, and there’s only “one chance” to establish specific security principles that can create trust and peace of mind for metaverse experiences while it’s still new. “The security community must work together to build a foundation to safely work, shop, and play,” said Bell.

Transparency is the final way of securing the metaverse for everyone. Bell hopes that those who hold leadership positions in the space will be prepared to answer questions from security experts about terms of service, encryption, and vulnerability reporting. “Let’s make the lessons we’ve learned about identity, transparency, and the security community’s powerful collaboration our top ideals to enable this next wave of technology to reach its full potential,” said Bell.

Editors’ Choice

Repost: Original Source and Author Link