Microsoft has confirmed that Windows 11 24H2 has issues with USB-connected devices that support the Scanner Communication Language (eSCL) protocol. From a report: A compatibility hold has been applied to the hardware. The hold means that hardware connected to a USB device supporting the eSCL protocol will not be offered an upgrade to Windows 11 24H2. Microsoft said: "This issue primarily affects USB-connected multifunction devices or standalone scanners that support scan functionality and the eSCL protocol."

According to Microsoft, the issue lies in device discovery. Install Windows 11 24H2, wait for it to discover USB-connected peripherals, and... nothing. Or as Microsoft put it: "You might observe that your device does not discover the USB-connected peripheral and the device discovery does not complete." The company added: "This issue is caused due to the device not switching out of eSCL mode to USB mode, which allows the scanner drivers to be matched."

An anonymous reader quotes a report from TechCrunch: Security researchers have uncovered two previously unknown zero-day vulnerabilities that are being actively exploited by RomCom, a Russian-linked hacking group, to target Firefox browser users and Windows device owners across Europe and North America. RomCom is a cybercrime group that is known to carry out cyberattacks and other digital intrusions for the Russian government. The group -- which was last month linked to a ransomware attack targeting Japanese tech giant Casio -- is also known for its aggressive stance against organizations allied with Ukraine, which Russia invaded in 2014.

Researchers with security firm ESET say they found evidence that RomCom combined use of the two zero-day bugs -- described as such because the software makers had no time to roll out fixes before they were used to hack people -- to create a "zero click" exploit, which allows the hackers to remotely plant malware on a target's computer without any user interaction. "This level of sophistication demonstrates the threat actor's capability and intent to develop stealthy attack methods," ESET researchers Damien Schaeffer and Romain Dumont said in a blog post on Monday. [...] Schaeffer told TechCrunch that the number of potential victims from RomCom's "widespread" hacking campaign ranged from a single victim per country to as many as 250 victims, with the majority of targets based in Europe and North America. Mozilla and the Tor Project quickly patched a Firefox-based vulnerability after being alerted by ESET, with no evidence of Tor Browser exploitation. Meanwhile, Microsoft addressed a Windows vulnerability on November 12 following a report by Google's Threat Analysis Group, indicating potential use in government-backed hacking campaigns.

The Macquarie Dictionary, the national dictionary of Australia, has picked "enshittification" as its word of the year. Gizmodo reports: The Australians define the word as "the gradual deterioration of a service or product brought about by a reduction in the quality of service provided, especially of an online platform, and as a consequence of profit-seeking." We've all felt this. Google search is filled with garbage. The internet is clogged with SEO-farming websites that clog up results. Facebook is an endless stream of AI-generated slop. Zoom wants you to test out its new AI features while you're trying to go into a meeting. Twitter has become X, and its owner thinks sharing links is a waste of time. Last night I reinstalled Windows 11 on a desktop machine and got pissed as it was finalized and Microsoft kept trying to get me to install OneDrive, Office 360, Call of Duty Black Ops 6, and a bunch of other shit I didn't want. Writer and activist Cory Doctorow coined the term enshittification in 2022, and recently offered potential solutions to the age-old phenomenon in an interview with The Register.

"We need to have prohibition and regulation that prohibits the capital markets from funding predatory pricing," he explained. "It's very hard to enter the market when people are selling things below cost. We need to prohibit predatory acquisitions. Look at Facebook: buying Instagram, and Mark Zuckerberg sending an email saying we're buying Instagram because people don't like Facebook and they're moving to Instagram, and we just don't want them to have anywhere else to go."

Microsoft's controversial "Recall" feature (in a public preview of Windows 11) already has some known issues, Microsoft admitted Friday. For example:

- Recall can be enabled or disabled from "Turn Windows features on or off". We are caching the Recall binaries on disk while we test add/remove. In a future update we will completely remove the binaries.

- You must have Secure Boot enabled for Recall to save snapshots.

- Some users experience a delay before snapshots first appear in the timeline while using their device. If snapshots do not appear after 5 minutes, reboot your device. If saving snapshots is enabled, but you see snapshots are no longer being saved, reboot your device.

- Clicking links within Recall to submit feedback may experience a delay in loading the Feedback Hub application. Be patient and it will display.

CNBC adds that according to Microsoft Recall "won't work with some accessibility programs, and if you specify that Recall shouldn't save content from a given website, it might get captured anyway while using the built-in Edge browser..." But those aren't the only issues CNBC noticed: - While you might expect that your computer will be recording every last thing you look at once you've turned on Recall, it can go several minutes between making snapshots, leaving gaps in the timeline.

- Recall allows you to prevent screenshots from being made when you're accessing specific apps. But a few apps installed on my Surface Pro are not shown on that list.

- When you enter a search string to find words, results might be incomplete or incorrect. Recall clearly had two screen images that mention "Yankees," but when I typed that into the search box, only one of them came up as a text match. I typed in my last name, which appeared in eight images, but Recall produced just two text matches.

- Recall made a screenshot while I was scrolling through posts on social network BlueSky, and one contains a photo of a New York street scene. You can see a stoplight, a smokestack and street signs. I typed each of those into the search box, but Recall came up with no results...

- The search function is fast, but flipping through snapshots in Recall is not. It can take a couple of seconds to load screenshots as you swipe between them.

"You can use any Linux distribution inside of the Windows Subsystem for Linux" Microsoft recently reminded Windows users, "even if it is not available in the Microsoft Store, by importing it with a tar file."

But being an official distro "makes it easier for Windows Subsystem for Linux users to install and discover it with actions like wsl --list --online and wsl --install," Microsoft pointed out this week. And "We're excited to announce that Red Hat will soon be delivering a Red Hat Enterprise Linux WSL distro image in the coming months..."

Thank you to the Red Hat team as their feedback has been invaluable as we built out this new architecture, and we're looking forwards to the release...! Ron Pacheco, senior director, Red Hat Enterprise Linux Ecosystem, Red Hat says:

"Developers have their preferred platforms for developing applications for multiple operating systems, and WSL is an important platform for many of them. Red Hat is committed to driving greater choice and flexibility for developers, which is why we're working closely with the Microsoft team to bring Red Hat Enterprise Linux, the largest commercially available open source Linux distribution, to all WSL users."
Read Pacheco's own blog post here.

But in addition Microsoft is also releasing "a new way to make WSL distros," they announced this week, "with a new architecture that backs how WSL distros are packaged and installed." Up until now, you could make a WSL distro by either creating an appx package and distributing it via the Microsoft Store, or by importing a .tar file with wsl -import. We wanted to improve this by making it possible to create a WSL distro without needing to write Windows code, and for users to more easily install their distros from a file or network share which is common in enterprise scenarios... With the tar based architecture, you can start with the same .tar file (which can be an exported Linux container!) and just edit it to add details to make it a WSL distro... These options will describe key distro attributes, like the name of the distro, its icon in Windows, and its out of box experience (OOBE) which is what happens when you run WSL for the first time. You'll notice that the oobe_command option points to a file which is a Linux executable, meaning you can set up your full experience just in Linux if you wish.

"Steven Adair, of cybersecurity firm Veloxity, revealed at the Cyberwarcon security conference how Russian hackers were able to daisy-chain as many as three separate Wi-Fi networks in their efforts to attack victims," writes Longtime Slashdot reader smooth wombat. Wired reports: Adair says that Volexity first began investigating the breach of its DC customer's network in the first months of 2022, when the company saw signs of repeated intrusions into the customer's systems by hackers who had carefully covered their tracks. Volexity's analysts eventually traced the compromise to a hijacked user's account connecting to a Wi-Fi access point in a far end of the building, in a conference room with external-facing windows. Adair says he personally scoured the area looking for the source of that connection. "I went there to physically run down what it could be. We looked at smart TVs, looked for devices in closets. Is someone in the parking lot? Is it a printer?" he says. "We came up dry."

Only after the next intrusion, when Volexity managed to get more complete logs of the hackers' traffic, did its analysts solve the mystery: The company found that the hijacked machine which the hackers were using to dig around in its customer's systems was leaking the name of the domain on which it was hosted -- in fact, the name of another organization just across the road. "At that point, it was 100 percent clear where it was coming from," Adair says. "It's not a car in the street. It's the building next door." With the cooperation of that neighbor, Volexity investigated that second organization's network and found that a certain laptop was the source of the street-jumping Wi-Fi intrusion. The hackers had penetrated that device, which was plugged into a dock connected to the local network via Ethernet, and then switched on its Wi-Fi, allowing it to act as a radio-based relay into the target network. Volexity found that, to break into that target's Wi-Fi, the hackers had used credentials they'd somehow obtained online but had apparently been unable to exploit elsewhere, likely due to two-factor authentication.

Volexity eventually tracked the hackers on that second network to two possible points of intrusion. The hackers appeared to have compromised a VPN appliance owned by the other organization. But they had also broken into the organization's Wi-Fi from another network's devices in the same building, suggesting that the hackers may have daisy-chained as many as three networks via Wi-Fi to reach their final target. "Who knows how many devices or networks they compromised and were doing this on," says Adair. Volexity had presumed early on in its investigation that the hackers were Russian in origin due to their targeting of individual staffers at the customer organization focused on Ukraine. Then in April, fully two years after the original intrusion, Microsoft warned of a vulnerability in Windows' print spooler that had been used by Russia's APT28 hacker group -- Microsoft refers to the group as Forest Blizzard -- to gain administrative privileges on target machines. Remnants left behind on the very first computer Volexity had analyzed in the Wi-Fi-based breach of its customer exactly matched that technique. "It was an exact one-to-one match," Adair says.

The latest Steam client drops support for operating systems older than Windows 10 or macOS 10.15 Catalina. "That means Mac users can't run 32-bit games anymore, as all macOS versions from Catalina onward only run 64-bit binaries," reports The Register. From the report: [I]f you have a well-specified older Mac, here is another reason to check out Open Core Legacy Patcher. For now, macOS 10.15 Catalina will do but we suspect it won't for long. This version of Steam uses the equivalent to Chrome 126: "Updated embedded Chromium build in Steam to 126.0.6478.183." However, versions since Chrome 128 require macOS 11 or newer. For now, Catalina will work -- but the next significant Steam update will update Chromium as well, and there's a high probability that that will drop support for 10.15.

So, if you're using OCLP to install a newer macOS, you should probably go directly to Big Sur. In The Reg FOSS desk's testing, we found that Big Sur ran reasonably well on a machine with Intel HD 520 graphics, although the same hardware ran very poorly with macOS 12 Monterey. Unfortunately, the inevitable end is in sight for older Macs. That said, the November 2024 Steam client update brings several "wins," including a built-in Game Recording feature, an upgraded Chromium browser engine, and the new "Scout" Linux runtime environment for improved compatibility and performance, especially on the Steam Deck and Linux distros. Additionally, it delivers bug fixes and enhancements for modern OS users.

Microsoft has released a public preview of its redesigned Windows Recall feature, five months after withdrawing the original version due to security concerns. The feature will initially be available only on Qualcomm Snapdragon X Elite and Plus Copilot+ PCs running Windows Insider Dev channel build 26120.2415.

Recall, which continuously captures and indexes screenshots and text for later search, now includes mandatory encryption, opt-in activation, and Windows Hello authentication. The feature requires Secure Boot, BitLocker encryption, and attempts to automatically mask sensitive data like passwords and credit card numbers. The feature is exclusive to Copilot+ PCs equipped with neural processing units for local AI processing.

Microsoft has expanded its campaign to migrate Windows 10 users to Windows 11, deploying full-screen ads urging users to purchase new computers ahead of Windows 10's end-of-support date. The ads, appearing on Windows 10 devices, remind the October 14, 2025 cut-off date for OS support.

Valve's Steam platform is implementing stricter regulations for season pass sales, requiring detailed content descriptions and specific release windows for downloadable content (DLC), according to SteamDB creator Pavel Djundik.

The company will restrict season pass offerings to established partners with proven track records and may issue refunds if developers miss deadlines or deliver unsatisfactory content. Developers must outline DLC components and commit to three-month launch windows, with one possible delay allowed. "If you aren't ready to clearly communicate about the content included in each DLC AND when each DLC will be ready for launch, you shouldn't offer a Season Pass on Steam," Valve stated.

Microsoft has announced sweeping changes to Windows security architecture, including new recovery capabilities designed to prevent system-wide outages following July's CrowdStrike incident that disabled 8.5 million Windows devices.

The Windows Resiliency Initiative introduces Quick Machine Recovery, allowing IT administrators to remotely fix unbootable systems through an enhanced Windows Recovery Environment. Microsoft is also mandating stricter testing and deployment practices for security vendors under its Microsoft Virus Initiative, including gradual rollouts and monitoring procedures.

The company is also developing a framework to move antivirus processing outside the Windows kernel, with a preview planned for security partners in July 2025.

Microsoft is planning to launch a new purpose-built miniature PC for its Windows 365 cloud service next year. The Verge: Windows 365 Link is a $349 device that acts like a thin client PC to connect to the cloud and stream a version of Windows 11. The Link device is designed to be a compact, fanless, and easy-to-use cloud PC for your local monitors and peripherals. It's meant to be the ideal companion to Microsoft's Windows 365 service, which lets businesses transition employees over to virtual machines that exist in the cloud and can be streamed securely to multiple devices. Windows 365 Link cannot run local apps.

In a technical blog post, Microsoft veteran Raymond Chen has explained why Windows 95's installation process required users to pass through three different operating systems -- MS-DOS, Windows 3.1, and Windows 95. The design choice stemmed from the need to support upgrades from multiple starting points while maintaining a graphical user interface throughout the process.

Rather than creating separate installers for MS-DOS, Windows 3.1, and Windows 95 users, developers opted for a unified approach using three chained setup programs. The process began with installing a minimal version of Windows 3.1 when starting from MS-DOS, followed by a 16-bit Windows application that handled core installation tasks, and concluded with a 32-bit Windows 95 program for final configuration steps.

This week Alphabet CEO Sundar Picahi assured investors that their long-term AI focus and investment (and a "commitment to innovation") "are paying off," reports the Associated Press. Alphabet's stock has already soared 20% this year, and it's "still thriving" as the company "navigates through a pivotal shift to AI and battles regulators..." Alphabet earned $26.3 billion, or $2.12 per share during the most recent quarter, a 34% increase from a year ago. Revenue rose 15% from the same time last year to $88.27 billion... The profits would have been even higher if Google wasn't pouring so much money into building up its AI arsenal in a technological arms race that includes other industry heavyweights Microsoft, Amazon, Apple, Facebook parent Meta Platforms and rising star OpenAI. The AI investments are the primary reason Google's capital expenditures in the past quarter soared 62% from the same time last year to $13.1 billion. The AI spending will likely stay at roughly the same level during the current October-December period, and the rise even higher next year, according to Anat Ashkenazi, Alphabet's chief financial officer.

But Ashkenazi also emphasized the Mountain View, California, company will act on cost-cutting opportunities in other areas to help boost profits. Alphabet already has trimmed its payroll from more than 190,000 worldwide employees early last year to about 181,000 workers now. In an example of how AI can perform tasks that once required human brainpower, Pichai said the technology is now writing more than 25% of the company's new computer coding.
After the results, investors sent Alphabet's stock price up 5% in extended trading, the article points out. "Both Alphabet's profit and revenue increased at a brisker pace than industry analysts anticipated, thanks primarily to a moneymaking machine powered by Google's ubiquitous search engine... [Google's digital search-engine ads earned $49.39 billion, 12% more than the same quarter of 2023.] And Google's cloud division is growing at an even more robust rate, thanks to demand for AI services. The cloud division generated $11.35 billion in revenue during the past quarter, a 35% increase from last year."

And meanwhile over at Microsoft, quarterly sales surged 16% to $65.6 billion, reports the Associated Press. But again, "the company sought to assure investors its huge spending on artificial intelligence is paying off." The company has spent billions of dollars to expand its global network of data centers and other physical infrastructure required to develop AI technology... As a result, AI-related products are now on track to contribute about $10 billion to the company's annual revenue, the "fastest business in our history to reach this milestone," CEO Satya Nadella said on a call with analysts Wednesday. [Though Microsoft "hasn't yet formally reported revenue specifically from AI products," the article notes later, with Microsoft instead saying it's infused AI and Copilot into all its business segments.]
Just in the last quarter, Microsoft spent $20 billion "mostly for its cloud computing and AI needs," the article points out.

But there's still making plenty of money... The software maker also reported an 11% increase in quarterly profit to $24.7 billion, or $3.30 per share, which beat Wall Street expectations for the July-September period... Leading in sales for the quarter was Microsoft's productivity business segment, which includes its Office suite of email and other workplace products, growing 12% to $28.3 billion. Microsoft's cloud-focused business segment grew 20% from the same time last year to $24.1 billion for the three months ending Sept. 30. Its personal computing business, led by its Windows division, grew 17% to $13.2 billion. A big part of that growth came from Microsoft's Xbox video game business, which was boosted by its purchase of game publishing giant Activision Blizzard a year ago.

Classic first-person shooters Unreal (1998) and Unreal Tournament are now available for free on the Internet Archive, with official OK from publisher Epic Games.

An Epic spokesperson confirmed to PC Gamer that users are permitted to "independently link to and play these versions." Players can download the games directly from the Internet Archive and apply patches from Github for modern Windows compatibility, or use simplified installers through oldunreal.com. Both titles run on current hardware despite their age, though users may need to adjust dated default settings like 640x480 resolution and inverted mouse controls.

An anonymous reader shares a report: After dragging its feet for years, Microsoft has finally released the first official Windows 11 ISOs for PCs with an Arm64 processor. This means users can now clean install Windows 11 using official offline media on an Arm64-based PC, including the latest Snapdragon X Copilot+ PCs.

The ISOs contain version 24H2 can be downloaded from the official Microsoft website, and are around 5GB in size depending on the language you select. According to the company, the ISOs are primarily designed for running Windows 11 in a virtual machine on Arm64 PCs. However, it also mentions that you can use them to clean install Windows 11 directly onto Arm64 hardware too.Unfortunately, depending on the Arm64 PC you have, you may need to do some additional work to get the ISO bootable.

An anonymous reader quotes a report from Ars Technica: The classic PC games market is "in a sorry state," according to DRM-free and classic-minded storefront GOG. Small games that aren't currently selling get abandoned, and compatibility issues arise as technology moves forward or as one-off development ideas age like milk. Classic games are only 20 percent of GOG's catalog, and the firm hasn't actually called itself "Good Old Games" in 12 years. And yet, today, GOG announces that it is making "a significant commitment of resources" toward a new GOG Preservation Program. It starts with 100 games for which GOG's own developers are working to create current and future compatibility, keeping them DRM-free and giving them ongoing tech support, along with granting them a "Good Old Game: Preserved by GOG" stamp.

GOG is not shifting its mission of providing a DRM-free alternative to Steam, Epic, and other PC storefronts, at least not entirely. But it is demonstrably excited about a new focus that ties back to its original name, inspired in some part by its work on Alpha Protocol. "We think we can significantly impact the classics industry by focusing our resources on it and creating superior products," writes Arthur Dejardin, head of sales and marketing at GOG. "If we wanted to spread the DRM-free gospel by focusing on getting new AAA games on GOG instead, we would make little progress with the same amount of effort and money (we've been trying various versions of that for the last 5 years)."

What kind of games? Scanning the list of Good Old Games, most of them are, by all accounts, both good and old. Personally, I'm glad to see the Jagged Alliance games, System Shock 2, Warcraft I & II, Dungeon Keeper Gold and Theme Park, SimCity 3000 Unlimited, and the Wing Commander series (particularly, personally, Privateer). Most of them are, understandably, Windows-only, though Mac support extends to 34 titles so far, and Linux may pick up many more through Proton compatibility, beyond the 19 native titles to date. [...] [I]f you see the shiny foil-ish GOG badge on a game, it's an assurance that GOG has done all it can to bring forward a classic title. It's important work, too. "Preserving" games doesn't just mean locking a stable media in a vault, but keeping games accessible, and playable.

Microsoft seems set to rebrand the AI-powered features in Windows to "Windows Intelligence" even if some of the more controversial elements, such as Recall, are to remain as they are. The Register: Word of Windows Intelligence has circulated for a while, although Microsoft has yet to issue any official confirmation. In October, Tero Alhonen posted what appeared to be options for apps that use AI services. Over the weekend, X user Albacore turned up a placeholder page in a Windows 24H2 build for Windows Intelligence settings. Although Microsoft has made substantial investments in artificial intelligence, AI as part of a brand is a little generic.

Apple's approach, to define AI as being "Apple Intelligence," manages to keep the familiar "AI" initialism while ensuring its own brand is kept front and center. With Windows Intelligence, Microsoft is attempting something similar, although "Apple Intelligence" can be handily shortened to "AI". The recently overhauled Copilot and delayed Recall have sparked debate in the Windows community, yet neither seems likely to be rebranded to Windows Intelligence at this stage. However, Windows Intelligence could represent an umbrella for AI technologies on the Microsoft platform and provide users with a quick and easy way of controlling the access AI apps have to user data and how that data is used.

An anonymous reader quotes a report from BleepingComputer: VMware has announced that its VMware Fusion and VMware Workstation desktop hypervisors are now free to everyone for commercial, educational, and personal use. In May, the company also made VMware Workstation Pro and Fusion Pro free for personal use, allowing students and home users to set up virtualized test labs and experiment with other OSs by running virtual machines and Kubernetes clusters on Windows, Linux, and macOS devices. Starting this week, the Pro versions and the two products will no longer be available under a paid subscription model.

"Effective immediately, both VMware Fusion and VMware Workstation will transition away from the paid subscription model, meaning you can now utilize these tools without any cost. The paid versions of these offerings -- Workstation Pro and Fusion Pro -- are no longer available for purchase," said Broadcom product marketing director Himanshu Singh. "If you're currently under a commercial contract, you can rest easy knowing that your agreement will remain in effect until the end of your term. You will continue to receive the full level of service and enterprise-grade support as per your contract."

While the free versions will include all the features available in the paid products, Broadcom will no longer provide users with support ticketing for troubleshooting. Broadcom plans to continue developing new features and improvements and ensure that updates are rolled out promptly. "We're actively investing in new features, usability improvements, and other valuable enhancements," Singh added. "Our engineering teams are committed to maintaining our high standards for stability, with timely updates and reliable performance." You can download VMware Fusion and VMware Workstation here (sign-in required).

Microsoft is planning to no longer support the Windows Mail, Calendar, and People apps later this year. The Verge: The software giant has been moving existing users of these apps over to the new Outlook for Windows app in recent months, and now it has set an end of support date for the Mail, Calendar, and People apps of December 31st.

Once the apps reach end of support later this year, Microsoft warns that users who haven't moved to the new Outlook app "will no longer be able to send and receive email using Windows Mail and Calendar."

Microsoft has been rolling out the new Outlook for Windows app for years, with it officially reaching the general availability stage in August. The new web-based Outlook is designed to eventually replace the full desktop version of Outlook too, and Microsoft plans to provide enterprise customers a 12-month notice before it starts to move people away from the desktop version of Outlook.