Technology

80800 readers

3435 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

161

Microsoft releases urgent Office patch. Russian-state hackers pounce. (arstechnica.com)

submitted 3 days ago by return2ozma@lemmy.world to c/technology@lemmy.world

15 comments fedilink hide all child comments

top 15 comments

sorted by: hot top controversial new old

[–] m3t00@piefed.world 47 points 3 days ago (2 children)

no worries copilot has screenshots

[–] WhyJiffie@sh.itjust.works 7 points 3 days ago

and onedrive has all your documents too in original form

[–] Tramort@programming.dev 13 points 3 days ago

That's so fucking on target

[–] FiniteBanjo@feddit.online 45 points 3 days ago (4 children)

Slopper companies like MS, Google, and Spotify are all having massive vulnerabilities. I wonder why.

[–] Zink@programming.dev 15 points 3 days ago

It sounds like they've gotten fat, rich, and complacent. Just like some societies I know!

[–] WhyJiffie@sh.itjust.works 6 points 3 days ago (1 children)

Obviously the problem is that office was not written in a safe language. rewrite office in rust!

[–] dejpivo@lemmings.world 5 points 3 days ago (1 children)

I genuinely wonder if rust helps guarding against slop coding vulnerabilities, at least statistically.

[–] WhyJiffie@sh.itjust.works 3 points 3 days ago* (last edited 3 days ago)

the compiler stops you from compiling most of incorrect code. unless AI learns to use unsafe blocks liberally, it will still prevent memory corruption bugs and such

[–] timewarp@lemmy.world 7 points 3 days ago* (last edited 3 days ago) (1 children)

Vibe coding. Overuse of H-1B visas. Microsoft specifically seems to rely a lot on foreign workers because a lot of them will do whatever their employer asks without question because their employer has a lot of control over whether they are even allowed in the US. Even if they are natural citizens it seems a lot of them don't have the same privileges & a bad review by an employer has more potential to ruin their career. Also, the caste system exists here even in the US.

[–] very_well_lost@lemmy.world 9 points 3 days ago

Overuse of H-1B visas.

It's literally a system of indentured servitude and corpos are just free to abuse it with impunity.

[–] ILikeBoobies@lemmy.ca 2 points 3 days ago

Don't forget Linux.

(XZ not technically Linux)

[–] Australis13@fedia.io 25 points 3 days ago (1 children)

Rather impressive how quickly the hackers reverse-engineered Microsoft's patch and used the vulnerability whilst the opportunity was still available:

The threat group, tracked under names including APT28, Fancy Bear, Sednit, Forest Blizzard, and Sofacy, pounced on the vulnerability, tracked as CVE-2026-21509, less than 48 hours after Microsoft released an urgent, unscheduled security update late last month, the researchers said. After reverse-engineering the patch, group members wrote an advanced exploit that installed one of two never-before-seen backdoor implants.

[–] frongt@lemmy.zip 22 points 3 days ago (2 children)

And this is why quickly applying security updates is important.

[–] Damage@feddit.it 1 points 2 days ago

Yeah if your OS is a fucking sieve

[–] Prove_your_argument@piefed.social 6 points 3 days ago

Who needs a maintenance window or to test updates? Just roll the dice constantly.