​Cisco has patched a dangerous flaw that allows a hacker to access victims’ accounts from another machine in order to see all meetings, individuals invited, meeting passwords and past meeting records.

The shared memory information leakage vulnerability, found in the Cisco WebEx Meetings desktop app for Windows, allows an authenticated attacker to gain access to sensitive information either locally, or by running a malicious programme.

Assigned CVE-2020-3347, the exploitation is based on the unsafe usage of shared memory used by the video conferencing platform’s desktop client, according to Trustwave researchers, who discovered the flaw.

Once the WebEx Meetings application is installed, it adds an application to the tray that starts up automatically once the user logs on. If the user has configured the client to log on automatically too, which by default it does, several memory-mapping files open, with some unprotected from opening for reading and writing.

An attacker with permissions to view system memory could exploit this vulnerability by running an application that’s designed to read shared memory. The hacker can loop over sessions and try to open, read and save content for future examination.

Successful exploitation could give the hacker the power to retrieve sensitive information through this mechanism, including usernames, meeting information, as well as authentication tokens that can be used in future attacks.

“Due to the global pandemic of COVID-19, there’s been an explosion of video conferencing and messaging software usage to help people transition their work-life to a work from home environment,” said Trustwave security research manager Martin Rakhmanov.

“Vulnerabilities in this type of software now present an even greater risk to its users. Cisco WebEx is one of the most popular video conferencing solutions available, so I decided to turn my research skills to see how secure the platform is.

“In an attack scenario, any malicious local user or malicious process running on a computer where WebEx Client for Windows is installed can monitor the memory-mapped file for a login token. Once found the token, like any leaked credentials, can be transmitted somewhere so that it can be used to login to the WebEx account in question, download Recordings, view/edit Meetings, etc.”

Cisco has released a software update addressing this vulnerability, urging users to update their Cisco Webex Meetings software to version 40.6.0 and higher. The “relatively severe” flaw affected versions of the platform released earlier than this, with Rakhmanov testing the exploitation on version 40.4.12.8.

Cisco has unveiled a ‘business resiliency’ portfolio that offers enterprises the tools to cope with the realities of a post-COVID business landscape, including remote working technologies and workplace systems.

The portfolio combines industry-specific as well as general-purposes services to give customers the means to cope with the new reality of social distancing in the workplace and difficulties in engaging remote workers. 

Cisco is rolling out the portfolio as the effects of COVID-19 continue to take their toll, and challenges such as mass remote working and fragmented IT continue to loom. This is in addition to further updates to WebEx, Cisco’s video conferencing platform, and integration with collaboration platform WebEx Teams and Box.

Industry-specific tools released as part of the business resilience package including a remote learning system, as well as an IT infrastructure kit to allow governments to establish a temporary hospital, in the mould of the NHS Nightingale sites. The temporary connected field hospital, as it’s dubbed, includes wireless networking and the associated technology to establish a temporary facility within five days.  

“Over the past several months we’ve seen major disruption to many industries and organizations at a pace like never before. Businesses that once mapped digital strategy in one to three-year periods have been required to scale their initiatives essentially overnight,” said Cisco CEO Chuck Robbins. 

“Cisco’s new business resiliency portfolio will help customers reevaluate their business strategies and implement solutions more quickly and easily than ever before.”

The remote workforce systems include a remote contact centre system, enabling contact centre agents to work from home using cloud-based systems or the capabilities to securely access their on-premise tech remotely. 

Flexible remote access gives employees the expertise and tools to access the network, endpoints and applications remotely, while the final prong, secure remote worker, offers businesses tools to analyse the effectiveness and security of their VPNs.

Among the workplace technologies being rolled out is remote office connectivity that extends a corporate network to adjacent and remote locations so workers can benefit from increased bandwidth and faster connectivity. 

Finally, social density monitoring and insights gives workplaces a view on how busy their workplace environments might be at any one time. This is in order for facilities teams to plan return-to-work strategies with social distancing in mind.

The WebEx integration with Box, meanwhile, allows workers to use the content management platform’s secure file-sharing capabilities to share documents with colleagues. With regards to WebEx, Cisco has tripled the video conferencing platform’s capacity in light of the surge in users as a result of the pandemic. 

WebEx will also introduce a fully-fledge voice-activated virtual assistant, building on Cisco’s intentions to use voice tools to explore the ‘next frontier’ of data insights, outlined in January this year.   

More than a million staff members across the NHS will have access to the Microsoft 365 suite of apps and services as part of a landmark agreement struck between NHS Digital, NHSX and Microsoft.

The productivity and collaboration suite, which includes Microsoft Teams, will be deployed to 1.2 million NHS staff in Trusts, Clinical Commissioning Groups, and health Informatics Services in an effort to create a more joined-up NHS.

GPs, consultants, nurses, therapists, paramedics, and support staff will have access to services within Microsoft 365 as part of the agreement, allowing them to take advantage of the cloud-based services. 

“Adopting the most up to date digital tools and operating systems are crucial for a modern day NHS – allowing staff to work as efficiently as possible which will deliver even better care for patients,” said the health secretary Matt Hancock.

“We have seen incredible, innovative uses of technology throughout the NHS during the Covid-19 pandemic and this new deal with Microsoft will pave the way for that to continue by ensuring we get the basics right.”

Platforms such as Microsoft Teams will allow for quicker and more efficient communication, while the interoperability across the health service with Office 365 apps and Outlook will allow for a much sharing of critical files and documents. 

“This deal with Microsoft represents a saving of hundreds of millions of pounds. This is a direct result of negotiations led jointly by NHSX and NHS Digital,” added NHSX CEO Matthew Gould. “It means staff will have access to the best possible collaboration and productivity tools, and that our cyber defences are as strong as possible.” 

The cost of the agreement hasn’t been disclosed, although the NHS insists the deal will be cost-saving for both individual organisations and the NHS as a whole, as well as improving productivity and boosting collaboration. This isn’t to mention the cyber security benefits, given the rising nature of the threat that the health service faces.

The latest agreement builds on the deal struck in April 2018 that allowed NHS organisations to upgrade to Windows 10 free of charge. Legacy operating systems, such as Windows XP and Windows 7, were widely in-use at the time of the agreement.

The rollout of Microsoft 365 to NHS organisations will also ensure IT systems that haven’t yet been upgraded to Windows 10 will be, in addition to being afforded Microsoft’s Enterprise Mobility and Security platform.

“This agreement ensures NHS organisations across England have access to modern productivity tools and solutions necessary to delivering better patient outcomes now and in the future,” said Microsoft UK CEO Cindy Rose.

“The timing of the agreement coincides with the licence renewal period of a number of NHS organisations in England. It also ensures that those NHS organisations that have already made their own arrangements with Microsoft benefit from the deal and the significant cost savings on offer.”

It feels like a lifetime ago since Mobile World Congress (MWC), one of the biggest events on the tech calendar, was cancelled just as the coronavirus crisis was beginning to escalate. Winding forward to the present day, the prospect of any large events of its stature taking place is unthinkable, with companies either postponing or cancelling their own.

Many have instead pivoted to hosting their events digitally, trialling ways to engage partners and customers online. This also applies to our sister title, IT Pro, with the launch of IT Pro Live, a five-day programme of keynote addresses, panel discussions and Q&As held between 22 and 26 June. Of course, hosting a virtual event is very different from hosting a physical one and even the most experienced of event managers face pitfalls. In this spirit, we’ve compiled guidance for businesses hoping to launch their own virtual events over the coming weeks, months or even years.

Not a like-for-like replacement

Hosting a digital event is an arena ripe for experimentation. Microsoft, for example, launched more than 50 products at its first virtual Build conference, which, like IT Pro Live, took place over the course of a week. Google Cloud Next 2020, on the other hand, will be hosted one day per week for nine weeks, starting 14 July. As such, it’s clear that virtual events can’t be treated as a like-for-like replacement for in-person conferences.

“The challenge is that such conferences are multi-faceted events that are hard to deliver through a virtual window,” nCipher vice president, Peter Carlisle, tells Cloud Pro. In Carlisle’s experience, certain elements of a physical conference can’t be replicated, which may prove challenging. These vary from sharing stories in casual settings like over a meal, to soaking in the buzz generated by thousands of attendees darting around a conference floor. The cyber security firm adopted a different format for its recent virtual Sales Kick-Off, delivering content daily across nine consecutive business days. Sessions ran 60 to 90 minutes, with three of four topics delivered in pieces averaging 20 minutes each. 

There are, however, benefits to hosting virtual events, according to Imperial College Business School’s conference manager, Megan Taylor-Silva. The university recently hosted its fifth annual Imperial Business Conference online, focussing on sustainability, and inviting speakers from Sainsbury’s, Microsoft, Google and BlackRock.

“Gone are the days where bad catering or a gate crasher can ruin your event,” explains Taylor-Silva. “Instead of spending time on choosing the right gluten-free muffin, you’ll have more time to spend on perfecting your event content, building relationships with your speakers, and converting registrants.”

Putting the building blocks in place

Planning is perhaps the most crucial element. One of the biggest mistakes companies can make, explains Virtual Event Company founder and CEO, John Saunders, is not appreciating the difference between planning for a virtual and physical event – with different timescales, disciplines and technologies involved. 

“More often than not, companies have committed to a software they don’t know the full capabilities of, therefore, allowing enough time to plan for your event is critical. During this planning period, it’s critical that the technology and the Wi-Fi strength are tested to avoid poor sound or other issues on the day,” he says. “Speakers should be coached on how to engage with people online and address their audience through a camera. It’s a different skill to physical stage events and practising online before the big event is important to ensure engagement is achieved.”

It’s important to test the systems, run experiments and trial different scenarios. Lining up backup options should things go wrong would also ensure seamless continuity should a worst-case scenario come to fruition. Before the systems are even in place, it’s also key to ensure your organisation uses the right technology. It may, therefore, be useful to look at what your competitors are using, and what your attendees are familiar with, Imperial College Business School’s Taylor-Silva adds. This is in addition to making sure these systems work with the company’s existing platforms.

“Don’t assume that everyone is comfortable with technology,” she elaborates. “Briefing speakers ahead of time and ensuring they know how to use your event platform is incredibly important. Make sure that speakers have a stable internet connection and a good microphone, this could make or break your event.”

Systems and software

From video conferencing to streaming services organisations can adopt a variety of platforms. John Saunders’ Virtual Event Company, for example, recently launched its digital hub for businesses to plan and host digital events, even fitted with Second Life-esque 3D rendering. While buying into flashy platforms might appeal to many, in Saunders’ experience, not fully understanding the technologies being used is a common pitfall.

“As companies navigate this new world by way of new tech solutions, they may choose a platform that doesn’t resonate with their brand or audience, or choose one that doesn’t look professional in the interests of cost,” he tells Cloud Pro. “Taking time to research the best digital solution for your event is key.” 

Database performance platform Percona, for instance, used a variety of simple platforms for its 24-hour virtual event last month, after plans to host Percona Live Austin 2020 fell through. Zoom was used as the main hosting platform to allow organisers to stream directly to attendees, while the event was also live-streamed to YouTube, Twitch and Facebook Live. Workplace collaboration platform Slack was repurposed to serve as a central point of contact for conference-goers.

For Percona’s global events manager, Bronwyn Campbell, the key to success was to keep it simple. “By not over complicating things with fancy broadcasting solutions or too many streaming options,” she explains in a blog post, “it allowed us to make it easier to manage, yet very effective and with a broad reach”.

Catering for the occasion

The experience will differ vastly from that of attending an in-person event, not just in the way that content is consumed, but when. Hosting an event online means you can much more easily cater for audiences from across the world, but this means ensuring your event is as accessible as possible. IT Pro Live, for example, will be broadcast between 1:30pm and 6:30pm BST, which also coincides with the working day in Europe, the Middle East, and most of the Americas. The incorporation of on-demand sessions also means people can access the content as and when it suits them.

Database company Redis Labs hosted its annual RedisConf conference virtually this year, with the company boasting four times the average number of attendees. The company’s CMO, Howard Ting, explains that the experience has given Redis a flavour for what kinds of events work better online, and what might not necessarily translate well to a virtual format. 

“Your event is now more accessible as it’s available to attendees across the globe without the burden of travel,” Ting tells Cloud Pro. “Along with that, your speaker pool just expanded. We also found that virtual events were cheaper overall to run, since you aren’t managing a venue and hotels.”

“We found that attendees appreciated live interview formats that were a little unstructured, like fireside chats. The organic conversations that happened in these interviews drove engagement because they felt more authentic and personal,” he elaborates. “Another tool to maintain interest is to stagger content drops throughout the day or make various elements available at different times – for example, we made training sessions available only on the second day, but dropped them at the previous evening so attendees in India could access them during their morning.”

One of the key challenges, having got your event off the ground, is to sustain interest among conference-goers throughout the programme. After all, it’s much easier to disconnect and switch off than if you’ve booked flights, hotel rooms, and have to physically walk between conference sessions. 

Organisers can boost engagement in several ways, from regular polls to Q&As. One of the key methods Imperial’s Taylor-Silva pitched was to ensure that speakers address the audience throughout the event, and acknowledge their presence. Organisers may also consider appointing a visible event host who guides attendees throughout the day, offering them an element of consistency, while also giving producers a single point of contact to liaise with for time-keeping purposes.

Redis Labs’ Howard Ting, meanwhile, devised an alternative approach, with the company building a gamification system that rewarded engagement. “Those who attended more sessions, asked more questions, and visited more areas in the environment were rewarded. We had small Easter Eggs throughout the conference that added to the depth of the event; for instance, we tied the environment to the attendee’s local time, so if attendees were visiting during their evening the environment transformed to dark mode.”

Minor pitfalls might be unavoidable

Hosting a successful virtual event won’t be easy for any company to pull off, particularly given the variance in structuring, content styles, and even the technologies powering them. It’s also important to bear in mind that the concept will be new to audiences too, so getting things wrong will be forgivable to an extent. 

This is a period of trial-and-error for many, and there will inevitably be things you wish you could’ve done differently after the fact. Percona’s Bronwyn Campbell, for example, says she wishes her event featured shorter talks in some instances, and kept to a single track of events as opposed to a complex multitrack programme, as it runs the risk of audience dropoff, while making things more difficult to manage. Nevertheless, the key for any organisation will lie in rigorous planning, sufficient testing of underlying technologies, and devising ways to keep audiences engaged throughout the duration of the agenda. 

IT Pro Live will take place across five days from 22 to 26 June, featuring an array of panel sessions, Q&As, and roundtables. You can check out the agenda and register for your free ticket now.

​IBM has decided to “sunset” its general-purpose facial recognition and analysis software suite over ethical concerns following a fortnight of Black Lives Matter protests.

Despite putting a lot of efforts into developing its AI-powered tools, the cloud giant will no longer distribute these systems for fear that it could be used for purposes that go against the company’s principles of trust and transparency. 

Specifically, there are concerns the technology could be used for mass surveillance, racial profiling and the violations of basic human rights and freedoms. This is in addition to the company now deploring the use of facial recognition in principle, and by rival vendors, for such purposes.

“We believe now is the time to begin a national dialogue on whether and how facial recognition technology should be employed by domestic law enforcement agencies,” CEO Arvind Krishna outlined in a letter to the US Congress.

“Artificial intelligence is a powerful tool that can help law enforcement keep citizens safe. But vendors and users of Al systems have a shared responsibility to ensure that Al is tested for bias, particularity when used in law enforcement, and that such bias testing is audited and reported.”

The announcement represents a major shift, given the company has previously ploughed considerable money and effort into building out its capabilities, and has occasionally courted controversy in the process.

In March 2019, for example, IBM was called out for using almost a million photos from photo-sharing site Flickr to train its facial recognition algorithms without the consent of the subjects. Those in the pictures weren’t advised the firm was going to use their images to help determine gender, race and other identifiable features, such as hair colour.

Several months before that, the company was found to have been secretly using video footage collected by the New York Police Department (NYPD) to develop software that can identify individuals based on distinguishable characteristics.

IBM had created a system that allowed officers to search for potential criminals based upon tags, including facial features, clothing colour, facial hair, skin colour, age, gender and more. Overall, it could identify more than 16,000 data points, rendering it extremely accurate in recognising faces.

While the general use of facial recognition in law enforcement is not entirely uncommon, it has run into legal blockades, with jurisdictions, such as San Francisco, banning its use altogether, for example.

Police forces in the UK, meanwhile, have been trialling such systems, but the Information Commissioner’s Office (ICO) has effectively neutered these plans after urging branches to assess data protection risks and ensure there’s no bias in the software being used.

In addition to permanently withdrawing its facial recognition technology, IBM has called for a national policy that encourages the use of technology to bring greater transparency and accountability to policing. These may include body cameras and data analytics techniques.

Much in step with IBM until now, a number of other major companies have engaged in developing their own AI-powered facial recognition capabilities which have often also courted controversy. 

AWS has come under fire for building its highly sophisticated Rekognition technology with alleged racial and gender bias. The company’s shareholders overturned an internal revolt over the sale of Rekognition to the police by an overwhelming majority of 97% in May 2019, for example.

The claims were based on MIT research that found it mistakenly identified some pictures of woman as men 31% of the time, which was more prevalent when it was shown pictures of darker-skinned women. This was against an error rate of 1.5% with Microsoft’s software.

​Zoom has defied fears that an explosion in activity and new users would not translate to rising revenues, boasting 169% year-on-year growth in the first quarter of 2020.

The video conferencing platform recorded revenues of $328.2 million for the quarter ending 30 April 2020, driven mainly by acquiring new customers and expanding across existing customers. Zoom previously reported in April that it gained 100 million new users within a three-week period.

The surge in demand for Zoom’s services been almost exclusively fuelled by the coronavirus pandemic, with millions of people around the world desperate to keep in touch with colleagues and loved ones while under lockdown.

Figures from Zoom’s financial results suggest the company has managed to capitalise on this growth in users, with a net income of $27 million, despite offering a solid and reliable service for non-subscribers.

“The COVID-19 crisis has driven higher demand for distributed, face-to-face interactions and collaboration using Zoom,” said founder and CEO Eric Yuan. “Use cases have grown rapidly as people integrated Zoom into their work, learning, and personal lives. 

“I am proud of our Zoom employees who dedicated themselves to support customers and the global community during this crisis. With their tremendous efforts, we were able to provide high-quality video services to new and existing customers.”

The company has also revealed a more detailed breakdown of its customer base, recording 354% year-on-year growth in the number of customers with more than ten employees to 265,400. Meanwhile, 769 customers contributed more than $100,000 in revenue, which is approximately 90% higher than in the same quarter last year.

Zoom has projected that its revenue will be between $495 million and $500 million in the next quarter, with a full fiscal year revenue of between $1.775 billion and $1.8 billion. 

The firm has announced its financial success days after pledging to improve encryption standards for paid users. End-to-end encryption will arrive for subscribers, but not free users, because of Zoom’s intentions to co-operate with law enforcement agencies. 

“Free users for sure we don’t want to give that because we also want to work together with FBI, with local law enforcement in case some people use Zoom for a bad purpose,” Yuan said, according to Bloomberg tech reporter Nico Grant.

Alex Stamos, recently hired by the company as a security consultant, elaborated that while all members will continue to benefit from 256-bit encryption after its recent implementation, end-to-end encryption will be rolled out on an opt-in basis for now. 

“We have to design the system to securely allow hosts to opt-into an E2E meeting and to carefully communicate the current security guarantees to hosts and attendees. We are looking at ways to upgrade to E2E once a meeting has started, but there will be no downgrades,” he explained on Twitter.

“So this creates a difficult balancing act for Zoom, which is trying to both improve the privacy guarantees it can provide while reducing the human impact of the abuse of its product.

“Lots of companies are facing this balancing act, but as a paid enterprise product that has to offer E2EE as an option due to legitimate product needs, Zoom has a slightly different calculus. The current decision by Zoom’s management is to offer E2EE to the business and enterprise tiers and not to the limited, self-service free tier.”

​The BBC has opened the testing phase for its AI-powered voice assistant exclusively with those who routinely test updates to the Windows operating system.

UK members of the Windows Insider Programme can download the virtual assistant by grabbing the ‘Beeb BETA’ app from the Microsoft Store, where they can experiment with features and put the voice assistant through its paces.

These users will need to have installed the Windows 10 May 2020 update, however, which, Microsoft has incidentally warned its users against doing unless it’s shipped to their devices specifically. This is due to the developer identifying a string of issues that could lead to significant errors due to hardware compatibility issues.

The Beeb AI assistant aims to help users in the UK by navigating BBC services and access BBC content. There are no plans to build a device to rival Amazon Echo or Google Home, although Beeb will be built into the BBC website, iPlayer and all smart TVs.

The BBC’s voice team has previously collaborated with Microsoft to build the infrastructure behind Beeb with Azure AI services, as well as working with the industry giant on a number of other projects in the past.

“We’ve built Beeb because we know there is growing demand from people to access programmes and services with their voice – around one in five adults have a smart speaker in their home, and millions more have voice-activated devices in their pockets,” said BBC Design and Engineering’s chief operating officer Grace Boswood. 

“Much like the BBC did with iPlayer, we want to make sure everyone can benefit from this new technology, and bring people exciting new content, programmes and services in a trusted, easy-to-use way.”

The first version of Beeb will allow users to speak to access live TV and radio broadcast as well as programmes on-demand. Developers will add further features in the coming weeks and months, with feedback from Windows Insiders critical to the development path.

Not everything will be working as it should, the BBC added, with developers hoping feedback can shape what this early, stripped-down version will look like in the future when additions are made and compatibility with systems is expanded.

This beta-testing process will precede the rollout of Beeb in beta version to the general public for further testing and experimentation.

A vulnerability in VMware’s Cloud Director platform, used by a host of cloud providers to manage cloud infrastructure, could allow attackers to gain access to sensitive data and seize control of infrastructure.

Rated CVSSV3 8.8, and assigned CVE-2020-3956, the code-injection vulnerability in the cloud service-delivery platform could allow an attacker to gain access to sensitive data and take over the control of private clouds within an enterprise.

Hackers could also exploit the vulnerability to gain control over all customers within the cloud. It also grants access to modify the login section of the entire infrastructure to capture the username and password of another customer, according to Citadelo, an ethical hacking company which discovered the vulnerability.

“In general, cloud infrastructure is considered relatively safe because different security layers are being implemented within its core, such as encryption, isolating of network traffic, or customer segmentations,” said Citadelo CEO Tomas Zatko.

“However, security vulnerabilities can be found in any type of application, including the Cloud providers themself.”

Citadelo was hired this year by a fortune 500 enterprise customer to perform a security audit and investigate their VMware Cloud Director-based cloud infrastructure. 

Using the code injection flaw, researchers with the company were able to view the content of the internal system database, including password hashes of any customers allocated to the information system.

From there, they were able to modify the system database to steal foreign virtual machines (VMs) assigned to different organisations within Cloud Director. The flaw also allowed them to escalate privileges from that of a customer account to a system administrator, with access to all cloud accounts.

Finally, they could read all sensitive data related to customers, like full names, email addresses or IP addresses.

The vulnerability was initially reported to VMware on 1 April, with patches released following towards the end of the month, and during May. Organisations that haven’t yet applied the fixes are still vulnerable.

Those affected include public cloud providers using VMware vCloud Director, private cloud providers using VMware vCloud Director, enterprises using VMware vCloud Director technology, and any government identities using VMware Cloud Director.

​Microsoft has asked Windows 10 users to avoid manually updating to its May 2020 feature update while it investigates ten major issues, despite having only just released it.

The major update to Microsoft’s flagship operating system has finally started to roll out after a two-week delay earlier this month, but Microsoft has identified ten issues severe enough to recommend that users hold off.

The slew of issues includes Windows 10 devices with Realtek drivers being unable to connect to more than one Bluetooth device, and no mouse input with apps and games using GameInput Redistributable.

Some devices using more than one Always On, Always Connected capable network adaptor may encounter errors or unexpected restarts, while enabling variable refresh rate on devices with intel iGPU may not work as expected.

Users may also encounter the infamous blue screen of death (BSOD), meanwhile, on three of the issues. Devices, for example, with certain Conexant or Synaptics audio drivers may encounter such errors during or after these drivers are updated. Errors may also occur when devices using external Thunderbolt docks are plugged in or unplugged. 

Finally, on the BSOD front, there are incompatibility issues with Windows 10 and certain versions of Nvidia display adapter drivers. The fatal error screen may arise if devices are using drivers older than version 358.00.

To safeguard the update experience, Microsoft has held back the May 2020 Update from any devices with hardware or drivers known to suffer from compatibility issues with Windows 10.

More widely, Microsoft recommends users do not attempt to manually update using the ‘update now’ button until the issues have been resolved.

The widely touted May 2020 Update, also known as Windows 10 version 2004, began rolling out automatically, in a phased manner, to users from yesterday. Users, however, are still able to receive the upgrade if they manually check for updates.

Among the new features expected in the biannual upgrade are a faster and easier Bluetooth pairing process with external devices, as well as a mechanism to much more quickly enable a fully-passwordless experience.

When the update is finally deemed ready, users should also except a refined Coronata chatbot experience and smoother synchronicity between smartphones and Windows machines, among other additions.

That Microsoft has encountered several major issues on the release of its latest operating system upgrade should be of little surprise to long-term users who will be familiar with faulty feature upgrades of the past.

The May 2020 Update itself was delayed by two weeks earlier this month after Microsoft discovered a set of bugs that needed to be addressed urgently. This included a zero-day vulnerability relating to the deployment image servicing and management (DISM) tool, used to repair corruption on Windows systems.

The April and October 2018 feature upgrades were so badly received by the community that Microsoft was forced to change the way it delivers its updates, with users now generally waiting longer in light of a new phased approach.

Conventionally, Microsoft would initiate updates automatically once data suggested users would enjoy a safe and frictionless experience. Starting with Windows 10 version 1903, released last year, users are now, instead, simply notified when it’s available to download and install.