The Register

Biting the hand that feeds IT — Enterprise Technology News and Analysis

Microsoft cancels Patch Tuesday for some Dell users over surprise shutdowns, overheating devices

Patch Tuesday was followed by Oopsie Wednesday for some Dell customers, with Microsoft slamming on the update brakes after the hardware maker reported some problems. Yesterday was Microsoft's monthly security update for Windows. This month was, by all accounts, a bit of a doozy with a record-breaking number of CVEs patched, some of which were classed as critical and under active exploitation. Better get patching then? Well, er, no. Not if you're using a Dell device affected by issues associated with the update. Microsoft admitted it affected "some Dell devices with Intel processors," but stopped short of providing a full list. The Register asked the Windows giant and Dell which models had been hit, but both have yet to respond. Microsoft confirmed on its update page: "This update might not be available for a limited number of Dell devices with Intel processors due to an incompatibility reported by Dell that can potentially cause unexpected shutdowns, poor performance, increased heat, and battery drain." And the fix? "We are working together with Dell to prevent the affected models from experiencing the issue and plan to release a resolution for affected devices in the coming days." While the pair works on a solution, the update is "temporarily unavailable." Thanks to the sheer number of CVEs in the update, the delay is unfortunate, doubly so when considering that only a week ago, Microsoft was fiercely advocating for users to get patches installed as soon as possible due to the speed at which AI systems can detect and exploit vulnerabilities. In this instance, Microsoft has acted quickly to halt the update for affected devices. However, the fact that it got this far and can cause surprise shutdowns, overheating, and performance problems does not speak well of the company's validation and quality procedures. Dell is hardly a bit player in the hardware ecosystem. Somewhere, deep in the heart of Microsoft's Redmond campus, a sad-faced engineer is likely resetting the "Days since we broke something" counter and thinking fondly of the days when the number reached double or triple figures. ®

MPs fear Treasury cold feet could sink Whitehall's £1.15B shared services push

The UK Treasury's reluctance to fully commit to a cross-government £1.15 billion shared service strategy it has funded risks making the whole effort "potentially unworkable," the Public Accounts Committee (PAC) has warned. HM Treasury's (HMT) decision in June to delay joining Matrix - one of five clusters the government hopes will save £4.3 billion by moving 17 departments and 300 arm's-length bodies onto shared ERP and HR systems - sends "a very poor reputational signal to the rest of the project," the House of Commons spending watchdog said. Under Matrix, the UK administration plans to support the Department for Science, Innovation and Technology, Cabinet Office, Department for Energy Security and Net Zero, Department for Culture, Media and Sport, Department for Business and Trade, Attorney General's Office, Department for Education (DfE), Department of Health and Social Care, as well as HMT - with Workday cloud-based finance and HR software. In a letter to Parliament's PAC last month, HMT confirmed it would not commit to whether it was prepared to move off its existing Oracle Fusion SaaS finance and HR system until December, despite funding the program for five years. The PAC has now slammed HMT's decision. "The ambition for shared services rests upon different parts of government acting collaboratively. The Cabinet Office considers joining shared services to be compulsory. However, HM Treasury is failing to lead by example, providing funds for the strategy and expecting others to sign up, while it remains unconvinced by the likely benefits and unwilling to do so itself," the report published on Wednesday says. "The Cabinet Office must urgently revisit all aspects of its strategy in light of these significant problems and provide assurance that proceeding with shared services will not prove a costly failure. If they are unable to provide such assurance, serious consideration should be given to abandoning the project before even more public money is potentially wasted." According to MPs, the Cabinet Office believed HMT and the DfE had "unconditionally bought into joining shared services at the outset," and maintained that their "participation in shared services is not optional." "HM Treasury now claims that it has the right to unilaterally decide whether to proceed with joining its assigned shared services cluster or not, subject to its Accounting Officer's assessment of further information from the Matrix cluster. Clusters' delivery has been delayed by the Cabinet Office's ineffective management of interdependencies with other government digital programmes," the report adds. The report points out that the DfE's formal commitment would depend on more detail about the project's feasibility and value for money. "These actions, by two major government departments, send a very poor reputational signal to the rest of the project," the PAC said. "For a strategy whose ambition rests on government acting as 'One Civil Service,' a case-by-case approach sets a very dangerous precedent, rendering the strategy optional and therefore potentially unworkable," the report adds. The Register has asked HMT to comment. The PAC called for confirmation of HMT's and the Department for Education's positions on onboarding to Matrix, including the rationale behind this. HMT has committed at least £1.15 billion to the Shared Services Strategy for government, which was launched in March 2021. Since then, the Cabinet Office, the Prime Minister's engine of government, has said it would produce £4.3 billion in benefits "calculated from a mixture of its dashboard and clusters' full business cases" over a 15-year period, according to the PAC. However, benefits for the Matrix cluster are dependent on HMT and the DfE joining. The Cabinet Office gave cost figures ranging from the £846 million spending review figure to "around £1.6 billion," the select committee said. The Shared Services Strategy is set to affect around 470,000 civil servants. The clusters had planned to onboard departmental users to their platforms between July 2026 and March 2029, although the kick-off has been delayed until December this year. "We are concerned that the Shared Services Strategy will fail," the PAC letter states. "The Cabinet Office cannot give assurances that it will overcome critical challenges. Overly complicated governance, no clear ownership, inconsistent departmental buy-in, delays in readying data, and poor interdependency management risk another failed major government initiative." ®

LegacyHive: 'Bone-shattering' zero-day from Microsoft's serial tormentor not the haymaker that was promised

Microsoft’s worst nightmare - a prolific zero-day vulnerability hunter who calls themselves Nightmare Eclipse - published yet another zero-day on Tuesday, a vulnerability allowing attackers to mount user hives, including partial exploit code. Suspected of being a disgruntled former Microsoft engineer, based on the sophistication of their prior vulnerabilities, NightmareEclipse came good on their promise to release another zero-day on July 14. Whether it lives up to the promised “bone-shattering” standard touted in June is up for debate, however. Called “LegacyHive,” the proof of concept (PoC) code for the zero-day local privilege escalation (LPE) vulnerability targets Windows’ user hives - the section of the Windows Registry that stores a user's specific desktop settings, application preferences, and environment configurations. The code exploits a weakness in profsvc, the Windows User Profile Service, and the way in which it loads hives. If exploited correctly it could grant regular users privileged read-write access to target other users' hives. Matei Badanoiu, lead security researcher at Pentest-Tools.com, said that while the exploit could prove useful for attackers who had already gained a foothold in a target environment, it falls short of providing a fuller system compromise. “What caught my attention is the difference between what the public proof of concept actually demonstrates and what a full compromise would require,” he told The Register. “LegacyHive is a local privilege escalation in the Windows User Profile Service. It abuses arbitrary registry hive loading, so a standard user can mount another user’s hive, including an administrator’s, into their own classes root. “For an attacker who already has a foothold, that is a genuinely useful primitive. Bundling it with credential access and persistence into ‘full compromise’ is more of an ambition than the released code.” The LegacyHive publication differs from some of NightmareEclipse’s earlier drops in that the PoC code is stripped back in an effort to prevent widespread exploitation. According to the bug hunter, there is more than one way of exploiting the profsvc flaw. The public PoC requires additional user credentials for it to work, and is limited to the usrclass.dat hive. NightmareEclipse said the original PoC, which differs from the one they published, does not require additional user credentials to exploit the bug, and it works beyond the usrclass.dat hive, “but you would need some brain cells to make the PoC do it.” This represents a divergence from NightmareEclipse’s previous approaches. As Badanoiu pointed out to us, some of NightmareEclipse’s earlier drops, such as BlueHammer and RedSun, went from PoC to widespread exploitation within days. LegacyHive, however, comes without a fully working PoC and a CVE identifier. Regardless, security experts told The Register that cyber practitioners should respond promptly since capable attackers could probably build a reliable exploit, despite the gaps left in the PoC by NightmareEclipse. “Threat intelligence teams are advised to act with some urgency here,” said Dray Agha, senior manager of security operations at Huntress. “Huntress observed NightmareEclipse's prior LPE and defence evasion tools rapidly deployed threat actors and ransomware groups shortly after publication. “Given this history, we’d expect that capable actors will reverse-engineer the missing components of the LegacyHive PoC to build fully weaponized versions in short order.” The timing NightmareEclipse may have changed their approach to releasing full working PoCs to the public, perhaps a reflection of Microsoft’s suggestion of preparing legal action against the bug hunter, but the nuisance timing of the vulnerability disclosures remains. They dropped the details for LegacyHive shortly after Microsoft released its monthly Patch Tuesday updates, which contained an unprecedented 622 fixes. Agha said timing the disclosure in this way maximizes the exposure window before a patch can be developed, causing more trouble for Microsoft. The Register asked the Windows-maker about LegacyHive and whether it was planning to release a fix before August’s patches, but it did not immediately respond. NightmareEclipse claims their latest zero-day works against Windows machines that are fully patched according to July’s fixes. Microsoft previously issued a quiet remedy for one of NightmareEclipse’s earlier zero-days, RoguePlanet, last week, although the company did not go into any details about what the mitigation entailed. ®

Honderd jaar geleden vertrok Willem de Kooning naar de VS en werd er wereldberoemd. Zou dat nu ook nog kunnen?

Het Fenix in Rotterdam viert zaterdag dat Willem de Kooning 100 jaar geleden naar New York vertrok en daar de succesvolste Rotterdammer in de Amerikaanse kunstwereld ooit werd. Maar zou zijn succes in de huidige VS nog mogelijk zijn?

Het gevaar van techreuzen die zich als een politieke macht gedragen

Overheden komen maar langzaam in opstand tegen techbedrijven die hun AI presenteren als een ‘natuurkracht’ waaraan de politiek zich moet aanpassen, ziet Mees van Rees. Hij waarschuwt dat deze bedrijven staan voor een ondemocratische orde, waarin technologische veranderingen bepalen hoe de samenleving wordt ingericht.

Van deze archeologische toplocatie in Palestijns gebied willen Israëlische kolonisten een nationalistisch themapark maken

Voor de Palestijnse inwoners van Sebastia op de bezette Westelijke Jordaanoever zijn de archeologische opgravingen bij hun dorp „onderdeel van het dagelijks leven”. De Israëlische regering en kolonisten willen het gebied innemen en uitbouwen tot themapark. „Mijn familie zal al haar olijfbomen en abrikozenbomen verliezen.”

Door de hitte sterven al drie weken lang meer mensen dan verwacht

De laatste hittegolf heeft in Nederland drie weken lang gezorgd voor een onverwacht hoge sterfte. Ernstige hitte veroorzaakt snel voor een piek in de oversterfte, anders dan kou. De regionale verschillen zijn binnen Europa wel groot, leert onderzoek.

Nog veel onzekerheid rondom halftime show WK: overtreedt de FIFA de eigen voetbalregels?

Voor het eerst in de geschiedenis van het WK voetbal zal er tijdens de finale een halftime show plaatsvinden.

MetaFilter

The past 24 hours of MetaFilter

Inside America's Shoplifting Lab

Self-checkout has been a disaster, a massive hole in the boat, totally self-inflicted. (slSlate)

Beta Pictoris System (NIRSpec IFU Image Annotated)

James Webb Space Telescope posted a photo:

Beta Pictoris System (NIRSpec IFU Image Annotated)

The newly discovered third planet orbiting Beta Pictoris, Beta Pictoris d, appears in reconstructed imagery from NASA’s James Webb Space Telescope’s NIRSpec (Near-Infrared Spectrograph). NIRSpec’s Integral Field Unit (IFU) was used to map chemical contents of the Beta Pictoris system. This allowed researchers to confirm the bright point of light, as seen in the image, was actually a planet by detecting its chemical composition.

Modeling suggests its orbit is comparable to the region occupied by Neptune in our own solar system.

Read more: science.nasa.gov/missions/webb/nasas-webb-discovers-hidde...

Image: NASA, ESA, CSA, STScI; Science: Aidan Gibbs (UC San Diego), Jean-Baptiste Ruffio (UC San Diego); Image Processing: Alyssa Pagan (STScI)

Image Description: An image of the Beta Pictoris system, with two exoplanets shown. The view is black. At the center of the image, there is a white star symbol, which represents light blocked from the host star. Immediately to the left of the star symbol, there is a bright orange-whitish smudge, labeled b. To the right of the star symbol, further away, is a blurry orange smudge labeled d. There is a blue dashed circle around the entire system, labeled “size of Neptune’s orbit.”

Beta Pictoris System (NIRSpec IFU Image and Spectrum)

James Webb Space Telescope posted a photo:

Beta Pictoris System (NIRSpec IFU Image and Spectrum)

Researchers used the NIRSpec (Near-Infrared Spectrograph) Integral Field Unit on NASA’s James Webb Space Telescope to map chemical contents of the Beta Pictoris system. As a result, they discovered a third planet, Beta Pictoris d, orbiting the young star.

Instead of identifying the planet as a bright point of light, as seen in the reconstructed image, researchers searched the spectroscopic data for the molecular signatures expected from a giant planet atmosphere, allowing the object to stand out from the surrounding debris disk.

The extracted NIRSpec and MIRI (Mid-Infrared Instrument) spectra of Beta Pictoris d display a distinctive series of carbon monoxide (CO) absorption lines. This molecular “fingerprint” identified the object as a giant planet, while measurements of the Doppler shift of the spectral lines provided the planet’s radial velocity, confirming it is gravitationally bound to the Beta Pictoris system.

Read more: science.nasa.gov/missions/webb/nasas-webb-discovers-hidde...

Credit: Image: NASA, ESA, CSA, STScI, Leah Hustak (STScI); Science: Aidan Gibbs (UC San Diego), Jean-Baptiste Ruffio (UC San Diego), Alexis Bidot (STScI); Image Processing: Alyssa Pagan (STScI

Image Description: Infographic titled “Gas Giant Exoplanet Beta Pictoris d; Atmospheric Composition.” The image at the left shows two exoplanets of the Beta Pictoris system. At the center, there is a white star symbol, which represents light blocked from the host star. Immediately to the left of the star symbol, there is a bright orange-whitesh smudge, labeled b. To the right of the star symbol is a blurry orange smudge labeled d. There is a white circle around this smudge with lines drawn to the spectrum at the right. The x-axis is labeled “Wavelength of Light” and extends from 4.2 to 5.2 microns. The y-axis is labeled “Brightness.” An up arrow is labeled “brighter,” a down arrow “dimmer.” There are two jagged horizontal lines across the graph. One is white, then other is maroon (the former labeled “Webb data”, the latter labeled “Best fit model” in the bottom left corner). A blue vertical column spanning from about 4.3 microns to 5 microns is labeled Carbon Monoxide, CO.

Bird’s-eye view of wind-blown dunes in Mars’s Kaiser Crater

europeanspaceagency posted a photo:

Bird’s-eye view of wind-blown dunes in Mars’s Kaiser Crater

This view was generated from the digital terrain model and the nadir and colour channels of the High Resolution Stereo Camera on ESA’s Mars Express. It shows wind-blown sand dunes in Mars’s Kaiser Crater.

Read more

Credits: ESA/DLR/FU Berlin; CC BY-SA 3.0 IGO

The floor of Mars’s Kaiser Crater from above

europeanspaceagency posted a photo:

The floor of Mars’s Kaiser Crater from above

This view was generated from the digital terrain model and the nadir and colour channels of the High Resolution Stereo Camera on ESA’s Mars Express. It shows wind-blown sand dunes lying on the floor of Mars’s Kaiser Crater.

Read more

Credits: ESA/DLR/FU Berlin; CC BY-SA 3.0 IGO

Mars Express spies metallic waves in Mars’s ancient highlands

europeanspaceagency posted a photo:

Mars Express spies metallic waves in Mars’s ancient highlands

This image from ESA’s Mars Express shows part of Kaiser Crater and its surroundings in Noachis Terra, one of the oldest parts of Mars.

We’ve added labels to highlight features and regions of note. Be sure to click on these labels to explore the landscape in detail!

This image comprises data gathered by Mars Express’s High Resolution Stereo Camera (HRSC) on 5 October 2025 (orbit 27461). It was created using data from the nadir channel, the field of view aligned perpendicular to the surface of Mars, and the colour channels of the HRSC. North is to the right. The ground resolution of the original image is approximately 17 m/pixel and the image is centred at about 48°S/19°E.

Read more

Credits: ESA/DLR/FU Berlin; CC BY-SA 3.0 IGO

Bird’s-eye view of craters in Noachis Terra

europeanspaceagency posted a photo:

Bird’s-eye view of craters in Noachis Terra

This view was generated from the digital terrain model and the nadir and colour channels of the High Resolution Stereo Camera on ESA’s Mars Express. It shows two smaller craters lying near to the large Kaiser Crater in Mars’s ancient southern highlands (Noachis Terra).

Read more

Credits: ESA/DLR/FU Berlin; CC BY-SA 3.0 IGO

Mars’s Kaiser Crater in 3D

europeanspaceagency posted a photo:

Mars’s Kaiser Crater in 3D

This stereoscopic image shows part of the huge Kaiser Crater’s floor (right), a smaller neighbouring crater (left), and their surroundings on Mars. It was generated from data captured by the High Resolution Stereo Camera on ESA’s Mars Express orbiter on 5 October 2025 (orbit 27461). The anaglyph offers a three-dimensional view when viewed using red-green or red-blue glasses.

Read more

Credits: ESA/DLR/FU Berlin; CC BY-SA 3.0 IGO

Found Slide

Thomas Hawk posted a photo:

Found Slide

date stamped on slide January 1974

Found Photo

Thomas Hawk posted a photo:

Found Photo

Hoe is het nu met de man ('Thomas Bakker, 49') achter AI-account Mieke Lieke?

laat het stoppen

En misschien wel de grootste misdaad tegen de esthetische zeden sinds De Volkskrant "De oorlog tegen woke is opperdepop, dus is die vervangen door een oorlog tegen feminisme" afdrukte. Afijn, Twitter-account Mieke Lieke dus. """RECHTSE FILOSOFIE""" door een vrouw (m) wier afbeeldingen geheel en volledig door AI gegenereerd zijn. En zelfs gods sterkste soldaten (Paul Cliteur) vielen ervoor. 

Maar dit weekend was er het bovenstaande grote nieuws. Ze (m) opende een OnlyFans light, want ze (m) "wil nog normale gesprekken op verjaardagen kunnen hebben. Dus het is Patreon geworden." Maar, wel een met een heel ondeugende knipoog mannen! ! ! Voor 9,95 per maand "Toegang tot lezingen en teksten" en voor 29,95 per maand "Toegang tot erotische beelden". Niet alleen de foto's, maar ook de teksten zijn overigens voornamelijk AI-werk, zo valt onderaan de Patreon-beschrijving te lezen: "De teksten, afbeeldingen en andere content op dit profiel zijn gegenereerd met behulp van kunstmatige intelligentie."

Dat maakt de boomers natuurlijk niet uit, want het stroomt binnen.

Maar goed, de sterke man achter de vrouw dan. Als je op Twitter zoekt op "@thomasbakker77", dan kom je dus uit bij tweets van Mieke Lieke. En dat betekent dat account @thomasbakker77 na 28 mei door de beheerder veranderd is in @miekelieke. Natuurlijk weten we niet of 'Thomas Bakker' de echte naam van de beheerder is, en ook niet of '77' staat voor geboortejaar 1977, waardoor hij nu 48 of 49 jaar oud zou zijn. Maar zeer goed mogelijk is het allemaal wel.

Accountnaam @thomasbakker77 veranderde in @miekelieke

Boomers gebeuren er

Social

Lekker gewerkt professor

Social

Break the Cycle

Darren Schiller has added a photo to the pool:

Break the Cycle

Young Street, Parkside, South Australia