A long-standing Twitter issue allows bad actors to manipulate tweets so that they appear to contain content from one site, but actually, link to a completely different one. This enables creating tweets that look like legitimate articles from well-respected sites but actually link to pages serving phishing, malware, or scams. Whenever you share a new link in a tweet, Twitter will send a bot to the linked web page and check for special meta tags in the HTML source. If these tags exist, Twitter will use the information on the page to create a rich media block called Twitter Cards that is filled with additional text, images, or video. Bad actors, though, can manipulate how Twitter accesses a linked-to page so that the Twitter cards are created from metadata found on another site. Terence Eden discovered that a problem occurs when a page linked in tweet monitors for the Twitter Card Generator's user agent of "Twitterbot/1.0." If the user agent is detected, it will redirect the bot to a different page; otherwise, it will display the normal content. When the Twitter Card Generator is redirected, it will use the metadata on the page it landed on to create the Twitter Card. While the card will look like it came from the redirected site, it will still link to the URL originally posted in the Tweet. As you can see, it is easy to see how this could help malicious actors. Eden found this after noticing a promoted tweet from an account that currently has a low follower count and an even smaller list of followers. The tweet was a cryptocurrency scam about Singapore and while the card showed a story from CNBC, clicking on it led to a completely different website. Looking at the source code of the app, the redirect was revealed. Checking the link with Twitter's Card Validator also shows that the card is redirected to CNBC's website. Learn more by visiting OUR FORUM.

Microsoft officials said last month that they were putting AI algorithms in place that would automatically update those on older variants of Windows 10 to 1903, the May 2019 Update via Windows Update. Today, July 16, is the day when this auto-updating process is kicking off, according to the Windows Update Twitter account.  As of today, Microsoft is starting to initiate the Windows 10 May 2019 Update (1903) for those with devices "that are at or nearing the end of service and have not yet updated their device," Microsoft's documentation says. Microsoft officials said back in May that the company planned to do this starting in June 2019. "Based on a large number of devices running the April 2018 Update, that will reach the end of 18 months of service on November 12, 2019, we are starting the update process now for Home and Pro editions to help ensure adequate time for a smooth update process."  The reason many devices are still on the April 2018 Update is at least in part because the Windows 10 18H2 Update (1809) was a buggy mess.  Microsoft's July 16 note says this process will be staggered, with officials prioritizing those devices "likely to have a good update experience and quickly put safeguards on other devices while we address known issues." Windows 10 Home and Pro users who get the 1903 update pushed to them will still have the ability to pause the update for up to 35 days, Microsoft notes. As my ZDNet colleague Ed Bott noted today, business users who use the Semi-Annual/Semi-Annual Targeted options for updating, Microsoft will begin pushing to some business customers on older versions of Windows 10 the 1903 release next week, Tuesday, July 23, 2019. As is the case with Windows Update, the business updating process will be staggered, with certain devices blocked if Microsoft determines the update experience may go bad. Learn more by visiting OUR FORUM.