Microsoft is releasing Windows 10 Insider Preview Build 18894 (from the 20H1 branch) to Windows Insiders in the Fast ring. There are a number of improvements, bug fixes, and performance enhancements coming with today’s preview build. However, there is also quite a long list of known issues so make sure to pay attention to those before installing the latest Windows 10 2020 Preview Build. We’ve heard your feedback asking for increased consistency, and to make it easier to find your files. Over the next few days, we’ll be starting to roll out a new File Explorer search experience – now powered by Windows Search. This change will help integrate your OneDrive content online with the traditional indexed results. This rollout will start with a small percentage, and then we’ll increase the rollout to more Insiders as we validate the quality of the experience. What does that mean for you? Once you have the new experience, as you type in File Explorer’s search box, you’ll now see a dropdown populated with suggested files at your fingertips that you can pick from. These improved results can be launched directly by clicking the entry in the new suggestions box, or if you want to open the file location, just right-click the entry and there’ll be an option to do so. If you need to use commands or dig deeper into non-indexed locations, you can still press enter and populate the view with the traditional search results. For more visit OUR FORUM.

Security researchers brought to life and released a wicked variant of Clippy, the recently resurfaced assistant in Microsoft Office that we all loved so much to hate, that makes it more difficult to detect a malicious macro in documents. Dubbed Evil Clippy, the tool modifies Office documents at file format level to spew out malicious versions that get by the static analysis of antivirus engines and even utilities for manual inspection of macro scripts. To do this, it takes advantage of undocumented features, unclear specifications, and deviations from intended implementations. Macros are snippets of VBA (Visual Basic for Applications) code that automate tasks in Microsoft Office applications. They are constantly used to deliver malware when the user opens a document. Researchers at Dutch security testing company Outflank developed Evil Clippy for professionals running red team attacks against a client organization. The tool runs on Windows, macOS, and Linux. The tool can be used with documents formats for Microsoft Office 97 - 2003 (.DOC and .XLS), and  2007 and above (.DOCM and .XLSM, which are basically ZIP containers and come with macros enabled). All these file types use the Compound File Binary Format (CFBF) and Outflank's program modifies it using the OpenMCDF library. One technique Evil Clippy uses to generate a maldoc is "VBA stomping," a method detailed by Walmart's security team, by which the original code of the VBA script can be replaced by a compiled version for the VBA engine called pseudo-code, or p-code in short. Infosec expert Vesselin Bontchev detailed publicly that VBA scripts can execute at runtime in three forms, with p-code being the most popular. We more posted on OUR FORUM.