In its latest Patch Tuesday security update, Microsoft closed a backdoor left open in Windows RT–Windows 8.x ported to devices with 32-bit ARMv7 processors–computers that allowed developers and hackers to boot non-Microsoft approved operating systems.

A way to bypass Microsoft’s boot mechanism is highly sought because Microsoft is killing the support for Surface RT tablets in 2017 and Windows RT 8.1 in 2018.

It's a familiar pattern for open source projects that have become the property of Oracle. It started with OpenSolaris and continued with OpenOffice.org. And this time, it's happening to Java—more specifically to Java Enterprise Edition (Java EE), the server-side Java technology that is part of hundreds of thousands of Internet and business applications.

Given Oracle's track record with open source projects—more specifically, the trail of dead or forked projects the company has left in its wake—there has been ample reason for concern about Java.

Microsoft officials said late on June 27 that the new update experience -- with clearer "upgrade now, schedule a time, or decline the free offer" -- will start rolling out this week. Microsoft will also revert to making clicking on the Red X at the corner of the Windows 10 update box dismiss the update, rather than initiate it, as it has done for the past several weeks.

Microsoft officials said they are making the change "in response to customer feedback".

Security experts are once again warning enterprises to immediately update - or delete - all instances of the Adobe Flash Player they may have installed on any system in the wake of reports that a zero-day flaw in the web browser plug-in is being targeted by an advanced persistent threat group.

"This is the third month in a row that we are seeing a zero-day in Flash, making it most certainly the most targeted software on your organization's endpoints," Kandek says.

Currently available only for Windows Insiders, the new tool fetches a copy of Windows online and performs a clean installation. The only option is whether or not you want to preserve your personal data. Any other software that's installed will be blown away, including the various applications and utilities that OEMs continue to bundle with their systems.

The jQuery Foundation released yesterday version 3.0 of the jQuery JavaScript framework, the first version that features absolutely no workarounds for old Internet Explorer browsers (IE6-8).

Furthermore, since not all Web projects require AJAX, which takes quite a lot of the jQuery base, the project is now offering a jQuery Slim build without the AJAX and Effects modules.

Microsoft has released a FreeBSD virtual machine (VM) image to the Azure cloud computing marketplace, announced Jason Anderson, a Microsoft Open Source Technology Center principal program manager. FreeBSD is an open-source, Unix-like operating system that has proven popular with major virtual appliance vendors, one of the main reasons Microsoft decided to float is own FreeBSD VM image for Azure, he said.

For a little more than a month, a growing number of users have reported their accounts were accessed by criminals who used their highly privileged position to drain PayPal and bank accounts.

TeamViewer spokesman Axel Schmidt acknowledged to Ars that the number of takeovers was "significant," but it continued to maintain that the compromises are the result of user passwords that were compromised through a cluster of recently exposed megabreaches involving more than 642 million passwords belonging to users of LinkedIn, MySpace, and other services.

A growing number of WordPress websites have been infected by attackers exploiting a vulnerability that remains unpatched in a widely used plugin called WP Mobile Detector, security researchers warned.

The vulnerability can be exploited only when PHP option allow_url_fopen is enabled.

In the past 24 hours, we've seen a spike in complaints from people who say their PCs and servers were taken over via the widely used remote-control tool on their machines. Even users with strong passwords and two-factor authentication enabled on their TeamViewer accounts say they were hit.

Over on Reddit, people were lining up with tales of their systems being compromised via TeamViewer, sparking fears the platform had been hacked. TeamViewer makes remote-control clients for Windows, OS X, Linux, Chrome OS, iOS and Android.