Microsoft Launches PowerToys for MS Windows 10 & 11 Users

“The software giant has said it will introduce the “paste as plain text” option to Windows 10 and Windows 11 apps with PowerToys, empowering users by providing them with a much smoother experience when copying information over.”

Microsoft is all set to give a major sigh of relief to some Windows users as there is a major copy-and-paste shake-up on the way.

The software giant has said it will introduce the “paste as plain text” option to Windows 10 and Windows 11 apps with PowerToys, empowering users by providing them with a much smoother experience when copying information over. 

Also Read, Low Breastfeeding Rates Found in Infants Born to COVID-19 Affected Mothers: Health Study

Earlier, PowerToys users had little difficulties as there was no full paste function, which would allow users to simply copy text as it is, without keeping any formatting such as color, size, or other differences.

PowerToys Copy and Paste

The news was rolled out in a GitHub post, where PowerToys copy and paste developers mentioned how the feature, triggered by the familiar Ctrl+Win+V key presses, will active in any app where PowerToys works. 

Developers of PowerToys copy and paste, stated, “This is heavily based on the work done for the “Text Extractor” module then ripping out anything that may unnecessary. The same KeyboardMonitor implement and use. The interesting logic really falls inside the KeyboardMonitor as that is where the clipboard opens/reads/modifies, then a ctrl+v input sequence injects.”

Till now there is no update on when the Paste as Plain Text tool will commence, but as many PowerToys users have requested it, the release will do soon.

PowerToys is an open-source i.e. open-for-all, suite of tools for MS Windows 11 and 10 users, created to help bypass some peculiar settings and perform actions that are still unavailable in the default version. PowerToys also has a wider range of customization options.

How does CISA warn orgs to patch actively exploited Windows LPE bug?

The Cybersecurity and Infrastructure Security Agency (CISA) has added ten new security bugs to its list of actively exploited vulnerabilities, including a high severity local privilege escalation bug in the Windows Common Log File System Driver.

 

CISA and New Security Bugs

 

This high severity security flaw (tracked as CVE-2022-24521) was reported by CrowdStrike and the US National Security Agency (NSA), and it got patched by Microsoft during this month’s Patch Tuesday. According to a binding operational directive (BOD 22-01) issued in November, all Federal Civilian Executive Branch Agencies (FCEB) agencies must secure their systems against this security flaw after being added to CISA’s catalog of Known Exploited Vulnerabilities (KEV).

CISA has given them three weeks, until May 2nd, to patch the CVE-2022-24521 vulnerability flaw and block ongoing exploitation attempts. Although the BOD 22-01 directive only applies to US federal agencies, CISA also strongly urges all US organizations to patch this actively exploited security bug to block attempts to escalate privileges on their Windows systems. The US cybersecurity agency added nine more vulnerabilities to its catalog today, abused in ongoing attacks.

 

Encouraging Critical security actions

 

Currently, CISA also encouraged admins to install security updates that address a critical pre-auth remote code execution vulnerability (with a 9.8/10 severity rating) in the Microsoft Remote Procedure Call (RPC) Runtime Library, also patched this week as part of the April 2022 Patch Tuesday. CISA also ordered federal civilian agencies to patch an actively exploited security bug (CVE-2022-23176) in WatchGuard Firebox and XTM firewall appliances.

The Sandworm Russian-backed hacking group previously abused this bug to build a botnet dubbed Cyclops Blink out of compromised WatchGuard Small Office/Home Office (SOHO) network devices. Later, the US government disrupted the Cyclops Blink botnet by removing the malware from command-and-control servers before being weaponized and used in attacks.

“These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise,” the US cybersecurity agency explains. After issuing the BOD 22-01 binding directive, CISA has added hundreds of security vulnerabilities to its list of actively exploited flaws, ordering US federal agencies to patch them as soon as possible to block security breaches.

 

Also Read: With a ban on Netflix Password Sharing, you won’t be able to share accounts with peers