Slashdot Mirror
Annoying 'Open PDF In Edge' Default Option Puts Windows 10 Users At Risk (softpedia.com)
An anonymous reader writes from a report via Softpedia: Microsoft fixed today a serious security flaw in the Windows PDF Library, a standard library used by Windows 10 to open and render PDF files, embedded by default in Edge. Exploiting this flaw allows attackers to execute code on the user's machine and take over the device, just by tricking a user into accessing a PDF hosted online via Edge. Since Edge is not only the default browser in Windows 10, but also the default PDF reader, this flaw puts countless of users that have not changed those settings at risk. Even worse, Microsoft has the annoying habit of resetting your personal app preferences once in a blue moon, always reverting Edge as the default browser and the default app to open PDF files.
Well, yeah...
I don't want to use Edge and I want my settings to stick. Why are they obviously purposefully reverting my settings? I go out of my way to change a normal default setting and MS switches it back. Many times this has happened. There's no excuse for this horseshit.
At risk of opening a PDF? Why not automatically open the PDF in protected mode? Surely Edge is advanced enough not to open a PDF with full access permissions to running macros and such?? I mean, Edge can even do WebRTC so at long last Microsoft is catching up to the rest of the world. Surely security considerations can't be far behind. Right? GUYS??
slashdot: A failed experiment.
I use Ubuntu and Windows10 for differing tasks, but I really dislike Edge, and I have since the beginning been using IE11 on Win10. Not that I am disputing it happens but I've not had my defaults reset from what I chose when I 'upgraded' my laptop from Win7 to Win10. In favor of Win10 both the sleep and hibernate function work well now, whereas under Win7 they froze or locked up quite frequently.
errr....umm...*whooosh* *whoosh* Is this thing on ?
Because fuck you, that's why. - S. Nadella
What is up with the Softpedia? Isn't that the website that distributes malware laden software?
...Since Edge is not only the default browser in Windows 10, but also the default PDF reader...
This is so wrong on so many levels.
.
But fundamentally, why, oh, why, is the browser being promoted to being a viewer of non-HTML documents?
Convenience over security still seems to be the rule at Microsoft.
Has Microsoft learned nothing in the past two decades?
And Windows 10 was supposed to be the paradigm of security for Windows....
Yep I am sure it would be much safer people switching to the more preferred and common alternative of Adobe Reader. that never has vulnerabilities.
Case closed.
Easy: it's ALL about money. What you want or need is *completely* irrelevant. Every update, they'll revert the privacy settings to spy on you more, they'll reinstall the metro/whatever apps you uninstalled because you WILL use the appy apps! Then they reset the defaults to those appy apps. All that, because they'll make 30% cut of the appy app sales. Now, be a good consumer and keep using Windows 10! It's been going in that direction steadily for 5 years (since Windows 8) and it'll keep getting worse. MS no longer cares to even pretend they care about what people want or need. Users are there for the milking and that is all.
MS is just doing what it thinks is the, uhm, needful.
--
"It is now safe to switch off your computer."
Windows 10 puts Windows 10 users at risk. Microsoft and the United States government are happy to watch everything you do.
dats rayciss !
im sure ull protest u dindu nuffin !
It could be worse, they could flag your preferred program as incompatible and helpfully uninstall it for you.
And we still can't make a robust computer. But then I have to remind myself that we rode horses and even had the wheel for over ten thousand years before we invented an automobile with fine Corinthian Leather. So, I guess I should be patient.
“He’s not deformed, he’s just drunk!”
Why are they obviously purposefully reverting my settings?
Think of it as early onset of dementia. Microsoft is just becoming a bit forgetful, and left its dentures in the refrigerator again.
“He’s not deformed, he’s just drunk!”
When I'm buying old Win98/2000 books and am finding they mostly do a good enough job of teaching you how to make programs that are just as good if not better than the programs made using the most up-to-date libraries then something's very wrong.
Which I had mod point, certainly, you have nailed it.
Evince has a Windows version, too.
rename the edge executable and watch it fail instead of loading. You have to kill the persistent edge process and open a cmd prompt as administrator to do the deed.
It's entirely ridiculous that I had to go to such lengths, but it worked.
Greetings, Starfighter.
Greetings, Starfighter. You have been recruited by the Star League to defend the frontier against Xur and the Ko-Dan armada.
Microsoft wants you to use Edge and wants their settings to stick. Why are you obviously purposefully reverting their settings? They go out of their way to create a normal default setting and you switch it back. Many times this has happened. There's no excuse for this horseshit.
FTFY.
Or simply* copy chrome's executable overwriting edge's one), no?
(* = PATH changes may be necessary.)
I'm definitely sticking to Windows 7 then.
So Microsoft still continues old ways of Swiss cheese out f box practise. No offence to real Swiss cheese, its actually very good cheese. Considering how massive amount of money Microsoft has and how they could hire best programmers, etc... Im surprised they still keep making same damn mistakes again and again. Almost like design practise is: Lets sell them broken product and then release fix to some issues later...
> MS no longer cares to even pretend they care about what people want or need. Users are there for the milking and that is all.
How is that different from any profit organization?
I've had absolutely zero trouble with settings sticking or Edge being magically reset to the default browser. Installed FF and Foxit on day one and have never had that change.
Nanny knows best!
Damn it man, don't give them ideas.
Because Facebook conditioned people to expect settings to reset randomly. So why wouldn't companies take advantage of that?
Your ad here. Ask me how!
Microsoft has noticed that you keep changing the defaults. They know that you didn't mean to do that and want to get your system back to working the way it is supposed to. I am sure at some time they will remove the capability to change the defaults because, I mean, why would someone do that on purpose?
Moral: Quit trying to change the way Microsofts computer runs and use it the way you are supposed to.
Personally, I have had enough of Microsoft pushing its Chrome OS like system. Everything keeps defaulting back to Microsoft's apps, annoying Notifications about Microsoft apps and services. Do a major update and your personal settings are gone. Get a clue Microsoft, if nobody wants Edge nobody wants it. You cannot just keep making users want it.
Did you disable Windows Update? I've seen Edge reset to default under two conditions:
1. If there's a problem with my default settings, for example when I upgraded Firefox to the 64 bit version and uninstalled the 32 bit version because the two interfered. Not only would it not let me set Firefox as the default any more using the Windows 10 interface (the old Windows 7 defaults window, which is still available but hidden, worked) but it reset everything to Edge until I found the latter workaround.
2. Whenever a "Big" update occurs, such as the Fall Update and Anniversary Updates.
The first is completely understandable (minus the not being allowed to select Firefox using the Windows 10 UI). The second... not so much.
You are not alone. This is not normal. None of this is normal.
Edge is a browser? LOL Worst browser I've ever tried to use. There are too many issues to even begin to list here. I believe Edge is a joke which was put in Windows 10 to gain market share for Internet Explorer (See we told you IE was good). Last week I ran into an Edge session, minimized on a client's desktop, one page open, like MSN or something. The "Browser" consumed 12GB of system RAM, slowing the entire system to a crawl. Process was killed with Process Explorer and 12GB of system ram was released and the system operation went back to normal. Customer is now completely sold on using this new "Edge" browser... NOT.
"Annoying 'Open PDF In Edge' Default Option Puts Windows 10 Users At Risk "
Only for the few Windows 10 users who use Edge.
You have two types of Windows 10 users... those who use Chrome, and those who still want to use IE.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
They already do that, along with "helpfully" installing the "equivalent" Microsoft program, "that works so much better"
Yep.
Happened occasionally in Win 8/8.1 too, but it's real bad in Win 10. Windows Update is broken out of the box on Win 7 SP1 too, with the giant list of updates for the OS. I use 'WSUS offline' to patch brand new, legit installs of Win 7 SP1 now.
MS is quickly burning through the last bit of the goodwill they had with customers.
Like Chrome does whenever it updates?
What is the best PDF display choice for Windows 10?
I'll admit to using Edge just out of sheer laziness on a fairly new Win 10 laptop just to avoid Acrobat Reader. From file explorer, I usually point them to Chrome.
It seemed like for years Reader was a big security problem. The last time I looked at third party PDF display software, it was a maze of spyware and nagware with no obvious great replacement.
Of course there is. You don't know what's better for you. Microsoft does, so they set up the best tools for you. Imagine you keep using non-microsoft products to the point of not needing Windows anymore. That would be very bad. Fortunately, Microsoft, who is in control of your computer (and not you) can prevent that.
How is that different from any profit organization?
Many for profit companies realize that constantly screwing your customers is bad business. The bad will that comes can have long term effects on profits. Publicly traded companies tend to maximize short term profits at the cost of long term profits and so often abuse customers, employees and other businesses. That are a number of privately held profit companies that are not like this, but sadly they are rare these days.
First
childish and unnecessary
Force your shit OS down everyone's throat
Claim the spying and pnwage of people's computer is 'for their own protection'
Claim forcing updates on everyone is 'for their own protection'
Still manage to get pwned by hackers
Microsoft, you fucking fail IN SO MANY WAYS that I can't even begin to count them. You didn't 'improve' anything. You didn't 'secure' anything. You're not 'protecting' users. You just forced your gods-be-damned piece of shit OS on everyone like a gods-be-damned date-rapist, and didn't even bother using a gods-be-damned CONDOM when you did the dirty deed. FUCK THE HELL OFF, MICROSOFT!
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
Moral: Quit trying to change the way Microsofts computer runs and use it the way you are supposed to.
Ah, rebooting into Ubuntu.
If you're not using Linux or a similarly rights-respecting OS then you're literally one of the reasons this is happening.
Fools stay in an abusive relationship and complain about it.
If you actually try to install a third party app to handle PDF's, (tested with sumatrapdf), windows 10 will intercept the file association change and revert it because it sees it as a hacking attempt. You must change it manually by going to the Default Programs option.
Open Source Java Web Forum with LDAP authentication
Foxit Reader.
It can be configured to NEVER use a browser to open PDF's from the web, and it will default to a read-only document when opened.
It is small, it is fast, it works on all Windows versions, and it does not require an internet connection to use (will need to download) and will not update itself unless you configure it.
On my Win10 laptop, Foxit Reader does not send data out, unless I have automatic updates on.
I have not disabled Windows Update and I have installed the Anniversary Update without any change.
Now, setting new defaults through the Windows 10 interface is difficult, and, yes, you must use the Windows 7 interface to do so. That is pretty shitty. I went through it the other day to change defaults and noticed you couldn't pick an executable, only from their preset list of apps through the Windows 10 setup control.
cry moar faggot
How much do you want to bet there a person at Microsoft whose compensation/performance-reviews are tied to Edge-usage metrics, and that that person is somehow involved...
He isn't. Microsoft already has papers written up with that idea in mind.
Does Microsoft ever learn anything from their mistakes?
I use windows 10 and have an Adobe software package for creating/viewing. Never ONCE have my windows settings magically changed back to default.
They already did it with the Windows 10 Anniversary update, which helpfully uninstalls Classic Shell so they pump ads at through that abomination of visual vomit that replaced the Start Menu.
You are in a maze of twisty little passages, all alike.
The best way to solve this problem is to change default PDF viewer setting & open PDF in any supported viewer like Microsoft Edge, Adobe Reader & Adobe DC. Follow the step in the blog of PDF file not opening in Microsoft Edge. To change default PDF viewer setting.