Why it matters: Microsoft has issued guidance for fixing a serious Secure Boot vulnerability that affects all Windows systems and is actively being exploited in the wild. Normally, this kind of issue would be patched via monthly servicing updates but the Redmond company has chosen a phased approach to reduce the risk of you or your organization ending up with devices that won't boot. The fix will require some manual steps for now, but will be applied automatically on all supported Windows systems starting next year.
Facepalm: Google has finally implemented a cloud backup option for one-time access codes (OTP) stored in its Authenticator mobile app. The feature can provide users with additional convenience and confidence, but right now it lacks a critical security protection as those backups aren't encrypted.