Software

Form-Jacking Attacks Hit High Profile Companies

Posted on by Andy Miller

Research by Security Company Symantec has revealed that high profile companies such as BA and Ticketmaster are among the many thousands of businesses whose websites are being targeted with “form-jacking” attacks every month.

What Is Form-Jacking?

Form-jacking involves inserting a small amount of malicious JavaScript code into the checkout web pages of e-commerce sites, thereby allowing attackers to monitor payment card information being entered and to then syphon that information off.

When a user hits the submit button on a checkout page that contains the malicious code, the user’s payment and personal details are sent to an attacker’s servers where the attacker can use this information to perform payment card fraud or sell these details on to other criminals on the dark web.

Pages that have been compromised in this way aren’t easy to spot, and to the naked eye, the checkout process looks normal.

How Big Is The Problem?

Symantec claims to have stopped more than 3.7 million form-jacking attacks in 2017, and between August and September 2018, the company says that it blocked 248,000 attempts at form-jacking.  The fact that 36% of these blocks took place from September 13th to September 20th was an indicator that form-jacking attempts were escalating towards the end of last year.

Symantec reports that 4,800 websites are being hit by form-jacking attacks every month.

Examples

High profile examples of victims of form-jacking given by Symantec include British Airways and Ticketmaster who were both targeted by the ‘Magecart’ hacking group.

The attack on British Airways saw the Magecart attackers set up a spoof web domain designed to look like those of the legitimate company, and even purchase paid SSL certificates from Comodo to make it look more legitimate. Magecart was present on British Airway’s website from August 21 to September 5, and the 22 lines of digital skimming JavaScript code that it took to operate the form-jacking attack affected 380,000 transactions.  In the BA attack, the vital customer data was skimmed and stolen in a fraction of a second between the time the customer put the mouse over the submit button and before the data had a chance to reach BA’s servers as the customer clicked on the button.

In the case of Ticketmaster attack, which took place in June, attackers first compromised a chatbot from tech firm Inbenta that was used for customer support on Ticketmaster websites.  This chatbot then provided the way in for the Magecart attackers which enabled them to alter the JavaScript code on Ticketmaster’s websites so that payment card data from customers could be captured and sent to their servers.  It is thought that the form-jacking code remained undetected on Ticketmaster’s website from September 2017 to June 2018.

What Does This Mean For Your Business?

Cybercriminals have found that better back-up practices by businesses and home users have made attacks like ransomware less likely to pay, so may have moved into form-jacking. The fact that it only requires the insertion of a relatively small amount of JavaScript and that it can be very difficult to detect make it an attractive new way to get paid for many criminals.

Companies can use network-based and file-based protection against form-jacking, and ways to stop attackers getting in to inject the code include using firewalls to block all incoming connections from the internet to services that should not be publicly available, enforcing a (complex) password policy, turning off file sharing if not needed, turning off and removing unnecessary services, keeping patching up to date, and configuring email servers to block or remove emails that contains file attachments that are commonly used to spread threats e.g. .vbs, .bat, .exe, .pif and .scr files.

Also, companies should guard against software supply chain attacks by testing new updates, even seemingly legitimate ones, in small test/sandbox environments, and by monitoring the behaviour of all activity on a system to help identify any unwanted patterns.

Crypto-Mining Apps Discovered in Microsoft Store

Posted on by Andy Miller

Security researchers at Symantec claim to have discovered eight apps in the Microsoft Store which, if downloaded, can use the victim’s computer to mine crypto-currency.

Only There For A Short Time Last Year

The suspect apps are reported to have only been on the Microsoft Store for a short time between April and December 2018, but it is thought that they still managed to achieve significant download numbers, as indicated by nearly 1,900 ratings posted for the apps.

Which Apps?

The suspect apps, in this case, are Fast-search Lite, Battery Optimizer (Tutorials), VPN Browsers+, Downloader for YouTube Videos, Clean Master+ (Tutorials), FastTube, Findoo Browser 2019, and Findoo Mobile & Desktop Search apps.  These apps have now been removed from the Microsoft Store,

What Is Crypto-currency Mining?

‘Crypto-currency mining’ involves installing ‘mining script’ code such as Coin Hive into multiple web pages without the knowledge of the web page visitor or often the website owner. Multiple computers then join their networks so that the combined computing power can enable mathematical problems to be solved. Whichever scammer is first to solve these problems is then able to claim/generate cash in the form of crypto-currency, hence mining for crypto-currency.

Crypto-currency mining software tends to be written in JavaScript and sends any coins mined by the browser to the owner of the web site. If you visit a website where it is being used (embedded in the web page), you may notice that power consumption and CPU usage on your browser will increase, and your computer will start to lag and become unresponsive. These slowing, lagging symptoms will end when you leave the web page.

Mining For Monero

In the case of the eight suspect apps, they had been loaded with a script that had been designed to mine the ‘Monero’ crypto-currency.  Monero, which was created in April 2014 is a decentralised cryptocurrency that uses an obfuscated public ledger.  This means that anybody can broadcast or send transactions, but no one outside can tell the source.

How?

The secret mining element of the eight suspect apps worked by triggering Google Tag Manager (GTM) in their domain servers as soon as they were downloaded.  The GTM, which was shared across all eight apps, enabled them to fetch a coin-mining JavaScript library, and the mining script was then able to use most of the computer’s CPU cycles to mine Monero.

GTM – Legitimate

GTM is usually a legitimate tool that is designed to enable developers to inject JavaScript dynamically into their applications.  In this case, however, it had been used as a cloak to conceal the malicious purpose of the apps.

Not The First Time

This is not the first time that suspect apps have been discovered lurking in popular, legitimate app stores. Back in January, for example, security researchers discovered 36 fake and malicious apps for Android that can harvest a user’s data and track their location, masquerading as security tools in the trusted Google Play Store. The apps, which had re-assuring names such as Security Defender and Security Keeper, were found to be hiding malware, adware and even tracking software.

Also, back in November 2017, a fake version of WhatsApp, the free, cross-platform instant messaging service for smartphones, was downloaded from the Google Play store by more than one million unsuspecting people before it was discovered to be fake.

What Does This Mean For Your Business?

This is not the first time that apps which perform legitimate functions of the surface and are available from trusted sources such as Microsoft store have been found to have hidden malicious elements, in this case, mining scripts.  The increased CPU usage and slowing down of computers caused by mining scripts waste time and money for businesses, and the increasingly sophisticated activities of crypto-jackers and other cyber-criminals, combined with a global shortage of skilled cyber-security professionals to handle detection and response have left businesses vulnerable to this kind of hidden app-based threat.

Although the obvious advice is to always check what you are downloading and the source of the download, the difference between fake apps and real apps can be subtle, and even Microsoft and Google don’t always seem to be able to detect the hidden aspects of some apps.

The fact that many of us now store most of our personal and business lives on our smartphones makes reports such as these more alarming. It also undermines our confidence in (and causes potentially costly damage to) the brands that are associated with such incidents e.g. the reputation of Microsoft Store.

Some of the ways that we can try to protect ourselves and our businesses from this kind of threat include checking the publisher of an app, checking which permissions the app requests when you install it, deleting apps from your phone that you no longer use, and contacting your phone’s service provider or visit the High Street store if you think you’ve downloaded a malicious/suspect app.

Also, if you are using an ad blocker on your computer, you can set it to block a specific JavaScript URLs related to crypto-mining, and some popular browsers also have extensions that can help e.g. a browser extension called ‘No Coin’ is available for Chrome, Firefox and Opera (to stop Coin Hive mining code being used through your browser).  Maintaining vigilance for unusual computer symptoms, keeping security patches updated, and raising awareness within your company of current crypto-currency mining threats and scams and what to do to prevent them, are just some of the other ways that you can maintain a basic level of protection for your business.

Browsers Slowed By Adverts and Analytics

Posted on by Andy Miller

Research by developer Patrick Hulce has shown that around 60% of the loading time in a browser is caused by JavaScript code that is used to place adverts or analyse what users do.

Analysed Pages

The researchers analysed data from desktop and mobile versions of a million sites, including many popular ones, and sampled programs written in JavaScript, which is the code that is popularly used not only by developers to make sites interactive, but also by Google to help place ads on pages and analyse user activity.

Two-Thirds of a Second Loading Time Added

The analysis revealed that if ad-placing and analytics JavaScript code are used together on a page this can add more than two-thirds of a second to loading times.

WordAds Script

The JavaScript code that was found to add the most time to page downloads was the WordAds script that’s used in WordPress blogs.  This was found to add a staggering 2.5-second delay to the arrival of a page.

Other Causes

The research did acknowledge that there are other popular causes of slow loading pages including network delays, large file sizes for some content, and even ad-blocking programs which increase script execution time.

Problems Caused By Slow-Loading Pages

Slow-loading pages can cause problems such as frustration to (and loss of) visitors from web pages, and pages being penalised by Google’s search rankings for desktop and mobile search results.

Google sends out Google speed updates for mobile search rankings of the slowest of sites on the Internet. The updates are directed to those who have verified properties in Google Search Console and are aimed at reducing the search rankings of really slow mobile pages.  The updates give site admins recommendations about how to measure and fix slow-loading page problems.  In October 2018 for example, Google announced that it had begun (since July 2018) incorporating a new Speed update algorithm in the mobile search results as a search ranking factor.

Run A Test

It has long been known that JavaScript can add extra time to page downloads.  If you’d like to check whether your pages are being slowed down by JavaScript you can, for example, go to https://www.webpagetest.org/ or Google’s https://developers.google.com/speed/pagespeed/insights/.

What Does This Mean For Your Business?

Slow-loading web pages can frustrate users and lose your business customers, as well as damaging the position of your web pages in Google search results. Web pages that load quickly are known to have longer average session times, lower bounce rates, and higher viewability, and Google suggests that a good target time in which a page should load is under 2 seconds.

Test tools such as webpagetest.org are good ways to see how your pages currently perform.  Ways to improve slowness caused by JavaScript include only loading the JavaScript needed for the current page / prioritizing what a user will need and lazy-loading the rest with code-splitting and optimizing JavaScript.  If, for example, you have a WordPress website, you can use plugins to help reduce your page load time.

Kellogg’s Uses Virtual Reality To Sell More Cornflakes

Posted on by Andy Miller

Breakfast cereal manufacturer Kellogg’s has been working with third-party VR companies to help it determine the best way to display its new products in stores.

Who?

Kellogg’s is reported to have been working on a pilot scheme with Accenture and Qualcomm.  Accenture is a Dublin-based global management consulting and professional services firm with a strong digital skill-set, and Qualcomm Inc is a US-based world leader in 3G and next-generation mobile technologies.

What?

The pilot’s aim was to determine the best in-store placement for Kellogg’s new Pop Tart Bites.  This involved the use of Accenture’s Extended Reality (XR) software and Qualcomm’s VR headsets.  This combination gave test subjects an immersive and 360-degree experience of a simulated store environment in which they were able to ‘virtually’ pick products, place items in shopping trolleys and make purchases.

Monitoring

The VR headsets and XR software enabled Kellogg’s to closely and precisely monitor the user’s eye movements.  The analytics meant that this test was also able to yield data such as which new products the test subjects looked at and how long they looked at the products.

New Insights Reveal Surprising Result

Whereas traditional understanding of in-store product placement points towards eye-level (or close to it) as an ideal spot, the new insights that the technology provided in this pilot concluded that positioning the new product on a lower shelf could increase sales of the product by 18%.

Growing Trend

The use of a combination of VR, AR and analytics in retail environments has been a growing trend among big brands in recent times.

Brick-and-mortar retail chains have, however, been criticised for reacting slowly to the introduction of technology that could help them and have found themselves at a disadvantage to online retailers who have been able to use digital technology to hyper-personalise retail experiences for their customers. The brick-and-mortar retailers have also been faced with challenges caused by economic and cultural shifts, e.g. customers moving more towards online shopping.

Change In The Landscape

It’s not just manufacturer brands that are now able to take advantage of the technological change in the landscape to benefit sales.

Retailers now have access to many affordable and relatively easy-to-use AI development tools available, such as those offered by big tech vendors e.g.  Google, Microsoft and Amazon. This means that building an AI system/machine learning system has never been easier.  Retail chains, for example, also have the advantage of having access to massive amounts of data which can be used in a value-adding way with analytics and AI.

What Does This Mean For Your Business?

This story illustrates how the combination of new technologies such as VR, AI and advanced analytics have yielded new insights which could make a greater contribution to sales than more traditional methods.

The portable nature of the technology (and the AI aspect) mean that they are also able to deliver these value-adding insights more quickly and cheaply than before, thereby contributing to faster and more effective product launches and more successful product strategies.  The superior insights gained from combining new technologies such as these mean that it is now possible for business product placement decisions to be made that could positively impact total brand sales, versus only single product sales.

Tech Tip – Encrypting Documents Stored on Google Drive

Posted on by Andy Miller

If you use Google Drive to store files in the cloud but worried that Google doesn’t provide a true password protection feature, you may want to encrypt your files before uploading them.  Here’s how:

If you have Microsoft Office on your PC, it has a built-in encryption feature.

– Go to: File > Protect Document > Encrypt with Password.

– Upload the file to Google Docs.

– Google can’t read the file, but it can be downloaded and opened on any PC with Microsoft Office Installed (using the password).

– If you don’t have Microsoft Office, you could use Boxcryptor.  This is free for syncing one cloud storage service between two PCs.

– Install Boxcryptor (see boxcryptor.com).

– Enable Google Drive in Boxcryptor’s settings.

– Access Boxcryptor from Windows Explorer’s sidebar.

– Go to: Boxcryptor > Encrypt option, and watch the checkbox turn green.

The encrypted files will then be placed in Google Drive, but won’t be accessible unless you have Boxcryptor installed and logged in.

If you’re looking for a solution that’s free and can be used with any cloud storage service and any device, you may want to try Veracrypt (for Windows, macOS, and Linux).  It creates an encrypted container where you can store files you want and put them anywhere for safe keeping.

– Install Veracrypt (see veracrypt.fr).

– Create a new encrypted file container within your Google Drive folder.

– Reach that file from Veracrypt’s main window (it will show as if it were an external hard drive).

– Drag your sensitive files there and unmount the volume.

You will need Veracrypt installed on any PC to access the documents inside that container.

Report Says 90% of NHS Jobs Will Need Digital Skills, But AI and Robotics Could Enhance Services

Posted on by Andy Miller

A report, commissioned by health secretary Matt Hancock and led by US academic Eric Topol, has found that even though AI and robotics will enhance healthcare services, 90% of NHS staff will require fresh digital skills within 20-years.

Robotics and AI Enhancements

According to the report, although there has been fear that the implementation of AI and robotics to the NHS could be a step towards replacing human practitioners, they will in fact enhance services.

Smart Speakers Could Help

For example, the use of smart digital assistants such as Alexa and Siri could free-up more time for doctors which could be spent with patients. It is anticipated that smart speakers could reduce time spent on paperwork, possibly saving 5.7 million hours of GPs’ time across the country per year.

Mental Health Triage Bots?  

The suggestion that smart speakers could somehow be used as effective “mental health triage bots” by engaging in conversations while analysing text and audio for any suicidal ideas and emotions has been dismissed by mental health professionals. A smart speaker may be capable of listening and talking but as mental health professionals point out, smart speakers can’t pick up many of the visual cues that a skilled human professional can, they can’t quickly develop a relationship with a patient (as is needed in mental health assessment situations), and they may not be particularly useful in a situation where a patient is disordered.

Patient Records

The report indicates that smart speakers could also enhance the capabilities of NHS workers to update patient records.

Three Main Changes

In the report, Mr Topol predicts how, over the next 20 years there will be three main developments that will change patients lives, and how training should begin now to ensure that NHS staff have the skills to make the most of those changes going forward.  According to Eric Topol, who is a cardiologist, geneticist, and digital medicine researcher, the three main changes will be:

  1. Patients having their genome sequenced.  This can help determine things like a person’s predisposition to certain diseases and how they will respond to medication or treatment.
  2. Patients being able to generate and interpret much more of their own health data at home.
  3. AI helping to exponentially increase the speed, accuracy and scalability of medical data interpretation.

Digital Appointments

Health Secretary Matt Hancock, who commissioned the report, has also called on GP practices in the UK to be able to offer digital appointments within five years e.g. using Skype and Google.

What Does This Mean For Your Business?

According to this report, AI, robotics and other new technologies could provide enhancements that may enable patients to be ultimately better informed about their own medical position and may help NHS staff to deliver a better quality of service while freeing them from spending too much time on paperwork and spending that time instead with patients.

There is, however, a challenge to be met in terms of making sure that NHS staff receive training that will enable them to make the best use of new digital technologies, and this will need planning and will have cost implications.

It is also important to consider, however, that the amount of data gathered about patients e.g. genomic information could be intrusive and has security and privacy risks.  Also, if AI bots are used to handle some communications with patients, those patients need to be informed that they are communicating with a bot and not a person.  Too much reliance on technological innovation could also bring some inequalities. For example, poorer people and ethnic minorities have been shown to have a lower uptake of things like digital health records.

ROI Index Shows That Facebook & Google Offer Best Value For Mobile Advertisers

Posted on by Andy Miller

Marketing report company Singular has produced an ROI index for mobile advertising, based on its own research which shows that Facebook and Google appear to offer the best value for mobile advertisers.

The Research

Singular sampled over $1.5 billion of spend in mobile advertising, including over a half a billion installs and almost $3 billion in revenue.  From this, the company was able to produce an ‘ROI Index’ that ranks the best-performing ad networks for mobile marketers on iOS and Android globally.

Singular’s backers include Norwest Venture Partners, General Catalyst, Thomvest Ventures, and Method Capital, and Singular’s customers (as a marketing intelligence platform) include companies like Airbnb, LinkedIn, Symantec, and Twitter.

Facebook & Google – Best Value

Given the popularity and scale of Google and Facebook, and the economies thereof, and the fact that they can deliver results, it is perhaps not surprising that Singular’s ROI Index put Facebook and Google at the top for delivering the best return on investment.

The Index showed that Facebook won the global rankings, but Google came top in all three key regional rankings: EMEA, APAC, and Americas.

Ad Fraud Levels Also Taken Into Account

Singular’s ROI Index also considered advertising fraud levels, and it has been reported that a record number of 15 companies were deleted from its rankings this time around because of “excessive” fraud.

Snap No.3

The Index shows Snap (the advertising network for Snapchat) improving its rankings on most of the lists, and it is now the No. 3 network for non-gaming ads on both iOS and Android.

Other Findings

The ROI Index also showed other important results for:

  • Japan-based mobile messaging service LINE (700M users), ranked three times.
  • Twitter, which showed a resurgence with 11 rankings on global, regional, and platform-specific charts. These included second on iOS for retention: providing users/customers who stay engaged.
  • Unity, the games ad network, ranking third on Android and fourth on iOS globally.
  • BlueStacks, the US technology company that produces the BlueStacks App Player and other cloud-based cross-platform products, is delivering significant ROI on its own on-platform ad network.

Android More Volatile

Singular’s ROI Index also shows that one-third of the global Android index is brand-new compared to only two new networks joining the corresponding iOS index.  This indicates that the Android ad ecosystem is more volatile than iOS.

What Does This Mean For Your Business?

With all of us now using mobiles for our personal and business lives, mobile advertising has become a very important way for businesses to reach customers.  Google and Facebook are widely known among marketers, but many marketers now know they need to consider using more than just two media partners in order to get the most value out of their advertising budgets.

In an increasingly complicated and segmented media marketplace an ROI Index such as the one produced by Singular can provide valuable marketing intelligence, perhaps provide new ideas for promising ad networks to try, and can give businesses a way to get some measurement of ROI from different touchpoints across multiple channels that can help guide ad spend in order to produce the best value results.

Tech Tip – Link your Android Phone To Your Windows PC or Laptop

Posted on by Andy Miller

If you’ve ever emailed yourself a photo or screenshot to get it from your phone to your computer or uploaded photos to e.g. Google Photos or Dropbox and then download them onto your PC, you may want to try Microsoft’s ‘Your Phone’ app.  With the app, you can link and sync your Android phone to your Windows PC or laptop and simply drag and drop photos or screenshots, plus you can receive and send text messages from your phone on your computer. Here’s how to set it up:

This works for PCs or laptops running Windows 10 April 2018 Update (Version 1803) or later, and Android phones running Android 7.0 Nougat or later.  Both devices should be connected to the same Wi-Fi network.

On your PC or laptop, type “Your Phone” in the search bar, scroll to launch Microsoft Store, find the “Your Phone” app.

Download and install the Your Phone app for Windows 10 from Microsoft e.g. here: https://www.microsoft.com/en-gb/p/your-phone/9nmpj99vjbwv?activetab=pivot%3Aoverviewtab

Next, install the counterpart on your Android phone. For example, when you launch the app on your PC, type your number in to receive the install the app link via text on your phone. Alternatively, you could visit the Google Play Store, type “Your Phone Companion” into the search bar and then Install the app on your Android phone.

The two apps should sync, and once you’ve answered and granted the permissions questions on your phone, you should see your phone appear in the Windows “Your Phone” app on your computer.

Click to access recent photos or messages + see the Settings page.

Google Live Transcribe To Help Hard of Hearing

Posted on by Andy Miller

Google has announced the introduction of its ‘Live Transcribe’ app for Android which allows people who are deaf or hard of hearing to see a live, near real-time written display of conversations on their phone.

Live Transcribe

The Google Live Transcribe app offers deaf and hard of hearing a new portable, accessibility tool that offers a convenient and innovative new way to join in conversations. With the Live Transcribe app turned on, the Android phone microphone feeds conversations into the app which can display accurate, near real-time captions on the phone screen in 70 different languages and dialects.  It also enables two-way conversation via a type-back keyboard for users who can’t or don’t want to speak.  The app can connect with external microphones to improve transcription accuracy.

Another feature of the app is a blue circle in the corner of the screen that pulses to show the user the ambient noise level of wherever they are, thus showing the user if they need to move the phone / external microphone closer to a person for the app to ‘hear’ what they’re saying.

Live transcribe also vibrates the phone if someone speaks after a period of silence to prompt the user to look at the screen again.

Where, When & How Can You Get Live Transcribe?

The Live Transcribe app is available preinstalled on Pixel 3 phones and can be operated by switching it on in the Accessibility Settings.  The app is also available via the Google Play Store for other phones but is being released as a limited beta.  You can, however, sign up to be notified when more downloads of Live Transcribe are available in the Google Play Store by clicking on this link and scrolling to the bottom of the page: https://www.android.com/accessibility/live-transcribe/ .

Sound Amplifier App Too

Another Android phone accessibility app launch that has also been announced by Google is that of ‘Sound Amplifier’.  As the name suggests, this app can be used with headphones plugged into the phone to boost the volume (e.g. of the voice of someone who’s talking to you) especially in situations where there’s a lot of background noise. Sound Amplifier filters, augments and amplifies sounds in any environment that you find yourself in, and it works by increasing quiet sounds, while not over-boosting loud sounds.

The app can be customised via sound enhancement settings, and noise reduction can be applied to minimise distracting background noise with simple sliders and toggles.

Where, When & How Can You Get Sound Amplifier?

Sound Amplifier is available now, supports Android 9 Pie (or later) phones, is pre-installed on Pixel 3 phones, and is available on the Play Store.

What Does This Mean For Your Business?

These apps could prove to be very convenient and useful in business, home and other settings for anyone who is deaf or is hard of hearing.  These apps demonstrate how technology can be used to solve old and difficult problems in new, and easy-to-use ways, and could provide an important step forward in accessibility for an outwardly invisible problem that millions of people suffer from.  For example, The World Health Organization estimates that by the year 2055, there will be 900 million people with hearing loss.

The Sound Amplifier app also provides Google with a way to compete with similar offerings from Apple.  For example, Apple offers a similar feature that works with AirPods, and iPhones can also work with some hearing aids.

Windows 10 Error Messages Soon To Make More Sense

Posted on by Andy Miller

Starting with the April 2019 update, Microsoft will be adding “Learn more” links to its error code messages in a bid to enable users to see what the code means, plus the chance to fix the error on the spot.

Resolved During Installation

The “Learn More” links will be there to help if there is an error during the upgrade (or installation) of Windows 10.  As well as explaining what the error is, Microsoft will also be giving users the chance to resolve the error messages themselves within the installer and will offer suggestions on how to update any problematic applications without having to uninstall.

What’s The Problem?

If a problem is encountered during the upgrade/installation of Windows 10, users are given error messages, for example if a version of an app isn’t compatible with the latest Windows 10 OS, and users need to either update or reinstall the app.

To date, Microsoft has provided articles on how to solve Windows errors written by support staff called the ‘Knowledge Base’ (KB).  The main problems for users have been that:

  • Users don’t know what the numerical error messages in the upgrade and installation of Windows 10 mean, or what to do with those error codes.
  • Users generally don’t know how to use KBs, look for specific KBs using their numerical ID, and there are no direct links to KB articles in setup error notifications.
  • Users have also found that ‘back ‘and ‘refresh’ buttons don’t fit with the error notifications they receive.

Link To A Quick Fix

Whereas the October 2018 Update means that users were only given the options of uninstalling the app, going back, or refreshing in the case of an error, the changes in the April update (code-named 19H1) should afford user the opportunity to save time and hassle by having information about the error to hand, and being able to get quick fix on the spot.

What Does This Mean For Your Business?

The current system of offering up codes that mean little to many to users who are not acquainted with the existence of the Knowledge Base or how to use it causes frustration and can waste time and therefore waste money for businesses.  This change in April appears to be a straightforward, user-friendly way of saving time and hassle by offering users the chance to more easily understand and find a fix for errors on the spot.

At present, a list of the common errors experienced during a Windows 10 upgrade and installation plus explanations of them can be found on the Microsoft Windows Support pages here: https://support.microsoft.com/en-gb/help/10587/windows-10-get-help-with-upgrade-installation-errors