The Hot Take: Was wondering why it was saying I didn't have Nvidia Control Panel! LOL
The interface lived for nearly two decades and served us well, but now it's time to switch to the latest NVIDIA App. NVIDIA Announces the Official Retirement of Control Panel, One of the Most Popular Tools for NVIDIA GPU-Based Systems The popular NVIDIA GPU tool, NVIDIA Control Panel, launched in February 2026. It has been just over two decades since the tool went live and has remained the most used utility on NVIDIA GPU-based systems. From offering simple settings to change refresh rate, resolution, and multiple-display setups to manage 3D settings, the Control Panel remained one of the easiest to [âŚ]Read full article at https://wccftech.com/nvidia-control-panel-is-officially-dead-after-two-decades/
The Hot Take: Linux becoming a target with people migrating over to it for sure.
Qualys's Threat Research Unit (TRU) has discovered and published a logic flaw in Linux kernel "that permits an unprivileged local user to disclose sensitive files and execute arbitrary commands as root on default installations of several major distributions." Friday their blog pointed out "The bug has resided in mainline Linux since November 2016 (v4.10-rc1)."
"Upstream patches and distribution updates are already available."
Working exploits are circulating publicly, and administrators should apply vendor kernel updates without delay. During ongoing research into Linux kernel privilege boundaries, TRU identified a narrow window in which a privileged process that is dropping its credentials remains reachable through ptrace-family operations even though its dumpable flag should have closed that path. By pairing this window with the pidfd_getfd() syscall (added in v5.6-rc1, January 2020), an attacker can capture open file descriptors and authenticated inter-process channels from a dying privileged process and re-use them under their own uid. The primitive is reliable and turns any local shell into a path to root or to sensitive credential material [including host private keys under /etc/ssh ]
CVE-2026-46333 is local-only, but the impact is severe... Any unprivileged shell on a vulnerable host is enough to read /etc/shadow, exfiltrate SSH host private keys, or execute arbitrary commands as root through hijacked dbus connections to systemd. In practice, the distinction between an unprivileged foothold and full host compromise collapses: a phished developer account, a constrained CI runner, a low-privilege service account, or a shared multi-tenant host all become direct paths to root. With the vulnerable code shipping in mainline kernels since v4.10-rc1 (November 2016), the historical exposure spans nine years of enterprise fleets, cloud images, and container hosts.
Qualys followed responsible disclosure throughout. Qualys reported the vulnerability privately to the upstream Linux kernel security contact on 2026-05-11. Over the following three days the kernel security team developed and reviewed the fix, CVE-2026-46333 was assigned, and the patch was committed publicly on 2026-05-14. We then engaged the linux-distros mailing list, the standard pre-disclosure channel for downstream coordination. A short time later, an independent exploit derived from the public kernel commit appeared.... Qualys is releasing the complete advisory today because the underlying technique is novel, the public picture is now incomplete and uneven, and independent researchers have already achieved local root and published exploit material. Doing so gives defenders, detection engineers, and downstream maintainers a single authoritative reference for the flaw, the race against do_exit(), the role of pidfd_getfd(), and the four exploitation case studies.
Read more of this story at Slashdot.
The Hot Take: So many software updates, seems like they're milking current silicon or having issues with new silicon?
NVIDIA is preparing to showcase a new rendering technique that could move real-time path tracing another step closer to wider game-engine adoption. Scheduled for presentation at the ACM conference on Computer Graphics and Interactive Techniques in May, the companyâs latest research focuses on improving ReSTIR PT, a ...
The Hot Take: We'll have to see if this take off.... With ARM just entering the market with nvidia we'll have to see if it gains traction.
VMware has quietly debuted a technology preview of its flagship ESX hypervisor that is capable of running on Arm processors and servers. The virtualization giant teased its new tech in a Xeet which piqued our interest and led to the discovery of this document [PDF] on the public internet that explains the hypervisor supports guests running RHEL, Ubuntu, and SUSE, on servers from HPE and Gigabyte powered by Ampere processors, or Supermicroâs ARS-221GL model with an Nvidia Grace processor. The document offers slightly contradictory advice to the effect that âArm host clusters must be managed by a separate, standalone vCenter running on x86. We do not recommend managing x86 installations and Arm installations from the same vCenter.â The tech preview appears to be a very basic affair, as it lacks support for vSAN hyperconverged storage, NSX virtual networking, and plenty of other features VMware offers in its x86 hypervisor and Cloud Foundation (VCF) private cloud suite. VMware has also made it possible to access Arm guests from its desktop hypervisors. As disclosed last week in release notes for new versions of the Workstation and Fusion products that add âthe ability to connect to remote ARM-based ESXi, allowing users to manage VMs on remote ARM servers directly from VMware Workstation or Fusion on any supported platform.â Virtzilla is therefore making good on its promise to bring its hypervisor and VCF to the Arm architecture. The Broadcom business unit is porting its products because it thinks customers will increasingly turn to Arm servers on the network edge, perhaps for AI workloads. VMware is also aware that Arm processors can be more energy-efficient than x86 CPUs, and must also know that its hyperscale partners AWS, Microsoft, and Google aggressively promote their home-brew Arm processors as delivering superior performance-per-watt. In its announcement of its new desktop hypervisors, VMware offers another reason: âAs development environments diversify, cross-architecture connectivity is essential.â VMware hasnât offered a timeline to get ESX on Arm ready for a full release, but the company has previously told us itâs in no rush because customers are currently Arm-curious rather than in a rush to shift workloads onto the architecture. While VMware explores a new architecture, its rivals continue to prepare products they hope will prize away some users who feel Broadcomâs licensing regime isnât to their liking. Platform9 last week debuted âPlatform9 OSâ, a cut of Linux that encapsulates its Private Cloud Director in an appliance-like format so that users donât need Linux administration skills to adopt its stack. Platform9 is going after VMwareâs top 10,000 customers with a promise it wonât try to lock them in with licensing or restrictive hardware compatibility lists. Australian outfit Netframe takes a similar approach with its wares and has chosen to walk down a well-worn path by creating a free version of its eponymous product that allows users to run up to three hosts. The company thinks that offering will attract home lab operators and small shops who will be sufficiently impressed by the product to upgrade and sign up for support. ÂŽ
The Hot Take: Been saying it for years, Microsoft is pulling Linux into windows on bite at a time. This probably I would assume only accelerates.
Microsoft is turning Azure Linux into a general-purpose, Fedora-based cloud distribution available to all Azure customers, while also productizing Flatcar as Azure Container Linux for immutable container hosts. "When Microsoft joined the Linux Foundation, there was this big conspiracy theory that somehow the Linux Foundation was undermining open source in partnership with Microsoft, and now you announce that you're shipping a Linux distribution," Jim Zemlin, the Linux Foundation's CEO, said in response to Microsoft's surprise announcement. "That's amazing." ZDNet reports: Until now, [Lachlan Everson, Microsoft's Principal Program Manager on Azure's open-source team] noted, "we had Azure Linux only available to third-party customers through AKS specifically, and that was Azure Linux 3.0." Going forward, this will be ACL. Everson emphasized that Azure Linux 4.0 is the culmination of years of internal usage and the evolution of the earlier Mariner distribution. "So we've been running Azure Linux for many years internally, and we got through to 3.0, and we only allowed it on as a container host on AKS. What we've done is make it a general-purpose, so this is all the learnings that we've had in the heritage of Mariner."
Under the hood, Azure Linux 4.0 is based on Fedora Linux and is delivered as an open distribution on GitHub. This code is available now. Yes, Red Hat knows that Microsoft has done this. Everson continued, "So, we made a decision to use Fedora as an upstream, so it's using RPMs in the Fedora ecosystem. Microsoft curates the packages and the supply chain to fit Azure's cloud platform." Microsoft also created "it to be purpose-built for Azure, which integrates vertically into all of our infrastructure to give you the best Azure Linux experience on Azure." While Azure Linux will ship as a VM image, Microsoft is already preparing a developer-friendly path onto Windows desktops: "And as of today, we have it as a VM image for your VM host on Azure. We're going to announce WSL images as well."
While developers will be able to run Azure Linux locally through WSL, Microsoft is not positioning it as a traditional desktop Linux. Asked whether he could run it on his laptop, Everson said: "I will be able to run it on my laptop, or what have you. Yes, on Windows 11." However, when pressed about a desktop experience, Everson was clear that there are "no plans" for a graphical environment. "It's optimized for server-side in the cloud," he said, adding that even on a developer machine, users should expect a lean environment. "Minimal packages, yeah. The idea is that we offer you a consistent experience to do your development on your machine, and that you can take your workloads as you develop them on your machine and run them with VS Code. You can run your applications on that, and know that the platform is the same that you're running on the cloud, so that you have that kind of consistency between environments."
Flatcar itself remains the upstream project, but Microsoft is packaging it for Azure customers. Everson described Flatcar as "purpose-built, immutable, secure by default, production-ready operating system, and Azure Container Linux is the productization of that, but we're still investing in the upstream Flatcar ecosystem and pulling that downstream into a productized exterior experience just for container workloads, so it's a container hosting in AKS." To underscore the immutable model, he added that "Everything's baked in, so there is no package manager. We bake the bits into the immutable, and they're in the immutable version. So Azure Container Linux is the immutable version. So you shouldn't be changing any system packages or any application packages. Anything that you need to change is customer workloads run in containers."
Read more of this story at Slashdot.
The Hot Take: SMS/TXT is going to cause some pain for sure.
For years, typing in a six-digit code sent to your phone has been the universal standard for verifying your identity online. But that era is officially coming to an end in the Windows ecosystem.
In a statement to Windows Latest, Microsoft independently confirmed that itâll stop sending SMS codes for personal accounts.
Now, first spotted by Windows Latest, Microsoft has officially announced that it is pulling the plug on SMS codes for personal accounts. According to a support document quietly published earlier this year, the company is actively phasing out text messages as a method for both two-factor authentication and account recovery.
While the tech giant subtly hinted at this shift in a previous security advisory earlier this year, stating it was âcommitted to advancing security standards,â the newly released documentation explicitly confirms the end of SMS verification.
Moving forward, Microsoft is forcing a transition to passwordless alternatives, mandating the use of passkeys, authenticator apps, and verified secondary email addresses.
Why Microsoft is abandoning SMS authentication
Redmondâs decision to kill off SMS verification comes down to the undeniable fact that text messages are no longer a secure way to protect your digital identity.
In their official advisory, Microsoft states that âSMS-based authentication is now a leading source of fraud.â
âMicrosoft is committed to advancing security standards, and as such, we will start phasing out SMS as a method of authentication and account recovery for personal Microsoft accounts,â Microsoft noted in an advisory spotted by Windows Latest. âMicrosoft believes that the future of authentication is passwordless, secure, and user-friendly.â
Text messages were never designed with modern cybersecurity in mind. They are transmitted in plain text across vulnerable cellular networks, making them highly susceptible to interception.
Furthermore, hackers frequently use SIM-swap attacks, a tactic where a malicious actor tricks your mobile carrier into transferring your phone number to a device they control. Once the transfer is complete, the hacker instantly receives all of your SMS two-factor authentication codes, allowing them to easily hijack your accounts.
To combat this, Microsoft believes the future of account security is entirely passwordless. The company is replacing SMS with passkeys, which are a modern, phishing-resistant security standard.
Unlike traditional passwords or text codes that can be intercepted, passkeys use your deviceâs built-in biometric hardware.
When you sign in using a passkey, you authenticate your identity using Windows Hello facial recognition, a fingerprint scanner, or a localized device PIN. This creates a cryptographic key pair where the private key never leaves your physical hardware, rendering remote phishing attacks virtually impossible.
Depending on your setup, passkeys can be device-bound, meaning the private key never leaves the physical hardware (like your laptopâs TPM chip), or they can be synced across your devices via services like Apple iCloud Keychain or Google Password Manager. This cross-device compatibility ensures that if you lose your phone, your verified email and synced passkeys will still allow you to recover your account safely.
The problem of a forced passwordless transition
On paper, eliminating vulnerable SMS codes in favor of biometric passkeys is an objective win for global cybersecurity. In my daily workflow, the passwordless ecosystem is genuinely fantastic. I use Microsoft Edge, Microsoft Password Manager, and the Microsoft Authenticator app across all my devices. Thanks to the IR camera on my Lenovo laptop, Windows Hello face recognition makes logging into my personal Microsoft account a breeze.
However, Microsoftâs forced transition may cause significant headaches for power users.
As a Windows Insider, I constantly spin up, configure, and manage new virtual machines (VMs) to test software builds.
When I attempt to log into my Microsoft account within these isolated, nested environments, the passkey experience falls apart. Biometric hardware wonât be available on a VM, for obvious reasons, and I do not have access to security keys either. When trying to log in with passkeys via PIN, Iâm always shown an error.
In these highly technical, edge-case scenarios, requesting an SMS code was the ultimate, foolproof fallback. It just worked.
Passwords and SMS codes are ubiquitous. Typing in a six-digit text code is an instinctive, habitual behavior for billions of people. To successfully change a deeply ingrained habit, the replacement technology must be utterly flawless across every conceivable scenario.
Microsoft could drop the forced Microsoft account sign-in during Windows 11 setup; now thatâs one less place where youâll need to sign in!.
Either way, Microsoft will soon begin prompting all personal account holders with a âSign in faster with your face, fingerprint, or PINâ screen, urging them to set up a passkey and verify a backup email address. While losing the convenience of SMS codes may be a bitter pill to swallow for some, it is a necessary step to secure Windows 11 against modern threats.
The post Microsoft is killing SMS codes for Microsoft account sign-in, aggressively pushes passkeys on Windows 11 appeared first on Windows Latest
The Hot Take: Well now, that definitely sucks it was doing that. No wonder people are moving to Linux!
Microsoft is reportedly preparing significant changes to how Windows 11 manages graphics driver installations through Windows Update. The update is intended to address a long-standing issue where the operating system could overwrite newer manually installed GPU drivers with older OEM-certified releases.