The OEM version is working fine, as the drivers are embedded there. My point was that without this recovery partition you tend to run into issues on newer devices, as the MS bundled drivers get updated only infrequently.
The OEM version is working fine, as the drivers are embedded there. My point was that without this recovery partition you tend to run into issues on newer devices, as the MS bundled drivers get updated only infrequently.
even on Windows 10/11, I’m still frequently hearing about issues at work where the necessary ssd drivers are only included in the default windows installer (not the recovery shipped with the device) like half a year later. at least with Dell this seems to be a common theme.
The 90 days disclosure you’re referencing, which I believe is primarily popularized by Google’s Project Zero process, is the time from when someone discovers and reports a vulnerability to the time it will be published by the reporter if there is no disclosure by the vendor by then.
The disclosure by the vendor to their users (people running Lemmy instances in this case) is a completely separate topic, and, depending on the context, tends to happen quite differently from vendor to vendor.
As an example, GitLab publishes security advisories the day the fixed version is released, e.g. https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/.
Some vendors will choose to release a new version, wait a few weeks or so, then publish a security advisory about issues addressed in the previous release. One company I’ve frequently seen this with is Atlassian. This is also what happened with Lemmy in this case.
As Lemmy is an open source project, anyone could go and review all commits for potential security impact and to determine whether something may be exploitable. This would similarly apply to any other open source project, regardless of whether the commit is pushed some time between releases or just before a release. If someone is determined enough and spends time on this they’ll be able to find vulnerabilities in various projects before an advisory is published.
The “responsible” alternative for this would have been to publish an advisory at the time it was previously privately disclosed to admins of larger instances, which was right around the christmas holidays, when many people would already be preoccupied with other things in their life.
requiring an app to open chests? what?
I’m glad I’ve been avoiding Ubisoft like the plague they are for all the other issues already.
i don’t want to go to all that effort
original source for this badly copied blogspam link: https://cointelegraph.com/magazine/china-dev-fined-salary-vpn-10m-ecny-airdrop-asia-express/
reddthat.com.
you should also see that when you click my name, if it doesn’t already show it on my name.
to be fair, iirc it was only a total of 3 comment threads at the time, where two were started by lemmy.world users and one by a hexbear.net user. as those instances are on your instances block list, that would enough to hide the entire comment threads I believe.
seems to be a federation issue for you, I see 90+ comments (reported by client, not counted), earliest from 9h ago
is that because Microsoft doesn’t have QA anymore?
it’s clearly 3, stop spreading misinformation