![](\"https:\/\/media.wired.com\/photos\/5cf176b9f5153c9ae215d077\/master\/pass\/Security-Trump-MarALago-RTS2730F.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Emily Dreyfuss| Date: Sat, 01 Jun 2019 13:00:00 +0000<\/strong><\/p>\n Returning to work <\/span>after a long weekend is always rough\u2014especially if you have to deal with a looming worm attack or yet another disinformation operation on your networks! Which was the case in the security world this week.<\/p>\n Despite dire warnings and an urgent update issued from Microsoft, customers are taking too long<\/a> to patch a critical vulnerability that still remains in approximately 900,000 Windows computers. The bug is so serious that Microsoft even released a patch for Windows XP<\/a>, which it hasn\u2019t done in years.<\/p>\n Facebook and Twitter<\/a> took down another batch of fake accounts and pages that appear to be linked to Iran. What Facebook didn\u2019t take down was a doctored video<\/a> of Nancy Pelosi, which earned the company a fair amount of blowback. The video doesn\u2019t quite reach deepfake territory<\/a>\u2014it\u2019s actually pretty crude\u2014but this is as good a time as ever to mention that researchers are coming up with new strategies to fight manipulated images, like baking tamper-proofing into the camera itself<\/a>.<\/p>\n Here\u2019s some good news: Google is finally making Chrome extensions safer.<\/a> But the company still follows you across your whole digital life. We map all the ways Google monitors you, and explain how to stop<\/a> the tracking once and for all.<\/p>\n Of course, it wouldn\u2019t be a week in security news if there wasn\u2019t an update from Robert Mueller. This week, we actually heard what his voice sounds like<\/a>, because the now former special counsel made a rare public statement. It was just 10 minutes long and full of carefully crafted legal reasoning. Garrett Graff broke down in plain English<\/a> what Mueller\u2019s statement means.<\/p>\n In useful news, WIRED rounded up the four best password managers<\/a> right now. If you don\u2019t have one yet, make it your weekend resolution to remedy that.<\/p>\n Of course, there was more. As we do every Saturday, we\u2019ve rounded up the security stories that WIRED didn\u2019t break or cover in depth this week, but which you should know about. Click on the headline to read the full story, and stay safe out there!<\/p>\n \u201cHijinks at Mar-a-Lago\u201d has become a story archetype of its own during the Trump administration, but this one\u2019s got everything: a teenager, clueless Secret Service agents, close proximity to Trump himself, and a members only beach tunnel. According to the Palm Beach Post<\/em>, the sneak-in happened last November while the college freshman was in Florida for Thanksgiving. Also in town for the holiday? The president. While hanging out at a nearby beach club, the teen strode down the beach to where Mar-a-Lago guests were in line to return to their hotel via an underground tunnel guarded by Secret Service agents. His lawyer says he got in line with them, made it past the Secret Service (who merely \u201cwanded\u201d him for metal) and into the club, where he wandered around for 20 minutes before being arrested. The teen, who pleaded guilty to one charge of entering a restricted area and will serve a year of probation, told the judge, \u201cI wanted to see how far I could get.\u201d Four months later, a Chinese woman would be arrested after sneaking into Mar-a-Lago with a suspicious number of devices<\/a> in tow. Both incidents highlight the Winter White House\u2019s barely-there security<\/a>, and the risks that raises.<\/p>\n Three iTunes customers have filed suit against Apple, claiming the company violated state privacy laws by sharing data about their iTunes purchases and other music preferences to third parties without their knowledge or consent. The plaintiffs, who are seeking class action status, allege that Apple sold iTunes data directly to data brokers, who then turned around and sold it to advertisers, and that it allowed developers access to iTunes libraries, which developers turned around and sold to data brokers. The first allegation could be tricky to prove in court, since data brokers have many sources for information (like, say, app developers). As Variety<\/em> notes, it\u2019s the second allegation that could be the most damning if true. It would also be in violation of Apple\u2019s rules for developers, as pointed out by the Verge<\/a>.<\/p>\n The North Face did some very dumb things recently. First, it partnered with an ad agency to upload photos of North Face gear at famous outdoorsy locations to those places\u2019 Wikipedia pages, in order to push those photos high up on Google\u2019s image results. The move was disrespectful, entitled, and generally against Wikipedia\u2019s rules. To make matters worse, the company then produced a video ad in which it bragged about how easily it had \u201chacked the results to reach one of the most difficult places: the top of the world\u2019s largest search engine.\u201d Needless to say, the Wikimedia Foundation was none too pleased. It issued a statement<\/a> calling the stunt \u201cunethical,\u201d and compared it to defacing public property. After news of the advertising prank landed to jeers not cheers, the North Face apologized<\/a>.<\/p>\n When the internet giant announced a major change to the way its Chrome browser would handle extensions back in January<\/a>, people were upset. The proposed changes would disrupt ad-blockers, making them work not well or at all. Five months later, the backlash hasn\u2019t deterred anyone. Google announced that the functionality of current popular ad blockers won\u2019t be supported when it rolls out the new extension system. Developers will need to change the back-end, and even then the extensions still likely won\u2019t work as well. There is one exception: Google will be letting paid \u201centerprise\u201d clients have access to the old system, though 9to5Google notes the purpose of this exception likely has nothing to do with ad-blocking; it\u2019s probably to allow paid customers to make bespoke extensions that do all sorts of other things.<\/p>\n