This week we look at Google's addition of iOS devices as full Google account logon hardware security keys, as update on Apple vs Attorney General Barr, a serious new Internet Explorer 0-day and how the vulnerability can be mitigated, the release of Microsoft's Chromium-based Edge browser, the FBI's reaction to the Pulse Secure VPN vulnerability, another new and CRITICAL RDP remote code execution vulnerability that has slipped under the radar, a bit of miscellany, and then we examine the the headline grabbing CryptoAPI vulnerability that's been dubbed "CurveBall."