Most bugs in Microsoft's June patches have been fixed; go ahead and patch

Credit to Author: Woody Leonhard| Date: Wed, 08 Jul 2020 07:48:00 -0700

The most obvious problem with June patches was a conflict between Microsoft’s latest version of Windows and Microsoft’s latest version of Office (er, Microsoft 365) Click-to-Run: If you installed patches as soon as they came out, Outlook wouldn’t run. That bug got cleared up when Microsoft fixed Office a week later, even though Windows was to blame.

We also saw a bunch of belated patches for printers that didn’t work after installing the June Windows updates.

To read this article in full, please click here

Read more

Microsoft Patch Alert: June 2020

Credit to Author: Woody Leonhard| Date: Thu, 02 Jul 2020 06:11:00 -0700

There’s never a dull moment for folks who try to keep Windows and Office patched.

Windows 10 version 2004 continues to make slow inroads among the “Go ahead and kick me” crowd, in spite of its (now documented) lack of update deferral settings, while those of us who are still trying to keep Win10 versions 2009, 2003 and 1809 afloat have our hands full.

June saw two truly innovative patching methods: A fix for a Windows bug delivered as an update to Office Click-to-Run and a fix for a different Windows bug delivered through the Microsoft Store.

If you can’t fix things the normal way, I guess there’s always the back door.

The two printer bugs

All of the Win10 cumulative updates in June broke some printers, some of the time. The damage fell into two heaps:

To read this article in full, please click here

Read more

A zero-day guide for 2020: Recent attacks and advanced preventive techniques

Credit to Author: Ilai Bavati| Date: Tue, 23 Jun 2020 15:00:00 +0000

Zero-day vulnerabilities—and their potential, related attacks—can drive any security team mad. Here’s how you can bulk up your defenses.

Categories:

Tags:

(Read more…)

The post A zero-day guide for 2020: Recent attacks and advanced preventive techniques appeared first on Malwarebytes Labs.

Read more

Turn on MFA Before Crooks Do It For You

Credit to Author: BrianKrebs| Date: Fri, 19 Jun 2020 19:19:10 +0000

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Here’s the story of one such incident.

Read more

Facial recognition: tech giants take a step back

Credit to Author: Pieter Arntz| Date: Thu, 18 Jun 2020 15:30:00 +0000

Some of the big players in the field of facial recognition announced they will not provide their technology to law enforcement while there is no governing law.

Categories:

Tags:

(Read more…)

The post Facial recognition: tech giants take a step back appeared first on Malwarebytes Labs.

Read more

June cumulative updates cause multiple problems with network printers

Credit to Author: Woody Leonhard| Date: Fri, 12 Jun 2020 09:20:00 -0700

Many admins report that installing the latest June cumulative updates knock out their networked printers. The problem seems to span all common versions of Windows and Server and many printers that have been installed and working in place for years. The bug appears to cause a conflict with older (but very common) PCL 5 and PCL 6 version 2 drivers on printers that are attached to networks, although the details aren’t yet clear. 

Microsoft has acknowledged a bug in the June patches (it isn’t clear precisely which ones) where the USB printer port disappears:

To read this article in full, please click here

Read more

Large in number, large in nature, this Patch Tuesday needs your attention

Credit to Author: Greg Lambert| Date: Fri, 12 Jun 2020 08:24:00 -0700

Despite Microsoft’s announcement in May that all non-security releases (C and D updates) are paused until further notice, with 129 updates in June’s Patch Tuesday release cycle, there is plenty to do – for your deployment team and your application testing team(s).

We see another critical update to Adobe Flash Player (see how to set your kill bits below) and critical updates to Microsoft’s browsers that – depending on your legacy application portfolio – may require immediate action. The area to focus on this month is the number and nature of updates to the Windows platform.

To read this article in full, please click here

Read more

Microsoft pushes fixes for 128 security bugs in June, 2020 Patch Tuesday

Credit to Author: SophosLabs Offensive Security| Date: Tue, 09 Jun 2020 17:01:17 +0000

In this month&#8217;s Patch Tuesday, a total of 128 security vulnerabilities have been patched in Microsoft products, a slight increase compared to the last few months. Only twelve of the vulnerabilities are rated &#8220;Critical.&#8221; None of the bugs have been found being exploited in the wild (yet). Preceding this month&#8217;s update was a fix for [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/02N0ToRkzv0″ height=”1″ width=”1″ alt=””/>

Read more