Worried about an NSA ChainOfFools/CurveBall attack? There are lots of moving parts. Test your system.

Credit to Author: Woody Leonhard| Date: Fri, 17 Jan 2020 06:42:00 -0800

If you want to install the January Patch Tuesday patches, by all means, go right ahead. That said, I continue to recommend that you hold off installing the January Microsoft patches until we get a clearer reading on potential bugs.

The pro-patch-now argument generally goes something like this: Everybody is recommending that you install the patches to protect against the Crypto bug — almost all of the major security folks, the researchers, the big online sites, your local news station, your congresscritter, your neighbor’s nine-year-old, even the bleeping NSA. It’s a little patch. Why not just install it and be done with it?

To read this article in full, please click here

Read more

Windows 7 end of support: Separating the bull from the horns

Credit to Author: Woody Leonhard| Date: Wed, 15 Jan 2020 13:20:00 -0800

No, Windows 7 isn’t dead.

No, you don’t need to buy a Win10 computer. 

No, you don’t need to upgrade.

No, you don’t need to install the latest Win7 patches right away.

No, Microsoft isn’t withdrawing its unofficial nod-and-a-wink free upgrade from Win7 to Win10. At least, not right away.

No, the old Win7 patches aren’t disappearing.

No, your Internet Service Provider won’t kick you off your network for using Win7.

To read this article in full, please click here

Read more

Patch Tuesday aftermath: The NSA Crypt32 threat is real, but not yet imminent

Credit to Author: Woody Leonhard| Date: Wed, 15 Jan 2020 07:26:00 -0800

Get ready for your local news station’s weather reporter to start lecturing on the importance of installing Windows patches.

Yesterday we were treated to a remarkable Patch Tuesday. “Remarkable” specifically in the sense that the U.S. National Security Agency was moved to put out a press release (PDF):

NSA recommends installing all January 2020 Patch Tuesday patches as soon as possible to effectively mitigate the vulnerability on all Windows 10 and Windows Server 2016/2019 systems.

To read this article in full, please click here

Read more

Microsoft to Windows 7: Beat it, you bum

Credit to Author: Gregg Keizer| Date: Tue, 14 Jan 2020 12:36:00 -0800

Microsoft today figuratively told Window 7 – which ended support with a final security update – not to let the door hit it on the way out.

“Ten-year-old tech just can’t keep up,” Jared Spataro, an executive on the Microsoft 365 team, wrote in a post to a company blog. “As we end support for Windows 7, I encourage you to transition to these newer options right away.”

Not surprisingly, Spataro named those newer options as Windows 10 to replace Windows 7, and Office 365 to fill in for the retiring-in-October Office 2010. Combined, they make up the bulk of Microsoft 365, the business subscription plan Microsoft wants all customers to adopt.

To read this article in full, please click here

Read more

January 2020 Patch Tuesday delivers fixes for 50 bugs

Credit to Author: SophosLabs Offensive Security| Date: Tue, 14 Jan 2020 18:15:18 +0000

This month’s big security news from Microsoft is the end of support for Windows 7, and a patch of a cryptographic library<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/wiyw9sHJyLE” height=”1″ width=”1″ alt=””/>

Read more

Today's Patch Tuesday brings fireworks and — a magic bullet?

Credit to Author: Woody Leonhard| Date: Tue, 14 Jan 2020 05:48:00 -0800

Over the past few years we’ve seen a few security holes that have drawn Chicken Little warnings and vast amounts of unthinking press reports. When you turn on a local news program and hear from the hometown weather reporter that you really need to get Windows patched, a bit of skepticism might be in order.

Today’s Patch Tuesday appears to be headed down the same well-worn chute.

Brian Krebs, the security guru with impeccable credentials, fired an opening salvo in his blog post yesterday:

To read this article in full, please click here

Read more

Seven high points of Windows 7

Credit to Author: Gregg Keizer| Date: Tue, 14 Jan 2020 04:16:00 -0800

Today Microsoft issues its final free security update for Windows 7, putting an end to that operating system’s decade.

To remember that service – a retirement party but without the cloyingly-sweet cake and cheap gold watch – Computerworld selected seven highlights of Windows 7. While the seven do not pretend to trace Windows 7’s history, they illustrate the influence and impact of the OS.

Here’s to Windows 7. Raise a glass, for cryin’ out loud.

It salvaged Microsoft’s reputation after the Vista debacle

The numbers say it all.

Windows Vista, the 2006 replacement for Windows XP, topped out at 20% of all Windows versions in October 2009. Even though the OS it followed was long in the tooth – XP was nearly twice the age of a typical version when it was supplanted – Vista struggled to put a dent in its forerunner’s share.

To read this article in full, please click here

Read more

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Credit to Author: BrianKrebs| Date: Mon, 13 Jan 2020 22:17:47 +0000

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. 14, the first Patch Tuesday of 2020.

Read more