What the heck is it with Windows updates?

Credit to Author: Steven J. Vaughan-Nichols| Date: Wed, 10 Oct 2018 03:00:00 -0700

To help make life better for you, my loyal readers, I suffer by running Windows 7 and 10 on two harmless — never hurt anyone in their lives — PCs. Well, I did. But, in the last week I ran into not one, but two, showstopper update bugs.

First, on Windows 10, I was one of those “lucky” people who had files vaporize when I “updated” to Windows 10 October 2018 Update (version 1809). Because I only use Windows for trivial tasks, I didn’t lose anything valuable when the patch decided to erase everything in the My Documents folder.

Somehow, I think most Windows users use Windows for more important work than I do. I hope you have current backups. At least Computerworld’s Woody Leonhard has some good news: You can get those deleted files back.

To read this article in full, please click here

Read more

A week in security (September 24 – 30)

Credit to Author: Malwarebytes Labs| Date: Mon, 01 Oct 2018 16:44:20 +0000

A roundup of the security news from September 24–30 including phishing, Apple woes, a vulnerability in the wild, e-commerce attacks, phone spam, and a massive Facebook breach.

Categories:

Tags:

(Read more…)

The post A week in security (September 24 – 30) appeared first on Malwarebytes Labs.

Read more

Stop Office 365 Credential Theft with an Artificial Eye

Credit to Author: Chris Taylor| Date: Tue, 25 Sep 2018 13:00:44 +0000

We all know that email remains by far the number one threat vector facing organizations today. Trend Micro blocked more than 20.4 billion threat in the first half of 2018 alone, nearly 83% of which were email borne. But there’s more: corporate email accounts have also become a key target for attackers in their own…

The post Stop Office 365 Credential Theft with an Artificial Eye appeared first on .

Read more

Microsoft Patch Alert: Despite weird timing, September’s Windows and Office patches look good

Credit to Author: Woody Leonhard| Date: Thu, 20 Sep 2018 08:40:00 -0700

As we near the end of patching’s “C Week” (which is to say, the week that contains the third Tuesday of the month), there are no show-stopping bugs in the Windows and Office patches and just a few gotchas. As long as you avoid Microsoft’s patches for Intel’s Meltdown/Spectre bugs, you should be in good shape.

Why a Patch Monday?

On Sept. 17, Microsoft released two very-out-of-band cumulative updates for Windows 10:

To read this article in full, please click here

Read more

Microsoft’s September patches fix a raft of serious bugs

Credit to Author: Andrew Brandt| Date: Wed, 19 Sep 2018 18:00:07 +0000

Updates for Windows and Mac users resolve more than five dozen software vulnerabilities<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/HBOC9eD3Jfo” height=”1″ width=”1″ alt=””/>

Read more

Why Windows 10 is the most secure Windows ever

Credit to Author: Fahmida Y. Rashid| Date: Tue, 18 Sep 2018 14:40:00 -0700

Three years after its debut, Windows 10 is poised to overtake Windows 7 as the most popular version of the Windows operating system. Microsoft introduced virtualization-based security features – namely Device Guard and Credential Guard – in Windows 10, and in subsequent updates, has added other virtualization-based protections to the operating system.

Microsoft tackled the two biggest challenge for enterprises with Windows 10, password management and protecting the operating system from attackers. Windows Defender was renamed Windows Security in 2017 and now includes anti-malware and threat detection, firewall and network security, application and browser controls, device and account security, and device health. Windows Security shares status information between Microsoft 365 services and interoperates with Windows Defender Advanced Threat Protection, Microsoft’s cloud-based forensic analysis tool.

To read this article in full, please click here

Read more

A week in security (September 10 – 16)

Credit to Author: Malwarebytes Labs| Date: Mon, 17 Sep 2018 15:56:14 +0000

A roundup of the security news from September 10–16, including omnichannel fraud, ways to get back at scammers, the security of 2FA, and partnerstrokas.

Categories:

Tags:

(Read more…)

The post A week in security (September 10 – 16) appeared first on Malwarebytes Labs.

Read more

Malicious doc “builders” abandon old exploits wholesale

Credit to Author: Gabor Szappanos| Date: Tue, 11 Sep 2018 16:15:26 +0000

A key piece of the malware ecosystem adopts new vulnerabilities, and scraps old exploits, in record time<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/gKMCGkmvrcQ” height=”1″ width=”1″ alt=””/>

Read more

Digital transformation and value creation for Oil and Gas at the IT/OT market convergence

Credit to Author: Vincent Jacquement| Date: Thu, 06 Sep 2018 21:10:55 +0000

How much value has digital transformation created so far in the Oil & Gas industry? Which technology has contributed the most and what are the most compelling use cases? What… Read more »

The post Digital transformation and value creation for Oil and Gas at the IT/OT market convergence appeared first on Schneider Electric Blog.

Read more

Microsoft Patch Alert: Mainstream August patches look remarkably good, but watch out for the bad boys

Credit to Author: Woody Leonhard| Date: Thu, 23 Aug 2018 14:01:00 -0700

So far this month we’ve only seen one cumulative update for each version of Windows 10, and one set of updates (Security only, Monthly Rollup) for Win7 and 8.1. With a few notable exceptions, those patches are going in rather nicely. What a difference a month makes.

We’ve also seen a massive influx of microcode updates for the latest versions of Windows 10, running on Intel processors. Those patches, released on Aug. 20 and 21, have tied many admins up in knots, with conflicting descriptions and iffy rollout sequences.

Big problems for small niches

At this point, I’m seeing complaints about a handful of patches:

  • The original SQL Server 2016 SP2 patch, KB 4293807, was so bad Microsoft yanked it — although the yanking took almost a week. It’s since been replaced by KB 4458621, which appears to solve the problem.
  • The Visual Studio 2015 Update 3 patch, KB 4456688, has gone through two versions — released Aug. 14, pulled, then re-released Aug. 18 — and the re-released version still has problems. There’s a hotfix available from the KB article, but you’d be well advised to avoid it.
  • Outlook guru Diane Poremsky notes on Slipstick that the version of Outlook in the July Office 365 Click-to-Run won’t allow you to start Outlook if it’s already running. “Only one version of Outlook can run at a time” — even if the “other version” is, in fact, the same version.
  • The bug in the Win10 1803 upgrade that resets TLS 1.2 settings persists, but there’s an out-of-the-blue patch KB 4458116 that fixes the problem for Intuit QuickBooks Desktop.
  • The Win10 1803 cumulative update has an acknowledged bug in the way the Edge browser interacts with Application Guard. Since about two of you folks use that combination, I don’t consider it a big deal. The solution, should you encounter the bug, is to uninstall the August cumulative update, manually install the July cumulative update, and then re-install the August cumulative update — thus adding a new dimension to the term “cumulative.”
  • The Win7 Monthly Rollup has an old acknowledged bug about “missing file (oem<number>.inf).” Although Microsoft hasn’t bothered to give us any details, it looks like that’s mostly a problem with VMware.

The rest of the slate looks remarkably clean. Haven’t seen that in a long while.

To read this article in full, please click here

Read more