Blocking attacks against Windows “CTF” vulnerabilities

Credit to Author: Mark Loman| Date: Thu, 22 Aug 2019 16:53:35 +0000

Operating systems and run-time environments typically provide some form of isolation between applications. For example, Windows runs each application in a separate process. This isolation stops code running in one application from adversely affecting other, unrelated applications. This means a non-administrative user mode process can&#8217;t access or tamper with kernel code and data, and an [&#8230;]<img src=”” height=”1″ width=”1″ alt=””/>

Read more

Bluetooth vulnerability can be exploited in Key Negotiation of Bluetooth (KNOB) attacks

Credit to Author: Jovi Umawing| Date: Wed, 21 Aug 2019 15:56:45 +0000

Researchers called it KNOB, a clever attack against the firmware of a Bluetooth chip that can allow hackers to successfully hijack paired devices and steal their sensitive data. Are users at risk?



(Read more…)

The post Bluetooth vulnerability can be exploited in Key Negotiation of Bluetooth (KNOB) attacks appeared first on Malwarebytes Labs.

Read more

Installing Windows 7 from a backup? You need a BitLocker patch right away

Credit to Author: Woody Leonhard| Date: Mon, 19 Aug 2019 09:33:00 -0700

No doubt you recall the warning back in February that Windows 7, Server 2008 and Server 2008 R2 patches starting in July would use the SHA-2 encryption protocol. If you want to install Win7 patches issued after July, you have to get the SHA-2 translator installed.

A few days ago, Microsoft tossed a zinger into the FAQs down at the bottom of its SHA-2 post, 2019 SHA-2 Code Signing Support requirement for Windows and WSUS. That post now says that you have to install a seemingly unrelated patch, KB 3133977, entitled, BitLocker can’t encrypt drives because of service crashes in svchost.exe process in Windows 7 or Windows Server 2008 R2.  

To read this article in full, please click here

Read more

Microsoft warns of Visual Basic, VBA and VBScript 'procedure call' errors after August patches

Credit to Author: Woody Leonhard| Date: Thu, 15 Aug 2019 05:28:00 -0700

August is going to be a perilous patching month.

We’re tracking down credible reports of the Server 2012 R2 Monthly rollup breaking RDP logins, a conflict between the Win10 1903 cumulative update and last month’s version of Outlook 365, confusion about Win7 patches being branded as “IA64 only,” dealing with the lack of telemetry (!) in the August Win7 Security Only patch, much mayhem trying to install SHA-2 signed patches (including the Win7 Monthly Rollup) on systems using Symantec Endpoint Protection, even more confusion over the difference between Symantec Endpoint Protection and Norton Security Suite, and lots of the usual installation failures and rollbacks.

To read this article in full, please click here

Read more

Microsoft relaxes telemetry rule for PCs managed with Windows Update for Business

Credit to Author: Gregg Keizer| Date: Wed, 07 Aug 2019 13:12:00 -0700

Microsoft has quietly relaxed a rule that prevented privacy-first organizations from managing the Windows Update for Business (WUfB) service using group policies.

With Windows 10 1903, aka “Windows 10 May 2019 Update,” which debuted in late May, organizations no longer are required to set the “diagnostic data level” for their devices to “Basic” or higher.

That diagnostic data level is a multi-step categorization of what Microsoft pulls from Windows devices and sends to its own servers. Also dubbed “telemetry,” the data harvesting is used by Microsoft for a range of tasks, notably deciding when a specific PC receives a feature upgrade.

To read this article in full, please click here

Read more

Microsoft Patch Alert: Welcome to the Upside Down

Credit to Author: Woody Leonhard| Date: Tue, 30 Jul 2019 09:33:00 -0700

This month, Microsoft Patch Land looks like a stranger Stranger Things Upside Down, where Security-only patches carry loads of telemetry, Visual Studio patches appear for the wrong versions… and we still can’t figure out how to keep the Win10 1903 upgrade demogorgon from swallowing established drivers.

As we end the month, we’ve seen the second “optional” monthly cumulative updates for all Win10 versions — the 1903 patch was released, pulled, then re-released — and fixes for Visual Studio’s transgressions. There’s a kludge for getting the Win10 1903 upgrade to work. And BlueKeep still looms like a gorging Mind Flayer.

Win7 Security-only patch brings telemetry

Those of you who have been dodging Windows 7 telemetry by using the monthly Security-only patches — a process I described as “Group B” three years ago — have reached the end of the road. The July 2019 Win7 “Security-only” patch, KB4507456, includes a full array of telemetry/snooping, uh, enhancements.

To read this article in full, please click here

Read more