{"id":11058,"date":"2018-01-10T10:17:01","date_gmt":"2018-01-10T18:17:01","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/01\/10\/news-4829\/"},"modified":"2018-01-10T10:17:01","modified_gmt":"2018-01-10T18:17:01","slug":"news-4829","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/01\/10\/news-4829\/","title":{"rendered":"Microsoft’s Jan. 2018 Patch Tuesday Lowdown"},"content":{"rendered":"

Credit to Author: BrianKrebs| Date: Wed, 10 Jan 2018 16:07:35 +0000<\/strong><\/p>\n

Microsoft<\/strong> on Tuesday released 14 security updates, including fixes for the Spectre<\/strong> and Meltdown<\/strong> flaws detailed last week, as well as a zero-day vulnerability in Microsoft Office<\/strong> that is being exploited in the wild. Separately, Adobe<\/strong> pushed a security update to its Flash Player<\/strong> software.<\/p>\n

\"\"Last week’s story, Scary Chip Flaws Raise Spectre of Meltdown<\/a>, sought to explain the gravity of these two security flaws present in most modern computers, smartphones, tablets and mobile devices. The bugs are thought to be mainly exploitable in chips made by Intel<\/strong> and ARM<\/strong>, but researchers said it was possible they also could be leveraged to steal data from computers with chips made by AMD<\/strong>.<\/p>\n

By the time that story had published, Microsoft had already begun shipping an emergency update to address the flaws, but many readers complained that their PCs experienced the dreaded “blue screen of death<\/a>” (BSOD) after applying the update. Microsoft warned that the BSOD problems were attributable to many antivirus programs not yet updating their software to play nice with the security updates.<\/p>\n

On Tuesday, Microsoft said it was suspending the patches for computers running AMD chipsets.<\/p>\n

“After investigating, Microsoft determined that some AMD chipsets do not conform to the documentation previously provided to Microsoft to develop the Windows operating system mitigations to protect against the chipset vulnerabilities known as Spectre and Meltdown,” the company said in a notice posted to its support site<\/a>.<\/p>\n

“To prevent AMD customers from getting into an unbootable state, Microsoft has temporarily paused sending the following Windows operating system updates to devices that have impacted AMD processors,” the company continued. “Microsoft is working with AMD to resolve this issue and resume Windows OS security updates to the affected AMD devices via Windows Update and WSUS as soon as possible.”<\/p>\n

In short, if you’re running Windows on a computer powered by an AMD, you’re not going to be offered the Spectre\/Meltdown fixes for now. Not sure whether your computer has an Intel or AMD chip? Most modern computers display this information (albeit very briefly) when the computer first starts up, before the Windows logo appears on the screen.<\/p>\n

Here’s another way. From within Windows, users can find this information by pressing the Windows key on the keyboard and the “Pause” key at the same time, which should open the System Properties feature. The chip maker will be displayed next to the “Processor:” listing on that page.<\/p>\n

Microsoft also on Tuesday provided more information<\/a> about the potential performance impact on Windows computers after installing the Spectre\/Meltdown updates. To summarize, Microsoft said Windows 7<\/strong>, 8.1<\/strong> and 10<\/strong> users on older chips (circa 2015 or older), as well as Windows server users on any silicon, are likely to notice a slowdown of their computer after applying this update.<\/p>\n

Any readers who experience a BSOD after applying January’s batch of updates may be able to get help from Microsoft’s site: Here are the corresponding help pages for Windows 7<\/a>, Windows 8.1<\/a> and Windows 10<\/a> users.<\/p>\n

As evidenced by this debacle, it’s a good idea to get in the habit of backing up your system on a regular basis. I typically do this at least once a month — but especially right before installing any updates from Microsoft.\u00a0<\/span><\/p>\n

Attackers could exploit a zero-day vulnerability in Office (CVE-2018-0802<\/a>) just by getting a user to open a booby-trapped Office document or visit a malicious\/hacked Web site. Microsoft also patched a flaw (CVE-2018-0819<\/a>) in Office for Mac<\/strong> that was publicly disclosed prior to the patch being released, potentially giving attackers a heads up on how to exploit the bug.<\/p>\n

Of the 56 vulnerabilities addressed in the January Patch Tuesday batch, at least 16 earned Microsoft’s critical rating, meaning attackers could exploit them to gain full access to Windows systems with little help from users. For more on Tuesday’s updates from Microsoft, check out blogs from Ivanti<\/a> and Qualys<\/a>.<\/p>\n

\"\"As per usual, Adobe issued an update for Flash Player yesterday. The update brings Flash to version 28.0.0.137<\/em> on Windows, Mac<\/strong>, and Linux<\/strong> systems. Windows users who browse the Web with anything other than Internet Explorer<\/strong> may need to apply the Flash patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.).<\/p>\n

Chrome<\/strong> and IE should auto-install the latest Flash version on browser restart (users may need to manually check for updates and\/or restart the browser to get the latest Flash version). Chrome users may need to restart the browser to install or automatically download the latest version.<\/p>\n

When in doubt, click the vertical three dot icon to the right of the URL bar, select \u201cHelp,\u201d then \u201cAbout Chrome\u201d: If there is an update available, Chrome should install it then. Chrome will replace that three dot icon with an up-arrow inside of a circle when updates are waiting to be installed.<\/p>\n

Standard disclaimer: Because Flash remains such a security risk, I continue to\u00a0encourage readers to remove or hobble Flash Player unless and until it is needed for a specific site or purpose. More on that approach (as well as slightly less radical\u00a0solutions ) can be found in\u00a0A Month Without Adobe Flash Player<\/a>. The short\u00a0version is that you\u00a0can probably get by without Flash installed and not miss it at all.<\/p>\n

For readers still unwilling to cut the Flash cord, there are half-measures that work almost as well. Fortunately,\u00a0disabling Flash in Chrome<\/a>\u00a0is simple enough. Paste \u201cchrome:\/\/settings\/content<\/a>\u201d into a Chrome browser bar and then select \u201cFlash\u201d from the list of items. By default it should be set to \u201cAsk first\u201d before running Flash, although users also can disable Flash entirely here or whitelist and blacklist specific sites.<\/p>\n

Another, perhaps less elegant, solution is to keep Flash installed in a browser that you don\u2019t normally use, and then to only use that browser on sites that require it.<\/p>\n

https:\/\/krebsonsecurity.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: BrianKrebs| Date: Wed, 10 Jan 2018 16:07:35 +0000<\/strong><\/p>\n

Microsoft on Tuesday released 14 security updates, including fixes for the Spectre and Meltdown flaws detailed last week, as well as a zero-day vulnerability in Microsoft Office that is being exploited in the wild. Separately, Adobe pushed a security update to its Flash Player software.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10642],"tags":[17086,17118,17102,11415,8397,17119,17120,16936],"class_list":["post-11058","post","type-post","status-publish","format-standard","hentry","category-independent","category-krebs","tag-amd","tag-blue-screen-of-death","tag-bsod","tag-flash-player","tag-intel","tag-microsoft-patch-tuesday-january-2018","tag-spectre-bug","tag-time-to-patch"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11058","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=11058"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11058\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=11058"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=11058"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=11058"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}