windows

ComputerWorldIndependent

Why Windows 10 is the most secure Windows ever

Credit to Author: Fahmida Y. Rashid| Date: Tue, 18 Sep 2018 14:40:00 -0700

Three years after its debut, Windows 10 is poised to overtake Windows 7 as the most popular version of the Windows operating system. Microsoft introduced virtualization-based security features – namely Device Guard and Credential Guard – in Windows 10, and in subsequent updates, has added other virtualization-based protections to the operating system.

Microsoft tackled the two biggest challenge for enterprises with Windows 10, password management and protecting the operating system from attackers. Windows Defender was renamed Windows Security in 2017 and now includes anti-malware and threat detection, firewall and network security, application and browser controls, device and account security, and device health. Windows Security shares status information between Microsoft 365 services and interoperates with Windows Defender Advanced Threat Protection, Microsoft’s cloud-based forensic analysis tool.

To read this article in full, please click here

Read More
ComputerWorldIndependent

SharePoint Workflows go belly-up when you install the September .Net Security Only patch

Credit to Author: Woody Leonhard| Date: Mon, 17 Sep 2018 08:29:00 -0700

‘Softie Rodney Viana has posted details and a workaround for the “System.CodeDom.CodeBinaryOperatorExpression is not marked as authorized” bug.

Apparently, installing last Tuesday’s KB 4457916 Security Only updates for .Net Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 for Windows 8.1 and Server 2012 R2 causes a hard stop with any SharePoint Workflows. (Workflows are set up by an admin to handle the flow of documents through a series of steps.)

To read this article in full, please click here

Read More
QuickHealSecurity

CVE-2018-8440 – Task Scheduler ALPC Zero-Day Exploit in the Wild

Credit to Author: Sameer Patil| Date: Wed, 12 Sep 2018 13:30:14 +0000

The recent zero-day vulnerability CVE-2018-8440 in Windows Task Scheduler enables attackers to perform a privilege elevation on targeted machines. Microsoft has released a security advisory CVE-2018-8440 on September 11, 2018 to address this issue. According to Microsoft, successful exploitation of this vulnerability could run arbitrary code in the security context…

Read More
ComputerWorldIndependent

Time to turn off Windows Automatic Update and brace for impact

Credit to Author: Woody Leonhard| Date: Mon, 10 Sep 2018 06:19:00 -0700

August 2018 was a relatively innocuous patching month, although the final resolution to the August problems didn’t appear until late Friday night just as the month was coming to a close — on a three-day weekend in the US.

We’ve seen the same pattern repeat itself almost every month since the beginning of the year: The first round of Microsoft security patches (notably including Win10 patches) introduce bugs, while subsequent rounds of patches each month squash most of them. If we’re lucky.

To read this article in full, please click here

Read More
ComputerWorldIndependent

Get caught up on your July and August Windows/Office patches

Credit to Author: Woody Leonhard| Date: Wed, 05 Sep 2018 12:29:00 -0700

With the arrival of “Fourth Week” patches on the last working day of August, and having had a few days to vet them, it looks as if we’re ready to release the cracklin’ Kraken.

The steaming pile of Windows Intel microcode patches

Microsoft continues to unleash microcode patches for Meltdown and Spectre (versions 1, 2, 3, 3a, 4, n for n >=4). You won’t get stung by any of them, unless you specifically go looking for trouble.

To read this article in full, please click here

Read More
ComputerWorldIndependent

Windows and .Net finally get their 'D Week' patches, as Intel microcode fixes go wacko

Credit to Author: Woody Leonhard| Date: Fri, 31 Aug 2018 05:02:00 -0700

Time for the final August patching shoe to drop.

Late last night Microsoft released a flurry of patches, posting them on the Microsoft Update Catalog. Some are available through Windows Update, some aren’t.

As of early Friday morning, the Win10 patches are not available through WSUS, the update server service. It’s not clear if that’s a mistake, a hesitation — or if somebody just went home last night and forgot.

Let’s hear it for patching predictability. And transparency.

To read this article in full, please click here

Read More
MalwareBytesSecurity

Fileless malware: getting the lowdown on this insidious threat

Credit to Author: Vasilios Hioureas| Date: Wed, 29 Aug 2018 16:48:35 +0000

In this series of articles, we provide an in-depth discussion of fileless malware and their related attacks. In part one, we cover a brief overview of the problems with and general features of fileless malware, laying the groundwork for technical analysis of various samples employing fileless and semi-fileless methods.

Categories:

Tags:

(Read more…)

The post Fileless malware: getting the lowdown on this insidious threat appeared first on Malwarebytes Labs.

Read More