Items tagged with Windows
Field of Dreams taught us, "If you build it, he will come," referring to a deceased baseball legend wandering out of a corn field in Iowa. When it comes to PC security, though, if you discover it ("it" being a vulnerability), the proof of concepts will come, and that is precisely what has happened with a "CurveBall" flaw the National Security Agency (NSA) recently discovered. I wrote about this earlier in the week, noting a report that Microsoft's Patch Tuesday update would plug up a cryptography security hole discovered by the NSA. Part of the reason it was notable (and still is) is because this is the first time the NSA has reported a major bug in Windows to Microsoft (you know, as opposed...
Read more...
If you are in the habit of putting off those monthly security patches Microsoft doles out on the second Tuesday of every month (known as Patch Tuesday), you may want to reconsider your approach today. A security researcher says one of the patches in today's cumulative roundup will address a serious vulnerability in a core cryptographic component affecting most versions of Windows. "According to sources, the vulnerability in question resides in a Windows component known as crypt32.dll, a Windows module that Microsoft says handles 'certificate and cryptographic messaging functions in the CryptoAPI'. The Microsoft CryptoAPI provides services that enable developers to secure Windows-based applications...
Read more...
Do you need an ugly sweater for an upcoming holiday party? If you are a Microsoft superfan or work in the tech industry, the perfect sweater may soon be arriving at your door. Microsoft just released a Windows XP-themed holiday sweater. The new sweater is light blue and features the Windows XP logo and is accompanied by some tongue-in-cheek packaging. The box reads, “Windows XP Pro-ho-ho-fessional” instead of “Windows XP Professional”. The little square in the right hand corner of the box says “For those people without Windows XP Soft-wear…” instead of “For PCs without Windows…” The box also includes a list of features such as “easy...
Read more...
Microsoft is having a "Do'h!" moment, though not in the bumbling, Homer Simpson sense. Quite the opposite, actually. In a blog post, Microsoft announced its Windows Core Networking team is working on improving user privacy by implementing DNS over HTTPS, or DoH for short, into a future build of Windows 10. From Microsoft's vantage point, supporting encrypted DNS queries in Windows 10 would essentially close one of the last remaining plain-text domain name transmissions in common web traffic. At the same time, Microsoft says providing encrypted DNS support will not be easy without breaking existing Windows device admin configurations. "With the decision made to build support for encrypted DNS,...
Read more...
Malware is getting sneakier, as Kaspersky researchers just discovered “Titanium”, a trojan backdoor malware. This malware is very difficult to detect and includes various stages. Titanium is currently being used by the Advanced Persistent Threat (APT) actor “Platinum”. Platinum is considered one of the most “technologically advanced” APT actors in the Asia-Pacific region. Their current malware targets Malaysia, Indonesia, and Vietnam. It is unclear exactly how many devices have been affected. Titanium reportedly includes several steps and capabilities. It first releases an exploit that is able to execute code as a SYSTEM user. It then installs a shellcode that essentially downloads the necessary...
Read more...
Microsoft tends to stick to its traditional patch schedule (Patch Tuesday), and only rolls out an out-of-band update when there are serious issues for some Windows users or big security problems that need to be addressed. Microsoft's latest out-of-band cumulative update has been released for several versions of Windows 10, including the May 2019 Update (version 1903). This particular update is a required security update that "expands the out-of-band update dated September 23rd, 2019." The update also brings with it mitigation for the Internet Explorer scripting engine security vulnerability (CVE-2019-1367). Microsoft notes that the security update includes quality improvements and calls out key...
Read more...
Microsoft has launched a new Windows 10 Insider Preview Build 18970 (20H1) to Windows Insiders in the Fast Ring. This build brings a new tablet experience for 2-in-1 convertible PCs as a Beta to Windows insiders. The new experience is meant to allow tablet mode users to stay in their familiar desktop experience with no interruption, and brings some new features. The new features include increased spacing between taskbar icons, the search box on the taskbar is collapsed into an icon, the file explorer switches to a touch-optimized layout, and the touch keyboard auto invokes when a text field is pressed. Microsoft also made some changes to the tablet section in Settings. Microsoft says...
Read more...
Microsoft is warning Windows users of several new "wormable" exploits similar in style to BlueKeep, two of which are tagged as critical Remote Code Execution (RCE) vulnerabilities. As with BlueKeep, which Microsoft patched a few months ago, the exploits exist within the Remote Desktop Services protocol (formerly known as Terminal Services). These types of exploits are especially worrisome because of their ability to spread through a computer network, once a single machine is infected. "It is important that affected systems are patched as quickly as possible because of the elevated risks associated with wormable vulnerabilities like these, and downloads for these can be found in the Microsoft...
Read more...
Researchers recently uncovered Windows kernel security flaws that affect over 40 drivers from 20 different vendors. The vulnerabilities could give attackers access to a device's hardware and firmware. Researchers from Eclypsium shared their troubling findings this past week at the DEF CON 27 security conference in Las Vegas, Nevada. Why are there so many vulnerable drivers? According to Mickey Shkatov, Principal Researcher at Eclypsium, bad coding practices are to blame. Many drivers are meant to be flexible and able to perform a wide variety of actions instead of performing specific tasks. Shkatov noted, “It's easier to develop software by structuring drivers and applications this way,...
Read more...
Early last week, Microsoft started to talk up the "all-new" Windows 1.0 with MS-DOS Executive, clock, and more. We all wondered at the time what exactly the deal was. Rumors suggested that Windows 1.0 was going to be a tie in with Netflix's third season of Stranger Things which landed on July 4. The Stranger Things Season 3 mashup has now been confirmed with the official launch of the Windows 1.11 app. The description for the app reads, "Experience 1985 nostalgia with a special edition Windows 10 PC app inspired by Windows 1.0—but one that's been taken over by the Upside Down from Stranger Things. Explore the mysteries and secrets plaguing Hawkins, unlock unique show content and easter...
Read more...
Microsoft's social media accounts having been acting a bit "strange" this morning. On both its official Twitter and Instagram accounts, Microsoft posted a video announcing the "All-New Windows 1.0, with MS-DOS Executive, Clock and more." The video itself starts off showing the current Windows 10 logo, then travels backwards displaying older Windows logos including Windows 7 and Windows 95 before settling on the logo for Windows 1.0. During this time, some synth-heavy music plays in the background with graphics that looks like something straight out of the 1980s. Introducing the all-new Windows 1.0, with MS-Dos Executive, Clock, and more!! 😲 💾 pic.twitter.com/guU4QxwsGG — Windows (@Windows)...
Read more...
A remote desktop exploit in Windows known as BlueKeep is no joke, and to prove it, security researchers at Sophos have created a proof-of-concept demonstration showing how easy it would be for an unpatched RDP (Remote Desktop Protocol) server to be compromised. The researchers hope that the demonstration will essentially scare companies into patching Windows. BlueKeep is viewed as especially dangerous because it affects multiple different versions of Windows and is wormable, meaning it can rapidly spread to other vulnerable systems in a network in similar fashion to the WannaCry malware attacks that wreaked havoc a couple of years ago. Not to be taken lightly, BlueKeep has drawn the attention...
Read more...
When we think of the National Security Agency (NSA) and cybersecurity, we think of the intelligence agency’s grab bag of security exploits that it uses to enhance its own spying efforts. But one particular remote code execution exploit, which has been dubbed BlueKeep, has the NSA actually warning Windows users to patch their systems immediately. "This is the type of vulnerability that malicious cyber actors frequently exploit through the use of software code that specifically targets the vulnerability," writes the NSA. "NSA is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against...
Read more...
Earlier this month, we brought you news of an incredibly nasty remote code execution vulnerability affecting Windows systems; specifically, Windows 7, Windows Server, Windows Server 2008 R2, Windows Server 2008, and even the ancient Windows XP. Microsoft in fact was so worried about this WannaCry-style malware that it even pushed out a patch for Windows XP; an operating system that has been officially supported for years. At the time, Microsoft stated, "It is important that affected systems are patched as quickly as possible to prevent such a scenario from happening. In response, we are taking the unusual step of providing a security update for all customers to protect Windows platforms,...
Read more...
