AskWoody
|
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
-
Second July cumulative update for Win10 1809 drops
Posted on July 23rd, 2019 at 05:09 Comment on the AskWoody LoungeYesterday Microsoft released KB 4505658, the second “optional” July cumulative update for Win10 version 1809. We still haven’t seen the second July cumulative update for Win10 1903. Martin Brinkmann has details.
Of course, I don’t recommend that you install it. Let’s see what happens to the cannon fodder.
Per @Microfix
MSFT have also released an updated SSU patch and compatibility update for W10 v1809 yesterday 22nd July 2019. More info over in the Microsoft Catalog :
KB4505657 – Compatibility update for installing Windows 10, version 1809
KB4512937 – Servicing Stack Update for Windows 10 Version 1809
Thx to @Microfix, @b, @EP, @Alex5723.
-
BlueKeep exploitation expected soon
Posted on July 23rd, 2019 at 02:59 Comment on the AskWoody LoungeSeveral hours ago, there was a lot of noise on Twitter about a Github explanation on how to “weaponize” BlueKeep, triggering fears it could soon be widely expolited.
BlueKeep Warning: someone published a slide deck explaining how to turn the crash PoC into RCE. I expect we'll likely see widespread exploitation soon.https://t.co/MG2IZfy5B5
— MalwareTech (@MalwareTechBlog) July 22, 2019
Dan Goodin‘s article on ArsTechnica.com is fairly succinct:
BEWARE OF WORMABLE EXPLOITS —
Chances of destructive BlueKeep exploit rise with new explainer posted online
We’ll be keeping an eye on Kevin Beaumont’s Twitter feed, to see what he posts about it today.Are you protected?
UPDATE:
Kevin Beaumont is also warning about a more imminent threat from BlueKeepI've updated this thread with @0xeb_bp's #BlueKeep exploitation technical document, newly released today – it shows how to reach UAF. The bar for (unreliable) public exploitation POC is lowering significantly. https://t.co/UX1ujWaQik
— Kevin Beaumont (@GossiTheDog) 23 July 2019
-
Internet Explorer and Edge send the full URL of every page you visit to MS, plus your unique account ID
Posted on July 22nd, 2019 at 06:30 Comment on the AskWoody LoungeI didn’t know that.
😱 Edge apparently sends the full URL of pages you visit (minus a few popular sites) to Microsoft. And, in contrast to documentation, includes your very non-anonymous account ID (SID). pic.twitter.com/zHMLUGwo9w
— scriptjunkie (@scriptjunkie1) July 19, 2019
It all has to do with the “SmartScreen Filter,” designed to keep you away from malicious sites. Chrome, Firefox and Safari solved the phone home problem years ago with techniques that vet bad sites locally, on your computer, without leaving a trail in the sky.
Thx Catalin Cimpanu, @campuscodi, who adds “this has been known since 2005. Documented in official MSFT FAQ pages.”
-
Why can’t Microsoft reliably patch its own hardware?
Posted on July 22nd, 2019 at 01:15 Comment on the AskWoody Lounge
WOODY’S WINDOWS WATCHBy Woody Leonhard
You don’t need me to tell you that Windows patches are too often of, uh, questionable quality.
But the latest screw-up with Win10 Version 1903 and top-of-the-line Microsoft Surface Book 2 PCs really takes the cake.
Read the full story in AskWoody Plus Newsletter 16.27.0 (2019-07-22).
-
Decoding a vague “Unknown Device” error
Posted on July 22nd, 2019 at 01:10 Comment on the AskWoody LoungeLANGALIST
By Fred Langa
When device problems arise, Windows often produces frustratingly vague error messages.
That makes it difficult to know which device is actually causing trouble. But a little experimentation can usually isolate the problem and point toward a solution.
Plus: Why does Windows hide file extensions by default?
Read the full story in AskWoody Plus Newsletter 16.27.0 (2019-07-22).
-
Deciphering Task Manager’s App History
Posted on July 22nd, 2019 at 01:05 Comment on the AskWoody LoungeWIN10 TUTORIAL
By TB Capen
The most recent versions of Windows 10 feature a Task Manager with new capabilities.
But some of these new features are, unfortunately, poorly documented. One example is the App History tab, which provides interesting and potentially useful information about system-resource use.
Read the full story in AskWoody Plus Newsletter 16.27.0 (2019-07-22).
-
Taking control of default apps in Win10
Posted on July 22nd, 2019 at 01:00 Comment on the AskWoody LoungeCONQUERING WINDOWS 10
By Lance Whitney
As with most things Windows, there’s more than one way to control or customize something — your preferred default applications, for example.
It’s also true that some Windows settings can be less than intuitive — or occasionally downright annoying. Here’s how to take full control over Win10’s default applications — or, when needed, select the best app for the task.
Read the full story in AskWoody Plus Newsletter 16.27.0 (2019-07-22).
-
Patch Lady – MSRC blog moves
Posted on July 21st, 2019 at 23:47 Comment on the AskWoody LoungeMicrosoft has been slowly migrating all of its blog properties over to new platforms. I noticed tonight that the Microsoft Security Response Center has moved several of it’s security related blog properties over to a new url
https://msrc-blog.microsoft.com/
They’ve also put the Japanese security blog under that umbrella url as well. What? Can’t read Japanese? No worries, go to a browser like Chrome and https://msrc-blog.microsoft.com/2019/07/09/201907-security-updates/ will automatically translated.
And actually that has a really nice recap of what priority one should put on the various patches. Check it out!
Recent Replies
- zero2dash on Are you being pushed from Win10 1803 to 1903? Tell me about it. 1 minute ago
- Rick Corbett on Decoding a vague “Unknown Device” error 2 minutes ago
- OscarCP on BlueKeep exploitation expected soon 3 minutes ago
- rc primak on Deciphering Task Manager’s App History 5 minutes ago
- abbodi86 on Second July cumulative update for Win10 1809 drops 17 minutes ago
- rc primak on Decoding a vague “Unknown Device” error 19 minutes ago
- PKCano on Are you being pushed from Win10 1803 to 1903? Tell me about it. 24 minutes ago
- Tchalms on Are you being pushed from Win10 1803 to 1903? Tell me about it. 30 minutes ago
- rc primak on Decoding a vague “Unknown Device” error 31 minutes ago
- rc primak on Why can’t Microsoft reliably patch its own hardware? 44 minutes ago
- jabeattyauditor on BlueKeep exploitation expected soon 50 minutes ago
- Seff on BlueKeep exploitation expected soon 1 hour, 1 minute ago
- rc primak on Patch Lady – what things about patching annoy you? 1 hour, 7 minutes ago
- Microfix on BlueKeep exploitation expected soon 1 hour, 10 minutes ago
- rc primak on Patch Lady – what things about patching annoy you? 1 hour, 12 minutes ago
- rc primak on Patch Lady – what things about patching annoy you? 1 hour, 17 minutes ago
- AngryJohnny75 on BlueKeep exploitation expected soon 1 hour, 22 minutes ago
- rc primak on Patch Lady – what things about patching annoy you? 1 hour, 22 minutes ago
- rc primak on Patch Lady – what things about patching annoy you? 1 hour, 28 minutes ago
- Seff on BlueKeep exploitation expected soon 1 hour, 35 minutes ago
