News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Daily Archives: August 20, 2019

  • Symantec fixes the SHA-2 patch problem for Win7

    Posted on August 20th, 2019 at 17:14 woody Comment on the AskWoody Lounge

    Remember how Microsoft put in a block, preventing the Win7 August Patch Tuesday patches from installing on systems with Symantec Endpoint Protection? This is what the KB articles for this month’s Win7 patches say:

    Microsoft and Symantec have identified an issue that occurs when a device is running any Symantec or Norton antivirus program and installs updates for Windows that are signed with SHA-2 certificates only. The Windows updates are blocked or deleted by the antivirus program during installation, which may then cause Windows to stop working or fail to start.

    I just got a message from CA that says:

    Symantec released an updated version of Norton Internet Security that
    fixes the SHA-2 patch problem for Windows 7 this morning (Tues). The new
    version will show up through Live Update (140+ mb).

    Once the patched version is applied (v22.18.0.222), security roll-ups
    for August (Group A – Aug 13 KB4512506) will appear in Windows Update
    without user intervention. A reboot may be required for this to happen.

    MS has not updated KB4512506 or KB4512486 to reflect this:

    For Symantec Endpoint Protection users, the English 14.2 version has
    been updated. Localized language versions will be available on the 21st.

    Symantec Endpoint Protection

  • Still no DejaBlue exploits generally available

    Posted on August 20th, 2019 at 07:59 woody Comment on the AskWoody Lounge

    And, in spite of what you’ve read, there are no DejaBlue attacks in the offing. Lots of people have posted “Proof of Concept” code on GitHub. A couple of bluescreen generators, but none of the publicly available exploits actually work.

    @MalwareTech has a new blog post analyzing the two DejaBlue CVEs:

    In August 2019 Microsoft announced it had patched a collection of RDP bugs, two of which were wormable. The wormable bugs, CVE-2019-1181 & CVE-2019-1182 affect every OS from Windows 7 to Windows 10. There is some confusion about which CVE is which, though it’s possible both refer to the same bug. The vulnerable code exist in both the RDP client and server, making it possible to exploit in either direction.

    His sample code crashes the system, but doesn’t infect.

  • Patch Lady – two items of note in Chrome

    Posted on August 20th, 2019 at 00:05 Susan Bradley Comment on the AskWoody Lounge

    First off I noticed tonight (I’m sure it was there before this) that Chrome is giving the official countdown notice to let us know that it’s disabling flash support as of December 2020.

    Next if you want to see if your passwords have been compromised, there’s a Chrome add in to check if you are in owned database (note that this add in also works in the Edge browser based on Chrome).

    Check it out (and start counting the days until Flash is dead)