Daily Archives: November 17, 2020

• Security shouldn’t be political

  Posted on November 17, 2020 at 23:40 CST by Susan Bradley • Comment in the Forums

  Tonight I heard on the news that President Trump fired Chris Krebs (no relation to Brian Krebs) who was head of the Cybersecurity and Infrastructure Security Agency.  If you aren’t familiar with CISA they send out a ton of good security information – most of which inspires me to write security articles.

  Mr. Krebs first came to government from Microsoft and was instrumental in developing relationships between business and government.

  Given the HUGE HUGE risk we all have from ransomware we need more people like Chris Krebs in government, not less.

  Then there's #Ransomware – we’re focused on ramping up a national strategic effort to combat this global scourge. We MUST improve defenses, break the business model, and take the bad guys out of the game. This is the most visible, disruptive cyber threat as I see it right now.

  — Chris Krebs #Protect2020 (@CISAKrebs) November 16, 2020

  Tonight, we fired that guy.  We need more defenses against ransomware.  We still make it way way too easy for attackers to get us.  Not a day goes by that bleepingcomputer.com doesn’t post up another ransomware nailed yet another business post.  I still see way too many malicious emails wiggle in.  Too many malicious sites.  Too many attacks.  We need more people pushing for solutions, not less.

  We need good people to help us in protecting us against ransomware.  Comments now turned off at this time and apologies for doing so.

   

  Windows Security Patch Lady Posts

• Patch side effects November updates – Domains only

  Posted on November 17, 2020 at 23:05 CST by Susan Bradley • Comment in the Forums
  Hat’s off to EP for spotting these:
  https://support.microsoft.com/en-us/help/4594439/kerberos-authentication-and-ticket-renewal-issues
  https://support.microsoft.com/en-us/help/4594438/kerberos-authentication-and-ticket-renewal-issues

  Addresses issues with Kerberos authentication related to the PerformTicketSignature registry subkey value in CVE-2020-17049, which was a part of the November 10, 2020 Windows update. The following issues might occur on writable and read-only domain controllers (DC) :

  • Kerberos service tickets and ticket-granting tickets (TGT) might not renew for non-Windows Kerberos clients when PerformTicketSignature is set to 1 (the default).
  • Service for User (S4U) scenarios, such as scheduled tasks, clustering, and services for line-of-business applications, might fail for all clients when PerformTicketSignature is set to 0.
  • S4UProxy delegation fails during ticket referral in cross-domain scenarios if DCs in intermediate domains are inconsistently updated and PerformTicketSignature is set to 1.

  The issue ONLY effects those with domains (businesses).  It will not impact peer to peer or standalone computers.  I expect to see more of these fixes for other platforms.

  Spotted another one… https://support.microsoft.com/en-us/help/4594442  November 17, 2020—KB4594442 (OS Build 17763.1579) for 1809 Out-of-band  (uh no that’s not an out of band patch for security the way I define out of band…)
  And more (thanks EP):KB4594441 for Win10 v1607:
  https://support.microsoft.com/help/4594441

  KB4594443 for Win10 v1903 & 1909:
  https://support.microsoft.com/help/4594443/

  KB4594440 for Win10 v2004 & 20H2:
  https://support.microsoft.com/help/4594440/

  Windows Security Patch Lady Posts

• Apple – Big Sur big problem?

  Posted on November 17, 2020 at 00:18 CST by Susan Bradley • Comment in the Forums

  Apple has released Big Sur and already I’m seeing vendors urge you to not upgrade at this time.

  Furthermore I’ve seen several posts about issues bypassing firewalls and VPN protection.

  Just like with windows, don’t be too quick to upgrade without doing your homework.

  Apple Patch Lady Posts