February missing security patch toll: Two zero-days and counting

Topic

New Reply

Good report from Dan Goodin at Ars Technica. Google’s Project Zero sticks to its 90-day notification policy, and a second 0day has been revealed, this
[See the full post at: February missing security patch toll: Two zero-days and counting]

1 user thanked author for this post.

WildBill

Reply | Quote

Replies

Good report from Goodin, but I strongly disagree with his last sentence:
“Additionally, people should strongly consider moving to Windows 10, which is more immune than earlier versions to software exploits, and to use the Enhanced Mitigation Experience Toolkit to extend and enhance those protections.” He does know Edge is only available on Windows 10, right? & that IE 11 is on Windows 7, 8.1 & even 10?! Overall, Windows 10 may be more immune, but with 0days attacking both its browsers & Microsoft delaying updates on All versions of Windows, I have more doubts about upgrading to Win 10.

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...

Reply | Quote

EMET was mentioned specifically for its ability to limit the impact on Windows of 0Day exploits involving browsers (and other software). I personally find EMET a pain to configure, but once done, it provides a decent deterrent. One of many layers in a good PC defense.

-- rc primak

Reply | Quote

Of course you know that MS plans to deprecate EMET.

https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/

I should write a post in InfoWorld about that.

1 user thanked author for this post.

PhotM

Reply | Quote

CVE-2017-0037 was highlighted yesterday here also

(at foot of page with link to project zero page)

Windows - commercial by definition and now function...

Reply | Quote

I’m surprised no more rumors or theories is considered about what wnt down at Microsoft

curiosity kills me 😀

Reply | Quote

They are doing a major back-end upgrade to fix DO 🙂

1 user thanked author for this post.

abbodi86

Reply | Quote

I have a theory 😀

as you know, all files downloaded from WU/MU/WSUS/catalog have sha1 hash appended to their names, which is used for quick verification

but now since sha1 is now totally deprecated and disclosed, they are swiching to sha256 as the default verification, which require them to recheck and rename all files at their back-end

4 users thanked author for this post.

PhotM, ch100, woody, Microfix

Reply | Quote

This would explain why there were no patches (on patch Tuesday) in February,

this makes compete and utter sense. 🙂

Windows - commercial by definition and now function...

1 user thanked author for this post.

PhotM

Reply | Quote

I was wondering this too.

When the UUP to ESD converter failed, it was missing a Blob BUT it all so mention a SH 1 verification failure. I didn’t say anything because the info was so sparse.

I will check there Site for info on that… https://www.tenforums.com/tutorials/74480-uup-iso-create-bootable-iso-windows-10-build-upgrade-files.html

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

Reply | Quote

Brilliant thinking! Sounds right. And what good publicity it would have been for them if they had told everyone…

Reply | Quote

rc primak wrote:

One of many layers in a good PC defense.

Very much worth bolding.

-Noel

Reply | Quote

PhotM wrote:

I was wondering this too. When the UUP to ESD converter failed, it was missing a Blob BUT it all so mention a SH 1 verification failure. I didn’t say anything because the info was so sparse. I will check there Site for info on that… https://www.tenforums.com/tutorials/74480-uup-iso-create-bootable-iso-windows-10-build-upgrade-files.html

The tool used for converting “wimlib” is 3rd party, not related
but, wim file format uses sha1 as verification algorithm by default

Express UUP can’t be gathered into ISO so far, but regular Canonical UUP is good to go

p.s. i’m the creator of the original converter script 😀

1 user thanked author for this post.

PhotM

Reply | Quote

Yes abbodi86,

I knew you were but Thank You for reminding us. 😀 I had one successful Delta ISO upgrade to Build 15031 BUT the next 2 have failed, the last one in the converter, as I said. Glad to know what you have just indicated!!! 😀

Are you going to update UUPtoESD for the Express UUP way?
If yes, could you post here as well?

Look forward to hearing from you, until then I will forget UUP and keep it turned off. I want my Full(OKAY, if you insist “Canonical”) ISO’s, regardless! 😆

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

Reply | Quote

The latest already have Express UUP support

http://www.host-a.net/u/abbodi86/uup-converter-wimlib-4.7z

but it doesn’t work always

Reply | Quote

Then could you lets us know when you have resolution?

Thanks,

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

Reply | Quote

I did a test with today’s build 15048, the converter works as expected and succeeded

the problem with Express UUP is that not all files are preserved after upgrade
so the only workaround is to backup/copy the Download directory prior upgrade (before first restart), or use the script before restart and create ISO, then restart to beging upgrade

Reply | Quote

I didn’t…

When I did, I only do my conversions/file copies etc are from BEFORE Restart. That is the way I have done it for over 2 years with ESD to ISO, UUP to ISO is not any different for me.

However you said UUP to ISO was unreliable. Where I got the converter was from 10 Forums. I haven’t checked to see how similar there presentation is to the way you present???

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

Reply | Quote

PhotM wrote:

I didn’t… When I did, I only do my conversions/file copies etc are from BEFORE Restart. That is the way I have done it for over 2 years with ESD to ISO, UUP to ISO is not any different for me. However you said UUP to ISO was unreliable. Where I got the converter was from 10 Forums. I haven’t checked to see how similar there presentation is to the way you present???

Canonical UUP to ISO is very reliable, the files re kept intact before and after upgrade
the tricky is  Express UUP

Express UUP is basically a whole WinSxS folder, so copying is unreliable
the best is, when it prompt to restart, you start convert-UUP script and paste the path to download directory, i.e.
C:\Windows\SoftwareDistribution\Download\07172dda91861218ecc095600216d792

the problem with 10 Forums is they adopted my first UUP converter release, but they didn’t cooperate with the following improved/fixed releases

Reply | Quote

Here is the Run on 15042.0:

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

1 user thanked author for this post.

abbodi86

Reply | Quote

Good 🙂

latest release
https://sendit.cloud/x0hbvni4v9x9

Reply | Quote

abbodi86 wrote:

…..
Canonical UUP to ISO is very reliable, the files re kept intact before and after upgrade

First off, I the purge all of MS’s Upgrade files when when I am through with them with “Disk Cleanup”.
Then I Restart.
I never let MS Process upgrade my system. I only upgrade the most Reliable way I know and that is by ISO! I then purge all of their file when I have proved in the Upgrade and then take my first Image Backup.

To get a Full ISO, I use a Script from the Builds 9xxx,nnnn time frame(I would guess the site still exists) called Decrypt.cmd to convert the ESD (I have made the Decrypt part variable). I only use the Decrypt part in the case of an early failure of the “‘Initial’ Install” process where Decryption of the ESD occurs before about 30%. The Panther Logs have the decryption key in the setuperr.log but whenever it happens they are the same as the original was. For me this has not happened for months.

I have now had the time to look at your Directories(but not the script or Run it) and the Readme. I am now slightly more versed in your way. I have the UUP files for 15042.0 that I can and will run it on later this weekend and let you know how it looks to me verses the 10 Forums, peoples v 1. This is the second one that run successfully for me from 10 Forums.

abbodi86 wrote:

the tricky is Express UUP

Express UUP is basically a whole WinSxS folder, so copying is unreliable
the best is, when it prompt to restart, you start convert-UUP script and paste the path to download directory, i.e.
C:\Windows\SoftwareDistribution\Download\07172dda91861218ecc095600216d792

I put this in Block Quotes to highlight it:

So, when YOU say unreliable like you said it to me before, YOU don’t really mean the Software is unreliable, which By The Way is what it sounded like… Just Sayn’ 🙂

YOU are saying the USERS are unreliable as to WHEN they copy the FILES in the TIMING of the UPGRADE PROCESS around the concept of RESTART.

You see I don’t have that problem because I am used to copying the “Install.esd” to be Decrypt.cmd, at that same timing. So if I am doing UUP, it is essentially the same just different directories.

Now my directory is different than yours and maybe even from time to time. So the instruction from ’10 Forums’ was to search for the folder in “SoftwareDistribution\Download\” that has ‘ESD’ in it. Is that correct? You don’t specify, from what I read in your Readme? For me it was ONE COMPLETE DIRECTORY.

abbodi86 wrote:

the problem with 10 Forums is they adopted my first UUP converter release, but they didn’t cooperate with the following improved/fixed releases

OKAY GOT IT!!! 🙁

That is a Problem when you are put out of control of your own software, which is sad. Have you considered releasing it here? Maybe you could work with Kirsty to get a good succinct write up that is easy to understand for most people. Then you could Post that on Tools…. Just Sayn’ 😀

Would it make a substantial difference to your Testing Abbodi if, I rolled back my IP partition and did a UUP D/L and test your software on those files. I know you were asking if anybody had run it. I wished, I had at least Done that and copied the files.
Now however with my questions answered, I will at least know I am copying All of the Files that are needed.

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

1 user thanked author for this post.

abbodi86

Reply | Quote

Here is the Run on 15042.0 Again on v 5.0

:

--------------------------------------

1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable

2xMonitors Asus DVI, Sony 55" UHD TV HDMI

1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.

-----------------

1 user thanked author for this post.

abbodi86

Reply | Quote

😀

Canonical = complete upgrade files

https://blogs.windows.com/windowsexperience/2017/03/02/an-update-on-our-unified-update-platform-uup/

1 user thanked author for this post.

ch100

Reply | Quote