News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • February missing security patch toll: Two zero-days and counting

    Home Forums AskWoody blog February missing security patch toll: Two zero-days and counting

    This topic contains 23 replies, has 9 voices, and was last updated by

     PhotM 2 years, 1 month ago.

    • Author
      Posts
    • #97750 Reply

      woody
      Da Boss

      Good report from Dan Goodin at Ars Technica. Google’s Project Zero sticks to its 90-day notification policy, and a second 0day has been revealed, this
      [See the full post at: February missing security patch toll: Two zero-days and counting]

      1 user thanked author for this post.
    • #97752 Reply

      WildBill
      AskWoody Plus

      Good report from Goodin, but I strongly disagree with his last sentence:
      “Additionally, people should strongly consider moving to Windows 10, which is more immune than earlier versions to software exploits, and to use the Enhanced Mitigation Experience Toolkit to extend and enhance those protections.” He does know Edge is only available on Windows 10, right? & that IE 11 is on Windows 7, 8.1 & even 10?! Overall, Windows 10 may be more immune, but with 0days attacking both its browsers & Microsoft delaying updates on All versions of Windows, I have more doubts about upgrading to Win 10.

      Windows 8.1, 64-bit, now in Group B!
      Wild Bill Rides Again...

      • This reply was modified 2 years, 1 month ago by
         WildBill.
      • #97893 Reply

        rc primak
        AskWoody_MVP

        EMET was mentioned specifically for its ability to limit the impact on Windows of 0Day exploits involving browsers (and other software). I personally find EMET a pain to configure, but once done, it provides a decent deterrent. One of many layers in a good PC defense.

        -- rc primak

    • #97755 Reply

      Microfix
      Da Boss

      CVE-2017-0037 was highlighted yesterday here also

      (at foot of page with link to project zero page)

      | W8.1 Pro x64 | Linux x64 Hybrids | W7 Pro x86 | XP Pro O/L
      • This reply was modified 2 years, 1 month ago by
         Microfix.
    • #98128 Reply

      abbodi86
      AskWoody_MVP

      I’m surprised no more rumors or theories is considered about what wnt down at Microsoft

      curiosity kills me 😀

      • #98132 Reply

        ch100
        AskWoody_MVP

        They are doing a major back-end upgrade to fix DO 🙂

        1 user thanked author for this post.
        • #98183 Reply

          abbodi86
          AskWoody_MVP

          I have a theory 😀

          as you know, all files downloaded from WU/MU/WSUS/catalog have sha1 hash appended to their names, which is used for quick verification

          but now since sha1 is now totally deprecated and disclosed, they are swiching to sha256 as the default verification, which require them to recheck and rename all files at their back-end

          4 users thanked author for this post.
          • #98184 Reply

            Microfix
            Da Boss

            This would explain why there were no patches (on patch Tuesday) in February,

            this makes compete and utter sense. 🙂

            | W8.1 Pro x64 | Linux x64 Hybrids | W7 Pro x86 | XP Pro O/L
            1 user thanked author for this post.
          • #98415 Reply

            PhotM
            AskWoody Plus

            I was wondering this too.

            When the UUP to ESD converter failed, it was missing a Blob BUT it all so mention a SH 1 verification failure. I didn’t say anything because the info was so sparse.

            I will check there Site for info on that… https://www.tenforums.com/tutorials/74480-uup-iso-create-bootable-iso-windows-10-build-upgrade-files.html

            --------------------------------------

            1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

            SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

            CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
            Graphics Radeon RX 580, Neither Over Clocked

            2xMonitors Asus DVI, Sony 55" UHD TV HDMI

            1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
            1xOS W8.1 Pro, NAS Dependent, Same Sony above.

            -----------------

            Best Regards,

            Crysta

          • #98443 Reply

            anonymous

            Brilliant thinking! Sounds right. And what good publicity it would have been for them if they had told everyone…

    • #98138 Reply

      Noel Carboni
      AskWoody_MVP

      One of many layers in a good PC defense.

      Very much worth bolding.

      -Noel

    • #98472 Reply

      abbodi86
      AskWoody_MVP

      I was wondering this too. When the UUP to ESD converter failed, it was missing a Blob BUT it all so mention a SH 1 verification failure. I didn’t say anything because the info was so sparse. I will check there Site for info on that… https://www.tenforums.com/tutorials/74480-uup-iso-create-bootable-iso-windows-10-build-upgrade-files.html

      The tool used for converting “wimlib” is 3rd party, not related
      but, wim file format uses sha1 as verification algorithm by default

      Express UUP can’t be gathered into ISO so far, but regular Canonical UUP is good to go

      p.s. i’m the creator of the original converter script 😀

      1 user thanked author for this post.
      • #98541 Reply

        PhotM
        AskWoody Plus

        Yes abbodi86,

        I knew you were but Thank You for reminding us. 😀 I had one successful Delta ISO upgrade to Build 15031 BUT the next 2 have failed, the last one in the converter, as I said. Glad to know what you have just indicated!!! 😀

        Are you going to update UUPtoESD for the Express UUP way?
        If yes, could you post here as well?

        Look forward to hearing from you, until then I will forget UUP and keep it turned off. I want my Full(OKAY, if you insist “Canonical”) ISO’s, regardless! 😆

        --------------------------------------

        1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

        SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

        CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
        Graphics Radeon RX 580, Neither Over Clocked

        2xMonitors Asus DVI, Sony 55" UHD TV HDMI

        1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
        1xOS W8.1 Pro, NAS Dependent, Same Sony above.

        -----------------

        Best Regards,

        Crysta

        • #98544 Reply

          abbodi86
          AskWoody_MVP

          The latest already have Express UUP support

          http://www.host-a.net/u/abbodi86/uup-converter-wimlib-4.7z

          but it doesn’t work always

          • #98549 Reply

            PhotM
            AskWoody Plus

            Then could you lets us know when you have resolution?

            Thanks,

            --------------------------------------

            1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

            SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

            CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
            Graphics Radeon RX 580, Neither Over Clocked

            2xMonitors Asus DVI, Sony 55" UHD TV HDMI

            1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
            1xOS W8.1 Pro, NAS Dependent, Same Sony above.

            -----------------

            Best Regards,

            Crysta

            • #98670 Reply

              abbodi86
              AskWoody_MVP

              I did a test with today’s build 15048, the converter works as expected and succeeded

              the problem with Express UUP is that not all files are preserved after upgrade
              so the only workaround is to backup/copy the Download directory prior upgrade (before first restart), or use the script before restart and create ISO, then restart to beging upgrade

            • #98671 Reply

              PhotM
              AskWoody Plus

              I didn’t…

              When I did, I only do my conversions/file copies etc are from BEFORE Restart. That is the way I have done it for over 2 years with ESD to ISO, UUP to ISO is not any different for me.

              However you said UUP to ISO was unreliable. Where I got the converter was from 10 Forums. I haven’t checked to see how similar there presentation is to the way you present???

              --------------------------------------

              1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

              SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

              CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
              Graphics Radeon RX 580, Neither Over Clocked

              2xMonitors Asus DVI, Sony 55" UHD TV HDMI

              1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
              1xOS W8.1 Pro, NAS Dependent, Same Sony above.

              -----------------

              Best Regards,

              Crysta

    • #98789 Reply

      abbodi86
      AskWoody_MVP

      I didn’t… When I did, I only do my conversions/file copies etc are from BEFORE Restart. That is the way I have done it for over 2 years with ESD to ISO, UUP to ISO is not any different for me. However you said UUP to ISO was unreliable. Where I got the converter was from 10 Forums. I haven’t checked to see how similar there presentation is to the way you present???

      Canonical UUP to ISO is very reliable, the files re kept intact before and after upgrade
      the tricky is  Express UUP

      Express UUP is basically a whole WinSxS folder, so copying is unreliable
      the best is, when it prompt to restart, you start convert-UUP script and paste the path to download directory, i.e.
      C:\Windows\SoftwareDistribution\Download\07172dda91861218ecc095600216d792

      the problem with 10 Forums is they adopted my first UUP converter release, but they didn’t cooperate with the following improved/fixed releases

      • #98929 Reply

        PhotM
        AskWoody Plus

        Here is the Run on 15042.0:

        UUP-Converter-v-4.0-1-Capture

        --------------------------------------

        1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

        SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

        CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
        Graphics Radeon RX 580, Neither Over Clocked

        2xMonitors Asus DVI, Sony 55" UHD TV HDMI

        1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
        1xOS W8.1 Pro, NAS Dependent, Same Sony above.

        -----------------

        Best Regards,

        Crysta

        Attachments:
        You must be logged in to view attached files.
        1 user thanked author for this post.
    • #98901 Reply

      PhotM
      AskWoody Plus

      …..
      Canonical UUP to ISO is very reliable, the files re kept intact before and after upgrade

      First off, I the purge all of MS’s Upgrade files when when I am through with them with “Disk Cleanup”.
      Then I Restart.
      I never let MS Process upgrade my system. I only upgrade the most Reliable way I know and that is by ISO! I then purge all of their file when I have proved in the Upgrade and then take my first Image Backup.

      To get a Full ISO, I use a Script from the Builds 9xxx,nnnn time frame(I would guess the site still exists) called Decrypt.cmd to convert the ESD (I have made the Decrypt part variable). I only use the Decrypt part in the case of an early failure of the “‘Initial’ Install” process where Decryption of the ESD occurs before about 30%. The Panther Logs have the decryption key in the setuperr.log but whenever it happens they are the same as the original was. For me this has not happened for months.

      I have now had the time to look at your Directories(but not the script or Run it) and the Readme. I am now slightly more versed in your way. I have the UUP files for 15042.0 that I can and will run it on later this weekend and let you know how it looks to me verses the 10 Forums, peoples v 1. This is the second one that run successfully for me from 10 Forums.

      the tricky is Express UUP

      Express UUP is basically a whole WinSxS folder, so copying is unreliable
      the best is, when it prompt to restart, you start convert-UUP script and paste the path to download directory, i.e.
      C:\Windows\SoftwareDistribution\Download\07172dda91861218ecc095600216d792

      I put this in Block Quotes to highlight it:

      So, when YOU say unreliable like you said it to me before, YOU don’t really mean the Software is unreliable, which By The Way is what it sounded like… Just Sayn’ 🙂

      YOU are saying the USERS are unreliable as to WHEN they copy the FILES in the TIMING of the UPGRADE PROCESS around the concept of RESTART.

      You see I don’t have that problem because I am used to copying the “Install.esd” to be Decrypt.cmd, at that same timing. So if I am doing UUP, it is essentially the same just different directories.

      Now my directory is different than yours and maybe even from time to time. So the instruction from ’10 Forums’ was to search for the folder in “SoftwareDistribution\Download\” that has ‘ESD’ in it. Is that correct? You don’t specify, from what I read in your Readme? For me it was ONE COMPLETE DIRECTORY.

      the problem with 10 Forums is they adopted my first UUP converter release, but they didn’t cooperate with the following improved/fixed releases

      OKAY GOT IT!!! 🙁

      That is a Problem when you are put out of control of your own software, which is sad. Have you considered releasing it here? Maybe you could work with Kirsty to get a good succinct write up that is easy to understand for most people. Then you could Post that on Tools…. Just Sayn’ 😀

      Would it make a substantial difference to your Testing Abbodi if, I rolled back my IP partition and did a UUP D/L and test your software on those files. I know you were asking if anybody had run it. I wished, I had at least Done that and copied the files.
      Now however with my questions answered, I will at least know I am copying All of the Files that are needed.

      --------------------------------------

      1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

      SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

      CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
      Graphics Radeon RX 580, Neither Over Clocked

      2xMonitors Asus DVI, Sony 55" UHD TV HDMI

      1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
      1xOS W8.1 Pro, NAS Dependent, Same Sony above.

      -----------------

      Best Regards,

      Crysta

      1 user thanked author for this post.
      • #98954 Reply

        PhotM
        AskWoody Plus

        Here is the Run on 15042.0 Again on v 5.0

        :

        UUP-Converter-v-5.0-1-Capture

        --------------------------------------

        1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB

        SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64

        CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
        Graphics Radeon RX 580, Neither Over Clocked

        2xMonitors Asus DVI, Sony 55" UHD TV HDMI

        1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
        1xOS W8.1 Pro, NAS Dependent, Same Sony above.

        -----------------

        Best Regards,

        Crysta

        Attachments:
        You must be logged in to view attached files.
        1 user thanked author for this post.
    • #98488 Reply

      abbodi86
      AskWoody_MVP

      😀

      Canonical = complete upgrade files

      https://blogs.windows.com/windowsexperience/2017/03/02/an-update-on-our-unified-update-platform-uup/

      1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: February missing security patch toll: Two zero-days and counting

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.