News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • The latest vulnerabilities in the network stack

    Home Forums AskWoody blog The latest vulnerabilities in the network stack

    Viewing 2 reply threads
    • Author
      Posts
      • #2345231
        Susan Bradley
        Manager

        PATCH WATCH The latest vulnerabilities in the network stack By Susan Bradley Focusing on business risk For this week’s security focus, I’m going to ho
        [See the full post at: The latest vulnerabilities in the network stack]

        Susan Bradley Patch Lady

        4 users thanked author for this post.
      • #2345825
        AlexEiffel
        AskWoody_MVP

        Thank you Susan.

        This is exactly what I am looking for in your security articles. Put the risk in perspective and determine to which risk category it belongs.

        I too share the same philosophy vs denial of services.

        Depending on the context, what is most important to me is the real world risk of remote unauthenticated privilege escalation.

        I can sleep well with a denial of service risk for many scenarios.

        The PsExec issue is concerning. Thank you for bringing that to our attention.

        • #2345900
          Susan Bradley
          Manager

          Keep in mind that while priv escalation is a given once they are inside, we have moved away from the OH MY WORD WE NEED TO PATCH NOW era of the Code Red/Nimda.  They have to wiggle in first – get in via phishing.  We’re still quite “squishy” inside, we’re getting better protecting the outside.

          Susan Bradley Patch Lady

          1 user thanked author for this post.
      • #2345848
        Alex5723
        AskWoody Plus

        The PsExec issue is concerning

        EpMe NSA hacking tool could hack into any Windows PC.

        On Monday, the security firm Check Point revealed that it had discovered evidence that a Chinese group known as APT31, also known as Zirconium or Judgment Panda, had somehow gained access to and used a Windows-hacking tool known as EpMe created by the Equation Group, a security industry name for the highly sophisticated hackers widely understood to be a part of the NSA. According to Check Point, the Chinese group in 2014 built their own hacking tool from EpMe code that dated back to 2013. The Chinese hackers then used that tool, which Check Point has named “Jian” or “double-edged sword,” from 2015 until March 2017, when Microsoft patched the vulnerability it attacked. That would mean APT31 had access to the tool, a “privilege escalation” exploit that would allow a hacker who already had a foothold in a victim network to gain deeper access, long before the late 2016 and early 2017 Shadow Brokers leaks…

        • #2345943
          Paul T
          AskWoody MVP

          2017? Seriously old news, as is the patch.

          cheers, Paul

    Viewing 2 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

    Reply To: The latest vulnerabilities in the network stack

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.