Replies

I was also saddened to see this article in the newsletter. I subscribe to it, and in fact am a paid member, to receive relevant articles about computing. This one is nothing of the sort. As soon as I saw George Floyd I stopped reading. I will not be renewing at the end of the year.

6 users thanked author for this post.

gwt10, Cee Arr, skcusime, samak, HiFlyer, Barker13

This it seems is a REISSUE of a January Intel microcode patch. I have it sat here ‘pending download’ for the past week (1909 Home). Why it is offered me when my machine is an oldish AMD one I don’t know but it seems there is no harm in installing it on AMD machines.

fttp/fttps is still universally used for web server updates and have not heard of any alternative in the foreseeable future. Just about to download my last week’s web site traffic logs – in fttps.

 

3 users thanked author for this post.

charlesrbasin, Kranium, Will Fastie

Woody, see https://www.wilderssecurity.com/threads/internet-explorer-zero-day-lets-hackers-steal-files-from-windows-pcs.415558/

It is a bit more involved than you suggest. Vulnerable files have to be downloaded via Edge and then opened in IE. It is actually an Edge vulnerability rather than MHT or IE. And rather bizzarely it seems if you have any other AV than Defender it will block it. I have not read the Wilders article in depth but maybe you could update your coverage on it.

I use MHT extensively here for local archive purposes. I open them from PaleMoon with the MozArchiver extension which also works with Firefox. The original version of Opera opened them natively. It is not exclusively an IE format. I do not use IE, full stop, and the default on my machines to open MHT is PaleMoon.

Again we have Woody coming up with rash suggestions without knowing the full facts, just as he did with the WinRar ACE issue. I would normally support what he says but now I am not so sure.

 

Note that you can subscribe by sending an email to patchmanagement+subscribe@googlegroups.com

No need to have a Google account.

As for munging, one of our groups recently tried the option available in Mailman to wrap the message in an outer wrapper. It caused many problems with some only able to see postings as attachments and others like myself seeing loads of headers in the messages. We have not tried the first option yet, to munge the ‘from’ address but that probably works a bit better. The ‘wrap’ option most definitely does not.

 

I have used WinRar for a long time (once registered always registered). I have tried all the various zip programs out there and WinRar does just what I need and does it very well. I have tried 7zip but never liked it, its interface is unfriendly and it seems its only advantage is that it is free.

The WinRar vulnerability as clearly stated affects .ace archives ONLY (including files with forged extensions). ACE is a legacy format and I don’t know anybody who still uses it. It is trivial to delete the unacev2.dll file and it is then safe. Or update to the latest version when it is removed anyway. Note that unacev2.dll is a third party program written by the developers of ACE and is used by several other zip archive programs, clearly the WinRar developers are unable to update this third party program and I doubt whether the ACE developers are still around.

Sad to see Woody condemning a program without finding out the facts.

 

2 users thanked author for this post.

Mele20, b

It seems in the case of Keepass when you use a password it leaves it in plain text in Ram which only Windows has access to and a memory dump immediately afterwards can pick it up. But surely even if you type a password manually in your browser it will also be stored in memory and passed to the site in plain text so is really no different. No issues were found with how Keepass stores the data within its own program.

See https://sourceforge.net/p/keepass/discussion/329220/thread/3141433d14/ for a discussion on this.

3 users thanked author for this post.

T, Lars220, rc primak

Yep, and just received the first Woody Plus newsletter, looks good. (which suggests a different coupon code to use!).

 

Thanks Woody and for updating the support email address…… we all make mistakes.

I found the ‘coupon’ process a bit confusing and had to read several previous postings to work out what to type in the box. Maybe obvious to some but not me…. Anyway hopefully have now subscribed when my payment of £0 dollars has cleared…

Woody

Thanks for all your work. Just tried emailing you on CustomerService@AskWoody.com as per your Plus registration page and it bounces, ‘user unknown’…

I made a donation in December which is shown on the Donors page but doesn’t seem to have been picked up yet to upgrade me to Plus. Maybe the import of recent donors is not working yet?

 

Another Windows Secret subscriber until Penton spoiled it and let my subs lapse – and subscriber to Woody’s newsletters before that. This is certainly good news and I await developments. Have just sent a small donation to Woody.

1 user thanked author for this post.

woody

As pointed out WU only updates IE based browsers. You must manually update for Firefox based browsers or use their built in updaters.

I am not losing any sleep over this one. If as it says it is distributed by dodgy email and as a flash attachment to Office documents I can relax as I don’t have Office and pretty sure LibreOffice would alert me to this unusual situation. Besides which it would never get through my spam filters (instantly deleted in Mailwasher before it got anywhere else.

I do have one application (Telegraph crosswords) which uses flash with no alternative in sight but in general the use of flash online has decreased enormously in the past year.

 

Avast here, computer updated from 1709 to9 1803 this morning with no issues – apart from the time to do it (over 5 hours). With all the fuss on here it seems a bit of an anticlimax, just a couple of changes to get it how I like, almost as if nothing had changed. Oh, I don’t use any MS apps at all…

 

Agreed anonymous. I can’t be bothered to read that article with having to click so many things to see the content.