|
MS-DEFCON 2:
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it.
|
Blog Archives
-
Zero day for Windows 7
Posted on November 25th, 2020 at 12:11 Comment on the AskWoody LoungeBleeping computer reports that 0-patch is releasing a fix for a zero day in Windows 7 and server 2008 R2.
I haven’t yet seen an out of band patch released to Windows 7 ESUs but I’ll keep you posted.
One clarification on that post, Sergiu says “At the moment, only small-and-midsize businesses or organizations with volume-licensing agreements can get an ESU license until January 2023.” You actually don’t need a volume licensing agreement in order to buy Windows 7 patches. Amy Babinchak is still selling Windows 7 ESUs and for anyone who bought them last year, she’ll be contacting you to see if you want the updates again this year. Microsoft hasn’t yet set it up so that the 2021 Windows 7 ESUs are on their price list, but I’m guessing December 1st is when they will post it to the price list. It’s expected to be twice the price of last years.
-
Patch lady – targeted attacks using zero day
Posted on October 30th, 2020 at 14:24 Comment on the AskWoody LoungePer https://www.zdnet.com/article/google-discloses-windows-zero-day-exploited-in-the-wild/:
On Twitter, Hawkes said the Windows zero-day (tracked as CVE-2020-17087) was used as part of a two-punch attack, together with another a Chrome zero-day (tracked as CVE-2020-15999) that his team disclosed last week.
“We have confirmed with the Director of Google’s Threat Analysis Group, Shane Huntley, that this is targeted exploitation and this is not related to any US election-related targeting.”
It will be patched November 10th.
So the good news is that this is targeted only – not by us mere mortals. Until then keep your tinfoil on and in the ready mode
-
SandboxEscaper drops another Win10 0day on Twitter
Posted on October 24th, 2018 at 09:38 Comment on the AskWoody LoungeRemember the Task Scheduler ALPC 0day dropped on Twitter at the end of August?
The same gal, @SandboxEscaper, just dropped another one. On Twitter. No forewarning. No chance for Microsoft to fix it.
Catalin Cimpanu has a good overview on ZDNet.
It’s another privilege elevation attack, which means the attacker has to be running on your machine before it kicks in, and the 0day can be used to change the running code from standard to admin.
The PoC, in particular, was coded to delete files for which a user would normally need admin privileges to do so. With the appropriate modifications, other actions can be taken, experts believe.
That makes it very mean, but not yet a potent attack.
Kevin Beaumon, @GossiTheDog, has taken a look at it:
So this works. Windows 10 and Server 2016 (and 2019) only. It’s similar to Task Scheduler exploit, it allows non-admins to delete any file by abusing a new Windows service not checking permissions again. https://t.co/q45Qj3DGSS
— Kevin Beaumont (@GossiTheDog) October 23, 2018
I’ll update this post with the CVE number as soon as I have it.
-
Details on the Task Scheduler ALPC zero-day
Posted on August 28th, 2018 at 07:59 Comment on the AskWoody LoungeKevin Beaumont (@GossiTheDog) just published an excellent overview of the newly touted ALPC zero-day in Task Scheduler. Complete with working exploit code.
The flaw is that the Task Scheduler API function SchRpcSetSecurity fails to check permissions. So anybody — even a guest — can call it and set file permissions on anything locally.
It’s a privilege escalation bug, allowing an offending program to leapfrog itself from running in user mode to take over the machine.
Catalin Cimpanu on Bleeping Computer posted the initial revelation from @SandboxEscaper, who posted original exploit code on GitHub, then deleted their Twitter account.
Nothing to worry about yet, but expect to see a fix for all versions of Windows before too long.
-
Patch Lady – Flash update out on June 7th
Posted on June 7th, 2018 at 14:39 Comment on the AskWoody Lounge
Be aware that today a Flash update has been released. For those of you on Windows 7 you will need to either look to a prompt or go to the Adobe flash page for your update. For those on 10, and 8.1 you get your update from Microsoft.https://support.microsoft.com/en-us/help/4287903/security-update-for-adobe-flash-player
“Adobe is aware of a report that an exploit for CVE-2018-5002 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash Player content distributed via email.”
Generally speaking it’s wise to ensure these flash updates are installed as soon as possible. Kirsty’s got the links for you here:
-
Pwnfest brings two zero-day system level hacks of Edge
Posted on November 11th, 2016 at 11:20 Comment on the AskWoody LoungeSo much for the most secure browser ever.
Darren Pauli at The Register reports that two Win10 1607 ( = Anniversary Update = Redstone 1) machines updated to this week’s security patch level were pwned in separate hacks.
It’s become a lucrative hobby. $140,000 each to Qihoo 360 (China) and LokiHardt (South Korea).
There’s also a hack using Flash on Edge on Win10 1607.
-
Microsoft’s latest Word security hole, KB 2953095, is part of an on-going embarrassment
Posted on March 25th, 2014 at 21:46 Comment on the AskWoody LoungeHas everybody forgotten that RTF – the sticking point in the latest zero-day, and dozens of zero-days before it – was invented and controlled by Microsoft?
InfoWorld Tech Watch.
-
If you use IE9 or IE10, Security Advisory 2934088 says get patched now
Posted on February 20th, 2014 at 22:16 Comment on the AskWoody LoungeThere’s a Fixit…
InfoWorld TechWatch
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Recent Replies
DrBonzo on Tasks for the weekend – January 16, 2021
14 minutes agoSave_Us_from_MS on Tasks for the weekend – January 16, 2021
19 minutes agoPaul T on Latest Updates, nothing but feature update showing
33 minutes agoanonymous on Latest Updates, nothing but feature update showing
34 minutes agoGraham on Security update for Secure Boot DBX can be skipped (KB4535680)
1 hour, 5 minutes agoWSbenjones76 on Tweaking spreadsheet data
1 hour, 14 minutes ago- 2 hours, 37 minutes ago
- 2 hours, 39 minutes ago
- 3 hours, 23 minutes ago
Nathan Parker on Apple to block sideloading iOS apps on M1
3 hours, 24 minutes ago- 3 hours, 26 minutes ago
- 3 hours, 37 minutes ago
- 3 hours, 42 minutes ago
- 3 hours, 53 minutes ago
- 3 hours, 54 minutes ago
OscarCP on Understanding Section 230
4 hours, 38 minutes ago- 4 hours, 47 minutes ago
Kirsty on A Zero-day Windows 10 bug corrupts your hard drive on seeing this file’s icon
5 hours, 6 minutes ago- 5 hours, 6 minutes ago
Susan Bradley on Zero day Windows 10 bug
5 hours, 18 minutes agoTom on Attention partners Microsoft really is coming for your clients this time
5 hours, 30 minutes agoitaliangm on A Zero-day Windows 10 bug corrupts your hard drive on seeing this file’s icon
5 hours, 40 minutes ago- 5 hours, 43 minutes ago
- 5 hours, 45 minutes ago
- 6 hours, 37 minutes ago
- 7 hours, 3 minutes ago
- 7 hours, 23 minutes ago
Lanyap on Win10 Backup and Restore (Windows 7) – Backup freezes at 97% after December 14
7 hours, 28 minutes agoWCHS on Zero day Windows 10 bug
7 hours, 55 minutes ago- 9 hours, 12 minutes ago