Old Posted News

Place you can talk about other things not related to autopatcher.
User avatar
Whatacrock
Release Maintainer
Release Maintainer
Posts: 1967
Joined: Mon Oct 28, 2013 10:47 am
Location: Australia
Contact:

Re: Microsoft Explains How Windows 7 and 8.1 Will Get Cumulative Updates

Post by Whatacrock »

It happens to all of us at one stage or another.. :) :)
"Now if you Sons of B*@ches got anything else to say, NOW'S THE F@#%ING TIME!!"
parkd1
Moderator
Moderator
Posts: 333
Joined: Tue Jan 07, 2014 4:33 pm

Google Exploit Announcements put customer at potential risk says Microsoft

Post by parkd1 »

Google discloses actively exploited Windows vulnerability just 10 days after reporting it to Microsoft. Google today shared details about a security flaw in Windows, just 10 days after disclosing it to Microsoft on October 21. To make matters worse, Google says it is aware that this critical Windows vulnerability is being actively exploited in the wild.

That means attackers have already written code for this specific security hole and are using it to break into Windows systems reports venturebeat today.

A 0-day vulnerability is a publicly disclosed security flaw that wasn’t known before. In other words, the company that makes the software has not yet issued a patch for it. Indeed, Microsoft has not released a fix nor issued an advisory for this flaw. Google described this particular Windows vulnerability as follows:

The Windows vulnerability is a local privilege escalation in the Windows kernel that can be used as a security sandbox escape. It can be triggered via the win32k.sys system call NtSetWindowLongPtr() for the index GWLP_ID on a window handle with GWL_STYLE set to WS_CHILD. Chrome’s sandbox blocks win32k.sys system calls using the Win32k lockdown mitigation on Windows 10, which prevents exploitation of this sandbox escape vulnerability.

Also on October 21, Google shared a Flash vulnerability (CVE-2016-7855) with Adobe, which that company patched on October 26. That means users can simply update to the latest version of Flash. For the other security flaw, Google merely recommends “to apply Windows patches from Microsoft when they become available for the Windows vulnerability.”

A web plugin like Flash is a lot less complex than an operating system like Windows. This is one of the reasons why Google’s policy for actively exploited critical vulnerabilities — namely publicly disclosing details after seven days — is so controversial. Many software companies argue that a week is not enough time to code, test, and issue a patch for a security flaw. Google prefers to make the public aware sooner rather than later, but many security researchers maintain that details should only be shared once a patch is available. This is not the first time that Google has disclosed Windows vulnerabilities before a patch was ready. In fact, the company did this for Windows 8.1 twice in January 2015. Microsoft understandably wasn’t pleased, but this time around is even more serious. Both of those earlier vulnerabilities weren’t being actively exploited.

We have reached out to Microsoft regarding Google’s disclosure today and will update you if we hear back.

Update at 12:45 p.m. Pacific: Microsoft issued a statement, though the company did not share when a patch could be expected.

“We believe in coordinated vulnerability disclosure, and today’s disclosure by Google puts customers at potential risk,” a Microsoft spokesperson told VentureBeat. “Windows is the only platform with a customer commitment to investigate reported security issues and proactively update impacted devices as soon as possible. We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection.”

A source close to the company also shared that the exploit Google describes requires the Adobe Flash vulnerability. Since Flash has been patched, the Windows vulnerability is mitigated. That said, Microsoft still needs to plug the security hole as it could be leveraged in other types of attacks.

http://www.guru3d.com/news-story/google ... osoft.html
parkd1
Moderator
Moderator
Posts: 333
Joined: Tue Jan 07, 2014 4:33 pm

Microsoft: Russian hackers are exploiting Windows flaw exposed by Google

Post by parkd1 »

Microsoft says that a vulnerability in Windows made public by Google has been exploited by a hacking group with links to Russia. The group -- known variously as Strontium, Fancy Bear, and APT 28 -- has executed several spear phishing attacks, the company says.

Google was criticized for publicizing the vulnerability before Microsoft has released a patch. A fix for the security hole is not due to be released until Tuesday, 8 November -- voting day in the US election.

The hacking group is one that has been linked to the Russian government, and is thought to have been behind a number of recent US hacks. Tensions are already running high between the US and Russia -- particularly in light of American accusations that Russia has engaged in a hacking campaign designed to interfere with the election.

Writing on Microsoft's Malware Protection Center blog, Terry Myerson said:

Recently, the activity group that Microsoft Threat Intelligence calls STRONTIUM conducted a low-volume spear-phishing campaign. Customers using Microsoft Edge on Windows 10 Anniversary Update are known to be protected from versions of this attack observed in the wild. This attack campaign, originally identified by Google’s Threat Analysis Group, used two zero-day vulnerabilities in Adobe Flash and the down-level Windows kernel to target a specific set of customers.

We have coordinated with Google and Adobe to investigate this malicious campaign and to create a patch for down-level versions of Windows. Along these lines, patches for all versions of Windows are now being tested by many industry participants, and we plan to release them publicly on the next Update Tuesday, Nov 8.

We believe responsible technology industry participation puts the customer first, and requires coordinated vulnerability disclosure. Google’s decision to disclose these vulnerabilities before patches are broadly available and tested is disappointing, and puts customers at increased risk.

To address these types of sophisticated attacks, Microsoft recommends that all customers upgrade to Windows 10, the most secure operating system we’ve ever built, complete with advanced protection for consumers and enterprises at every layer of the security stack. Customers who have enabled Windows Defender Advanced Threat Protection (ATP) will detect STRONTIUM’s attempted attacks thanks to ATP’s generic behavior detection analytics and up-to-date threat intelligence.

While Google ordinarily gives companies a little more breathing room before going public with details of security problems (typically 60 days), in the case of more serious problems, the timescale is reduced. This is done to encourage software manufacturers to speed up the development of patches, but it is a move that has found Google on the receiving end of a tongue lashing in the past.

http://betanews.com/2016/11/02/russian- ... rity-flaw/
User avatar
Whatacrock
Release Maintainer
Release Maintainer
Posts: 1967
Joined: Mon Oct 28, 2013 10:47 am
Location: Australia
Contact:

Microsoft Pledges to Completely Retire Office 2007 Next Year

Post by Whatacrock »

Microsoft Pledges to Completely Retire Office 2007 Next Year

Microsoft will remove support for Office 2007 next year and, without a doubt, many users and companies will be caught off-guard because this is pretty much what happens every time the software giant pulls support for one of its products.

It goes without saying that many still hope to see Microsoft extending support beyond the cutoff date, as it happened with Windows XP, but the company says in a statement that there’s no way Office 2007 would receive updates and security patches beyond October 2017.

The purpose is obviously to convince users to switch to Office 365 or a newer version of the productivity suite, such as Office 2016, which the company is actively working on right now.
"Custom support no longer offered"

What’s important to know, however, is that Microsoft will no longer offer custom support either, so everyone will stop getting updates beyond the October 2017 deadline. Microsoft previously offered custom support to paying customers, such as companies or state department, in exchange for a fee, but this won’t be the case with Office 2007.

“The Office 2007 wave of products will be reaching end of support over the next 12 months, as per Microsoft Lifecycle Policy. After those end of support dates, we will no longer offer custom support on any version of Office products (Exchange Server; Office Suites; SharePoint Server; Office Communications Server; Lync Server; Skype for Business Server; Project Server and Visio),” the company explained.

Microsoft says demand for custom support is dropping, and this is one of the reasons the company wants to completely pull the old Office 2007 suite.

“In the past we have offered custom support for a subset of Office products to customers with Premier support contracts. We have seen demand for custom support decline as more customers move to Office 365. Note that this change applies only to custom support, but does not impact any of the standard support offerings,” the firm says.

According to reports, Microsoft is currently considering offering an extension for Premier customers on Exchange 2007 with Service Pack 3, but this might be the only exception the company has in mind.

http://news.softpedia.com/news/microsof ... 0249.shtml
"Now if you Sons of B*@ches got anything else to say, NOW'S THE F@#%ING TIME!!"
parkd1
Moderator
Moderator
Posts: 333
Joined: Tue Jan 07, 2014 4:33 pm

Windows 10 suddenly killing internet connectivity for some users

Post by parkd1 »

Microsoft pushed out a new cumulative update to the Windows 10 release channel yesterday, and a number of users are reporting that it’s causing their internet connection to stop working, although there’s speculation that the update isn’t the cause at all.

The update, KB3201845, is designed to fix various issues with the new operating system and was first issued to Windows Insiders in November but the problem clearly wasn’t flagged up with it then, and some people are saying the problem started for them before the update was rolled out.

Certainly the update history for the cumulative update doesn’t mention anything to do with internet connectivity/networking.

Improved the reliability of mobile device management (MDM) disenrollment, Distributed Component Object Model (DCOM), Peripheral Component Interface and PowerShell.
Addressed issue that causes excessive battery drain if you have a Chinese Input Method Editor installed and use Windows Hello to log in.
Addressed issue with OLE drag and drop that prevents users from downloading a SharePoint document library as a file.
Addressed issue with Super Floppy-formatted fixed media devices that are not recognized by Windows 10 Anniversary Update or accessible in Windows Explorer.
Addressed issue that causes the System Center Configuration Manager (SCCM) client to fail installation when a device is re-imaged using the SCCM task sequence.
Addressed issue that causes the loss of optional component (OC) state information, including all Hyper-V virtual machines, after upgrade.
Addressed issue that causes Windows Explorer to display information that’s inconsistent with what’s stored on the Floppy disk.
Addressed issue that, after connecting a shared CD/DVD-hosted drive with no media inserted, causes some of the commands, like DIR and NET USE, to hang.
Addressed issue where customers cannot use directory cache sizes greater than 64 KB.
Addressed issue where Windows Explorer sometimes does not prompt for credentials when a user logs on using a Microsoft account.
Addressed additional issues with application compatibility and Internet Explorer

I haven’t personally experienced any problems with my Wi-Fi, but if it’s something that affects you, you may be able to solve the issue by uninstalling the update, or changing the local IPv4 IP address for your network adapter. You can then block the update until a fix is issued.

If that doesn’t work, you could try performing a clean restart. Hold down Shift, then click Start, click the power button, and select Shut Down. Keep Shift held down until the PC has fully powered down, then reboot.

Microsoft acknowledges the problem on the Answers forum, and offers another solution. Forum Moderator Lonnie_L states:

We are looking into reports that some customers are experiencing difficulty connecting to the Internet. We recommend customers restart their PCs, and if needed, visit https://support.microsoft.com/help/1074 ... ion-issues. To restart, select the Start button from the taskbar, click the Power button and choose Restart (not Shut down).

http://betanews.com/2016/12/10/windows- ... ome-users/
User avatar
Whatacrock
Release Maintainer
Release Maintainer
Posts: 1967
Joined: Mon Oct 28, 2013 10:47 am
Location: Australia
Contact:

Microsoft PowerShell Becomes a More Popular Malware-Spreading Tool

Post by Whatacrock »

Microsoft PowerShell Becomes a More Popular Malware-Spreading Tool

Microsoft PowerShell is a really powerful tool for IT professionals running Windows, and the Redmond-based software giant is making it the default shell in the operating system, but security experts say that cybercriminals are also increasingly using it for spreading malware.

Security firm Symantec have analyzed malicious PowerShell scripts and said that the number of threats is growing at a fast pace, especially in the case of enterprises where the shell framework is more widely used.

Symantec says that most malicious PowerShell scripts are being used as downloads, including Office macros, and the ultimate goal is to execute code on a computer and then spread malware across the entire network.
"Scripts trying to remove security protection"

There are three common malware families that are spreading with PowerShell scripts these days, namely W97M.Downloader (9.4 percent of all analyzed samples), Trojan.Kotver (4.5 percent), and JS.Downloader (4.0 percent), according to Symantec.

“Over the last six months, we blocked an average of 466,028 emails with malicious JavaScript per day, and this trend is growing. Not all malicious JavaScript files use PowerShell to download files, but we have seen a steady increase in the framework’s usage,” the firm says.

Cybercriminals are also creating more complex PowerShell scripts that work in stages, so instead of compromising the target computer directly, they are actually linked to a different script that eventually deploys the malware. This helps bypass certain security solutions and protection apps, but in some cases, scripts can be developed to uninstall these security solutions or steal passwords used across the network.

The best way to protect against this type of threats is to run security software that’s fully up to date, as well as the latest version of PowerShell. Additionally, given the fact that most scripts are being delivered via email, avoid opening scripts, files, or links coming from untrusted sources that could pose a risk for your system or network.

http://news.softpedia.com/news/microsof ... 0871.shtml
"Now if you Sons of B*@ches got anything else to say, NOW'S THE F@#%ING TIME!!"
User avatar
Whatacrock
Release Maintainer
Release Maintainer
Posts: 1967
Joined: Mon Oct 28, 2013 10:47 am
Location: Australia
Contact:

After Google and Apple, Microsoft Disables Flash Player by Default as Well

Post by Whatacrock »

After Google and Apple, Microsoft Disables Flash Player by Default as Well

Microsoft is the latest big company that’s disabling Flash Player by default in its browsers, as it’s trying to encourage the transition to HTML5 for a more secure, faster, and cleaner experience.

As a result, all Flash content will be disabled by default in Microsoft Edge and Internet Explorer starting with the upcoming Windows 10 Creators Update, with browsers instructed to display the HTML5 version of a website if available.

Flash won’t be loaded at all in case HTML5 is detected, and this should help improve performance, battery life, and security, but in the case of sites that still use Flash, users will be allowed to decide if they want to load it or not. This option can be remembered for next visits, the company says.

“We are deeply aware that Flash is an integral part of many web experiences today. To ease the transition to HTML5, these changes initially will not affect the most popular sites which rely on Flash today,” Microsoft explained.

“In the coming months, we will actively monitor Flash consumption in Microsoft Edge and will gradually shorten the list of automatic exceptions. At the end of this process, users will remain in control, and will be able to choose Flash for any site they visit.”
"Change to debut in Windows 10 preview builds"

This change will be originally implemented for Windows 10 preview builds, so insiders will be the first to witness the demise of Flash Player in Windows 10, while everyone else should get it in the Creators Update due in the spring.

Microsoft encourages web developers to abandon Flash Player and to move to alternative technologies, including JavaScript and HTML5 Encrypted Media Extensions, Media Source Extensions, Canvas, Web Audio, and RTC, pointing out that the top browsers right now are doing the same thing, including Google, Apple, and Mozilla.

This should eventually lead to improved performance, greater stability, and stronger security, Microsoft says, and this is exactly what the company is aiming for with its Edge browser.

http://news.softpedia.com/news/after-go ... 0991.shtml
"Now if you Sons of B*@ches got anything else to say, NOW'S THE F@#%ING TIME!!"
User avatar
Whatacrock
Release Maintainer
Release Maintainer
Posts: 1967
Joined: Mon Oct 28, 2013 10:47 am
Location: Australia
Contact:

Microsoft Launches Tool to Help Fix Windows Update Issues

Post by Whatacrock »

Microsoft Launches Tool to Help Fix Windows Update Issues

Microsoft has released a new web-based solution to help users address problems they experience with Windows updates.

The new service is available on the company’s support website and is offered free of charge, with users required to follow a wizard and try the common workaround for the problems they experience.

The new tool covers issues affecting Windows 10, Windows 8.1, and Windows 7, and the wizard guides users throughout the necessary steps to isolate the bug and find a way to fix it. The common errors experienced with cumulative updates on Windows 10 are also supposed to be fixed, and Microsoft is also offering an updated version of the Update Troubleshooter to help users.

“This guided walk-through provides steps to fix problems when installing updates. Here are some commonly seen error codes: 0x80073712, 0x800705B4, 0x80004005, 0x8024402F, 0x80070002, 0x80070643, 0x80070003, 0x8024200B, 0x80070422, 0x80070020. These steps should help with all errors and not just the ones listed,” Microsoft says.

It goes without saying that this new wizard comes in super-handy to Windows 10 users who had a hard time deploying the latest cumulative updates, especially because the latest patches released by Microsoft have caused installation issues with almost every new release.
"Resetting Windows? Thanks, but no thanks"

Unfortunately, however, this guide is mostly based on the common workarounds that you typically find on Microsoft’s Community forums, so there’s a good chance that it won’t make a difference for users experiencing cumulative update installation issues.

At one point during the wizard, we were asked to “reset or reinstall Windows” because none of the previous steps resolved the issue, but we all know that this is a workaround that almost nobody wants to turn to. And if nothing works, users are recommended to contact the Answer Desk and have a Microsoft support engineer assist them in fixing the problem.

Of course, this is just the first implementation of the troubleshooting guide, but hopefully Microsoft will improve it in the future and offer more efficient ways of fixing update problems.

http://news.softpedia.com/news/microsof ... 1244.shtml
"Now if you Sons of B*@ches got anything else to say, NOW'S THE F@#%ING TIME!!"
User avatar
TheAPGuy
Site Admin
Site Admin
Posts: 979
Joined: Sun Oct 27, 2013 12:38 am
Location: California
Contact:

Re: Microsoft Launches Tool to Help Fix Windows Update Issues

Post by TheAPGuy »

wow ms... wow. Can't be bothered to find and fix the issue that many people have?
parkd1
Moderator
Moderator
Posts: 333
Joined: Tue Jan 07, 2014 4:33 pm

Adobe patches critical flaws in Flash Player, Reader, and Acrobat

Post by parkd1 »

Adobe Systems released security updates for its Flash Player, Adobe Reader, and Acrobat products fixing critical vulnerabilities that could allow attackers to install malware on computers.

The Flash Player update fixes 13 vulnerabilities, 12 that can lead to remote code execution and one that allows attackers to bypass a security restriction and disclose information. Adobe is not aware of any exploit for these flaws existing in the wild.

Users are advised to upgrade to Flash Player version 24.0.0.194 on Windows, Mac, and Linux. The Flash Player plug-in bundled with Google Chrome, Microsoft Edge and Internet Explorer will be automatically upgraded through those browsers’ respective update mechanisms.

The Adobe Reader and Acrobat updates address 29 vulnerabilities, 28 of which can lead to arbitrary code execution. Like with the Flash Player flaws, Adobe is not aware of any of these vulnerabilities being exploited by attackers.
ADVERTISING

The company advises Acrobat and Reader DC users to upgrade to version 15.023.20053 if they use the “continuous” release track or to version 15.006.30279 if they’re on the “classic” track. Users of the older, but still supported, Acrobat XI and Reader XI should upgrade to version 11.0.19.

Because of their security sandbox which makes exploits significantly harder to implement, Adobe Reader and Acrobat are rarely targeted by hackers today compared to be some years ago.

However, Flash Player remains a hacker favourite, with zero-day attacks against it being relatively common and with exploits being integrated into widely used Web-based attack tools.

http://www.macworld.com/article/3156587 ... ign=buffer
Post Reply