Windows 10 – Page 10 – Computer Security Articles

Credit to Author: Woody Leonhard| Date: Thu, 18 Jan 2018 06:39:00 -0800

Never give a sucker an even break. Yesterday, on a very out-of-band Wednesday, Microsoft released preview patches for Windows 8.1 (but not 7!), Server 2012, and Windows 10 1709 (for bricked AMD machines only), with preview cumulative updates for Win10 1703 and 1607. There are also nine different .NET preview patches.

What should you do? Nothing. More accurately, make sure you DON’T install any of them. Fortunately, all of these patches require that you download and install them — and you’d have to be crazy (or an admin trying to shore up some critical servers) to dive into the cesspool.

It’s the same advice I’ve been giving all month. There’s nothing here that you need right now — there are no known exploits for Meltdown or Spectre in the wild, in particular — and machines are dropping like flies.

To read this article in full, please click here

Microsoft Security

A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017

January 16, 2018 admin bad rabbit, cloud protection service, cybersecurity, EternalBlue, EternalRomance, Exploits, Hypervisor Code Integrity (HVCI), machine learning, malware research, Microsoft Edge, Microsoft Intelligent Security Graph (ISG), Petya, ransomware, research, Security Intelligence, Security Response, WannaCry, Windows 10, Windows Defender Antivirus, Windows Defender ATP, Windows Defender AV

Credit to Author: Windows Defender ATP| Date: Wed, 10 Jan 2018 14:00:31 +0000

Adopting reliable attack methods and techniques borrowed from more evolved threat types, ransomware attained new levels of reach and damage in 2017. The following trends characterize the ransomware narrative in the past year: Three global outbreaks showed the force of ransomware in making real-world impact, affecting corporate networks and bringing down critical services like hospitals,

Microsoft Security

Microsoft teams up with law enforcement and other partners to disrupt Gamarue (Andromeda)

January 16, 2018 admin Andromeda, anti-virus software, antimalware, Antivirus, antivirus software, Bot, Botnet, botnet takedown, cybersecurity, Digital Crimes Unit, Gamarue, malware research, research, Security Intelligence, Security Response, Windows 10, Windows Defender Antivirus, Windows Defender ATP, Windows Defender AV

Credit to Author: Windows Defender ATP| Date: Mon, 04 Dec 2017 23:06:44 +0000

Today, with help from Microsoft security researchers, law enforcement agencies around the globe, in cooperation with Microsoft Digital Crimes Unit (DCU), announced the disruption of Gamarue, a widely distributed malware that has been used in networks of infected computers collectively called the Andromeda botnet. The disruption is the culmination of a journey that started in

Microsoft Security

Windows Defender ATP machine learning and AMSI: Unearthing script-based attacks that ‘live off the land’

January 16, 2018 admin Antimalware Scan Interface (AMSI), Antivirus, antivirus software, Cloud Computing, cybersecurity, Fall Creators Update, fileless malware, in-memory attacks, Intelligent Security Graph, machine learning, Next-gen antivirus, Powershell, script-based attacks, Security Intelligence, Security Response, Windows 10, Windows Defender Antivirus, Windows Defender ATP, Windows Defender AV, Windows Defender Exploit Guard

Credit to Author: Windows Defender ATP| Date: Mon, 04 Dec 2017 14:00:07 +0000

Scripts are becoming the weapon of choice of sophisticated activity groups responsible for targeted attacks as well as malware authors who indiscriminately deploy commodity threats. Scripting engines such as JavaScript, VBScript, and PowerShell offer tremendous benefits to attackers. They run through legitimate processes and are perfect tools for living off the landstaying away from the

ComputerWorld Independent

InSpectre: See whether your PC's protected from Meltdown and Spectre

January 16, 2018 admin PCs, Security, Windows 10

Credit to Author: Woody Leonhard| Date: Tue, 16 Jan 2018 11:16:00 -0800

If you’re wondering whether your computer is susceptible to the latest bête noir, Meltdown and Spectre, you can take the official Microsoft patch and, after a suitable amount of technical drudgery, come away with a result that doesn’t answer much. Or you can try Steve Gibson’s new InSpectre and – with suitable caveats – see some meaningful results and a few hints about catching up.

Microsoft has a complex PowerShell script that details your machine’s exposure to the Meltdown and Spectre security flaws. Running that script on all but the simplest and most up-to-date systems turns into a hair-pulling exercise, and the results are coated in 10 layers of technical gobbledygook.

To read this article in full, please click here

ComputerWorld Independent

Microsoft's mystifying Meltdown/Spectre patches for AMD processors

January 16, 2018 admin Security, Windows 10

Credit to Author: Woody Leonhard| Date: Tue, 16 Jan 2018 07:33:00 -0800

I’ve seen a lot of bizarre Microsoft patches-of-patches, but the new patches for AMD processors are in a world of their own. The security-only, manually downloadable patches appear to be Meltdown/Spectre patches for machines that were bricked by other bad patches, earlier this month, but they’ve arrived with no instructions — and a strange circular logic.

Last week, Microsoft released two patches, with these official titles:

KB 4073578: Unbootable state for AMD devices in Windows 7 SP1 and Windows Server 2008 R2 SP1
KB 4073576: Unbootable state for AMD devices in Windows 8.1 and Windows Server 2012 R2

The Win7 KB article says:

To read this article in full, please click here

ComputerWorld Independent

How to make sure Windows gets the right patches coming to it

January 16, 2018 admin Security, Windows 10

Credit to Author: Gregg Keizer| Date: Tue, 16 Jan 2018 03:12:00 -0800

The Windows emergency security updates issued by Microsoft earlier this month came with an unprecedented prerequisite – a new key stored in the operating system’s registry – that antivirus vendors were told to generate after they’d guaranteed their code wouldn’t trigger dreaded Blue Screens of Death (BSoD) when users apply the patches.

The demands confused customers, and fueled a flood of support documents and an avalanche of web content. Those who heard about the Meltdown and Spectre vulnerabilities struggled to figure out whether their PCs were protected, and if not, why not. Millions more, not having gotten wind of the potential threat, carried on without realizing that their PCs might be barred from receiving several months’ worth of security updates.

To read this article in full, please click here

ComputerWorld Independent

Microsoft reinstates Meltdown/Spectre patches for some AMD processors — but which ones?

January 11, 2018 admin Security, Windows 10

Credit to Author: Woody Leonhard| Date: Thu, 11 Jan 2018 09:38:00 -0800

As we rappel down the Patch Tuesday rabbit hole this month, Microsoft just announced that it’s going to start pushing its January Windows security patches onto AMD processors again. But it neglects to mention which ones. Per a late-night change to KB 4073707:

Microsoft has resumed updating the majority of AMD devices with the Windows operating system security update to help protect against the chipset vulnerabilities known as Spectre and Meltdown.
To read this article in full, please click here