Tuesday, November 26, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Windows 10

ComputerWorld Independent 

Microsoft finally bans SHA-1 certs in IE and Edge

admin , ,

Credit to Author: Lucian Constantin| Date: Wed, 10 May 2017 09:08:00 -0700

The Tuesday updates for Internet Explorer and Microsoft Edge force those browsers to flag SSL/TLS certificates signed with the aging SHA-1 hashing function as insecure. The move follows similar actions by Google Chrome and Mozilla Firefox earlier this year.

Browser vendors and certificate authorities have been engaged in a coordinated effort to phase out the use of SHA-1 certificates on the web for the past few years, because the hashing function no longer provides sufficient security against spoofing.

SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made — for example, for outdated payment terminals.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Microsoft fixes 55 flaws, 3 of them exploited by Russian cyberspies

admin ,

Credit to Author: Lucian Constantin| Date: Tue, 09 May 2017 14:39:00 -0700

Microsoft released security patches Tuesday for 55 vulnerabilities across the company’s products, including for three flaws that are already exploited in targeted attacks by cyberespionage groups.

Fifteen of the vulnerabilities fixed in Microsoft’s patch bundle for May are rated as critical and they affect Windows, Microsoft Office, Microsoft Edge, Internet Explorer, and the malware protection engine used in most of the company’s anti-malware products.

System administrators should prioritize the Microsoft Office patches because they address two vulnerabilities that attackers have exploited in targeted attacks over the past two months. Both of these flaws, CVE-2017-0261 and CVE-2017-0262, stem from how Microsoft Office handles Encapsulated PostScript (EPS) image files and can lead to remote code execution on the underlying system.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Microsoft fixes remote hacking flaw in Windows Malware Protection Engine

admin , ,

Credit to Author: Lucian Constantin| Date: Tue, 09 May 2017 11:32:00 -0700

Microsoft released an update for the malware scanning engine bundled with most of its Windows security products in order to fix a highly critical vulnerability that could allow attackers to hack computers.

The vulnerability was discovered by Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich on Saturday and was serious enough for Microsoft to create and release a patch by Monday. This was an unusually fast response for the company, which typically releases security updates on the second Tuesday of every month and rarely breaks out of that cycle.

Ormandy announced Saturday on Twitter that he and his colleague found a “crazy bad” vulnerability in Windows and described it as “the worst Windows remote code execution in recent memory.”

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Microsoft asks Windows 10 Enterprise customers to test new anti-exploit tech

admin , ,

Credit to Author: Gregg Keizer| Date: Thu, 04 May 2017 12:58:00 -0700

Microsoft today asked enterprise customers to test a new anti-malware, anti-exploit technology in Windows 10’s baked-in browser.

Windows 10’s latest preview, tagged as build 16188 and released Thursday, includes Windows Defender Application Guard, a virtualization-based feature that isolates the contents of a tab in Edge, the OS’s default browser, from the rest of the system.

While Application Guard was announced in September, and went through limited testing in the months since, today marked its first appearance to all Insiders running Windows 10 Enterprise. Users must manually toggle on Application Guard from a setting dialog, then open a tab within Edge by selecting “New Application Guard Window” from the browser’s menu.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Cybercrime group abuses Windows app compatibility feature

admin , ,

Credit to Author: Lucian Constantin| Date: Thu, 04 May 2017 12:00:00 -0700

When Microsoft made it possible for enterprises to quickly resolve incompatibilities between their applications and new Windows versions, it didn’t intend to help malware authors as well. Yet, this feature is now abused by cybercriminals for stealthy and persistent malware infections.

The Windows Application Compatibility Infrastructure allows companies and application developers to create patches, known as shims. These consist of libraries that sit between applications and the OS and rewrite API calls and other attributes so that those programs can run well on newer versions of Windows.

Shims are temporary fixes that can make older programs work even if Microsoft changes how Windows does certain things under the hood. They can be deployed to computers through Group Policy and are loaded when the target applications start.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Old Windows Server machines can still fend off hacks. Here's how

admin , , ,

Credit to Author: Michael Kan| Date: Wed, 26 Apr 2017 04:01:00 -0700

If you’re running a Windows Server 2003 machine, you have a problem. Your already-vulnerable computer is now at severe risk of being hacked.

That’s due to the internet release earlier this month of a batch of updates that paint a bull’s-eye on computers running Windows Server 2003, according to security researchers.

“I can teach my mom how to use some of these exploits,” said Jake Williams, founder of Rendition Infosec, a security provider. “They are not very complicated at all.”

Experts are urging affected businesses to upgrade to the latest Windows OSes, which offer security patches that can address the threat.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Developer lifts Windows 7's update blockade with unsanctioned patch

admin , ,

Credit to Author: Gregg Keizer| Date: Thu, 20 Apr 2017 13:28:00 -0700

An anonymous developer has published a patch that negates Microsoft’s barring of security updates from Windows 7 and 8.1 PCs equipped with the very newest processors.

The developer, identified as “Zeffy,” posted the patch and accompanying documentation on GitHub, the code repository.

“I was inspired to look into these new rollup updates that Microsoft released on March 16 [after reading about the processor-related blocking of Windows Update],” wrote Zeffy. “[That was] essentially a giant middle finger to anyone who dare not ‘upgrade’ to the steaming pile of garbage known as Windows 10.”

To read this article in full or to leave a comment, please click here

Read more
Microsoft Security 

Combating a spate of Java malware with machine learning in real-time

admin , , , , , , , , , , , , ,

Credit to Author: msft-mmpc| Date: Thu, 20 Apr 2017 13:02:00 +0000

In recent weeks, we have seen a surge in emails carrying fresh malicious Java (.jar) malware that use new techniques to evade antivirus protection. But with our research team’s automated expert systems and machine learning models, Windows 10 PCs get real-time protection against these latest threats. Attackers are constantly changing their methods and tools. We…

Read more