Tuesday, November 26, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Windows 10

ComputerWorld Independent 

Experts contend Microsoft canceled Feb. updates to patch NSA exploits

admin , ,

Credit to Author: Gregg Keizer| Date: Tue, 18 Apr 2017 13:06:00 -0700

Microsoft delayed its February security update slate to finish patching critical flaws in Windows that a hacker gang tried to sell, several security experts have argued.

“Looks like Microsoft had been informed by ‘someone,’ and purposely delayed [February’s] Patch Tuesday to successfully deliver MS17-010,” tweeted Matt Suiche, founder of Dubai-based security firm Comae Technologies.

MS17-010, one of several security bulletins Microsoft issued in March, was just one of several cited Friday by the Redmond, Wash. developer when it said it had already patched most of the vulnerabilities exploited by just-leaked hacking tools.

Those tools — 12 different Windows exploits — had been included in a large data dump made April 14 by a hacker group dubbed Shadow Brokers, which is believed to have ties to Russia. The exploits, as well as a trove of documents, had been stolen from the National Security Agency (NSA), Shadow Brokers claimed.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Microsoft confirms it's patched most of the NSA's Windows exploits

admin , ,

Credit to Author: Gregg Keizer| Date: Mon, 17 Apr 2017 12:05:00 -0700

Microsoft on Friday said it had patched most of the Windows vulnerabilities purportedly exploited by the National Security Agency (NSA) using tools that were leaked last week.

The Windows flaws were disclosed by the hacking gang Shadow Brokers in a large data dump earlier Friday. The group has released several collections of documents about the internal operations of the NSA, and the code it allegedly has used to compromise computers and other devices worldwide.

“Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products,” Phillip Misner, a group manager in the Microsoft Security Response Center (MSRC), wrote in a post to a company blog.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Microsoft begins denying updates to some Windows 7 users

admin , ,

Credit to Author: Gregg Keizer| Date: Fri, 14 Apr 2017 12:56:00 -0700

Microsoft this week began blocking Windows 7 and 8.1 PCs equipped with the very newest processors from receiving security updates, making good on a policy it announced but did not implement last year.

But the company also refused to provide security fixes to Windows 7 systems that were powered by AMD’s “Carrizo” CPUs, an architecture that was supposed to continue receiving patches.

The decree that led to the update bans, whether allowable or not under Microsoft’s new policy, was revealed in January 2016, when the company said making Windows 7 and Windows 8.1 run on the latest processors was “challenging.” Microsoft then ruled that Windows 10 would be the only supported edition on seventh-generation and later CPUs and simultaneously dictated a substantial shortening of support of both editions.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

IDG Contributor Network: Massive change to a moderate Patch Tuesday

admin ,

Credit to Author: Greg Lambert| Date: Fri, 14 Apr 2017 09:02:00 -0700

Last month, we had the largest ever release of patches and updates from Microsoft.

This month, we see the biggest change to Patch Tuesday since the first updates were released on the second Tuesday in October 2003, starting with MS03-041. Security bulletins with easy to follow formats like MSyy-xxx are no longer published by Microsoft as of April 2017.

Now, we have the Microsoft Security Update Guide which is defined by Microsoft as the “authoritative source of information on our security updates.” The MSUG is a searchable database of patches and updates that offers some basic queries and filtering. In addition to this database-driven approach, Microsoft has published summary release notes for April 2017 that can be found here. Helpfully, this summary outlines that the following technologies are updated for April:

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

How to improve Dynamic Lock in Windows 10 Creators Update

admin , , ,

Credit to Author: Ed Tittel| Date: Mon, 10 Apr 2017 06:44:00 -0700

When Microsoft released Build 15031 of the Windows 10 Insider Preview on February 8, 2017, it added a new OS feature for Bluetooth-equipped devices. It’s called Dynamic Lock, and lets you control access to your PCs based on how close they — and your Bluetooth-paired phones — are to them. That is, if the phone you’ve paired with your PC (it works for laptops, notebooks, tablets and desktops) is not found within radio range of your PC, Windows 10 turns off the screen and locks the PC after 30 seconds have elapsed. Thus, Dynamic Lock makes a dandy new security feature in Creators Update, one that most business users (or their IT departments) will find worth turning on and using.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Email-based attacks exploit unpatched vulnerability in Microsoft Word

admin , , ,

Credit to Author: Lucian Constantin| Date: Mon, 10 Apr 2017 08:08:00 -0700

Attackers have been exploiting an unpatched vulnerability in Microsoft Word for the past few months to compromise computers and infect them with malware.

The first report about the attacks came Friday from antivirus vendor McAfee after the company’s researchers analyzed some suspicious Word files spotted a day earlier. It turned out that the files were exploiting a vulnerability that affects “all Microsoft Office versions, including the latest Office 2016 running on Windows 10.”

The flaw is related to the Windows Object Linking and Embedding (OLE) feature in Microsoft Office that allows documents to embed references and links to other documents or objects, the McAfee researchers said in a blog post.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Microsoft reveals what data Windows 10 collects from you

admin , ,

Credit to Author: Darlene Storm| Date: Wed, 05 Apr 2017 09:22:00 -0700

Microsoft has been under fire for its privacy practices since Windows 10 launched in July 2015, so the company finally caved to the pressure to be more transparent and revealed the type of diagnostic data it collects.

According to Microsoft, “One of our most important improvements in the Creators Update is a set of privacy enhancements that will be mostly behind the scenes.” Today Microsoft listed three new things about your privacy with Windows 10 after upgrading to the Creators Update. It clarified descriptions about privacy settings, updated its privacy statement and, best of all, it coughed up more information about the data Windows 10 collects from you.

To read this article in full or to leave a comment, please click here

Read more
Microsoft Security 

Tech support scams persist with increasingly crafty techniques

admin , , , , , , , , , , , , , ,

Credit to Author: msft-mmpc| Date: Mon, 03 Apr 2017 12:58:02 +0000

Millions of users continue to encounter technical support scams. Data from Windows Defender SmartScreen (which is used by both Microsoft Edge and Internet Explorer to block malicious sites) and Windows Defender Antivirus show that some three million users are subjected to these threats every month. In addition to being rampant, technical support scams continue to…

Read more