windows – Page 20 – Computer Security Articles

Credit to Author: Preston Gralla| Date: Tue, 04 Feb 2020 03:00:00 -0800

It’s no secret that hackers the world over target Windows vulnerabilities in order to wreak havoc, hold up data and networks for ransom, pull off money-making scams, and disrupt elections and the workings of democracy. They target Windows for a simple reason: volume. The operating system is on the vast majority of desktop and laptop computers worldwide.

Over the years, the U.S. National Security Agency (NSA) has unwittingly helped hackers in some of the world’s most dangerous and notoriously successful attacks by developing tools to exploit Windows security holes, rather than alert Microsoft to those vulnerabilities. Some of the tools have been leaked to hackers and used in massive attacks, including the EternalBlue cyber-exploit, which was used in the WannaCry global ransomware attack that affected computers in more than 150 countries and is estimated to have caused billions of dollars in damage.

To read this article in full, please click here

Kaspersky Security

What to do about Windows 7’s end of life

January 31, 2020 admin Business, End Of Life, enterprise, Tips, windows

Credit to Author: Alexey Pankratov| Date: Fri, 31 Jan 2020 12:18:56 +0000

End of support for Windows 7 is cause to analyze your information infrastructure carefully and identify weak spots.

ComputerWorld Independent

The perils of shouting 'fire' in a crowd of PC patchers

January 30, 2020 admin microsoft, PCs, Security, windows

Credit to Author: Woody Leonhard| Date: Thu, 30 Jan 2020 10:14:00 -0800

Time and again we see the same drama play out. Microsoft releases a security patch and scary warnings appear from every corner. When your local news broadcast tells you that you better patch Windows right now…, more temperate advice should prevail.

A little over two weeks ago, on Patch Tuesday, Microsoft released a patch for a security hole known as CVE-2020-0601 – the Crypt32.dll vulnerability also called ChainOfFools or CurveBall.

To read this article in full, please click here

ComputerWorld Independent

Get the January 2020 Patch Tuesday patches installed

January 24, 2020 admin microsoft, Security, windows

Credit to Author: Woody Leonhard| Date: Fri, 24 Jan 2020 13:27:00 -0800

This month has seen a whole lotta hand waving and sky-is-falling-caliber rhetoric, but the reality is much more prosaic. If you aren’t running a major network (and thus aren’t susceptible to the imminent problems with Remote Desktop Gateway, the Citrix network bugs or the whopping 334 patches in Oracle), there’s been little reason to install this month’s updates.

To read this article in full, please click here

ComputerWorld Independent

Microsoft Patch Alert: January 2020 patches look relatively benign

January 23, 2020 admin microsoft, Microsoft Office, PCs, Security, windows

Credit to Author: Woody Leonhard| Date: Thu, 23 Jan 2020 07:17:00 -0800

The big patching problems this month fell at the feet of admins who had to deal with an unholy mess of pressing exposures: Fixing the holes in Microsoft’s RD Gateway (CVE-2020-0610; see Susan Bradley’s Patch Watch, paywalled); dealing with Server 2008 R2 systems that booted to Recovery mode after installing the January patches; scrambling to pick up after breaches in Citrix networking products; or the 334 Oracle security patches. They all took a toll.

To read this article in full, please click here

Kaspersky Security

RIP Windows 7. What now?

January 23, 2020 admin Business, End Of Life, kaspersky security for windows server, Security, SMB, Tips, windows

Credit to Author: Marvin the Robot| Date: Thu, 23 Jan 2020 10:41:32 +0000

Still using Windows 7? Time to go to Windows 10 — or beef up protection.

ComputerWorld Independent

Don’t worry about CurveBall just yet — get your Citrix systems patched

January 21, 2020 admin microsoft, Security, windows

Credit to Author: Woody Leonhard| Date: Tue, 21 Jan 2020 08:03:00 -0800

Hey, admins! It’s been an exciting week, eh?

Most of you have been inundated with requests — demands — that you patch all of your systems immediately to protect them from the highly publicized CVE-2020-0601 Crypt32.dll security hole, known as “Chain Of Fools” or “CurveBall.”

While you were scrambling to comply with the NSA’s unique advertising, abetted by almost every security expert on the planet, a funny thing happened. There are no in-the-wild exploits for the ol’ CurveBall. But there are lots and lots of Citrix ADC and Citrix Gateway systems under attack, using a security hole announced in December called CVE-2019-19781.

To read this article in full, please click here

ComputerWorld Independent

Worried about an NSA ChainOfFools/CurveBall attack? There are lots of moving parts. Test your system.

January 17, 2020 admin microsoft, Security, windows

Credit to Author: Woody Leonhard| Date: Fri, 17 Jan 2020 06:42:00 -0800

If you want to install the January Patch Tuesday patches, by all means, go right ahead. That said, I continue to recommend that you hold off installing the January Microsoft patches until we get a clearer reading on potential bugs.

The pro-patch-now argument generally goes something like this: Everybody is recommending that you install the patches to protect against the Crypto bug — almost all of the major security folks, the researchers, the big online sites, your local news station, your congresscritter, your neighbor’s nine-year-old, even the bleeping NSA. It’s a little patch. Why not just install it and be done with it?

To read this article in full, please click here