windows – Page 33 – Computer Security Articles

Here's an easier way to block the IE XXE zero day security hole

April 18, 2019 admin microsoft, PCs, Security, windows

Credit to Author: Woody Leonhard| Date: Thu, 18 Apr 2019 09:57:00 -0700

The latest Internet Explorer XXE zero-day depends on you opening an infected MHT file. MHT is an old file format that’s almost always opened by IE — no matter which browser you’re using, no matter which version of Windows. Catalin Cimpanu has a good overview of this XXE vulnerability on ZDNet.

It’s a doozy of a security hole as it affects every recent version of IE, and it infects whether you’re actively browsing with IE or not.

To read this article in full, please click here

ComputerWorld Independent

Win7/8.1/Server patch conflicts abated, somewhat, but it’s still too early to install the April crop

April 16, 2019 admin microsoft, Security, windows

Credit to Author: Woody Leonhard| Date: Tue, 16 Apr 2019 08:02:00 -0700

A week ago, Microsoft released six patches that brought many machines to their knees. As I explained last Friday, when the dust cleared, it was apparent that all six of these April patches:

Win7 and Server 2008 R2 Monthly Rollup (KB 4493472) and Security-only (KB 4493448) patches
Win8.1 and Server 2012 R2 Monthly Rollup (KB 4493446) and Security-only (KB 4493467) patches
Server 2012 Monthly Rollup (KB 4493451) and Security-only (KB 4493450 ) patches

would trigger blue screens on reboot on most systems running Sophos antivirus products, and many systems running AV products from Avast and Avira.

To read this article in full, please click here

Security Sophos

Microsoft fixes 74 bugs in its April, 2019 Patch Tuesday releases

April 9, 2019 admin adobe, Chakra, Edge, Internet Explorer, microsoft, Patch Tuesday, SophosLabs Uncut, update, windows, Windows update

Credit to Author: Yaniv| Date: Tue, 09 Apr 2019 21:28:38 +0000

There are 16 Microsoft bugs marked as critical, as well as serious flaws in Adobe Flash and Acrobat that require immediate attention<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/VAyR1kHbAYM” height=”1″ width=”1″ alt=””/>

ComputerWorld Independent

Microsoft Patch Alert: Most March patches look good

April 1, 2019 admin microsoft, Microsoft Office, PCs, Security, windows

Credit to Author: Woody Leonhard| Date: Mon, 01 Apr 2019 16:04:00 -0700

March was an unusually light patching month – all of Office only had one security patch – and there don’t appear to be any immediate patching worries. Just as in the past few months, Microsoft’s holding off on its second cumulative update for Windows 10 1809, raising hopes that it’s taking Win10 quality more seriously.

Win10 1809 deployment proceeded at a positively lethargic rate, even though Microsoft declared the OS fit for business consumption last week, leading to all sorts of speculation about the next-next update, Win10 version 1903, ultimately overtaking its younger sibling.

To read this article in full, please click here

Kaspersky Security

Using WinRAR? Install this update right away

March 28, 2019 admin bug, malware, news, phishing, Threats, Vulnerability, windows, winRAR

Credit to Author: Marina Mash| Date: Thu, 28 Mar 2019 15:39:30 +0000

A bug in WinRAR allows malefactors to gain full control over your device. All they need you to do is unpack a rigged RAR file.

ComputerWorld Independent

Microsoft connects rival browsers to Windows 10's Application Guard

March 26, 2019 admin Browsers, Security, windows

Credit to Author: Gregg Keizer| Date: Tue, 26 Mar 2019 03:00:00 -0700

Microsoft earlier this month released a pair of add-ons for Google’s Chrome and Mozilla’s Firefox to cobble together an unwieldy connection between those browsers, Edge and Windows 10’s advanced security technology, Windows Defender Application Guard (WDAG).

The debut of the browser extensions – separate add-ons for Chrome and Firefox – was quietly plugged at the end of a March 15 blog post relating a recent Windows Insider build. That build, 18358, will lead, presumably next month, to Windows 10’s next feature upgrade, labeled 1903 and also Windows 10 April 2019 Update.

To read this article in full, please click here

ComputerWorld Independent

ASUS Live Update Utility cracked, installs ShadowHammer backdoor on 1M PCs, but only 600 targeted

March 25, 2019 admin Security, windows

Credit to Author: Woody Leonhard| Date: Mon, 25 Mar 2019 09:28:00 -0700

Great way to wake up on Monday morning, especially if you own an ASUS machine.

Kaspersky just published a teaser for a more thorough explanation to come in two weeks at the Kaspersky Security Analysts Summit in Singapore. It’s quite an eye-opener.

Apparently somebody broke into the ASUS update servers, and swapped out a valid software/firmware update with one of their own. The bogus update looked like the genuine thing, with a valid certificate, and its size matched the original’s size. As a result, the bad update stayed on ASUS’s servers “for a long time.”

To read this article in full, please click here

ComputerWorld Independent

How to audit Windows Task Scheduler to detect attacks

March 20, 2019 admin Security, windows

Learn how to prevent attackers from using Task Scheduler to hide and set up tasks to access Windows systems.