CVE-2019-0797: Zero-day exploits keep coming
Credit to Author: Pavel Shoshin| Date: Thu, 14 Mar 2019 13:35:39 +0000
Our proactive technologies detected yet another Windows exploit that was used in APT attacks.
Read morewindows
What you need to know for Patch Tuesday, March 2019
Credit to Author: Andrew Brandt| Date: Thu, 14 Mar 2019 13:00:46 +0000
By SophosLabs Offensive Security Research Microsoft released their monthly security updates for March this past Tuesday. This month’s fixes address 64 vulnerabilities that affect Windows and a range of software that runs on Windows, mainly the Internet Explorer and Edge browsers. In addition, there was a patch released for one critical vulnerability in Adobe Flash. […]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/Vlj59LNV68Y” height=”1″ width=”1″ alt=””/>
Read moreMarch 2019 Windows and Office patches poke a few interesting places
Credit to Author: Woody Leonhard| Date: Wed, 13 Mar 2019 06:21:00 -0700
Patch Tuesday has come and gone, not with a bang but a whimper. As of this moment, early Wednesday morning, I don’t see any glaring problems with the 124 patches covering 64 individually identified security holes. But the day is yet young.
There are a few patches of note.
Two zero days
Microsoft says that two of this month’s security holes — CVE-2019-0797 and CVE-2019-0808 — are being actively exploited. The latter of these zero days is the one that was being used in conjunction with the Chrome exploit that caused such a kerfuffle last week, with Google urging Chrome browser users to update right away, or risk the slings of nation-state hackers. If you’ve already updated Chrome (which happens automatically for almost everybody), the immediate threat has been thwarted already.
Microsoft to start selling Windows 7 add-on support April 1
Credit to Author: Gregg Keizer| Date: Tue, 05 Mar 2019 12:06:00 -0800
Microsoft plans to start selling its Windows 7 add-on support beginning April 1.
Labeled “Extended Security Updates” (ESU), the post-retirement support will give enterprise customers more time to purge their environments of Windows 7. From Windows 7’s Jan. 14, 2020 end of support, ESU will provide security fixes for uncovered or reported vulnerabilities in the OS.
Patches will be issued only for bugs rated “Critical” or “Important” by Microsoft, the top two rankings in a four-step scoring system.
Microsoft Patch Alert: After a serene February, Microsoft plops KB 4023057 into the Update Catalog
Credit to Author: Woody Leonhard| Date: Fri, 01 Mar 2019 07:50:00 -0800
Microsoft continues to hold Windows 10 version 1809 close to the chest. While all of the other Win10 versions have had their usual twice-a-month cumulative updates, the latest version of the last version of Windows, 1809, still sits in the Windows Insider Release Preview Ring.
For most people, that’s excellent news. It seems that Microsoft is willing to hold off until they get the bugs fixed, at least in the 1809 releases. May I hear a “hallelujah” from the chorus?
Mystery update bulldozer KB 4023057 hits the Catalog
You’ve heard me talk about KB 4023057 many times, most recently in January. It’s a mysterious patch that Microsoft calls an “update reliability improvement” whose sole reason for existence, as best I can tell, is to blast away any blocks your machine may have to keep the next version of Windows (in this case, Win10 1809) from installing on your machine.
Microsoft opens top-tier Defender ATP security to Windows 7 PCs
Credit to Author: Gregg Keizer| Date: Mon, 25 Feb 2019 08:28:00 -0800
Microsoft’s Windows Defender Advanced Threat Protection (ATP) service is now available for PCs running Windows 7 and Windows 8.1.
The decision to add devices powered by those operating systems was first announced a year ago. At the time, Microsoft said ATP’s Endpoint Detection & Response (EDR) functionality would be available for the older OSes by summer 2018.
Windows Defender ATP is a service that detects ongoing attacks on corporate networks, then follows up to investigate the attack or breach and provides response recommendations and attack remediation. Software baked into Windows 10 detects attacks, while a central management console allows IT administrators to monitor the status of covered devices and react if necessary. Adding the EDR client software to Windows 7 and Windows 8.1 PCs gives enterprise IT the same visibility into those machines as it has had into Windows 10 systems.
Microsoft delays Windows 7's update-signing deadline to July
Credit to Author: Gregg Keizer| Date: Tue, 19 Feb 2019 13:03:00 -0800
Microsoft has revised its schedule to dump support for an outdated cryptographic hash standard by postponing the deadline for Windows 7.
Microsoft, like other software vendors, digitally “signs” updates before they are distributed via the Internet. SHA-1 (Secure Hash Algorithm 1), which debuted in 1995, was declared insecure a decade later, but it was retained for backward-compatibility reasons, primarily for Windows 7. Microsoft wants to ditch SHA-1 and rely only on the more-secure SHA-2 (Secure Hash Algorithm 2).
Late last year, Microsoft said that it would update Windows 7 and Windows Server 2008 R2 SP1 (Service Pack 1) this month with support for SHA-2. Systems running those operating systems would not receive the usual monthly security updates after April’s collection, slated for release April 9, Microsoft promised at the time.
It's time to block Windows Automatic Updating
Credit to Author: Woody Leonhard| Date: Mon, 11 Feb 2019 05:15:00 -0800
Those of you who feel it’s important to install Windows and Office patches the moment they come out – I salute you. The Windows world needs more cannon fodder. When the bugs come out, as they inevitably will, I hope you’ll drop by AskWoody.com and tell us all about them.
For those who feel that, given Microsoft’s track record of pernicious patches, a bit of reticence is in order, I have some good news. Microsoft’s Security Response Center says that only a tiny percentage of patched security holes get exploited within 30 days of the patch becoming available.