Credit to Author: Paul Ducklin| Date: Wed, 11 Jan 2023 00:22:30 +0000
Get ’em while they’re hot. And get ’em for the very last time, if you still have Windows 7 or 8.1…
Read moreCredit to Author: Quick Heal| Date: Tue, 10 Jan 2023 08:34:14 +0000
Quick Heal products are fully compatible with Microsoft’s latest feature update – Windows 10 2022. Quick Heal has ensured that your cyber security solution is up to speed and fully compatible with this feature update. Find out how you can enjoy a secure digital experience even with the latest OS update.
The post Quick Heal Supports Windows 10 Version 22H2 appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.
Read more
Credit to Author: Paul Ducklin| Date: Thu, 29 Dec 2022 17:59:05 +0000
Is there a special meaning of “don’t” that means “go right ahead”?
Read more
Credit to Author: Paul Ducklin| Date: Tue, 20 Dec 2022 17:59:23 +0000
It happens to the best of us: Microsoft highlights a security bypass bug on Macs that is curiously similar to a recent Windows 0-day.
Read moreCredit to Author: Microsoft Security Threat Intelligence| Date: Mon, 19 Dec 2022 18:00:00 +0000
Microsoft discovered a vulnerability in macOS, referred to as “Achilles”, allowing attackers to bypass application execution restrictions enforced by the Gatekeeper security mechanism.
The post Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability appeared first on Microsoft Security Blog.
Read more
KB5012170 is many things to many Windows users. First, it’s a patch that either installs with no problems or leads to a blue screen of death (BSOD). It can also be an indicator we have a problem getting updated drivers on our systems. It can demonstrate how users don’t keep up with Bios updates. And it shows that some OEMs enable Bitlocker on the systems they sell (not necessarily in a good way).
In short, it’s a problematic patch that just keeps rearing its head.
Also known as “Security Update for Secure Boot DBX,” KB5012170 was released earlier this year and makes improvements to the Secure Boot Forbidden Signature Database (DBX). Windows devices that have Unified Extensible Firmware Interface (UEFI)-based firmware have Secure Boot enabled. It ensures only trusted software can be loaded and executed on during the boot process by using cryptographic signatures to verify the integrity of the process and the software being loaded.
Microsoft’s December Patch Tuesday updated delivers 59 fixes, including two zero-days (CVE-2022-44698 and CVE-2022-44710) that require immediate attention on the Windows platform. This is a network focused update (TCP/IP and RDP) that will require significant testing with an emphasis on ODBC connections, Hyper-V systems, Kerberos authentication, and printing (both local and remote).
Microsoft also published an urgent out-of-band update (CVE-2022-37966) to address serious Kerberos authentication issues. (The team at Readiness has provided a helpful infographic that outlines the risks associated with each of these updates.)
Microsoft’s December Patch Tuesday updated delivers 59 fixes, including two zero-days (CVE-2022-44698 and CVE-2022-44710) that require immediate attention on the Windows platform. This is a network focused update (TCP/IP and RDP) that will require significant testing with an emphasis on ODBC connections, Hyper-V systems, Kerberos authentication, and printing (both local and remote).
Microsoft also published an urgent out-of-band update (CVE-2022-37966) to address serious Kerberos authentication issues. (The team at Readiness has provided a helpful infographic that outlines the risks associated with each of these updates.)
Credit to Author: Paul Ducklin| Date: Thu, 15 Dec 2022 17:10:10 +0000
Return o’ the rookit, super-sneaky wireless spyware, credit card skimming, and patches galore. Listen and learn!
Read more
Using an Apple Watch as a device to authenticate access to enterprise sites and services using Microsoft Authenticator is a convenience that’s about to go away. Microsoft says the feature will stop working after an Authenticator update scheduled for next month.
Microsoft Authenticator makes it easy to sign into Microsoft accounts, supported apps or services using two-step verification. Authenticator also generates one-time use codes, so you needn’t wait for text messages or calls to access your accounts.