Page 45 of 45 FirstFirst ... 354142434445
Results 441 to 445 of 445

Thread: Microsoft Alerts

  1. #441
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,803

    Exclamation MS Oct 2017 patch status

    FYI...

    - https://askwoody.com/2017/ms-defcon-...get-caught-up/
    Oct 27, 2017 - "There are isolated problems with current patches, but they are well-known and documented on this site..."

    - https://www.computerworld.com/articl...-crawlies.html
    Oct 27, 2017

    Fixes or workarounds for recent Office issues
    Applies To: Excel 2016 Word 2016 Outlook 2016 PowerPoint 2016 More...
    - https://support.office.com/en-us/art...rs=en-US&ad=US

    - https://www.computerworld.com/articl...y-rollout.html

    - https://social.technet.microsoft.com...win10itprovirt

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #442
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,803

    Exclamation MS 'Patch Thursday' ??

    FYI...

    MS fixes 'external database' bug with patches that have even more bugs
    ... Yesterday, in an odd Patch Thursday, Microsoft released five patches for the “Unexpected error from external database driver” bug. But the cure’s worse than the disease. If you installed one, yank it now — and expect Microsoft to pull the patches soon
    - https://www.computerworld.com/articl...more-bugs.html
    Nov 3, 2017 - "... It’s too early to assess all of the damage, but reports from many corners say installing these new patches brings back old, unpatched versions of many files. If you installed one of the patches from yesterday, best to uninstall it. Now..."
    (More detail at the URL above.)

    > https://www.ghacks.net/2017/11/03/mi...ws-10-updates/
    Nov 3, 2017 - "... users may run into another issue after installing the update..."
    ___

    - https://www.ghacks.net/2017/11/03/mi...ws-10-updates/
    Last Update: Nov 5, 2017 - "Microsoft released a whole bunch of non-security updates for its operating systems Windows 7, Windows 8.1, and several versions of Windows 10 yesterday.
    Update: Microsoft pulled KB4052234 and KB4052234. It is unclear right now why the company did so..."

    Microsoft yanks buggy Windows patches KB 4052233, 4052234, 4052235
    ...In a startling departure from the norm, Microsoft has not only pulled the buggy Win7/Server 2008 R2, Server 2012, and Win 8.1/Server 2012 R2 patches; it’s even eliminated the associated KB articles and entries in the official update history pages...
    - https://www.computerworld.com/articl...4-4052235.html
    Nov 6, 2017
    ___

    Non-security Office updates due today
    - https://askwoody.com/2017/ms-defcon-...tes-due-today/
    Nov 7, 2017 - "Which means it’s a good time to check and make sure you have Automatic Updates turned off...
    Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it."

    ... With a crop of non-security Office updates due today, a big dose of security patches expected in a week, and a known bug in the KB 4041686 Win7 Preview, now’s a good time to make sure you have Automatic Update set so it won’t deal you a nasty surprise
    > https://www.computerworld.com/articl...ic-update.html
    Nov 7, 2017

    >> https://www.computerworld.com/articl...d-2976978.html
    Nov 8, 2017

    Last edited by AplusWebMaster; 2017-11-08 at 15:54.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #443
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,803

    Exclamation MS Security Updates - Nov 2017

    FYI...

    November 2017 security update release
    - https://blogs.technet.microsoft.com/...pdate-release/
    Nov 14, 2017 - "Today, we released security updates to provide additional protections against malicious attackers. By default, Windows 10 receives these updates automatically..."

    > https://portal.msrc.microsoft.com/en...5-000d3a32fc99
    Nov 14, 2017 - "The November security release consists of security updates for the following software:
    Internet Explorer
    Microsoft Edge
    Microsoft Windows
    Microsoft Office and Microsoft Office Services and Web Apps
    ASP.NET Core and .NET Core
    Chakra Core ...

    Known Issues:
    - https://support.microsoft.com/en-us/help/4048954/
    - https://support.microsoft.com/en-us/help/4048953/
    - https://support.microsoft.com/en-us/help/4048955
    - https://support.microsoft.com/en-us/help/4048952/
    - https://support.microsoft.com/en-us/help/4048956
    - https://support.microsoft.com/en-us/help/4048958
    - https://support.microsoft.com/en-us/help/4048961
    - https://support.microsoft.com/en-us/help/4048957
    - https://support.microsoft.com/en-us/help/4048960

    Security Update Summary
    > https://portal.msrc.microsoft.com/en...urity-guidance
    ___

    - https://www.askwoody.com/tag/novembe...black-tuesday/
    "... Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it..."
    ___

    - https://www.us-cert.gov/ncas/current...curity-Updates
    Nov 14, 2017
    ___

    ghacks.net: https://www.ghacks.net/2017/11/14/mi...-2017-release/
    Nov 14, 2017 - "Microsoft released security updates for Microsoft Windows, Microsoft Office, and other company products on the November 2017 Patch Day...
    Executive Summary:
    Microsoft released security updates for all supported versions of Windows (client and server), and Internet Explorer, Microsoft Edge, Microsoft Office, .Net Core and ASP.NET Core, and Chakra Core.
    No critical updates for Windows, but for IE 11 and Microsoft Edge.
    Lots of known issues. <<
    Operating System Distribution:
    Windows 7: 12 vulnerabilities of which 12 are rated important
    Windows 8.1: 11 vulnerabilities of which 11 are rated important
    Windows 10 version 1607: 12 vulnerabilities of which 12 are rated important
    Windows 10 version 1703: 12 vulnerabilities of which 12 are rated important
    Windows 10 version 1709: 9 vulnerabilities of which 9 are rated important
    Windows Server products:
    Windows Server 2008: 11 vulnerabilities of which 11 are rated important
    Windows Server 2008 R2: 12 vulnerabilities of which 12 are rated important
    Windows Server 2012 and 2012 R2: 11 vulnerabilities of which 11 are rated important.
    Windows Server 2016: 12 vulnerabilities of which 12 are rated important
    Other Microsoft Products
    Internet Explorer 11: 13 vulnerabilities, 8 critical, 4 important, 1 moderate
    Microsoft Edge: 24 vulnerabilities, 16 critical, 8 important ..."

    Qualys analysis: https://blog.qualys.com/laws-of-vuln...e-adobe-update
    Nov 14, 2017 - "This November Patch Tuesday is moderate in volume, and in severity. Microsoft released patches to address -53- unique vulnerabilities, with 25 focused on Remote Code Execution fixes. Windows OS gets 14 patches, while the lion’s share is focused on Browsers, Microsoft Office, and Adobe. According to Microsoft, there do not appear to be any actively attacked vulnerabilities in the wild in this patch release.
    Interestingly enough, none of the Windows OS patches are listed as Critical this month, but we do recommend focusing on CVE-2017-11830 and CVE-2017-11847, as they address a Security Feature Bypass, and a Privilege Elevation respectively. It should also be noted that CVE-2017-11848,CVE-2017-11827,CVE-2017-11883,CVE-2017-8700 have public exploits, but they do not appear to be used in any active campaigns.
    From a prioritization standpoint, focus on the fixes for CVE-2017-11836, CVE-2017-11837, CVE-2017-11838, CVE-2017-11839, CVE-2017-11871, and CVE-2017-11873, which all address the Scripting Engine in Edge and Internet Explorer, especially on laptops, and other workstation-type systems where the logged in user may have administrative privileges. Microsoft lists exploitation as More Likely for these vulnerabilities, especially if a user is tricked into viewing a malicious site or opening an attachment. While Microsoft lists the fix for CVE-2017-11882 as Important, there may be POC code for this vulnerability, so it is recommended that you give the Office updates attention this month as well. It should also be noted that last Patch Tuesday, Microsoft quietly released the fix for CVE-2017-13080, widely known as the KRACK vulnerability in WPA2 wireless protocol, but did not make it known until a week later, when the vulnerability was publicly disclosed. Therefore, it is recommended you ensure last month’s security patches are fully addressed. Alternatively, you can install this month’s Monthly Rollups, as they should include this fix.
    Adobe has also released patches for 9 advisories, fixing a stunning -62- CVEs for Acrobat and Reader alone, so ensure that you are updating Adobe across your environment to stay protected."
    ___

    Additional information - MS released patches:
    - https://www.securitytracker.com/id/1039780
    - https://www.securitytracker.com/id/1039781
    - https://www.securitytracker.com/id/1039782
    - https://www.securitytracker.com/id/1039783
    - https://www.securitytracker.com/id/1039787

    - https://www.securitytracker.com/id/1039788
    - https://www.securitytracker.com/id/1039789
    - https://www.securitytracker.com/id/1039790
    - https://www.securitytracker.com/id/1039792
    - https://www.securitytracker.com/id/1039793

    - https://www.securitytracker.com/id/1039794
    - https://www.securitytracker.com/id/1039795
    - https://www.securitytracker.com/id/1039796
    - https://www.securitytracker.com/id/1039797
    - https://www.securitytracker.com/id/1039801
    ___

    November 2017 Office Update Release
    - https://blogs.technet.microsoft.com/...pdate-release/
    Nov 14, 2017 - "... This month, there are -23- security updates and 43 non-security updates. All of the security and non-security updates are listed in KB article 4051890*.
    * https://support.microsoft.com/en-us/...crosoft-office
    Last Review: Nov 14, 2017 - Rev: 10

    A new version of Office 2013 Click-To-Run is available: 15.0.4981.1001

    A new version of Office 2010 Click-To-Run is available: 14.0.7190.5001
    ___

    > https://www.computerworld.com/articl...enanigans.html
    Nov 15, 2017 - "... It’s a messy month. With no “critical” Windows updates, as long as you don’t use IE or Edge, there’s no huge pressure to apply the updates just yet..."

    Last edited by AplusWebMaster; 2017-11-15 at 23:03.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #444
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,803

    Exclamation MS Nov 2017 Patch status

    FYI...

    Patch alert...
    ... Patch Tuesday problems roll out, with a new acknowledgment from Microsoft about a dot matrix printer bug, continued reports of Win10 1703-to-1709 upgrades, one unconfirmed report of a forced 1607-to-1709 upgrade, and a memory violation error with CDPUserSvc...
    > https://www.computerworld.com/articl...-continue.html
    Nov 17, 2017

    > https://www.askwoody.com/2017/roundu...-tuesday-crop/
    Nov 17, 2017

    > https://www.ghacks.net/2017/11/17/mi...-2017-updates/
    Nov 17, 2017

    ... Nov patch bugs... see the URLs above...

    i.e.: Nov 14, 2017—KB4048957 (Monthly Rollup)
    > https://support.microsoft.com/en-us/...date-kb4048957
    "... After installing this update, some Epson SIDM and Dot Matrix printers cannot print on x86 and x64-based systems.
    Microsoft and Epson have determined the cause of the issue and are working on a solution. This problem is not related to the printer driver, so installing current or older print drivers will not resolve the issue.
    Microsoft will provide an update in an upcoming release."
    Article ID: 4048957 - Last Review: Nov 17, 2017 - Rev: 19
    Applies to: Windows Server 2008 R2 Standard, Windows 7 Service Pack 1

    Last edited by AplusWebMaster; 2017-11-18 at 19:12.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #445
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,803

    Exclamation Windows 8 and later - ASLR

    FYI...

    Windows ASLR Vulnerability
    > https://www.us-cert.gov/ncas/current...-Vulnerability
    Nov 20, 2017 - "... released information on a vulnerability in Windows Address Space Layout Randomization (ASLR) that affects Windows 8, Windows 8.1, and Windows 10. A remote attacker could exploit this vulnerability to take control of an affected system..."

    Windows 8 and later fail to properly randomize every application if system-wide mandatory ASLR is enabled via EMET or Windows Defender Exploit Guard
    - https://www.kb.cert.org/vuls/id/817544
    19 Nov 2017 - "Overview: Microsoft Windows 8 introduced a change in how system-wide mandatory ASLR is implemented. This change requires system-wide bottom-up ASLR to be enabled for mandatory ASLR to receive entropy. Tools that enable system-wide ASLR without also setting bottom-up ASLR will fail to properly randomize executables that do not opt in to ASLR.
    Description: Address Space Layout Randomization (ASLR)
    Starting with Windows Vista, a feature called ASLR was introduced to Windows that helps prevent code-reuse attacks. By loading executable modules at non-predictable addresses, Windows can help to mitigate attacks that rely on code being at predictable locations. Return-oriented programming (ROP) is an exploit technique that relies on code that is loaded to a predictable or discoverable location. One weakness with the implementation of ASLR is that it requires that the code is linked with the /DYNAMICBASE flag to opt in to ASLR.
    Mandatory ASLR and Windows 8: Both EMET and Windows Defender Exploit Guard can enable mandatory ASLR for code that isn't linked with the /DYNAMICBASE flag. This can be done on a per-application or system-wide basis. Before Windows 8, system-wide mandatory ASLR was implemented using the HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\MoveImages registry value. By settings this value to 0xFFFFFFFF, Windows will automatically relocate code that has a relocation table, and the new location of the code will be different across reboots of the same system or between different systems. Starting with Windows 8, system-wide mandatory ASLR is implemented differently than with prior versions of Windows. With Windows 8 and newer, system-wide mandatory ASLR is implemented via the HKLM\System\CurrentControlSet\Control\Session Manager\Kernel\MitigationOptions binary registry value. The other change introduced with Windows 8 is that system-wide ASLR must have system-wide bottom-up ASLR enabled to supply entropy to mandatory ASLR.
    The Problem: Both EMET and Windows Defender Exploit Guard enable system-wide ASLR without also enabling system-wide bottom-up ASLR. Although Windows Defender Exploit guard does have a system-wide option for system-wide bottom-up-ASLR, the default GUI value of "On by default" does not reflect the underlying registry value (unset). This causes programs without /DYNAMICBASE to get relocated, but without any entropy. The result of this is that such programs will be relocated, but to the same address every time across reboots and even across different systems.
    Impact: Windows 8 and newer systems that have system-wide ASLR enabled via EMET or Windows Defender Exploit Guard will have non-DYNAMICBASE applications relocated to a predictable location, thus voiding any benefit of mandatory ASLR. This can make exploitation of some classes of vulnerabilities easier.
    Solution: The CERT/CC is currently unaware of a practical solution to this problem. Please consider the following workaround:
    Enable system-wide bottom-up ASLR on systems that have system-wide mandatory ASLR
    To enable both bottom-up ASLR and mandatory ASLR on a system-wide basis on a Windows 8 or newer system, the following registry value should be imported:
    Windows Registry Editor Version 5.00
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel]
    "MitigationOptions"=hex:00,01,01,00,00,00,00,00,00,00,00,00,00,00,00,00

    Note that importing this registry value will overwrite any existing system-wide mitigations specified by this registry value. The bottom-up ASLR setting specifically is the second 01 in the binary string, while the mandatory ASLR setting is the first 01. Also note that in the past, enabling system-wide mandatory ASLR could cause problems if older AMD/ATI video card drivers are in use. This issue was addressed in the Catalyst 12.6 drivers released in June, 2012."

    > https://www.kb.cert.org/vuls/id/458153

    > https://support.amd.com/en-us/download
    ___

    > https://www.bleepingcomputer.com/new...es-how-to-fix/
    Nov 17, 2017 - "... Optionally, Bleeping Computer has created an ASLR-fix registry fix file that users only need to download and double-click."
    > https://download.bleepingcomputer.com/reg/ASLR-fix.reg

    Last edited by AplusWebMaster; Yesterday at 00:51.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •