G.Skill TridentZ Royal DDR4 3200 MHz review
Radeon Adrenalin 2019 Edition Driver Overview
ASRock Z390 Taichi Ultimate review
Team Group T-Force Night Hawk RGB Legend DDR4
MSI MPG Z390 Gaming Pro Carbon review
Promo: Get Windows 10 Pro OEM under 12$
MSI GeForce RTX 2080 Gaming X TRIO review
Guru3D Rig of the Month - November 2018
Samsung 860 QVO 2TB SSD review
Asus Strix Fusion 700 - RGB Headset Review
Microsoft patches 50 vulnerabilities incl a Zero Day Issue
It was patch Tuesday yesterday and if you have not done so, you should grab that update alright as Microsoft addressed 50 vulnerabilities including a zero-day vulnerability.
The zero-day allowed an attacker with access to the system to elevate his privileges and Microsoft has classified its severity as ‘important’. Kaspersky Lab discovered the zero-day in August this year reports myce.
According to the antivirus vendor the vulnerability has been used in targeted attacks against less than a dozen targets in the Middle East. The vulnerability was reported on the 17th of August to Microsoft, which released a patch yesterday, the 9th of October. The attackers already had access to the system and used the vulnerability to gain privileges that they used to infect the system with persistent malware. The exploit that made use of the vulnerability, was of high quality and designed to reliable attack several versions of Windows.
Besides the zero-day, also two vulnerabilities were patched of which details were already disclosed. Both vulnerabilities weren’t actively exploited, according to Microsoft. One is a vulnerability in the Microsoft JET Database Engine and the other in the Windows kernel. Microsoft also fixed a vulnerability that has a CVE number from 2010. CVE numbers are unique numbers assigned to vulnerabilities after they are discovered. The vulnerability from 2010 allows remote code execution in certain applications built using Microsoft Foundation Classes (MFC).
Other vulnerabilities were patched in Internet Explorer, Microsoft Edge, Microsoft Office, Windows, ChakraCore, .NET Core, PowerShell Core, SQL Server Management Studio, Microsoft Exchange server, Azure IoT Edge and Hub Device Client SDK for Azure IoT.
On most systems the patches will be automatically installed.
Microsoft resolves issue with Windows 10 disappearing files - 10/10/2018 07:37 AM
The new Windows 10 October update no longer removes files by accident. Microsoft says it has solved the problem, and that it wants to help users get their files back....
Microsoft can recover lost files Windows 10 October 2018 Update - But You Need To Call Them - 10/09/2018 07:40 AM
Wowzers, so remember the news-item we wrote a couple of days ago, Micsofot halting the Fall update due to people losing files and documents? Well, the good news is that the files can be recovered, h...
Microsoft halts Windows October 2018 update due to missing user files - 10/07/2018 08:43 AM
Microsoft has paused the rollout of the Windows 10 October 2018 Update (version 1809) for all users as they investigate reports of users missing some files after updating....
Microsoft Announces New 8th Gen Intel Core-Powered Surface Pro 6 and Surface Laptop 2 - 10/03/2018 07:01 AM
Microsoft announced the all-new Surface Pro 6 and Surface Laptop, according to them both faster than ever with the latest 8th Generation Intel Core processors. The Surface Pro 6 and Surface Laptop 2 a...
(0day) Microsoft Windows Jet Database Engine Vulnerability - 09/24/2018 07:29 AM
According to the an advisory released by Zero Day Initiative (ZDI), the vulnerability is due to a problem with the management of indexes in the Jet database engine that, if exploited successfully, c...
Kaarme
Senior Member
Posts: 1305
Joined: 2013-03-10
Senior Member
Posts: 1305
Joined: 2013-03-10
#5595186 Posted on: 10/11/2018 11:35 AM
When Win10 started to install updates upon turning off the PC last night, I thought today I'd find all of my personal documents gone, but fortunately it wasn't that update.
Targeted Attacks => Not some small time "hacker" looking to build botnet... CIA?
Middle East - Probably someone nice, right?
I reckon most targeted attacks in the Middle East are by Israel. You know, by the actual experts in Israel, not those "experts" that find "vulnerabilities" in AMD CPUs and give AMD 24 hours to fix them before making them public with terrible headlines.
When Win10 started to install updates upon turning off the PC last night, I thought today I'd find all of my personal documents gone, but fortunately it wasn't that update.
Targeted Attacks => Not some small time "hacker" looking to build botnet... CIA?
Middle East - Probably someone nice, right?
I reckon most targeted attacks in the Middle East are by Israel. You know, by the actual experts in Israel, not those "experts" that find "vulnerabilities" in AMD CPUs and give AMD 24 hours to fix them before making them public with terrible headlines.
lucidus
Senior Member
Posts: 11178
Joined: 2011-12-31
Senior Member
Posts: 11178
Joined: 2011-12-31
#5595187 Posted on: 10/11/2018 11:37 AM
When Win10 started to install updates upon turning off the PC last night, I thought today I'd find all of my personal documents gone, but fortunately it wasn't that update.
I reckon most targeted attacks in the Middle East are by Israel. You know, by the actual experts in Israel, not those "experts" that find "vulnerabilities" in AMD CPUs and give AMD 24 hours to fix them before making them public with terrible headlines.
Don't leave out their Arab buddies. Despite all the rhetoric, they do buy all those "tools" from Israel
When Win10 started to install updates upon turning off the PC last night, I thought today I'd find all of my personal documents gone, but fortunately it wasn't that update.
I reckon most targeted attacks in the Middle East are by Israel. You know, by the actual experts in Israel, not those "experts" that find "vulnerabilities" in AMD CPUs and give AMD 24 hours to fix them before making them public with terrible headlines.
Don't leave out their Arab buddies. Despite all the rhetoric, they do buy all those "tools" from Israel
Fox2232
Senior Member
Posts: 7903
Joined: 2012-07-20
Senior Member
Posts: 7903
Joined: 2012-07-20
#5595196 Posted on: 10/11/2018 12:09 PM
When Win10 started to install updates upon turning off the PC last night, I thought today I'd find all of my personal documents gone, but fortunately it wasn't that update.
I reckon most targeted attacks in the Middle East are by Israel. You know, by the actual experts in Israel, not those "experts" that find "vulnerabilities" in AMD CPUs and give AMD 24 hours to fix them before making them public with terrible headlines.
What I meant is, that it talked about sophisticated tool which was universal for multiple versions of Windows. That's not work of random guy in mom's basement. That's work of well funded and motivated party. Be it Israeli, US, ... matters little. But it means that threat they are focusing on is likely threat to their national security. (Or is perceived as such.)
And dozen of targets really look more like surgical approach. And likely bad guys are ones to celebrate. I do not think that any of those organizations capable to create and use surgical hack like this will target some random citizen or will use that vulnerability to get data from millions of computers. (That greatly increases chance for detection and fix. => Loss of investment, technological advantage, Strategic option.)
When Win10 started to install updates upon turning off the PC last night, I thought today I'd find all of my personal documents gone, but fortunately it wasn't that update.
I reckon most targeted attacks in the Middle East are by Israel. You know, by the actual experts in Israel, not those "experts" that find "vulnerabilities" in AMD CPUs and give AMD 24 hours to fix them before making them public with terrible headlines.
What I meant is, that it talked about sophisticated tool which was universal for multiple versions of Windows. That's not work of random guy in mom's basement. That's work of well funded and motivated party. Be it Israeli, US, ... matters little. But it means that threat they are focusing on is likely threat to their national security. (Or is perceived as such.)
And dozen of targets really look more like surgical approach. And likely bad guys are ones to celebrate. I do not think that any of those organizations capable to create and use surgical hack like this will target some random citizen or will use that vulnerability to get data from millions of computers. (That greatly increases chance for detection and fix. => Loss of investment, technological advantage, Strategic option.)
DLD
Senior Member
Posts: 756
Joined: 2002-09-14
Senior Member
Posts: 756
Joined: 2002-09-14
#5595414 Posted on: 10/11/2018 09:44 PM
Remember the time when 3 Baraks sat at one table to "negotiate" - Barack Obama, Ehud Barak and Mubarak (president of Egypt). Judeoamerican-Arab everlasting conflict was designed to hold the rest of the world as a hostage. And this conflict is carefully maintained throughout a few decades now. And the authorities are trying to persuade us that this is just a coincidence, and whoever says different is an inventor of a "conspiracy theory"....
And anyone who thinks it's just a coincidence that windows os is invented (though the idea was stolen, copied) by a guy who is of such and such nationality, and that it's a pure coincidence that micro$oft is a servant of the secret forces of USA, is living in an illusion.
Don't leave out their Arab buddies. Despite all the rhetoric, they do buy all those "tools" from Israel :p
Remember the time when 3 Baraks sat at one table to "negotiate" - Barack Obama, Ehud Barak and Mubarak (president of Egypt). Judeoamerican-Arab everlasting conflict was designed to hold the rest of the world as a hostage. And this conflict is carefully maintained throughout a few decades now. And the authorities are trying to persuade us that this is just a coincidence, and whoever says different is an inventor of a "conspiracy theory"....
And anyone who thinks it's just a coincidence that windows os is invented (though the idea was stolen, copied) by a guy who is of such and such nationality, and that it's a pure coincidence that micro$oft is a servant of the secret forces of USA, is living in an illusion.
Crimson Wolf
Member
Posts: 26
Joined: 2014-11-13
Member
Posts: 26
Joined: 2014-11-13
#5595427 Posted on: 10/11/2018 10:43 PM
FFS, Microsoft does it again! Cumulative update pulled because it's causing BSODs on HP and DELL.
https://answers.microsoft.com/en-us/windows/forum/all/windows-10-1809-1776355-cumulative-update-bsod/ee2ca1bc-b98f-4e1f-9fea-e0803b6766c9?auth=1
FFS, Microsoft does it again! Cumulative update pulled because it's causing BSODs on HP and DELL.
https://answers.microsoft.com/en-us/windows/forum/all/windows-10-1809-1776355-cumulative-update-bsod/ee2ca1bc-b98f-4e1f-9fea-e0803b6766c9?auth=1
Dimitrios1983
Senior Member
Posts: 146
Joined: 2018-03-01
Senior Member
Posts: 146
Joined: 2018-03-01
#5595455 Posted on: 10/12/2018 12:57 AM
FFS, Microsoft does it again! Cumulative update pulled because it's causing BSODs on HP and DELL.
https://answers.microsoft.com/en-us/windows/forum/all/windows-10-1809-1776355-cumulative-update-bsod/ee2ca1bc-b98f-4e1f-9fea-e0803b6766c9?auth=1
Maybe Microsoft should let high school or college kids handle this. I lost all trust in Microsoft.
FFS, Microsoft does it again! Cumulative update pulled because it's causing BSODs on HP and DELL.
https://answers.microsoft.com/en-us/windows/forum/all/windows-10-1809-1776355-cumulative-update-bsod/ee2ca1bc-b98f-4e1f-9fea-e0803b6766c9?auth=1
Maybe Microsoft should let high school or college kids handle this. I lost all trust in Microsoft.
ManofGod
Senior Member
Posts: 1252
Joined: 2004-12-10
Senior Member
Posts: 1252
Joined: 2004-12-10
#5595459 Posted on: 10/12/2018 01:15 AM
No, High School or College kids would make things worse, mostly. However, they sure do have some fixing to do, in many areas. (How the stocks do not take a hit with things like this, I will never understand.)
Maybe Microsoft should let high school or college kids handle this. I lost all trust in Microsoft.
No, High School or College kids would make things worse, mostly. However, they sure do have some fixing to do, in many areas. (How the stocks do not take a hit with things like this, I will never understand.)
lucidus
Senior Member
Posts: 11178
Joined: 2011-12-31
Senior Member
Posts: 11178
Joined: 2011-12-31
#5595461 Posted on: 10/12/2018 01:19 AM
FFS, Microsoft does it again! Cumulative update pulled because it's causing BSODs on HP and DELL.
https://answers.microsoft.com/en-us/windows/forum/all/windows-10-1809-1776355-cumulative-update-bsod/ee2ca1bc-b98f-4e1f-9fea-e0803b6766c9?auth=1
Oh ffs ....
FFS, Microsoft does it again! Cumulative update pulled because it's causing BSODs on HP and DELL.
https://answers.microsoft.com/en-us/windows/forum/all/windows-10-1809-1776355-cumulative-update-bsod/ee2ca1bc-b98f-4e1f-9fea-e0803b6766c9?auth=1
Oh ffs ....
Click here to post a comment for this news story on the message forum.
Senior Member
Posts: 7903
Joined: 2012-07-20
Targeted Attacks => Not some small time "hacker" looking to build botnet... CIA?
Middle East - Probably someone nice, right?
It is nice that it is patched, I feel much more secure. And would feel twice as secure if I was doing something bad via my PC.