Archive | Microsoft RSS for this section

Microsoft Security Releases

Microsoft released today three additional Windows update packages —Microsoft Releases KB4100347, KB4134660, and KB4134661.

Microsoft Patch Tuesday: 66 Fixes

April’s Patch Tuesday includes 66 bulletins, significantly more than March’s. Included is CVE-2018-1034 for SharePoint. Full details are available from Microsoft.

Source: Microsoft

Windows 10 AMSI Vulnerability

Security researcher Satoshi Tanda has discovered that a bug in AMSI truncates files after a null character. The Antimalware Scan Interface (AMSI) is a generic interface standard that allows applications and services to integrate with any antimalware product present on a machine. It provides enhanced malware protection for users and their data, applications, and workloads.

Source: satoshi’s note

 

Microsoft Releases 12 Security Updates

Microsoft released 12 bulletins, six of which were rated critical, including one for Internet Explorer and one for the Edge browser.

Windows users should ensure the critical updates are installed ASAP.

Source: Microsoft

Microsoft October Patch Tuesday Fixes 62 Issues

The October 2017 Patch released this past Tuesday, addresses important security issues including a Word zero-day vulnerability. Users who are not on auto updates should install them immediately.

Security: Office 365 Phishing email

The past two mornings have had businesses in the Albany area who use Microsoft’s Office 365 receive a Phishing email claiming that users passwords have had a password change request and please follow the link included  in order to cancel the request.

The sender will be listed as “Office” or “Office 365” and the Subject line will read “Password Reset Alert”

This email should be deleted immediately.

 

WCry Ransomware Using NSA Exploit Leaked by Shadow Brokers running wild

Today security experts are warning of the continued spread of WCry and of numerous variants being released over the weekend.

Typical of Any Ransomware users should be vigilant with any emails that could be carrying a payload or be links to a payload. At this point Microsoft has not ruled out any attack vectors:

We haven’t found evidence of the exact initial entry vector used by this threat, but there are two scenarios we believe are highly possible for this ransomware family:

  • Arrival through social engineering emails designed to trick users to run the malware and activate the worm-spreading functionality with the SMB exploit
  • Infection through SMB exploit when an unpatched computer can be addressed in other infected machines

Microsoft has released a patch for Operating systems going as far back as XP:

Windows update MS17-010