A vulnerability in the WPA2 wireless protocol called Krack potentially allow attackers to eavesdrop on wireless connections and inject data into the wireless stream in order to install malware or modify web pages.
To protect yourself, many Wi-Fi product vendors will be releasing updated firmware and drivers for their products. It is strongly recommended that users update their hardware or have it updated as soon as a update is available in order to protect themselves. This includes router firmware and wireless network card drivers.
The October 2017 Patch released this past Tuesday, addresses important security issues including a Word zero-day vulnerability. Users who are not on auto updates should install them immediately.
Adobe just released its monthly security updates and this month the company patched vulnerabilities in three products — Adobe Flash Player, Adobe ColdFusion, and Adobe RoboHelp. Adobe patched eight security bugs ; two in Flash Player, four in ColdFusion, and two in RoboHelp.
Microsoft has released an out of out of band security update for Windows Defender found on Windows 7, 10 and Server 2008. If you are running a third Party Anti Virus solution your version of Windows Defender will be disabled. If not you should run Windows Update to ensure you apply the update ASAP.
Today security experts are warning of the continued spread of WCry and of numerous variants being released over the weekend.
Typical of Any Ransomware users should be vigilant with any emails that could be carrying a payload or be links to a payload. At this point Microsoft has not ruled out any attack vectors:
We haven’t found evidence of the exact initial entry vector used by this threat, but there are two scenarios we believe are highly possible for this ransomware family:
- Arrival through social engineering emails designed to trick users to run the malware and activate the worm-spreading functionality with the SMB exploit
- Infection through SMB exploit when an unpatched computer can be addressed in other infected machines
Microsoft has released a patch for Operating systems going as far back as XP:
Windows update MS17-010
Microsoft has released an update to the Microsoft Malware Protection Engine addressing a security vulnerability. The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system.
Users should run their Microsoft updates ASAP and apply the patch if using one of the Microsoft Provided Malware products such as the Windows Defender line.