PossibleThreat Articles

Articles for the experts…

Microsoft

ComputerWorld Independent 

Microsoft Patch Alert: November patches behave themselves – with a few exceptions

0 Comments , , , ,

Credit to Author: Woody Leonhard| Date: Tue, 03 Dec 2019 10:29:00 -0800

What a relief. The only major patching problem for November came from Office, not Windows. We had a handful of completely inscrutable patches – including two .NET non-security previews that apparently did nothing – but that’s the worst of it.

November saw the last security patch for Win10 version 1803. Win10 version 1909 got released, gently. We also had a much-hyped “exploited” zero-day security hole in Internet Explorer (again) that didn’t amount to a hill of beans (again).

To read this article in full, please click here

Read more
Security Sophos 

DNS sobre HTTPS llega a Windows 10

0 Comments , , ,

Credit to Author: Naked Security| Date: Mon, 25 Nov 2019 16:12:05 +0000

Los fanáticos de la privacidad de DNS sobre HTTPS (DoH), deben sentirse como si un muro infranqueable comenzara a resquebrajarse. Mozilla Firefox y Cloudflare fueron los primeros en adoptar esta nueva y controvertida forma de hacer que las consultas DNS fueran privadas mediante el cifrado, seguido poco después por Google, que incorporó DoH a Chrome [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/bIG_IIYcnxo” height=”1″ width=”1″ alt=””/>

Read more
Security Sophos 

Sir Tim Berners-Lee publishes plan to save the web from ‘digital dystopia’

0 Comments , , , , , , , ,

Credit to Author: John E Dunn| Date: Tue, 26 Nov 2019 10:27:10 +0000

Web inventor Sir Tim Berners-Lee has proposed a ‘Contract for the Web’ to rescue it from a headlong plunge into a moral abyss.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/ei841Vw1q5s” height=”1″ width=”1″ alt=””/>

Read more
Security Sophos 

DNS-over-HTTPS is coming to Windows 10

0 Comments , , , , , , , , , , , , , ,

Credit to Author: John E Dunn| Date: Thu, 21 Nov 2019 15:22:43 +0000

Microsoft will soon add the ability to use DNS-over-HTTPS and DNS-over-TLS into its networking client.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/KwCTrsw95Kk” height=”1″ width=”1″ alt=””/>

Read more
ComputerWorld Independent 

Microsoft starts releasing fixes for Access bugs introduced in Office security patches this month

0 Comments , ,

Credit to Author: Woody Leonhard| Date: Tue, 19 Nov 2019 06:09:00 -0800

Although we’ve been promised no “C” or “D” week second cumulative updates for the rest of the year — at least for Windows — Microsoft has acknowledged a bug it created in last week’s Patch Tuesday Office patches, and now promises that it’ll update the bad fixes on most machines this week or next. Those are “C” week and “D” week, respectively.

The cause du jour: a bug in all of this month’s Office security patches that throws an error in Access saying, “Query xxxx is corrupt,” when in fact the query in question is just fine. Microsoft describes the erroneous error message on its Office Support site:

To read this article in full, please click here

Read more
Security Sophos 

GitHub launches Security Lab to boost open source security

0 Comments , , , , , ,

Credit to Author: John E Dunn| Date: Mon, 18 Nov 2019 11:24:32 +0000

The idea is simple – create a global platform for reporting and fixing vulnerabilities in open source projects before they do damage.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/pPayEpWTksQ” height=”1″ width=”1″ alt=””/>

Read more
Security Sophos 

November 2019 Patch Tuesday fixes 13 critical flaws and one zero day

0 Comments , , , , , , , , ,

Credit to Author: John E Dunn| Date: Wed, 13 Nov 2019 17:12:34 +0000

November’s Patch Tuesday arrived to plug 73 CVE-level vulnerabilities across Microsoft’s software products, including 13 ‘criticals’.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/mcprAY-1N-s” height=”1″ width=”1″ alt=””/>

Read more
ComputerWorld Independent 

Patch Tuesday arrives with Access error, 1909 in tow, and a promise of no more 'optional' patches this year

0 Comments , , ,

Credit to Author: Woody Leonhard| Date: Wed, 13 Nov 2019 07:59:00 -0800

The patches haven’t yet been out for 24 hours and already we’re seeing a lot of activity. Here’s where we stand with the initial wave of problems.

Malicious Software Removal Tool installation error 800B0109 

Many early patchers found that the MSRT, KB 890830, kept installing itself over and over again. Poster IndyPilot80 says:

It sits at “Installing: 0%” for a couple minutes then goes away. When I hit “Check for Updates” it shows up again and does the same thing.

To read this article in full, please click here

Read more
Security Sophos 

Microsoft says it will honor California’s new privacy law across US

0 Comments , , , , , ,

Credit to Author: Lisa Vaas| Date: Wed, 13 Nov 2019 11:31:59 +0000

Microsoft said CCPA is good news, given the failure of Congress to pass a comprehensive privacy protection law at the federal level.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/WyNVOQw0oyw” height=”1″ width=”1″ alt=””/>

Read more
Independent Krebs Security 

Patch Tuesday, November 2019 Edition

0 Comments , , , , , , , ,

Credit to Author: BrianKrebs| Date: Tue, 12 Nov 2019 22:04:32 +0000

Microsoft today released updates to plug security holes in its software, including patches to fix at least 74 weaknesses in various flavors of Windows and in software that runs on top of it. The November updates include patches for a zero-day flaw in Internet Explorer that is currently being exploited in the wild, as well as a sneaky bug in certain versions of Office for Mac that bypasses security protections and was detailed publicly prior to today’s patches.

Read more