PossibleThreat Articles

Articles for the experts…

Windows 10

ComputerWorld Independent 

How to keep your apps up to date in Windows 10 and 11

0 Comments , , , ,

Credit to Author: Ed Tittel| Date: Wed, 19 Jan 2022 03:00:00 -0800

Look around a typical Windows desktop. Whether it’s running Windows 10 or 11, chances are that it’s running at least a couple of dozen Windows applications (.exe files), and at least four dozen Microsoft Store apps. On my local fleet of 10 PCs, the range for applications is from a low of 24 to a high of 120; for Store apps, it ranges from 49 to 81. Such numbers are quite typical, if my online research is at all accurate.

In general, it’s considered good security practice to keep apps and applications up-to-date. Why? Because many updates involve security patches and fixes that block potential attacks and prevent unauthorized and unwanted access to applications and their data (and sometimes, the host OS and the PCs they run on). In this story, I will offer some tools to help you streamline this process, along with some instructions on how to put them to work to help you keep your apps and applications current and safe.

To read this article in full, please click here

Read more
ComputerWorld Independent 

20 years after Gates’ call for trustworthy computing, we’re still not there

0 Comments , , , ,

Credit to Author: Susan Bradley| Date: Mon, 17 Jan 2022 03:42:00 -0800

Do you feel more secure? Is your computing experience more trustworthy these days?

Seriously — you’re reading this article on a computer or phone, connecting to this site on an internet shared with your Grandma as well as Russian hackers, North Korean attackers, and lots of teenagers  looking at TikTok videos. It’s been 20 years since then-Microsoft CEO Bill Gates wrote his Trustworthy Computing memo where he emphasized security in the company’s products.

So are we actually more secure now?

I’m going to keep in mind the side effects from last week’s Patch Tuesday security updates and consider them in my answer. First, the good news: I don’t see major side effects occurring on PCs not connected to active directory domains (and I haven’t seen any showstoppers in testing my hardware at home). I can still print to my local HP and Brother printers. I can surf and access files. So, while I’m not ready yet to give an all-clear to install the January updates, when I do, I doubt you’ll see side effects.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Patch Tuesday gets off to a busy start for January

0 Comments , , , , ,

Credit to Author: Greg Lambert| Date: Fri, 14 Jan 2022 12:10:00 -0800

For this week’s Patch Tuesday, the first of the year, Microsoft addressed 97 security issues, six of them rated critical. Though six vulnerabilities have been publicly reported, I do not classify them as zero-days. Microsoft has fixed a lot of security related issues and is aware of several known issues that may have inadvertently caused significant server issues including:

  • Hyper-V, which no longer starts with the message, “Virtual machine xxx could not be started because the hypervisor is not running.”
  • ReFS (Resilient) file systems that are no longer accessible (which is kind of ironic).
  • And Windows domain controller boot loops.

There are a variety of known issues this month, and I’m not sure whether we’ll see more issues reported with the January server patches. You can find more information on the risk of deploying these latest updates with our helpful infographic.

To read this article in full, please click here

Read more
MalwareBytes Security 

Apply those updates now: CVE bypass offers up admin privileges for Windows 10

0 Comments , , , , , , , , ,

Credit to Author: Malwarebytes Labs| Date: Tue, 01 Feb 2022 11:07:29 +0000

A CVE bypass offers up the possibility of admin privileges on Windows 10 machines. Find out what’s happened, and how you can avoid it.

Categories: Malwarebytes news

Tags:

(Read more…)

The post Apply those updates now: CVE bypass offers up admin privileges for Windows 10 appeared first on Malwarebytes Labs.

Read more
ComputerWorld Independent 

Windows security in ’22 — you need more than just antivirus software

0 Comments , , , , ,

Credit to Author: Susan Bradley| Date: Mon, 10 Jan 2022 06:10:00 -0800

Do you need antivirus in 2022 — especially when some options now come with a cryptominer built in?

Several antivirus vendors — some options free, others, paid — have begun bundling their antivirus products with software that generates virtual currency. Of all of the requirements for antivirus, using excess cycles on your computer to generate crypto-coins is not on my list of must-haves.

Recently, Krebs on Security noted that both Norton Antivirus and Avira have told users that versions of their respective software now include a cryptominer. While it’s not enabled by default, it still gives me pause; antivirus is supposed to protect us from such potentially unwanted software, and these two vendors are now including it in their wares.

To read this article in full, please click here

Read more
ComputerWorld Independent 

How to manually update Microsoft Defender

0 Comments , , , , , ,

Credit to Author: Ed Tittel| Date: Tue, 04 Jan 2022 03:00:00 -0800

Microsoft Defender is the built-in anti-malware package that’s included with modern Windows operating systems. It’s alternatively known as Windows Security (it shows up under Settings as Windows Security) or Windows Defender (sometimes with Antivirus at the end of the name, as in this Microsoft Docs page). But whatever you want to call it, for many Windows users, this tool is the go-to default for handling security on their PCs.

To read this article in full, please click here

(Insider Story)

Read more
Security Sophos 

Microsoft patches wormable Windows 10 ‘SMBGhost’ flaw

0 Comments , , , , , , , , , , ,

Credit to Author: John E Dunn| Date: Mon, 16 Mar 2020 11:58:56 +0000

What’s the difference between a scheduled security update and one that’s out-of-band? In this case, it’s two days.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/OqgpMudTrew” height=”1″ width=”1″ alt=””/>

Read more
Independent Krebs Security 

Patch Tuesday, January 2020 Edition

0 Comments , , , , , , ,

Credit to Author: BrianKrebs| Date: Wed, 15 Jan 2020 02:31:50 +0000

Microsoft today released updates to plug 50 security holes in various flavors of Windows and related software. The patch batch includes a fix for a flaw in Windows 10 and server equivalents of this operating system that prompted an unprecedented public warning from the U.S. National Security Agency. This month also marks the end of mainstream support for Windows 7, a still broadly-used operating system that will no longer be supplied with security updates.

Read more
Microsoft Security 

Going in-depth on the Windows 10 random number generation infrastructure

0 Comments , , , , , , ,

Credit to Author: Eric Avena| Date: Mon, 25 Nov 2019 19:00:33 +0000

We are happy to release to the public The Windows 10 random number generation infrastructure white paper, which provides details about the Windows 10 pseudo-random number generator (PRNG) infrastructure, and lists the primary RNG APIs. The whitepaper also explains how the entropy system works, what the entropy sources are, and how initial seeding works.

The post Going in-depth on the Windows 10 random number generation infrastructure appeared first on Microsoft Security.

Read more
Security Sophos 

DNS-over-HTTPS is coming to Windows 10

0 Comments , , , , , , , , , , , , , ,

Credit to Author: John E Dunn| Date: Thu, 21 Nov 2019 15:22:43 +0000

Microsoft will soon add the ability to use DNS-over-HTTPS and DNS-over-TLS into its networking client.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/KwCTrsw95Kk” height=”1″ width=”1″ alt=””/>

Read more