Credit to Author: Danny Bradbury| Date: Fri, 26 Jul 2019 11:40:12 +0000
A public exploit for Microsoft’s BlueKeep vulnerability is just days away. In fact, for those with deep pockets, it’s already here.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/ECYOzBCkJ4g” height=”1″ width=”1″ alt=””/>
Read more
You have several options to set up alerts in Azure Active Directory to help spot risky user behavior.
Credit to Author: Woody Leonhard| Date: Thu, 11 Jul 2019 03:16:00 -0700
Back in October 2016, Microsoft divided the Win7 and 8.1 patching worlds into two parts.
Those who got their patches through Windows Update received so-called Monthly Rollups, which included security patches, bug fixes – and we frankly don’t know what else – rolled out in a cumulative stream.
The folks who were willing to download and manually install patches were also given the option of installing “security-only” patches, not cumulative; these were meant to address just the security holes.
This new add-on will let you set up alerts about suspicious sign-on activity for Office 365 and other cloud apps.
Credit to Author: Woody Leonhard| Date: Mon, 01 Jul 2019 04:36:00 -0700
How many bugs could a WinPatcher patch, if a WinPatcher could patch bugs?
Ends up that June’s one of the buggiest patching months in recent memory – lots of pesky little critters, and the ones acknowledged by Microsoft led to even more patches later in the month.
In June, we saw eight single-purpose Windows patches whose sole mission is to fix bugs introduced in earlier Windows patches. I call them silver bullets – all they do is fix earlier screw-ups. If you install security patches only, these eight have to be installed manually to fix the bugs introduced earlier. It’s a congenital defect in the patching regimen – bugs introduced by security patches get fixed by non-security “optional” patches, while waiting for the next month’s cumulative updates to roll around.
Credit to Author: Woody Leonhard| Date: Mon, 17 Jun 2019 03:10:00 -0700
Heresy. Yes, I know. Any way you slice it, from my point of view anyway, Windows Automatic Update is for chumps.
Just like the “users must be forced to change their passwords frequently” argument that’s no longer au courant, the “users must get patched immediately” argument is based on old, faulty, and totally unsubstantiated claims that make security people feel better — and little else.
With a few notable exceptions, in the real world, the risks of getting clobbered by a bad patch far, far outweigh the risks of getting hit with a just-patched exploit. Many security “experts” huff and puff at that assertion. The poohbahs preach Automatic Update for the unwashed masses, while frequently exempting themselves from the edict.
Setting up a backup process in Azure is one way to quickly recover from a ransomware attack.
Credit to Author: Woody Leonhard| Date: Thu, 13 Jun 2019 03:55:00 -0700
I don’t know about you, but I’ve given up on Microsoft’s ability to deliver reliable patches. Month after month, we’ve seen big bugs and little bugs pushed and pulled and squished and re-squished. You can see a chronology from the past two years in my patching whack-a-mole columns starting here.
For the past few months, though, we’ve seen some improvement. Microsoft has started identifying and publicly acknowledging big bugs, shortly after they’re pushed. Consider:
Learn how to prevent attackers from using Task Scheduler to hide and set up tasks to access Windows systems.
