Windows – Page 4 – PossibleThreat Articles

With one June Patch Tuesday update, Microsoft falls short

June 20, 2023 0 Comments Microsoft, Security, small and medium business, Windows

I’ve tracked Microsoft’s Windows patches for years and closely watched all of the changes the company has made. I remember when you had to install updates in a certain order — and watch for which one had to be installed first. I remember the arrival of automated patching using Software Update Services (later called Windows Server Update Services). I’ve seen how we went from a system where each vulnerability was patched individually to what we now have: cumulative patching.

The ideal patch is self-contained. Install, reboot, get back to your work. It causes no side effects. It protects the operating system. And you forget about it because it does what it’s supposed to do.

To read this article in full, please click here

ComputerWorld Independent

June's Patch Tuesday updates focus on Windows, Office

June 16, 2023 0 Comments Microsoft, Microsoft Office, Security, small and medium business, Windows

Microsoft released 73 updates to its Windows, Office, and Visual Studio platforms on Patch Tuesday, with many of them dealing with core, but not urgent, security vulnerabilities. That’s a welcome respite from the previous six months of urgent zero-days and public disclosures. With that in mind, the Readiness testing team suggests a focus on printing and backup/recovery processes to make sure they’re not affected by this update cycle.

For the first time, we see a (non-Adobe) third-party vendor added to a Patch Tuesday release, with three minor plugin updates to Visual Studio for AutoDesk. Expect to see more such vendors added to Microsoft’s updates in the near future. The team at Readiness has created a useful infographic that outlines the risks associated with each of the updates.

To read this article in full, please click here

Security Sophos

A smorgasbord for June’s Patch Tuesday

June 13, 2023 0 Comments Adobe, autodesk, cve-2023-29357, cve-2023-29363, cve-2023-32014, cve-2023-32015, cve-2023-33146, featured, fortinet, github, Microsoft, Patch Tuesday, threat research, Windows

Credit to Author: Angela Gunn| Date: Tue, 13 Jun 2023 21:05:13 +0000

Between its own fixes and a slew of FYI alerts covering Edge, GitHub, and Autodesk, Microsoft piles 94 CVEs onto sysadmins’ plates; Fortinet and Adobe also at the table

ComputerWorld Independent

May's Patch Tuesday update includes 3 zero-day flaws; fix them ASAP

May 11, 2023 0 Comments Microsoft, Microsoft Office, Security, small and medium business, Windows

In it’s May update, Microsoft addressed 51 vulnerabilities in Windows, Microsoft Office, and Visual Studio. And with three zero-day flaws to urgently address in Windows (CVE-2023-24932, CVE-2023-29325 and CVE-2023-29336), the focus this month needs to be on rapidly updating both Windows and Microsoft Office. Both platforms get our “Patch Now” recommendation.

To read this article in full, please click here

MalwareBytes Security

Microsoft vs Google spat sees users rolling back security updates to fix browser issues

May 9, 2023 0 Comments browser, chrome, default, Edge, install, Microsoft, news, update, Windows

Categories: News

Tags: Chrome

Tags: Windows

Tags: Edge

Tags: browser

Tags: update

Tags: Microsoft

Tags: default

Tags: install

We take a look at trouble brewing in browser land after a controversial Windows update leaves Chrome fans without a useful feature.

MalwareBytes Security

Decoy dog toolkit plays the long game with Pupy RAT

April 26, 2023 0 Comments decoy dog, dns, evasive, Linux, malware, Mobile, nation-state, news, pupy rat, russia, toolkit, Windows

Categories: News

Tags: Pupy RAT

Tags: nation state

Tags: russia

Tags: decoy dog

Tags: toolkit

Tags: linux

Tags: mobile

Tags: windows

Tags: malware

Tags: DNS

Tags: evasive

We take a look at the discovery of a long running malware toolkit campaign evading detection through its use of DNS.

ComputerWorld Independent

Patch now to address a Windows zero-day

April 14, 2023 0 Comments Microsoft, Microsoft Office, Security, small and medium business, Windows

Microsoft has addressed 97 existing vulnerabilities this April Patch Tuesday, with a further eight previously released patches updated and re-released. There have been reports of a vulnerability (CVE-2023-28252) exploited in the wild, making it a “Patch Now” release.

This update cycle affects Windows desktops, Microsoft Office, and Adobe Reader. No updates for Microsoft Exchange this month. The team at Application Readiness has provided a helpful infographic that outlines the risks associated with each of the updates for this April update cycle.

To read this article in full, please click here

Security Sophos

April showers Windows updates on sysadmins

April 11, 2023 0 Comments cve-2023-21554, cve-2023-28231, cve-2023-28250, cve-2023-28252, featured, l2tp, office, Patch Tuesday, pcl5, postscript, signed drivers, threat research, Windows

Credit to Author: Angela Gunn| Date: Tue, 11 Apr 2023 18:34:37 +0000

A 98-CVE Patch Tuesday marks another big haul for the OS

ComputerWorld Independent

Still using Windows 10 21H2? Time to upgrade

April 10, 2023 0 Comments Security, small and medium business, Windows, Windows 10

So you have a Windows 10 computer — or a fleet of them. But which exact version of Windows 10? If you are on Windows 10, version 21H2, its end of servicing is coming up on June 13, 2023. For Windows 10 Home, Windows 10 Pro, Windows 10 Pro Education, and Windows 10 Pro for Workstations, version 21H2 will stop being offered updates — including security updates — after June. (For Windows 10 Enterprise and Windows 10 Education customers, support for 21H2 lasts another year.)

Why should you upgrade to a new feature release if your existing machines are working just fine? As Windows 10 comes into its final years of support (through to 2025), it’s key to keep machines on supported versions so you can receive security updates. Take the time to review the machines under your control and ensure that they are ready for the end of 21H2 support.

To read this article in full, please click here

ComputerWorld Independent

Ransomware as a service? Windows users can still fight back.

April 3, 2023 0 Comments Security, small and medium business, Windows, Windows 10, windows 11

Ransomware.

It’s one word that can strike a chill in anyone from a corporate C-suite to a home user. It’s sometimes hard to get a feel for the overall ransomware industry (and yes, it’s now an industry). But based on anecdotal reviews of forums and social media, it appears as though attacks against individuals are slowing. I no longer see people report they’ve been hit by ransomware on their PCs.

But it may be that attackers have realized that going after “one-off” targets isn’t the best business plan. In fact, in a recent Microsoft Secure online seminar (registration required), Jessica Payne and Geoff McDonald discuss how ransomware is now a big business, offered as a service by those who sell access to compromised networks to others.

To read this article in full, please click here