By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

On March 1, 2019, Microsoft began pushing out Windows 10 KB4482887 to October 2018 Update machines. This cumulative update advances the system to Windows 10 Build 17763.348 and it comes with tons of improvements, including support for Retpoline which will eventually improve the performance of Spectre, patched PCs. The update has also fixed bugs associated with Action Center, Microsoft Edge, Internet Explorer, and other core components. As per reports on social media platforms, Microsoft’s most recent Windows 10 update appears to be causing considerable grief for gamers. After installing this update, some folks have hit gaming issues when playing certain games such as Destiny 2. A post on Reddit notes that games such as Destiny 2 may launch with unbearable performance issues. For instance, there’ll be noticeable lags when playing Destiny 2 on PCs with certain GPUs after installing the update. There is another bug where FPS has drastically reduced on high-end PCs. “I was pulling my hair out trying to figure out why Destiny 2 suddenly dropped 40 frames,” a user noted in a Reddit discussion. “I also had this issue, where when I moved my mouse I saw a loss from 60 fps to about 35 and the game began to fall behind and my audio quality distorted another fix is to resort to a controller, which I know us PC master race people groan and moan about that but it did fix my instance, hope it can help someone else,” another user noted. REad more on OUR FORUM.

Embedded and IoT cable-connected devices running Microsoft's Windows 10 IoT Core are exposed to remote command execution attacks with SYSTEM privileges that require no authentication, with the help of an open source RAT tool released on GitHub. Windows 10 IoT Core-powered devices run a version of Windows 10 optimized for smaller ARM and x86/x64 devices, compatible with universal apps and drivers but with no support for shells or Microsoft apps. The SirepRAT tool developed by SafeBreach's Dor Azouri is designed to exploit the Sirep test service built-in "on any cable-connected device running Windows IoT Core with an official Microsoft image." The good news is that the SirepRAT Windows 10 IoT Core exploitation tool released by the researcher on GitHub will only work via an Ethernet connection because the less-known interface it exposes is "used by HLK for driver/HW tests" over wired connections. "The research was performed on a Windows IoT Core installed on a Raspberry Pi 3, but is probably not limited to this board as it abuses a Windows service and protocol, which should be platform independent," also says Azouri. "This service is the client part of the HLK setup one may build in order to perform driver/hardware tests on the IoT device. It serves the Sirep/WPCon/TShell protocol," according to Azouri. "We broke down the Sirep/WPCon protocol and demonstrated how this protocol exposes a remote command interface for attackers, that include RAT abilities such as get/put arbitrary files on arbitrary locations and obtain system information." The devices which can be exploited with the help of SirepRAT can be found in a multitude of environments, from commercial handheld products and DIY projects to enterprise environments. Learn more by visiting OUR FORUM.

A program called Windows Exploit Suggester - Next Generation, or WES-NG, has been released that will list the known vulnerabilities affecting a Windows installation, any exploits that are available, and what security updates are needed to patch the bugs. WES-NG was created by security researcher Arris Huijgen, who based his project off the Windows-Exploit-Suggester program that was originally released in 2014 by GDS Security, now known as AON Security. The original program stopped working when Microsoft stopped updating its Microsoft Security Bulletin Data Excel file and switched to the Microsoft Security Response Center API. This program works by comparing a Windows SystemInfo report with a downloaded CSV file of known vulnerabilities and their associated security updates. Using this data, Windows Exploit Suggester will display a report showing all of the unpatched vulnerabilities found on the computer and their respective CVE IDs, Microsoft knowledge base article numbers, and a link to any known exploits for that vulnerability. According to the project's description, every version of Windows between Windows XP and Windows 10, including the Windows Server counterparts, is supported. For those who want to focus on specific vulnerabilities and filter out the rest, users can utilize the --hide flag to specify those vulnerabilities that should be filtered. For example, to filter out Edge vulnerabilities you can use the systeminfo.txt --hide Edge command. For more refer to OUR FORUM.

Adobe today released emergency updates that fix a critical vulnerability for the ColdFusion web app development platform. The bug can lead to arbitrary code execution and has been exploited in the wild. The security issue allows an attacker to bypass restrictions for uploading files. To take advantage of it, the adversary has to be able to upload executable code to a directory of files on a web server. The code can then be executed via an HTTP request, Adobe says in its security bulletin. All ColdFusion versions that do not have the current updates are affected by the vulnerability (CVE-2019-7816), regardless of the platforms, they are for. Charlie Arehart, an independent consultant credited for reporting the vulnerability, told us that he discovered the bug when it was used against one of his clients. If applying the latest updates is not possible at the moment, one method to mitigate the risk is to create restrictions for requests to directories that store uploaded files. Developers should also modify their code to disallow executable extensions and check the list themselves, as is recommended by the Adobe Coldfusion guidelines. They also add the option "Blocked file extensions for CFFile uploads" to the server settings menu to create a list of extensions that should not be uploaded by the cffile tag/functions. More complete details are posted on OUR FORUM.

Facebook currently faces 10 investigations into whether the company — including its WhatsApp and Instagram platforms — violated new European privacy laws, which are stricter than their U.S. counterparts. But it's not the only one. Facebook, Twitter, Apple, and LinkedIn are all being probed by Ireland’s Data Protection Commission, for violating the European Union's General Data Protection Regulation, or GDPR, which was implemented in May 2018, the agency revealed in a report released on Thursday. Ireland's DPC is the lead regulator for the European Union because so many of the multinational tech giants have their European headquarters there. In September, Facebook announced a problem in its "View As" feature that led to an attack on almost 30 million accounts. In December the company announced a software bug that exposed the photos of nearly seven million users to third-party apps without user consent. Three of the potential GDPR violations are related to the September breach, which the company self-reported to the DPC, according to the report. Regulators are examining whether Facebook correctly handled notifying European authorities of the breach and user data. Two probes are focused on WhatsApp, which is often considered the most secure of the platforms because of its end-to-end encryption. One is related to how it handles user privacy and how it shares information with Facebook outside of the app. Twitter and Apple also face two probes each. LinkedIn, which is owned by Microsoft, faces one. While one of the probes against Twitter comes after it self-reported a "large number of breaches," the company is also being investigated for how much access users have to their own data. Is anybody safe from GDPR find out on OUR FORUM?

Users of Kaspersky Antivirus have been complaining since the end of January that when they open Chrome Kaspersky displays numerous alerts stating that there is a problem with a self-signed certificate. It turns out this is being caused by a conflict with a Chromecast device on their network that they may not know even existed. These errors are being displayed by Kaspersky's engine that allows it to scan encrypted SSL traffic for malicious content. In a new Chromium bug report opened today, a Google employee states that there has been an increase in Chromecast discovery issues from Windows users and that it appears to be related to antivirus software. "There's been a sudden increase in device discovery reports," states the bug report. "Reviewing the reports indicated that it's common on the Windows platform. And reviewing of the logs show a commonality of cast channel authentication errors, which can often be attributed to Anti Virus/security software." When investigating further, he noted that Kaspersky users have been complaining about these problems since the end of January, which appears to be the same period that the Chromecast discovery reports started to increase. Google has stated that they have reached out to Kaspersky to resolve the issue. To test this, BleepingComputer fired up a virtual machine and installed a free trial of Kaspersky Total Security. After being installed, I opened Chrome and was immediately greeted with the same error that the Kaspersky users have been seeing. I assure you there's more posted on OUR FORUM.