By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Google recommends users of Windows 7 to give it up and move to Microsoft’s latest operating system if they want to keep systems safe from a zero-day vulnerability exploited in the wild. The security bug affects Windows win32k.sys kernel driver and leads to privilege escalation on Windows 7. Google saw the Windows vulnerability in targeted attacks, chained with a zero-day vulnerability (CVE-2019-5786) in Chrome browser that received a patch on March 1 with the release of version 72.0.3626.121. The kernel driver vulnerability could also serve for sandbox escaping when chained with other browser security faults, so Windows users could still be impacted even if they applied correctly the most recent update for Google Chrome. Exploitation of the vulnerability in the wild targeted Windows 7 systems. Google believes that this is the only version of the OS where it works because the exploit mitigations Microsoft introduced in the newer versions of OS, Windows 10 in particular, would prevent it. If you still run an older version of Windows, the recommendation is to upgrade to Windows 10 and keep it updated with the newest patches. “The vulnerability is a NULL pointer dereference in win32k!MNGetpItemFromIndex when NtUserMNDragOver() system call is called under specific circumstances,”  writes Clement Lecigne, member of Google’s Threat Analysis Group. Further details are posted on OUR FORUM.

Scammers pretending to be employees of the Social Security Administrations have caused last year losses of at least $16.6 million. Reports of the SSA scam have skyrocketed last year, records from the US Federal Trade Commission showing that there were over 63,000 reports of this particular fraud since January 2018. This is almost 20 times more than the reports recorded in 2017 when 3,200 people called about the SSA voice phishing (vishing). That year, the money losses were close to $210,000. Even if the latest official statistics are worrying, the actual numbers are likely higher because not all the victims register a complaint. Fraudsters come up with all sorts of reasons to elicit information from the victims or make them lose money. The purpose of the scam is to get the victim to send money through non-conventional methods or to obtain sufficient information that could be used for identity theft or applying for loans. There are multiple variations of the SSA phone fraud, but they all have some things in common. Pretending to be an SSA employee, the scammer at the other end of the line explains that the call was prompted by suspicions of crime-related activities or that someone used it to apply for credit cards. The deceit is further fueled by the fact that swindlers spoof the number of the SSA to make it look like the call is legitimate. Learn more by visiting OUR FORUM.

Fujitsu has posted a comparability matrix for its solutions that seemingly lists the entire lineup for Intel's new 9th-Generation processors. Intel's initial announcement of the 9th Generation lineup occurred in October 2018 in a limited fashion: The company only introduced three models spanning its Core i5, i7 and i9 lines, with the expectation that more would come in the future. Intel later announced the Core i5-9400 at CES 2019, but it'd make sense for Intel to continue expanding the lineup. Now, as spotted by TechPowerUp, Fujitsu has listed several new 9th-Gen processors in a compatibility document for its line of desktop motherboards. Many of these processors have already been known about, due to a steady cadence of leaks around Intel's new F-series processors that lack integrated graphics units. The new listing apparently whips the covers off Intel's new line of T-series processors, which are variants that feature a lower 35W TDP rating for fanless and space-constrained systems. Other models, such as the new F-Series Pentiums, already leaked last month. The document also lists several new Xeon E-Series processors, including the eight-core E-2288G and E-2278G, along with vague listings of E-22xxG and E-22xx models that land with either four or six cores. Intel hasn't officially announced several of the new models, so a timeline for retail availability remains unknown. The company announced the Core i5-9400 and 9400F at CES 2019, but while the GPU-disabled Core i5-9400F is already available, we have yet to see the Core i5-9400 on retailers shelves. We have the complete lineup posted on OUR FORUM.

On March 1, 2019, Microsoft began pushing out Windows 10 KB4482887 to October 2018 Update machines. This cumulative update advances the system to Windows 10 Build 17763.348 and it comes with tons of improvements, including support for Retpoline which will eventually improve the performance of Spectre, patched PCs. The update has also fixed bugs associated with Action Center, Microsoft Edge, Internet Explorer, and other core components. As per reports on social media platforms, Microsoft’s most recent Windows 10 update appears to be causing considerable grief for gamers. After installing this update, some folks have hit gaming issues when playing certain games such as Destiny 2. A post on Reddit notes that games such as Destiny 2 may launch with unbearable performance issues. For instance, there’ll be noticeable lags when playing Destiny 2 on PCs with certain GPUs after installing the update. There is another bug where FPS has drastically reduced on high-end PCs. “I was pulling my hair out trying to figure out why Destiny 2 suddenly dropped 40 frames,” a user noted in a Reddit discussion. “I also had this issue, where when I moved my mouse I saw a loss from 60 fps to about 35 and the game began to fall behind and my audio quality distorted another fix is to resort to a controller, which I know us PC master race people groan and moan about that but it did fix my instance, hope it can help someone else,” another user noted. REad more on OUR FORUM.

Embedded and IoT cable-connected devices running Microsoft's Windows 10 IoT Core are exposed to remote command execution attacks with SYSTEM privileges that require no authentication, with the help of an open source RAT tool released on GitHub. Windows 10 IoT Core-powered devices run a version of Windows 10 optimized for smaller ARM and x86/x64 devices, compatible with universal apps and drivers but with no support for shells or Microsoft apps. The SirepRAT tool developed by SafeBreach's Dor Azouri is designed to exploit the Sirep test service built-in "on any cable-connected device running Windows IoT Core with an official Microsoft image." The good news is that the SirepRAT Windows 10 IoT Core exploitation tool released by the researcher on GitHub will only work via an Ethernet connection because the less-known interface it exposes is "used by HLK for driver/HW tests" over wired connections. "The research was performed on a Windows IoT Core installed on a Raspberry Pi 3, but is probably not limited to this board as it abuses a Windows service and protocol, which should be platform independent," also says Azouri. "This service is the client part of the HLK setup one may build in order to perform driver/hardware tests on the IoT device. It serves the Sirep/WPCon/TShell protocol," according to Azouri. "We broke down the Sirep/WPCon protocol and demonstrated how this protocol exposes a remote command interface for attackers, that include RAT abilities such as get/put arbitrary files on arbitrary locations and obtain system information." The devices which can be exploited with the help of SirepRAT can be found in a multitude of environments, from commercial handheld products and DIY projects to enterprise environments. Learn more by visiting OUR FORUM.

A program called Windows Exploit Suggester - Next Generation, or WES-NG, has been released that will list the known vulnerabilities affecting a Windows installation, any exploits that are available, and what security updates are needed to patch the bugs. WES-NG was created by security researcher Arris Huijgen, who based his project off the Windows-Exploit-Suggester program that was originally released in 2014 by GDS Security, now known as AON Security. The original program stopped working when Microsoft stopped updating its Microsoft Security Bulletin Data Excel file and switched to the Microsoft Security Response Center API. This program works by comparing a Windows SystemInfo report with a downloaded CSV file of known vulnerabilities and their associated security updates. Using this data, Windows Exploit Suggester will display a report showing all of the unpatched vulnerabilities found on the computer and their respective CVE IDs, Microsoft knowledge base article numbers, and a link to any known exploits for that vulnerability. According to the project's description, every version of Windows between Windows XP and Windows 10, including the Windows Server counterparts, is supported. For those who want to focus on specific vulnerabilities and filter out the rest, users can utilize the --hide flag to specify those vulnerabilities that should be filtered. For example, to filter out Edge vulnerabilities you can use the systeminfo.txt --hide Edge command. For more refer to OUR FORUM.