Recent Comments

    Blogroll

    Search

    Archive for Uncategorized

    Microsoft Releases Security Advisory for Windows Hello for Business

    December 6th, 2019 by

    Microsoft Releases Security Advisory for Windows Hello for Business

    Microsoft has released a Security Advisory to address an issue in Windows Hello for Business (WHfB). An attacker could exploit this issue on devices that were affected by CVE-2017-15361, also known as Return of Coppersmith’s Attack (ROCA), to take control of an affected system.

    Posted in Uncategorized | No Comments »

    4 restaurant chains breached – 4 Million cards exposed

    November 28th, 2019 by

    Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

    – THANKS TO BRIAN KREBS

    “n Nov. 23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest batch of cards was siphoned from four different compromised restaurant chains that are most prevalent across the midwest and eastern United States.”

    Posted in Uncategorized | No Comments »

    Possible Conflict Windows 10 1909 vs TurboTax

    November 26th, 2019 by

    I haven’t heard of anyone else reporting this, but just in case, here’s what happened:

    I installed the   November Cumulative Update (KB4524570)  followed by Feature update to Windows 10, version 1909 shortly after 1909 was available (yeah, I’m a “bleeding edge” kind of guy!). Both were installed with no apparent issues.

    It was only after I first tried to load TT 2019 that problems popped up. I would get the startup logo, but it would then disappear. The process would show up in Task Manager, but disappear in a second or two. After trying various suggestions via Intuit, I was ready to uninstall one or both of the updates.

    One suggestion was to uninstall TT and reinstall it. When you start the uninstall, TT offers to “repair” the installation. Seemed like worth a try.

    That was my fix. After the “repair”, TT loaded just fine. I’m posting this in case someone else runs into this “conflict”.

    Posted in Uncategorized | No Comments »

    October non security office updates

    November 6th, 2019 by

    November 5, 2019

    Office 2016
    Update for Microsoft Access 2016 (KB4475539)
    Update for Microsoft Office 2016 (KB4484138)
    Update for Microsoft Office 2016 (KB4484137)
    Update for Microsoft Office 2016 (KB4475588)
    Update for Microsoft Office 2016 (KB4475552)
    Update for Microsoft Office 2016 (KB4484145)
    Update for Microsoft Outlook 2016 (KB4484139)
    Update for Microsoft PowerPoint 2016 (KB4484134)
    Update for Microsoft Word 2016 (KB4484135)

     

    https://support.microsoft.com/en-us/help/4484139/november-5-2019-update-for-outlook-2016-kb4484139

    This update adds a PreferProvidedEmailInAutoDiscoverAuthPrompts registry key that enables Exchange administrators to specify whether users will be authenticated by using the configured account email or the user principal name (UPN) during AutoDiscover scenarios.

    Registry key

    Location: HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscover

    Value Type: DWORD

    Value name: PreferProvidedEmailInAutoDiscoverAuthPrompts

    Value data:

    • 0: It’s the default value. Outlook will use the UPN when it’s available.
    • 1: If the value is set to 1, Outlook will ignore the UPN and just use the provided account email

    Posted in Uncategorized | No Comments »

    Avast network breeched

    October 21st, 2019 by

    Avast Network Breached As Hackers Target CCleaner Again

    “Avast said that it believes that the intrusion, first detected on Sept. 25, was likely targeting its CCleaner business in a supply chain attack. CCleaner, which is software that fights infections in PCs, was previously infiltrated by attackers in 2017 and led to the compromise of 2.27 million people’s systems.”

    Avast, NordVPN Breaches Tied to Phantom User Accounts

    “Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.”

    Posted in Uncategorized | No Comments »

    Oracle Critical Patch Update for October 2019

    October 16th, 2019 by

    Oracle Critical Patch Updates, Security Alerts and Bulletins

    This page contains the following sections:

    Posted in Uncategorized | No Comments »

    Security Mailer (2019) # 40

    October 9th, 2019 by

    Security Mailer Volume 19 Number 40

    • Browsers
      • Firefox update
      • Vendors begin depricating TLS 1.0 and TLS 1.1
    • Cisco Security Advisories
    • Open Source
      • Linux Kernel getting new Lockdown feature
      • Linux updates;
    • Microsoft Updates released
      • Updates revised
      • SDX Helper issues
    • General Security reviews last week,
    • Updates for TCPDUMP and LIBPCAP

    Posted in Uncategorized | No Comments »

    Updates for SQL Server and .NET

    October 9th, 2019 by

    CU 17 for SQL Server 2017 RTM

    CU 10 for SQL Server 2016 SP2

    CU 9 for SQL Server 2016 SP2

    .NET Framework October 2019 Security and Quality Rollup
    (No security fixes)

    Posted in Uncategorized | No Comments »

    Security Mailer (2019 #37)

    September 16th, 2019 by

    Security Mailer Volume 19 Number 37

    • Adobe security update
      • Flash Player
      • Application Manager
    • Cisco Security Advisory
    • Linux updates
    • Microsoft Tuesday updates and patches
      • Two 0-days
      • Security bulletins revised
      • Security advisories
    • General Security review of last week
    • Wireshark updates
    • Word Press security updates

    Posted in Uncategorized | No Comments »

    Security Mailer (2019 # 36)

    September 8th, 2019 by

    Security Mailer Volume 19 Number 36

    • Mozilla updates
      • Firefox
      • Firefox ESR
      • Thunderbird
    • Cisco Security Advisories
    • Linux updates
    • General Security review last week

    Posted in Uncategorized | No Comments »

    « Previous Entries