Computer News & Safety tips  – Harry Waldron MVP Rotating Header Image

Windows 10 – Four DVD player product reviews NOV-2017

This PC Magazine review shares four DVD player software products for Windows 10 (and some work with earlier versions of Windows as well)

Unfortunately, if you pop a DVD into your Windows 10 computer, you’ll run into some trouble because Windows 10 Media Player doesn’t support DVDs. Microsoft offers a Windows DVD Player app, but it costs $15. A better option lies with free, third-party programs. Products like VLC Media Player, 5KPlayer, and Daum’s Pot Player can play your DVDs with little muss or fuss. Let’s look at Microsoft’s DVD Player app as well as these free products.

Microsoft’s Windows DVD Player — The Windows DVD Player app sold by Microsoft is a barebones affair. To buy the program, click on the Windows Store icon on the taskbar and search for “Windows DVD player.” You’ll notice from the many reviews that this software doesn’t get high marks, often from folks unhappy about spending $15 for an app they believe should be free.

VLC Media Player — A solid DVD player is VLC Media Player developed by VideoLAN. This skillful program can play music and videos stored on your PC or home network, as well as DVDs, CDs, and Blu-ray discs. VLC Media Player is free, though you can always donate some funds to its development.

5KPlayer — Served up by an outfit named DearMob, 5KPlayer can play high-def videos, DVDs, and even online radio stations. A built-in Apple AirPlay feature lets you stream audio and video from your iPhone. And you can snag videos from YouTube and other streaming services.

Daum’s Pot Player — A multimedia program from the folks at Daum, Pot Player can handle video, audio, DVDs, and Blu-rays, among other formats. The software even supports certain types of 3D glasses so you can immerse yourself in 3D videos.

Windows – US-CERT advisory for WIN8 and WIN10 ASLR vulnerability

A new CERT advisory has been issued for an ASLR vulnerability, in Windows 8 and 10.  There is an issue there ASLR may not randomize every application if system-wide mandatory ASLR is enabled via EMET or Windows Defender Exploit Guard

The CERT Coordination Center (CERT/CC) has released information on a vulnerability in Windows Address Space Layout Randomization (ASLR) that affects Windows 8, Windows 8.1, and Windows 10. A remote attacker could exploit this vulnerability to take control of an affected system.  US-CERT encourages users and administrators to review CERT/CC VU #817544 and apply the necessary workaround until a patch is released.

Windows 10 – Networking and security tips NOV-2017

ZDNet’s senior author Ed Bott shares some key & valuable tips for Windows 10 networking and security as follows:

On Windows 10 PCs, connecting to a network is normally as simple as plugging in a network cable or entering a passphrase at a Wi-Fi prompt. The networking tips in this category cover administrative tasks, such as weeding out saved Wi-Fi credentials and looking up your IP address, as well as occasional troubleshooting demands.

Unfortunately, in a world where connectivity is easy and fast, there’s also a constant need to keep cybercriminals from taking advantage of those always-on connections. As recent attacks have demonstrated, even experienced PC users can be a victim of malware, and less technical users are even more likely to install unwanted software or click a bad link.

The tips in this category also cover two of the most important parts of any security program: Encrypting data, especially on removable devices, and creating robust backups so you can recover quickly in the event of a security incident or a hardware crash.

  1. Keep unwanted software off PCs you support2.
  2. Stop using the horribly insecure SMBv1 protocol
  3. Solve network problems with a one-click reset
  4. Create a full image backup using this hidden tool
  5. How to enable the built-in Administrator account (and why you shouldn’t)
  6. Protect removable storage devices with BitLocker encryption

Android 8.0 – Five new features of Oreo release

PC World shares five new features for Android 8.0 Oreo that Google is piloting on their devices like Pixel

Google is pushing Android 8.0 Oreo to Nexus and Pixel devices as device makers scramble to get their phones updated. Google’s devices will be the only ones running the new software, at least for a while. What’s this Oreo update all about, anyway? Everyone knows about the big stuff, like picture-in-picture and autofill apps, but a lot more is going on if you dig deeper. Here are five awesome hidden Oreo features to get you started.

1. Widgets via app shortcuts — Google has changed the location and appearance of the home screen widget picker several times, and Oreo brings yet another alteration. This one might make using widgets much easier, though. All of an app’s widgets are accessible with a long-press on the app icon.

2. Enforce background limits of applications — Android 8.0 comes with a new raft of tweaks to background processes that prevents apps from bleeding your battery dry.

3. Snooze notifications — In Android 8.0 Oreo, you can snooze notifications until later

4. Granular control over sideloading applications — In past versions of Android, the “unknown sources” permission was all or nothing. Either every app on your phone could install apps as sideloaded APKs, or none of them could. Android 8.0 changes that to make sideloading a per-app setting. It’s safer, sure, but it’s also a bit of a pain to manage.

5. Customize Notifications — Oreo includes several changes to notifications, including notification dots and notification channels. If you want to filter out some of the noise, both these features include some handy customization options.

Ransomware – New Magniber variants impacting South Korean users

The new Magniber ransomeware family is targeting South Korea. However, it appears to only being targeting a Korean language version of Windows at this point. Still all new variants & further developments should be closely watched.  This appears to be a possible replacement for the Cerber family in the future.

A new ransomware is being distributed by the Magnitude exploit kit: Magniber (detected by Trend Micro as RANSOM_MAGNIBER.A and TROJ.Win32.TRX.XXPE002FF019), which we found targeting South Korea via malvertisements on attacker-owned domains/sites. The development in Magnitude’s activity is notable not only because it eschewed Cerber—its usual ransomware payload—in favor of Magniber. Magnitude now also appears to have become an exploit kit expressly targeting South Korean end users.

Mozilla – Firefox 57 Quantum version improves performance

Mozilla introduces Firefox version 57 designed to improve performance.  They have branded this as the “Quantum version” as it is about 2X faster than one year ago.

The new Firefox. Fast for good. Today we’re thrilled to introduce you to our brand new browser — Firefox Quantum.  What you’ll notice first is that the new Firefox is blazing fast. In fact, you’ll enjoy speeds up to twice as fast as a year ago. It’s also more powerful. We’ve rebuilt Firefox from the ground up to focus on how you use the Web today to watch, listen, create and play without limits. We’re excited to deliver a browser that feels completely different — modern, quick and efficient. We think you’ll agree: It’s a quantum leap forward in how you’ll experience the Internet.

Google Chrome – versions 64 and 65 feature ad re-direct blocking

Improved ad blocking controls for Google Chrome versions 64 and 65 will tackle the more complex re-directed approach as shared below

An upcoming version of Google’s Chrome browser will stamp out surprise ads that activate when a website you’re visiting unexpectedly navigates you to a new page.  Chrome already blocks pop-up ads, but sneaky developers have managed to bypass these protections. They can do so by secretly embedding some code into a website that’ll trigger a redirect to a new destination

Chrome version 64 will prevent the redirects, keeping the user on the page they were reading. When encountered, the browser itself will show an info bar, stating “Success! The navigation was blocked.”  The next version of Chrome, 65, will tackle another form of pop-up ad that appears when users click a link. The link itself will open a new tab to the correct destination. However, the original browser window will navigate to an unwanted page.

Apple – Wireless WPA2 KRACK Vulnerability patched in iOS 11.1

The Apple iOS 11.1 update provides a key patch for the new wireless WPA2 KRACK Vulnerability as noted below:

Apple has patched iOS, macOS and other products to protect against the KRACK vulnerability recently disclosed in the WPA2 Wi-Fi security protocol. KRACK, short for key re-installation attack, allows an attacker within range of a victim’s Wi-Fi network to read encrypted traffic with varying degrees of difficulty.

Many vendors had patched KRACK in their respective products prior to the Oct. 16 public disclosure. Researcher Mathy Vanhoef of Belgium found and privately disclosed to numerous organizations starting in July and helped coordinate disclosure.

Apple was among the holdouts to repair its offerings until today; the update is part of iOS 11.1 and includes patches for 13 bugs in Webkit, and other fixes in the kernel, iMessages, and elsewhere. Apple also patched KRACK in macOS High Sierra, Sierra and El Capitan, all of which were updated today, as well as in tvOS and watchOS

Given that KRACK is a protocol-level bug, it had many experts on edge in its early days. Since then, some of the anxiety has eased given the varying degrees of ease of exploit and conditions that must be in place for an attack to be successful.

WordPress – Version 4.8.3 Patches critical SQL Injection Bug

As shared below, blog and web site administrators should install the latest version of Word Press which provides safeguards against a critical SQL Injection Bug

WordPress 4.8.3 Security Release

A bug exploitable in WordPress 4.8.2 and earlier creates unexpected and unsafe conditions ripe for a SQL injection attack, exposing sites created on the content management system to takeover.  WordPress released WordPress 4.8.3 Tuesday, which mitigates the vulnerability.

This is a security release for all previous versions and we strongly encourage you to update your sites immediately,” according to WordPress. The vulnerability is not tied to the WordPress Core, rather plugins and themes that could be used to trigger a SQL injection attack, WordPress said.

“Worst case would be remote code execution where they could take over installs of WordPress and the servers they are running on,” said Anthony Ferrara, the researcher who identified the flawed WordPress 4.8.2 patch.  The roots of the SQL injection date back to a vulnerability (CVE-2017-14723) first reported on Sept. 17, 2017. WordPress then attempted to mitigate the vulnerability with WordPress 4.8.2. That patch did not fix the issue, worsened the underlying security vulnerability and “broke” a large undisclosed number of third-party WordPress plugins.

Windows 10 – Fall Creators Update improved security features in version 1709

Microsoft is focusing on security improvements in the Fall Creators Update (1709) as shared in the excellent slide show resource below:

Windows 10 security is getting a face-lift in the Fall Creators Update, which Microsoft started rolling out last week. The update is packed with several new tools intended to give administrators and users more granular control over security.

1. Windows Defender Exploit Guard – Windows Defender Exploit Guard (WDEG) is a set of four components designed to help with intrusion prevention by identifying and blocking attack vectors and behaviors common in malware attacks. It’s built on the idea that while vulnerabilities, delivery mechanisms, and payloads vary, there is a core set of behaviors common among various attacks

2. Controlled Folder Access – Taking a closer look at one of WDEG’s four components, Controlled Folder Access aims to block ransomware attacks by giving admins more granular control over exactly which programs can access sensitive data. It locks down folders so only authorized apps can access them. Unauthorized apps — including malicious executable files, DLLs, and scripts — are denied access.

3. Windows AutoPilot – IT typically spends a lot of time building and customizing images, and deploying them to devices with an OS already installed. The idea behind Windows AutoPilot is to simplify setup by pre-registering devices through the Windows AutoPilot Deployment Program. IT pros only have to connect them to the network and verify credentials

4. Windows Defender Application Control – Windows 10 systems are already equipped with Windows Defender Device Guard: a set of tools that include configurable code integrity (CI) — a kernel-enforced policy that restricts devices to only run authorized apps — and virtualization-based protection of code integrity (HVCI) — which hardens the OS against kernel-memory attacks.

5. Windows Hello – Microsoft first launched Windows Hello as a means of securing the authentication process in Windows 10. Now it’s updating with a new, simpler admin experience and security features for Windows Hello for Business to defend against data breaches caused by misused, default, or stolen credentials.

6. Windows Defender Antivirus – Windows Defender Antivirus was updated with new “instant protection” to defend against polymorphic malware. This system relies on machine learning models on the local client and in the cloud. On a client level, it uses mostly linear high-performance models to find 97% of malware.

7. Windows 10 Subscription Activation – Subscription Activation leverages Azure Active Directory to eliminate product keys and let admins assign Windows 10 Enterprise E3 or E5 licenses to Azure AD users directly