[ARS] Four wormable bugs in newer versions of Windows need your attention now - Overclock.net - An Overclocking Community

Forum Jump: 

[ARS] Four wormable bugs in newer versions of Windows need your attention now

 
Thread Tools
post #1 of 10 (permalink) Old 08-13-2019, 02:49 PM - Thread Starter
Data Recovery Engineer
 
Lord Xeb's Avatar
 
Join Date: Jan 2009
Location: Behind you
Posts: 20,215
Rep: 1342 (Unique: 999)
[ARS] Four wormable bugs in newer versions of Windows need your attention now

Quote:
Similar to the so-called BlueKeep vulnerability Microsoft patched in May, the four bugs the company patched on Tuesday reside in Remote Desktop Services, which allow a user to take control of a remote computer or virtual machine over a network connection. The bugs—indexed as CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, and CVE-2019-1226—make it possible to for unauthenticated attackers to execute malicious code by sending a specially crafted message when a protection known as Network Level Authentication is turned off, as many administrators in large organizations often do.
In such networks, it’s possible for exploits to ricochet from computer to computer. Leaving NLA on makes it harder for attacks to spread, since attackers must first have network credentials. The growing use of hacking tools such as Mimikatz, however, often enables attackers to surreptitiously obtain the needed credentials.... Unlike BlueKeep—which affected only unsupported Windows versions or versions close to being unsupported—the bugs disclosed on Tuesday affect newer versions, specifically Windows 7, 8, and 10 and Server 2008, 2012, 2016, and 2019. That puts a much larger and potentially more sensitive fleet of computers at risk. Microsoft rated severity of the vulnerabilities as 9.7 and 9.8 out of a possible 10. The company also said the chances of in-the-wild exploitation are “more likely.”

“The vulnerabilities include the latest versions of Windows, not just older versions like in BlueKeep,” independent security researcher Kevin Beaumont told Ars. “There will be a race between organizations to patch systems before people reverse engineer the vulnerability from the patches to learn how to exploit them. My message would be: keep calm and patch.”...Windows machines that have automatic updating enabled should receive the patch within hours if they haven’t already. Installing Tuesday’s patches is the single most effective way to ensure computers and the networks they’re connected to are safe against worms that exploit the newly described vulnerabilities. For people or organizations that can’t update immediately, a good mitigation is to “enable NLA and leave it enabled for all external and internal systems,” Beaumont said in a blog post.
https://arstechnica.com/information-...ns-of-windows/
Oh boy. Make sure your systems are updated boys and girls!

Make sure your system is updated! Patch is already live.


Only fools do not BACKUP their DATA!

"Everyone is an expert in something. Knowledge is acquired not earned. Always be humble and wise. Never look down on others ignorant in your ream of expertise."
Hsvkinyodh
(15 items)
CPU
3770k @ 4.5 1.384v
Motherboard
Asus Z77 Sabertooth
GPU
GTX 1070 Gaming 2126/2249 w/ Hybrid cooler
RAM
TridentX 16GB 2400MHz
Hard Drive
Samsung 850 Pro 1TB
Hard Drive
Seagate 2TB
Power Supply
Seasonic X 760W
Cooling
H105
Case
CM 690 II Adv
Operating System
Windows 10
Monitor
Asus MG279Q - 24" 144Hz 1080p
Keyboard
Filco Majestic II w/ Cherry Reds
Audio
AKG A701
Audio
JDS Labs Objective 2
Audio
JDS Labs ODAC
▲ hide details ▲


Lord Xeb is offline  
Sponsored Links
Advertisement
 
post #2 of 10 (permalink) Old 08-13-2019, 07:36 PM
New to Overclock.net
 
treetops422's Avatar
 
Join Date: Mar 2019
Posts: 125
Rep: 1 (Unique: 1)
I just happened to check for an update about an hour ago and got it patched.


treetops422 is offline  
post #3 of 10 (permalink) Old 08-13-2019, 08:38 PM
Invalid Media
 
J7SC's Avatar
 
Join Date: Dec 2018
Posts: 843
Rep: 18 (Unique: 12)
Quote: Originally Posted by Lord Xeb View Post
https://arstechnica.com/information-...ns-of-windows/ (...)
Oh boy. Make sure your systems are updated boys and girls!

Make sure your system is updated! Patch is already live.

Thanks for the heads-up...just patched 5 systems in my home-office (Win 7, 8.1, 10, server). I am a bit miffed at Microsoft, Intel & Co for charging a heck of a lot for what seems like pretty 'patchy' products...
J7SC is online now  
Sponsored Links
Advertisement
 
post #4 of 10 (permalink) Old 08-13-2019, 08:48 PM
Retired Staff
 
JedixJarf's Avatar
 
Join Date: Dec 2010
Location: Coruscant
Posts: 9,406
Rep: 305 (Unique: 244)
Having my guys patch these tonight on our rds setups.


JedixJarf is offline  
post #5 of 10 (permalink) Old 08-14-2019, 01:45 PM
New to Overclock.net
 
skupples's Avatar
 
Join Date: Apr 2012
Location: Fort Lauderdale
Posts: 18,096
Rep: 535 (Unique: 304)
forwarded to help desk boss & inf. boss. both don't care. ( I fit in there somewhere )

oi. good thing they pay well.

R.I.P. Zawarudo, may you OC angels' wings in heaven.
If something appears too good to be true, it probably is.
skupples is online now  
post #6 of 10 (permalink) Old 08-15-2019, 10:19 AM - Thread Starter
Data Recovery Engineer
 
Lord Xeb's Avatar
 
Join Date: Jan 2009
Location: Behind you
Posts: 20,215
Rep: 1342 (Unique: 999)
That lax about their security huh? GG


Only fools do not BACKUP their DATA!

"Everyone is an expert in something. Knowledge is acquired not earned. Always be humble and wise. Never look down on others ignorant in your ream of expertise."
Hsvkinyodh
(15 items)
CPU
3770k @ 4.5 1.384v
Motherboard
Asus Z77 Sabertooth
GPU
GTX 1070 Gaming 2126/2249 w/ Hybrid cooler
RAM
TridentX 16GB 2400MHz
Hard Drive
Samsung 850 Pro 1TB
Hard Drive
Seagate 2TB
Power Supply
Seasonic X 760W
Cooling
H105
Case
CM 690 II Adv
Operating System
Windows 10
Monitor
Asus MG279Q - 24" 144Hz 1080p
Keyboard
Filco Majestic II w/ Cherry Reds
Audio
AKG A701
Audio
JDS Labs Objective 2
Audio
JDS Labs ODAC
▲ hide details ▲


Lord Xeb is offline  
post #7 of 10 (permalink) Old 08-15-2019, 11:00 AM
Overclocker in training
 
ThrashZone's Avatar
 
Join Date: Apr 2017
Posts: 6,986
Rep: 62 (Unique: 48)
Hi,
Virtualization and remote access/ desktop is always disabled first thing.

If I want to run a different os I install it on it's own ssd.

Vaper
(4 items)
CPU
i9-9940x With evo and koolance vrm water blocks
Motherboard
ASUS x299 TUF Mark 2
GPU
Titan Xp with copper Water Block
RAM
Trident Z 3600C16 4x8gb's b-die default timings 16-16-16-36
Hard Drive
Samsung 970 Evo Plus 500gb M.2/ Samsung 850 Pro 256gb for os and 500gb evo for favorite games plus other wd hdd's for data and backup's
Optical Drive
LG Blu-Ray WH16NS40
Power Supply
evga 1200-P2
Cooling
2-280GTX Black Ice Nemesis rads with D5 pump-res combo and D5 top before and after rads.
Case
corsair 450D with added 2nd floor to house radiator on top
Operating System
Win-7 pro & 10 pro Win-7 Primary os.
Monitor
ASUS VG248QE 24" 144Hz
Keyboard
Logitech G910 Orion spectrum
Mouse
Redragon Perdition
Audio
Built in realtek and Insignia 2.0 soundbar HSB318
Audio
Built in realtek with Insignia 2.0 soundbar HSB318
CPU
i7-5930k with evo and koolance vrm water blocks
Motherboard
X99 Sabertooth
GPU
EVGA 1080ti FTW3 with Water block
RAM
Trident-Z 3200C14 4x8gb's b-die default timings 14-14-14-34
Hard Drive
Samsung 970 Evo 500gb M.2 for os/ Samsung 850 Pro 256gb for os and 500gb evo for favorite games plus other wd hdd's for data and backup's
Power Supply
EVGA 1000-P2
Cooling
2-240 GTX Black Ice Nemesis rads/ D5 pump-res combo and D5 top before and after rads.
Case
Corsair 450D with added 2nd floor to house radiator on top
Operating System
Win-7 and 10 pro Win-7 Primary os.
Monitor
AOC G2460PG 24"G-Sync 144Hz
Mouse
Red Dragon Perdition
Audio
Built in realtek and Insignia 2.0 soundbar HSB318
Hard Drive
eLeaf MELO-3 4ml
Power Supply
SE US18650VTC6 3120mAh 30A 3.6V 18650 Li-ion Battery - GREENx4
Case
ANGIS Legion MOD 200w Geek Vape
Operating System
VapeWild RazzleBerry 50-50-0mg nic
▲ hide details ▲
ThrashZone is offline  
post #8 of 10 (permalink) Old 08-15-2019, 04:08 PM
New to Overclock.net
 
skupples's Avatar
 
Join Date: Apr 2012
Location: Fort Lauderdale
Posts: 18,096
Rep: 535 (Unique: 304)
Quote: Originally Posted by Lord Xeb View Post
That lax about their security huh? GG
I think the issue is that we're a "recently founded internal IT department" so we still have an MSP handling a few things. One of which is WSUS. N they do a horrible job of it. I could have an intern monitoring & running that bugger in 15 minutes, n do an exponentially better job than them. Oh wait, no interns to put on minion work here, and I'm back in "Help Desk" for now so I can't just hijack it.

R.I.P. Zawarudo, may you OC angels' wings in heaven.
If something appears too good to be true, it probably is.
skupples is online now  
post #9 of 10 (permalink) Old 08-15-2019, 08:03 PM
Overclocker
 
JackCY's Avatar
 
Join Date: Jun 2014
Posts: 9,764
Rep: 332 (Unique: 237)
JackCY is offline  
post #10 of 10 (permalink) Old 08-16-2019, 06:18 AM
New to Overclock.net
 
skupples's Avatar
 
Join Date: Apr 2012
Location: Fort Lauderdale
Posts: 18,096
Rep: 535 (Unique: 304)

R.I.P. Zawarudo, may you OC angels' wings in heaven.
If something appears too good to be true, it probably is.
skupples is online now  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off