[Wired] Windows 10 Has a Security Flaw So Severe the NSA Disclosed It - Overclock.net - An Overclocking Community
Forum Jump: 

[Wired] Windows 10 Has a Security Flaw So Severe the NSA Disclosed It

Reply
 
Thread Tools
post #1 of 78 (permalink) Old 01-15-2020, 04:45 AM - Thread Starter
New to Overclock.net
 
Imouto's Avatar
 
Join Date: Mar 2012
Posts: 2,098
Rep: 228 (Unique: 109)
[Wired] Windows 10 Has a Security Flaw So Severe the NSA Disclosed It

Quote:
Microsoft released a patch for Windows 10 and Server 2016 today after the National Security Agency found and disclosed a serious vulnerability. It's a rare but not unprecedented tip-off, one that underscores the flaw's severity—and maybe hints at new priorities for the NSA.

The bug is in Windows' mechanism for confirming the legitimacy of software or establishing secure web connections. If the verification check itself isn't trustworthy, attackers can exploit that fact to remotely distribute malware or intercept sensitive data.
https://www.wired.com/story/nsa-wind...ty-disclosure/

So yeah, update now.

#EnthusiastLivesMatter
Imouto is offline  
Sponsored Links
Advertisement
 
post #2 of 78 (permalink) Old 01-15-2020, 05:26 AM
Old to Overclock.net
 
Join Date: Jan 2008
Posts: 2,078
Rep: 123 (Unique: 105)
Lol where are the Windows fans boys from the Windows 7 thread to tell us how awesome Windows is and how it should dominate the server market.

362436
(15 items)
CPU
AMD Ryzen 5 1600
Motherboard
Asus Prime X370-A AMD Ryzen AM4 DDR4
GPU
Gigabyte GeForce GTX 950
RAM
2x Corsair Valueselect 8GB 288 Pin DDR4 SDRAM DDR4 @ 2133
Hard Drive
Corsair Force LS 2.5" 120GB SATA III MLC SSD
Optical Drive
Lite-On 24X SATA DVD/RW Optical Drive
Power Supply
Corsair RM550x 550W 80 Plus Gold
Cooling
Noctua NH-L9A-AM4 Low-Profile
Case
Antec NSK4100 Steel ATX Mid Tower
Operating System
Mint 18.2 x64
Monitor
HP 24" LCD/LED 1920x1080
Keyboard
IBM PC-AT
Mouse
Logitech G5
Audio
Sennheiser HD650
Audio
Asus Essence STX II
▲ hide details ▲


xJumper is offline  
post #3 of 78 (permalink) Old 01-15-2020, 05:33 AM
New to Overclock.net
 
Join Date: Jun 2008
Location: Wilts, U.K.
Posts: 3,610
Rep: 455 (Unique: 387)
I heard it was patched in the last ever free Win7 update as well, every patch Tuesday from now on MS are just shouting "hey, see if this one we fixed in 10 works in 7".


Darren9 is online now  
Sponsored Links
Advertisement
 
post #4 of 78 (permalink) Old 01-15-2020, 05:43 AM
New to Overclock.net
 
umeng2002's Avatar
 
Join Date: Jul 2010
Location: Florida
Posts: 3,221
Rep: 174 (Unique: 110)
Imagine all the security flaws the NSA knows about but doesn't tell anyone...

CPU
AMD Ryzen 2700X
Motherboard
Asus Prime X470-Pro
GPU
EVGA GeForce RTX 2070 XC Ultra
RAM
TeamGroup T-Force 16 GB (2x8) Pro Dark (B-die TDPGD416G3200HC14ADC01)
Hard Drive
ADATA XPG SX8200 Pro 512GB NVMe
Power Supply
Seasonic Focus Plus Platinum SSR-750PX
Cooling
Corsair H80i (not V2 or GT)
Monitor
LG 34UC80-B
Keyboard
Logitech G413
Mouse
Logitech G503 RGB
Audio
Creative SoundBlaster Z (OEM)
▲ hide details ▲
umeng2002 is offline  
post #5 of 78 (permalink) Old 01-15-2020, 05:46 AM - Thread Starter
New to Overclock.net
 
Imouto's Avatar
 
Join Date: Mar 2012
Posts: 2,098
Rep: 228 (Unique: 109)
Quote: Originally Posted by umeng2002 View Post
Imagine all the security flaws the NSA knows about but doesn't tell anyone...
Makes you wanna cry.

#EnthusiastLivesMatter
Imouto is offline  
post #6 of 78 (permalink) Old 01-15-2020, 05:55 AM
What should be here ?
 
huzzug's Avatar
 
Join Date: Jun 2012
Posts: 5,337
Rep: 358 (Unique: 256)
MS already dropped a patch regarding this if I'm not wrong.

Quote: Originally Posted by xJumper View Post
Lol where are the Windows fans boys from the Windows 7 thread to tell us how awesome Windows is and how it should dominate the server market.
He surely got his verbs mixed up.

#2 their debt is insane, even for a "diverse field" company. They cannot even afford to service the debt maintenance let alone make an actual dent in the debt itself. - Internet Stranger
huzzug is offline  
post #7 of 78 (permalink) Old 01-15-2020, 05:58 AM
Overclocker in training
 
ThrashZone's Avatar
 
Join Date: Apr 2017
Location: Texas
Posts: 9,172
Rep: 119 (Unique: 79)
Hi,
Sounds like a browser problem or net framework :/

CPU
i9-9940x With Optimus Foundation copper-plexi and Heatkiller VRM Plexi-Copper water block
Motherboard
ASUS x299 Rampage VI Apex
GPU
Titan Xp with copper Water Block
RAM
Trident Z 3600C16 4x8gb's b-die default timings 16-16-16-36
Hard Drive
Samsung 970 Evo Plus 500gb M.2/ Samsung 850 Pro 256gb for os and 500gb evo for favorite games plus other wd hdd's for data and backup's
Optical Drive
LG Blu-Ray WH16NS40
Power Supply
evga 1200-P2
Cooling
2-280GTX Black Ice Nemesis rads with D5 pump-res combo and D5 top before and after rads.
Case
corsair 450D with added 2nd floor to house radiator on top
Operating System
Win-7 pro & 10 pro Win-7 Primary os.
Monitor
ASUS VG248QE 24" 144Hz
Keyboard
Logitech G910 Orion spectrum
Mouse
Redragon Perdition
Audio
Built in realtek and Insignia 2.0 soundbar HSB318
Other
5.0/https://valid.x86.fr/ez2ifr
CPU
i7-5930k with Heatkiller IV Pro Plexi-Copper and koolance vrm water blocks
Motherboard
X99 Sabertooth
GPU
EVGA 1080ti FTW3 with Water block
RAM
Trident-Z 3200C14 4x8gb's b-die default timings 14-14-14-34
Hard Drive
Samsung 970 Evo 500gb M.2/ Samsung 850 Pro 256gb for os and 500gb evo for favorite games plus other wd hdd's for data and backup's
Power Supply
EVGA 1000-P2
Cooling
2-240 GTX Black Ice Nemesis rads/ D5 pump-res combo and D5 top before and after rads.
Case
Corsair 450D with added 2nd floor to house radiator on top
Operating System
Win-7 and 10 pro Win-7 Primary os.
Monitor
AOC G2460PG 24"G-Sync 144Hz
Mouse
Red Dragon Perdition
Audio
Built in realtek and Insignia 2.0 soundbar HSB318
Hard Drive
eLeaf MELO-3 4ml
Power Supply
SE US18650VTC6 3120mAh 30A 3.6V 18650 Li-ion Battery - GREENx4
Case
ANGIS Legion MOD 200w Geek Vape
Operating System
VapeWild RazzleBerry 50-50-0mg nic
▲ hide details ▲
ThrashZone is offline  
post #8 of 78 (permalink) Old 01-15-2020, 06:07 AM
New to Overclock.net
 
skupples's Avatar
 
Join Date: Apr 2012
Location: Fort Lauderdale
Posts: 21,853
Rep: 630 (Unique: 342)
Quote: Originally Posted by xJumper View Post
Lol where are the Windows fans boys from the Windows 7 thread to tell us how awesome Windows is and how it should dominate the server market.
pretty sure only one person in the 7's dead thread would advocate for windows being the main server os.

intel has also pushed a major security update in regards to Ryuk as well.

Quote: Originally Posted by huzzug View Post
MS already dropped a patch regarding this if I'm not wrong.



He surely got his verbs mixed up.
they may have addressed it quietly in december, but it blew up yestetday.

tons of folks had (poorly timed really) to issue security updates yesterday.

adobe, intel, MS,

Code:
RYUK Ransomware Information

Ryuk is a ransomware which gained notoriety last December 2018 when it disrupted the operations of several major U.S. newspapers. Earlier analysis from Checkpoint in August 2018 noted that Ryuk was being used exclusively for targeted attacks, with its main targets being the critical assets of its victims. A few months before the December attack, the Ryuk attack managed to extort over US$600,000 worth of bitcoins from various large enterprises.
Ryuk Ransomware is operated by a Russia-based criminal group, WIZARD SPIDER, since August 2018. Targeting large organizations for a high-ransom return (big game hunting). This group is known for the operation of Trickbot banking malware. Identifying Ryuk’s infection vectors is difficult given the ransomware will typically delete all evidence of its dropper as part of its routine.
A recent flash update from the FBI revealed that over 100 organizations around the world have been beset by Ryuk attacks since August 2018. The victims come from different industries, with the most common ones being logistics and technology companies, as well as small municipalities. The update also mentioned that identifying Ryuk’s infection vectors is difficult given the ransomware will typically delete all evidence of its dropper as part of its routine. However, given previous incidents, delivery methods for Ryuk can be highly varied — for example, it can be dropped by other malware such as Emotet or Trickbot. Attackers can also take advantage of flaws or weak points in the system to gain access to an organization’s network.
Behaviors
•	Bypasses anti-virus products
•	Maintains persistence on the targeted machine
•	Runs as legitimate process by injecting to Windows process
•	Terminates processes
•	Stops services
Code:
 
National Cyber Awareness System:
 
Intel Releases Security Updates
01/14/2020 03:41 PM EST

Original release date: January 14, 2020
Intel has released security updates to address vulnerabilities in multiple products. An authenticated attacker with local access could exploit some of these vulnerabilities to gain escalation of privileges.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates:
•	SNMP Subagent Stand-Alone Advisory for Windows INTEL-SA-00300
•	Chipset Device Software Advisory INTEL-SA-00306
•	RWC 3 for Windows Advisory INTEL-SA-00308
•	Processor Graphics Advisory INTEL-SA-00314
•	VTune Amplifier for Windows Advisory INTEL-SA-00325
•	DAAL Advisory INTEL-SA-00332

R.I.P. Zawarudo, may you OC angels' wings in heaven.
If something appears too good to be true, it probably is.
skupples is online now  
post #9 of 78 (permalink) Old 01-15-2020, 09:04 AM
I Love this Hobby!
 
Gunderman456's Avatar
 
Join Date: Oct 2008
Posts: 7,645
Rep: 610 (Unique: 503)
The NSA can't spy on you if your computer is infected with malware. Thanks NSA! I'll make sure to keep a tidy OS for your periodic visits.

-Guide to 1st Case Modding for Better GPU(s) Performance/Cooling-
https://www.overclock.net/case-mod-wo...ing-guide
-Guide to 2nd Case Modding for Better GPU(s) Performance/Cooling-
https://www.overclock.net/case-mod-wo...e-fan-mod
Fast n' Cheap
(17 items)
Bit'O'Heaven
(16 items)
CPU
RYZEN 7 3700X
Motherboard
ASUS TUF GAMING X570-PLUS
GPU
MSI Radeon RX 5700 XT
RAM
G.SKILL Ripjaws V Series 32GB (2x16GB) DDR4 3600 16-19-19-39 CL 16 1.35V
Hard Drive
Corsair Force Series Gen.4 PCIe MP600 500GB NVMe M.2 SSD
Hard Drive
Seagate BarraCuda ST3000DM008 3TB 7200 RPM 64MB Cache SATA 6.0Gb/s 3.5" HDD
Optical Drive
LG 16X SATA Blu-Ray Internal Rewriter with 3D Playback and M-DISC Support BH16NS40
Power Supply
Fractal Design Ion+ 860P 80 PLUS Platinum Certified 860W Full Modular
Cooling
Noctua NH-D15
Case
Veddha GriderCase alpha V1
Operating System
Win 10 Pro 64bit
Monitor
Nixeus EDG 27" IPS Freesync 1440p 144Hz
Keyboard
Redragon K589 SHRAPNEL RGB Mechanical Keyboard
Mouse
Logitech G502 Hero
Mousepad
ALLSOP Redmond Mouse Pad
Audio
Cambridge Soundworks 5.1
Other
PulseLabz Challenger Gaming Chair
CPU
Intel i7 4770k @ 4.5GHz
Motherboard
Asus Maximus VI Rog Gene
GPU
Gigabyte AMD R9 290 @ Core 1160MHz & Memory 1350MHz
RAM
G.SKILL Trident X DDR3 16GB 2400MHz
Hard Drive
Samsung 840 PRO 256GB
Hard Drive
Seagate Barracuda 7200.14 3TB
Optical Drive
Pioneer Black Blu-ray 16X BD-R 2X BD-RE
Power Supply
EVGA SuperNOVA G2 1300W 80PLUS Gold Fully Modular
Cooling
Corsair H60 Push/Pull
Case
Fractal Design Arc Midi R2
Operating System
Win 7 Pro 64bit
Monitor
Samsung 245BW 24" 1200p 60Hz
Keyboard
Logitech G15
Mouse
Logitech MX518
Mousepad
Corsair Vengeance MM200
Audio
Yamaha HTR-5830 Polk Audio 3.0
CPU
Intel Core i5-3570K @ 4.6GHz
Motherboard
ASRock Z77E-ITX mITX
GPU
Sapphire AMD HD 7990 @ Clock 900MHz & Memory 1100MHz
RAM
G.SKILL Ripjaws X DDR3 8GB 1600MHz @ 1866MHz
Hard Drive
Crucial SSD CT128M4SSD3 128GB mSATA SATA III 6GB
Hard Drive
Seagate Barracuda HDD 1TB
Optical Drive
LG DVD R/W
Power Supply
Corsair Professional Series Gold AX850 Fully Modular
Cooling
Corsair Cooling Hydro Series H100
Case
BitFenix Prodigy Mini-ATX Black Case
Operating System
Win 7 Pro 64bit
Monitor
Samsung TV 52"
Keyboard
Logitech K330 Wireless
Mouse
Logitech M215 Wireless
Mousepad
Corsair Vengeance MM200
Audio
Yamaha RX-V681 PSB/PolkAudio 5.1
▲ hide details ▲


Gunderman456 is offline  
post #10 of 78 (permalink) Old 01-15-2020, 09:15 AM
New to Overclock.net
 
Shawnb99's Avatar
 
Join Date: Dec 2011
Location: In Van Down by the River
Posts: 1,344
Rep: 46 (Unique: 31)
Is this besides the backdoor the NSA already has in Windows?

My Baby
(23 items)
CPU
Delidded Direct Die I9 9900K
Motherboard
ASUS Maximus XI Apex
GPU
EVGA FTW3 Hydro Copper GeForce RTX 2080 Ti
RAM
G.SKILL TridentZ Series 16GB DDR4 3600 F4-3600C15D-16GTZ
Hard Drive
2x Samsung 970 EVO Plus 1TB
Hard Drive
Asus Hyper M.2 card
Hard Drive
2 x Intel 660P 2TB
Power Supply
Seasonic PRIME Ultra 1000 Titanium
Cooling
Optimus Signature V2
Cooling
2x Swiftech MCP35X2 with MCP35X2 Heat Sink w/ 2x NB-BlackSilent Pro's
Cooling
2x Hardware Labs Black Ice Nemesis 560GTX w/ 8x Arctic P14 PST PWM's
Cooling
2x Hardware Labs Black Ice Nemesis 480GTX w/ 16x Noctua NF-A12x25 PWM
Cooling
Aquacomputer aqualis XT 450 ml with nano coating
Cooling
9x Noctua NF-S12A PWM
Cooling
Hardware Labs Black Ice Nemesis 360GTS w/ 6 Arctic P12 PST PWM's
Case
Case Labs Magnum TH10A with Pedestal
Monitor
Asus PG278Q
Keyboard
Das Keyboard 5Q
Mouse
Swiftpoint Z
Audio
Light Harmonic Oscar XXI
Audio
Geek Pulse Inifnity DAC/AMP
Audio
Cavalii Audio Liquid Carbon HPA
Other
Aquacomputer Aquaero XT
▲ hide details ▲
Shawnb99 is offline  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off