Notices tagged with patchtuesday

LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Saturday, 17-Dec-2022 18:44:16 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
in reply to
- LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}
Speaking of that, the 2022-December Windows updates include some developer certificate revocations. They were being used to sign malicious drivers. If you have not updated yet, it is #time_to_update.

> "In these attacks, the attacker had already gained administrative privileges on compromised systems prior to use of the drivers," Microsoft wrote, adding that its "investigation revealed that several developer accounts for the Microsoft Partner Center were engaged in submitting malicious drivers to obtain a Microsoft signature."

> The IT giant stressed there had been no compromise of its own network and systems; this was a case of rogue developers submitting bad drivers, and waiting for Microsoft to wrongly OK them, and then use the code in the wild against victims, we're told.

#Win10 #Win11 #Windows_Update #malware #patch_tuesday

In conversation about 2 months ago from Choqok permalink
LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Saturday, 31-Oct-2020 16:32:38 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

#Google discloses #Microsoft #Windows 10 #zero-day vulnerability that is currently being exploited in the wild. Also patched a #Chrome zero-day. https://www.zdnet.com/article/google-discloses-windows-zero-day-exploited-in-the-wild/ [www zdnet com]

#Win10 #security

Patch incoming 2020-11-10, #Patch_Tuesday.
In conversation Saturday, 31-Oct-2020 16:32:38 UTC from web permalink
Attachments
1. Google discloses Windows zero-day exploited in the wild | ZDNet
  
  from https://twitter.com/campuscodi
  
  Windows zero-day (not yet patched) is used as part of an exploit chain that also includes a Chrome zero-day (already patched).

Public

Feeds