Vulnerability Spectre Variant 4 (CVE-2018-3639), known as Speculative Store Bypass (SSB), allows an attacker to a speculative execution side-channel and the disclosure of sensitive information.
These protections aren’t enabled by default. Microsoft suggests following the instruction in:
— KB4073119 — for Windows client (IT pro);
— KB4072698 – for Windows Server.
FIDO2 security keys provide secure authentication, independent of the form factor. The security key holds your credential and can be protected with an additional second factor like fingerprint (integrated into the security key) or a PIN to be entered at the Windows sign-in.
Windows Hello’s support will work with Yubico’s USB FIDO2 Security Key.
Microsoft announced the end of support for Windows 10 version 1607. Devices running Windows 10 Home or Pro editions will no longer receive monthly security and quality updates that contain protection from the latest security threats. Windows 10 Enterprise and Windows 10 Education editions will receive six months of additional servicing at no cost.
Also, additional servicing for version 1511 will not extend beyond this update. To continue receiving security and quality updates, Microsoft recommends updating to the latest version of Windows 10.
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights.
Vulnerability CVE-2018-0986 affects Microsoft Exchange Server 2013 and 2016, Microsoft Forefront Endpoint Protection 2010, Microsoft Security Essentials, Windows Defender, Windows Intune Endpoint Protection.
CVE-2018-1050 (Denial of Service Attack on external print server.) affects all versions of Samba from 4.0.0. “Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash.”
CVE-2018-1057 (Authenticated users can change other users’ password.). “On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users’ passwords, including administrative users.”
The maintainers of Samba have addressed both vulnerabilities with the release of new Samba versions 4.7.6, 4.6.14, 4.5.16.
Our team always strives to be proactive and up to date on the latest technology. We congratulate our colleague Daria on the successful passed 70-743 Exam: Upgrading Your Skills to MCSA: Windows Server 2016.
This exam covers key aspects of the installation, storage, and computer features on Microsoft’s latest server operating system, as well as basic networking and identity features of Windows Server 2016.
Our team certificates.
The members of our team prove their knowledge and experience by the passing certification programs. This time MCSA: Windows Server 2016 (70-743) has been successfully completed by one more specialist.
This exam covers key aspects of installation, storage, compute, networking, and identity functionality available in Windows Server 2016. And proves the mastery of the primary set of skills required to reduce IT costs and deliver more business value.
Our team certificates.
According to the report in the Project Zero directory, the flaw relates to the SvcMoveFileInheritSecurity remote procedure call (RPC). If it exploited, can lead to an arbitrary file being assigned an arbitrary security descriptor, that can potentially lead to elevation of privilege and would potentially allow other users on the network to modify file.
A vulnerability in the XML parser of Cisco ASA Software could allow an unauthenticated, remote attacker to execute arbitrary code and obtain full control of the system, cause a reload of the affected device or stop processing of incoming VPN authentication requests. It now affects 15 products that run ASA software. Cisco is urging customers to apply the updated patches.
Files Restore allows administrators and end users to restore files from any point in time during the last 30 days. Users are presented with a histogram showing file activity over the last 30 days with an intuitive slider to «rewind» those changes. According to Microsoft, Files Restore only available for OneDrive for Business customers.