Your company's ad could live here and reach over 50,000 people a month!

Security

CVE-2019-0543 Changes How Windows PowerShell and PowerShell Core 6 WinRM Based Remoting Works

If you’re attempting to do loopback remoting for Windows PowerShell or PowerShell Core 6 after applying January security updates, you may have run into problems. Per Microsoft… The breaking change is not in PowerShell but in a system security fix that restricts process creation between Windows sessions. This fix is preventing WinRM (which PowerShell uses as a remoting transport and host) from successfully creating the remote session host, for this particular scenario. There are no plans to update WinRM. Further… The breaking change only affects local loopback remoting, which is a PowerShell remote connection made back to the same machine, while using non-Administrator credentials. Details and workaround: Windows Security change affecting PowerShell

Microsoft Windows Customers with Sennheiser Headphones Could be Subject to Attempts to Steal Personal Data

Microsoft today is warning against a found vulnerability where Sennheiser headphones software accidentally exposed valid digital certificates, giving the potential for the certificates to be spoofed. Microsoft’s security advisory states that customers should get updated versions for the HeadSetup & HeadSetup Pro software from the Sennheiser website: https://sennheiser.zendesk.com/hc/en-us/categories/360000131214-Software Full advisory: ADV180029 | Inadvertently Disclosed Digital Certificates Could Allow Spoofing  

Microsoft Delivers Final Version of the Security Baseline for Windows 10 v1809 and Windows Server 2019

Microsoft has now finalized the security baseline for Windows 10 1809 and Windows Server 2019. The baseline is available in a downloadable .zip format. Included in the download are GPOs, a PowerShell script for applying the GPOs to local policy, custom ADMX files for Group Policy settings, and a documentation spreadsheet. Download: Windows-10-1809-Security-Baseline-FINAL Details: Microsoft Security Guidance blog  

Products Covered in Microsoft’s November 2018 Patch Tuesday

In addition to pushing out Windows 10 1809 again, Microsoft is delivering security updates for the following products… Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ChakraCore .NET Core Skype for Business Azure App Service on Azure Stack Team Foundation Server Microsoft Dynamics 365 (on-premises) version 8   As always, stay close to myITforum to hear when issues are publicly reported.  

Microsoft Issues Guidance for Reported Hardware Encryption Vulnerability

Reports of a new hardware encryption vulnerability have been circulating today. Microsoft is aware of the reports and is now providing mitigations. Security Advisory: ADV180028 | Guidance for configuring BitLocker to enforce software encryption To check the type of drive encryption being used (hardware or software): Run ‘manage-bde.exe -status’ from an elevated command prompt. If none of the drives listed report “Hardware Encryption” for the Encryption Method field, then this device is using software encryption and is not affected by vulnerabilities associated with self-encrypting drive encryption.  

Malwarebytes Labs Launches Malware Protection for Chromebooks

The Chromebook march continues. As better hardware is delivered for Google’s lean operating system and Microsoft’s continuing Windows 10 issues continue to irk users, ChromeOS has become a very viable alternative – particularly with the cost of ChromeOS hardware sometimes weighing in a third of the cost. As ChromeOS becomes more popular, vendors have begun porting long-standing Windows and Mac applications to the rising star. One of those, Malwarebytes, is now available. ChromeOS uses a sandboxing mechanism to protect users against security problems, but Malwarebytes seems to indicate it’s not enough: Even though Chromebooks come with some built-in defense mechanisms like sandboxing and verified boot and recovery mode, they can still get infected. Malwarebytes for C...

Tip: Malicious Software Removal Tool Command-line Switches

Microsoft distributes the Malicious Software Removal Tool (MSRT) through Automatic Updates once a month. MSRT is designed to find and remove threats and it can reverse the changes made by these threats. MSRT is generally released monthly as part of Windows Update but it’s also available as a standalone tool. 32-bit and 64-bit versions downloads:  Malicious Software Removal Tool The standalone tool is developed for those tasked with protecting the company’s computer assets and can be used through remote automation tools such as scripts or Configuration Manager. The tool can be configured to utilize command-line switches to alter how the tool runs. Here are the available command-line switches: /Q or /quiet =       Uses quiet mode. This option suppresses the user interface of the ...

Survey: IT Pros Want to Secure Endpoints Daily but Don’t Have the Time

If you work in IT today, you are walking on a razor’s edge trying to get security right. The Adaptiva 2018 Endpoint Security Survey can help you avoid missteps. We polled over 300 IT professionals about Windows security in a business environment. Findings include: Windows 10 deployments measured (past the half way point!) Security hygiene tasks prioritized Staffing shortages The biggest help desk time sinks So much more …   Windows 10 Deployments Pass the “50/50” Milestone Adaptiva has been polling IT pros about their Windows 10 deployment plans and progress since the OS was released in 2015. Windows 10 is crucial for IT security. In fact, security is the top reason enterprises are moving to Windows 10—if you don’t count “we have to in order to keep getting support.” For the fir...

Microsoft Outed for Jet Database Engine Flaw Left Unpatched Since May

While Microsoft worked to address some issues with its Jet Database Engine in September, the company still has an exposed security problem. Zero Day Initiative has now publicly revealed the flaw due to 120-day disclosure policy. Microsoft is apparently now working on a fix, but systems are left unguarded until then. Zero Day Initiative has detailed the flaw and given recommendations on its blog: ZDI-CAN-6135: A REMOTE CODE EXECUTION VULNERABILITY IN THE MICROSOFT WINDOWS JET DATABASE ENGINE According to the company, Microsoft has been aware of this bug since May. Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!

Microsoft Office Gets Its Own Antivirus

Because miscreants can sometimes evade OS antivirus protection through crafted Microsoft Office documents they get unsuspecting end users to accidentally click on, Microsoft is now beginning to integrate antimalware and antivirus services with Microsoft Office client applications. As part of our continued efforts to tackle entire classes of threats, Office 365 client applications now integrate with Antimalware Scan Interface (AMSI), enabling antivirus and other security solutions to scan macros and other scripts at runtime to check for malicious behavior. Details: Office VBA + AMSI: Parting the veil on malicious macros Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!

Incoming: Microsoft’s September Patch Tuesday Kicks Off

Microsoft is close to making the updates for this month available. Here’s the products that will be covered by security updates this month: Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ChakraCore Adobe Flash Player .NET Framework Microsoft.Data.OData ASP.NET   Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!

Microsoft Delivers the First Version of its Security Servicing Criteria for Windows

In June this year, Microsoft delivered a draft copy of its very first Security Servicing Criteria for Windows. This policy document was to serve as transparent evidence on how the company will work with security researchers and customers to display the criteria used for determining when reported vulnerability will be addressed through a security update. After feedback and modifications, today, Microsoft has delivered the first version of the Security Servicing Criteria for Windows. Full doc:  Security Servicing Criteria for Windows And, as part of this release, Microsoft is also releasing the Microsoft Vulnerability Severity Classification for Windows document. That document is available for download from HERE. Looking for an awesome, no-nonsense technical conference for IT Pros, Developer...