• Latest
  • Trending

Microsoft Tuesday Patch, October 2020 edition – Krebs on Security

26.10.2020
Are junk bonds sending a bearish message to the stock market?  – View the market

Are junk bonds sending a bearish message to the stock market? – View the market

03.10.2023
Sony’s Latest 120Hz Smart Google TVs Reach All-Time Highs With Up To $1,300 Off, Deals From $1,098 – 9to5Toys

Sony’s Latest 120Hz Smart Google TVs Reach All-Time Highs With Up To $1,300 Off, Deals From $1,098 – 9to5Toys

03.10.2023
Billie Eilish receives the BRIT Billion Award

Billie Eilish receives the BRIT Billion Award

03.10.2023
Martin Scorsese’s 5 biggest box office hits have 1 thing in common

Martin Scorsese’s 5 biggest box office hits have 1 thing in common

03.10.2023
Jim Cramer’s Top 10 Things to Watch in the Stock Market Tuesday – CNBC

Jim Cramer’s Top 10 Things to Watch in the Stock Market Tuesday – CNBC

03.10.2023
Microsoft makes the Windows 11 setup process less annoying with a… – The Verge

Microsoft makes the Windows 11 setup process less annoying with a… – The Verge

03.10.2023

NFL DFS, Bears vs. Commanders: DraftKings and FanDuel, daily fantasy football picks for Thursday Night Football

03.10.2023
Protocol Village: LayerZero joins Conflux on China Telecom’s SIM card – CoinDesk

Protocol Village: LayerZero joins Conflux on China Telecom’s SIM card – CoinDesk

03.10.2023
You can install macOS Sonoma on your unsupported Macs with this app – XDA Developers

You can install macOS Sonoma on your unsupported Macs with this app – XDA Developers

03.10.2023

Odds, lines, picks, spreads, bets, NFL predictions for Week 5, 2023: Model targeting Eagles and Patriots

03.10.2023
Travis Kelce’s Ex Unfollowed Brittany Mahomes After Taylor Swift’s Dinner Party – BuzzFeed News

Travis Kelce’s Ex Unfollowed Brittany Mahomes After Taylor Swift’s Dinner Party – BuzzFeed News

03.10.2023
Arm fixes bugs in Mali GPUs that affect Android phones and Chromebooks – CSO Online

Arm fixes bugs in Mali GPUs that affect Android phones and Chromebooks – CSO Online

03.10.2023
Tuesday, October 3, 2023
  • World
  • Economics
  • Sport
    • Basketball
    • Football
    • Nfl
    • Golf
    • F1
    • UFC
  • Technology
  • Culture
    • Arts
  • Media
    • Film
    • Celebs
    • TV
  • LifeStyle
    • Auto
  • Travel
OLTNEWS
  • World
  • Economics
  • Sport
    • Basketball
    • Football
    • Nfl
    • Golf
    • F1
    • UFC
  • Technology
  • Culture
    • Arts
  • Media
    • Film
    • Celebs
    • TV
  • LifeStyle
    • Auto
  • Travel
OLTNEWS
No Result
View All Result
[the_ad id="1278509"]

Home » Technology » Microsoft Tuesday Patch, October 2020 edition – Krebs on Security

Microsoft Tuesday Patch, October 2020 edition – Krebs on Security

26/10/2020 09:13:07
in Technology
0
0
SHARES
Share on WhatsappShare on Facebook

It’s Cyber ​​Security Awareness Month! In accordance with this theme, if you (ab) use Microsoft Windows computers, you should know that the company today shipped a host of software updates to fix at least 87 security issues in Windows and the programs that run on the operating system. This means it’s time to save and repair again.

Eleven of these vulnerabilities received the most disastrous “critical” rating from Microsoft, meaning bad guys or malware could use them to gain complete control of an unpatched system with little to no user help. .

The worst in terms of outright dread is probably CVE-2020-16898, which is a nasty bug in Windows 10 and Windows Server 2019 which could be abused to install malware simply by sending a malformed data packet to a vulnerable system. CVE-2020-16898 got a CVSS score of 9.8 (10 is the most horrible).

Security provider Mcafee nicknamed the flaw “Bad neighbor“, And in a blog post about it, said that a proof of concept exploit shared by Microsoft with its partners appears to be” both extremely simple and perfectly reliable “, noting that this sucker is imminently” deworming ” – that is, capable of being militarized into a threat that spreads very quickly within networks.

“This results in an immediate BSOD (Blue Screen of Death), but more so indicates the likelihood of exploitation for those who manage to bypass Windows 10 and Windows Server 2019 mitigations,” McAfee’s Steve povolny wrote. “The effects of an exploit that allowed remote code execution would be widespread and very powerful, as this type of bug could become deworming.”

Trend Micro Zero Day Initiative (ZDI) draws special attention to another critical bug rolled back in this month’s patch bundle: CVE-2020-16947, which is an issue with Microsoft Outlook which could cause malware to load on a system simply by previewing malicious email in Outlook.

“The preview pane is an attack vector here, so you don’t even have to open mail to be impacted,” ZDI said. Dustin Childs.

While there don’t appear to be zero-day flaws in Microsoft’s October release, Todd Schell of Ivanti points out that a half-dozen of these flaws have been publicly disclosed before today, which means the bad guys have had a good start in being able to research and design working exploits.

Other fixes released today address issues with Exchange server, Visual studio, .NET Framework, and a whole mess of other core Windows components.

For all those who wanted a Flash player patch Adobe, your days of waiting are over. After several months of depriving us of Flash patches, Adobe has dispatched an update that fixes a single – albeit critical – flaw in the program that crooks could use to install malicious material on your computer simply by tricking you into a hacked or malicious website.

Chromium and Firefox both now disable Flash by default, and Chrome and IE / Edge automatically update the program when new security updates are available. Fortunately, Adobe is expected to withdraw Flash Player later this year, and Microsoft has announced plans to release updates later this year that will remove Flash from Windows machines.

It’s a good idea for Windows users to get into the habit of updating at least once a month, but for regular users (read: not businesses) it’s generally safe to wait a few days afterward. the release of fixes, so that Microsoft has time. to iron out the loopholes in the new armor.

But before updating, please make sure you have backed up your system and / or important files. It is not uncommon for a Windows update package to water its system or prevent it from starting properly, and some updates are even known to erase or corrupt files.

So do yourself a favor and back up before you install any fixes. Windows 10 even has built-in tools to help you do this, either by file / folder or by making a full, bootable copy of your hard drive at the same time.

And if you want to make sure that Windows has been configured to pause updating so that you can back up your files and / or your system before the operating system decides to restart and install the fixes on its own schedule, check out this guide.

As always, if you have any issues or issues installing any of these fixes this month, please consider leaving a comment about it below; there is a better chance that even other readers have been through the same thing and can provide some useful advice here.

Tags: CVE-2020-16898, CVE-2020-16947, Dustin Childs, Patch Flash Player, Ivanti, mcafee, Microsoft Patch Tuesday October 2020, Steve Povolny, Todd Schell, trend micro, Zero Day Initiative

This entry was posted on Tuesday October 13th, 2020 at 4:10 pm and is filed under Time to Patch. You can follow comments to this entry through the RSS 2.0 feed. You can skip to the end and leave a comment. Ping is currently not allowed.

Related posts

Sony’s Latest 120Hz Smart Google TVs Reach All-Time Highs With Up To $1,300 Off, Deals From $1,098 – 9to5Toys

Sony’s Latest 120Hz Smart Google TVs Reach All-Time Highs With Up To $1,300 Off, Deals From $1,098 – 9to5Toys

03.10.2023
Microsoft makes the Windows 11 setup process less annoying with a… – The Verge

Microsoft makes the Windows 11 setup process less annoying with a… – The Verge

03.10.2023

It’s Cyber ​​Security Awareness Month! In accordance with this theme, if you (ab) use Microsoft Windows computers, you should know that the company today shipped a host of software updates to fix at least 87 security issues in Windows and the programs that run on the operating system. This means it’s time to save and repair again.

Eleven of these vulnerabilities received the most disastrous “critical” rating from Microsoft, meaning bad guys or malware could use them to gain complete control of an unpatched system with little to no user help. .

The worst in terms of outright dread is probably CVE-2020-16898, which is a nasty bug in Windows 10 and Windows Server 2019 which could be abused to install malware simply by sending a malformed data packet to a vulnerable system. CVE-2020-16898 got a CVSS score of 9.8 (10 is the most horrible).

Security provider Mcafee nicknamed the flaw “Bad neighbor“, And in a blog post about it, said that a proof of concept exploit shared by Microsoft with its partners appears to be” both extremely simple and perfectly reliable “, noting that this sucker is imminently” deworming ” – that is, capable of being militarized into a threat that spreads very quickly within networks.

“This results in an immediate BSOD (Blue Screen of Death), but more so indicates the likelihood of exploitation for those who manage to bypass Windows 10 and Windows Server 2019 mitigations,” McAfee’s Steve povolny wrote. “The effects of an exploit that allowed remote code execution would be widespread and very powerful, as this type of bug could become deworming.”

Trend Micro Zero Day Initiative (ZDI) draws special attention to another critical bug rolled back in this month’s patch bundle: CVE-2020-16947, which is an issue with Microsoft Outlook which could cause malware to load on a system simply by previewing malicious email in Outlook.

“The preview pane is an attack vector here, so you don’t even have to open mail to be impacted,” ZDI said. Dustin Childs.

While there don’t appear to be zero-day flaws in Microsoft’s October release, Todd Schell of Ivanti points out that a half-dozen of these flaws have been publicly disclosed before today, which means the bad guys have had a good start in being able to research and design working exploits.

Other fixes released today address issues with Exchange server, Visual studio, .NET Framework, and a whole mess of other core Windows components.

For all those who wanted a Flash player patch Adobe, your days of waiting are over. After several months of depriving us of Flash patches, Adobe has dispatched an update that fixes a single – albeit critical – flaw in the program that crooks could use to install malicious material on your computer simply by tricking you into a hacked or malicious website.

Chromium and Firefox both now disable Flash by default, and Chrome and IE / Edge automatically update the program when new security updates are available. Fortunately, Adobe is expected to withdraw Flash Player later this year, and Microsoft has announced plans to release updates later this year that will remove Flash from Windows machines.

It’s a good idea for Windows users to get into the habit of updating at least once a month, but for regular users (read: not businesses) it’s generally safe to wait a few days afterward. the release of fixes, so that Microsoft has time. to iron out the loopholes in the new armor.

But before updating, please make sure you have backed up your system and / or important files. It is not uncommon for a Windows update package to water its system or prevent it from starting properly, and some updates are even known to erase or corrupt files.

So do yourself a favor and back up before you install any fixes. Windows 10 even has built-in tools to help you do this, either by file / folder or by making a full, bootable copy of your hard drive at the same time.

And if you want to make sure that Windows has been configured to pause updating so that you can back up your files and / or your system before the operating system decides to restart and install the fixes on its own schedule, check out this guide.

As always, if you have any issues or issues installing any of these fixes this month, please consider leaving a comment about it below; there is a better chance that even other readers have been through the same thing and can provide some useful advice here.

Tags: CVE-2020-16898, CVE-2020-16947, Dustin Childs, Patch Flash Player, Ivanti, mcafee, Microsoft Patch Tuesday October 2020, Steve Povolny, Todd Schell, trend micro, Zero Day Initiative

This entry was posted on Tuesday October 13th, 2020 at 4:10 pm and is filed under Time to Patch. You can follow comments to this entry through the RSS 2.0 feed. You can skip to the end and leave a comment. Ping is currently not allowed.

[the_ad id="1278432"]
Previous Post

Rhian Sugden flaunts her many assets and supple legs in a racy semi-sheer lingerie

Next Post

Oil and gas lobby sets out to embrace green investors – Financial Times

Related Posts

Sony’s Latest 120Hz Smart Google TVs Reach All-Time Highs With Up To $1,300 Off, Deals From $1,098 – 9to5Toys
Technology

Sony’s Latest 120Hz Smart Google TVs Reach All-Time Highs With Up To $1,300 Off, Deals From $1,098 – 9to5Toys

03.10.2023
0

Amazon is now offering great deals on Sony 4K Ultra HD X90L BRAVIA XR Model 2023 Smart TVs, starting with...

Read more
Microsoft makes the Windows 11 setup process less annoying with a… – The Verge

Microsoft makes the Windows 11 setup process less annoying with a… – The Verge

03.10.2023
You can install macOS Sonoma on your unsupported Macs with this app – XDA Developers

You can install macOS Sonoma on your unsupported Macs with this app – XDA Developers

03.10.2023

Arm fixes bugs in Mali GPUs that affect Android phones and Chromebooks – CSO Online

03.10.2023

HFR Networks Announces flexiTester Field Testing Solution for Optical Services

03.10.2023

Explained: Apple’s Conversation Awareness feature and how it helps users

03.10.2023
Load More
Next Post

Oil and gas lobby sets out to embrace green investors - Financial Times

Recent Posts

  • Are junk bonds sending a bearish message to the stock market? – View the market
  • Sony’s Latest 120Hz Smart Google TVs Reach All-Time Highs With Up To $1,300 Off, Deals From $1,098 – 9to5Toys
  • Billie Eilish receives the BRIT Billion Award
  • Martin Scorsese’s 5 biggest box office hits have 1 thing in common
  • Jim Cramer’s Top 10 Things to Watch in the Stock Market Tuesday – CNBC

Archives

  • October 2023
  • August 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • EN

© 2020

No Result
View All Result
  • World
  • Economics
  • Sport
    • Basketball
    • Football
    • Nfl
    • Golf
    • F1
    • UFC
  • Technology
  • Culture
    • Arts
  • Media
    • Film
    • Celebs
    • TV
  • LifeStyle
    • Auto
  • Travel

© 2020

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.