Windows on Omid Farhang

End of Microsoft Windows 7 security updates from today

Tue, 10 Jan 2023 17:56:31 +0330

Starting today, January 10th, Windows 7 Enterprise and Professional operating systems will no longer receive security updates. Thus, computers that still run these OS will no longer be protected against critical vulnerabilities.

Apart from the operating system itself, browsers (both Edge and third-party browsers), as well as services from other non-Microsoft vendors, such as NVIDIA, have confirmed that they have also stopped offering new security patches in Windows 7.

Actions to be taken

You should upgrade your Microsoft Windows to newer versions, if your hardware does not support Windows 11, you may upgrade to Windows 10 or maybe consider switching to another Operation System like Linux.

Cross-platform botnet targets SSH-enabled devices

Mon, 12 Dec 2022 23:37:43 +0330

Microsoft researchers found a cross-platform botnet that originates from malicious software downloads on Windows devices & succeeds in propagating to a variety of Linux-based devices by enumerating default credentials on internet-exposed SSH-enabled devices.

Microsoft researchers observed that the initial infection points related to the botnet were devices infected through the installation of malicious cracking tools that purport to acquire illegal Windows licenses. The cracking tools contain additional code that downloads and launches a fake version of svchost.exe through a PowerShell command. In some cases, the downloaded file is named svchosts.exe.

Gates spends entire first day back in office trying to install Windows 8.1

Fri, 07 Feb 2014 23:53:22 +0000

REDMOND, WASHINGTON (The Borowitz Report)—Bill Gates’s first day at work in the newly created role of technology adviser got off to a rocky start yesterday as the Microsoft founder struggled for hours to install the Windows 8.1 upgrade.

The installation hit a snag early on, sources said, when Mr. Gates repeatedly received an error message informing him that his PC ran into a problem that it could not handle and needed to restart.

Microsoft's September Patch Tuesday closes important XSS holes

Wed, 12 Sep 2012 19:27:00 +0000

h-online: On its September Patch Tuesday, Microsoft released two security updates that are rated as important and which close holes in Visual Studio Team Foundation Server 2010 (TFS) and Systems Management Server 2003 and 2007. Both updates fix cross-site scripting (XSS) vulnerabilities in the web interfaces that allow attackers to execute arbitrary code in the victim’s browser.

As the holes enable an attacker to access the web interfaces at the user’s privilege level, Microsoft has classified them as privilege escalation vulnerabilities. The company notes that, to its knowledge, neither of the holes is being actively exploited for attacks.

Final version of Windows 8 leaked online, No Windows Media Player yet

Fri, 03 Aug 2012 09:57:00 +0000

Ubergizmo: Good news for those looking to get their hands on Windows 8 before everyone else does, the final build of Windows 8 has just been leaked online. This news comes a day after it was announced that the final version of Windows 8 had been finished. MSDN and TechNet customers won’t be able to download their version of Windows 8 until August 15th, an enterprise version of Windows 8 is currently making rounds at different file sharing websites across the web.

Update for Windows Update has teething troubles

Mon, 25 Jun 2012 16:42:00 +0000

Microsoft has released an unscheduled, non-patch day update for Windows to update the Windows Update function itself. However, according to reports from readers, the Windows Update Agent update does not always run smoothly; The H’s associates at heise Security also ran into problems on their test systems.

A staggered dissemination of the update has been taking place over the past three to four days. Users who run Windows Update are confronted with a message which says that an update for Windows Update needs to be installed before the system can check for other updates.

Critical holes closed in Microsoft's June Patch Tuesday

Thu, 14 Jun 2012 08:00:00 +0000

The H-Online: Microsoft has released seven security bulletins fixing a total of 27 security holes, 13 of them in Internet Explorer. The rest of the patches affect all currently supported Windows versions, the .NET Framework, Remote Desktop, Lync and Dynamics AX. A patch that had been announced for Visual Basic for Applications has yet to be released.

The most important updates are bundled in the cumulative Internet Explorer patch (MS12-037), which includes fixes for the holes that were targeted by Pwn2Own exploits. Microsoft is the last of the companies to close the exposed holes that were targeted during the Pwn2Own competition; Google and Mozilla fixed their browsers in March. According to Michael Kranawetter, Microsoft’s Chief Security Advisor in Germany, the IE patch also affects the Windows 8 Consumer Preview, and therefore Internet Explorer 10.

Microsoft revokes certificates used to sign the Flame trojan

Mon, 04 Jun 2012 13:37:00 +0000

Avira TechBlog Wrote:

Microsoft released Security Advisory 2718704 which revokes some certificated which apparently were used to sign the trojan Flame__.

In a blog post, Microsoft explains how they discovered that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft. The certificates issued by the Terminal Services licensing certification authority, which are intended to only be used for license server verification, were also used to sign code and make it look like as if it was originated from Microsoft.

Windows XP in update loop

Wed, 23 May 2012 12:37:00 +0000

H-Online: Users of Windows XP are reporting more problems with recent automatic updates. Three security updates for .NET Framework 2.0 and 3.5 are at the center of the problem, labeled as patches KB2518664, KB2572073 and KB2633880 in Windows XP’s automatic update feature.

On affected systems, the installation of these patches proceeds without error but after a short time, the update service says it would like to install them again and will keep reinstalling the patches if allowed. Microsoft’s general advice in this situation is to reset Windows Update components, though it has yet to offer any specific advice. It is interesting to note that the three patches in question were not released on Microsoft’s official patch day.

Microsoft Patch Tuesday more extensive than anticipated

Thu, 10 May 2012 09:43:00 +0000

The H-Online: As previously announced, Microsoft has released seven bulletins to close a total of 23 vulnerabilities on its May Patch Tuesday. The total number of bulletins belies the scope of the patches, however, as the combined update MS12-034 closes various holes in numerous products.

The reason for this is a critical hole in the code for processing TrueType fonts that was exploited by the Duqu spyware last year. The hole was closed in the Windows kernel on the December Patch Tuesday; however, Microsoft has since used a code scanner to track down the vulnerable code in numerous other components; among them is the gdiplus.dll library, which is used by various browsers to render web fonts.

Microsoft and Adobe to address critical vulnerabilities on Patch Tuesday

Sat, 07 Apr 2012 20:12:00 +0000

The H-Online: The Tuesday after the Easter weekend, 10 April, is set to be a busy one for system administrators as Microsoft and Adobe have sent out notifications that they will both be issuing fixes for critical vulnerabilities in their products.

Microsoft’s April notification says there will be four critical advisories concerning Microsoft Windows, Internet Explorer, .NET Framework, Office, SQL Server, Microsoft Server and Developer tools, which all lead to remote code execution. A fifth remote code execution vulnerability in Office is marked as important, as is a sixth information disclosure issue in Microsoft’s Forefront United Access Gateway. The critical bulletins will affect all versions of Windows, from Windows XP SP3 to Windows Server 2008R2. One critical bulletin for Internet Explorer covers IE 6, 7, 8 and 9

Microsoft's Patch Tuesday will close a critical Windows vulnerability

Sat, 10 Mar 2012 16:22:00 +0000

The H-Security: Next week’s Patch Tuesday sees Microsoft planning to publish a total of six bulletins, including one that addresses a critical vulnerability in all versions of Windows from Windows XP service pack 3 to Windows 7 service pack 1 and Windows Server 2008 R2. The rating means that the hole enables attackers to infect a system via the internet and inject malicious code. Other bulletins will address a privilege elevation flaw which affects the same span of Windows versions.

Microsoft to send users 4 critical patches on Valentine's Day

Sun, 12 Feb 2012 18:22:00 +0000

The Register: Microsoft plans to publish nine updates next Tuesday – four of which are critical – as part of a Valentine’s Day edition of its Patch Tuesday update cycle.

Highlights of the batch, which collectively address 21 vulnerabilities, include a critical update for Internet Explorer.

There are also two critical fixes for Windows itself, plus one for Microsoft’s .NET framework. Three the five remaining “important” fixes grapple with remote code execution-type vulnerabilities, one of which involves Office. Flaws of this type are best addressed sooner rather than later because they might easily be exploited by malware slingers.

A Valentine’s Day Sweepstakes: Win a Pink SONY VAIO Y

Wed, 08 Feb 2012 22:56:00 +0000

Windows Experience Blog wrote:

If you’ve been reading the blog lately, you know that I’m trying to bring back Valentine’s Day as a cool hip holiday. It’s not my fault; really, I’m just a sucker for a love note. The best thing about a Valentine’s Day card, to be honest, isn’t the words (they are always cheesy) – it’s the thought. With that thought in mind, we headed to the wilderness to create this card for you.

German government makes recommendations for secure Windows PCs

Mon, 06 Feb 2012 16:31:00 +0000

The H-Online: The German Federal Office of Information Security (BSI (German), BSI English) has compiled security recommendations for Windows PCs that will probably sound familiar to regular readers of The H: Anti-virus software – including free solutions –, backups, security updates, an alternative browser such as Google Chrome and “a healthy level of mistrust” are the main components of its proposal for a secure Windows PC. As the UK lacks a governmental organization that makes such recommendations, as usually such organizations recommend policy for public projects, it is worth seeing what Germany’s BSI suggests.

One in four Windows 7 PC run out of date anti-malware

Fri, 16 Sep 2011 17:00:00 +0000

MSDN: One of the things we talk quite a bit about with Windows 8 is making sure Windows is a safe, secure, and reliable computing environment. We have always provided a broad range of solutions for achieving these goals and work closely with a broad range of industry partners. We continue to enhance these capabilities with Windows 8 while making sure you always have choice and control over how to protect and manage your PC. With Windows 8 we are extending the protections provided by Defender to address a broader range of potential threats. Jason Garms, the group program manager of our reliability and security team authored this post that represents work across several teams. –Steven

Microsoft closes holes in Windows and Office

Wed, 14 Sep 2011 19:08:00 +0000

The H-Security: Microsoft has released two updates for Windows and three for Office to close various security holes. All five updates have only been rated “important” by the company.

A hole in WINS enables local attackers to escalate their privileges on a system. Another patch prevents a new variant of binary planting, or DLL hijacking, attacks that can cause Windows to load DLLs from shared network volumes without the user’s permission. This allows attackers to execute code on a computer via specially crafted DLLs. Microsoft has been struggling to contain the insecure DLL loading problem with numerous patches released since mid 2010.

Microsoft To Improve File Management Processes In Windows 8

Thu, 25 Aug 2011 10:38:00 +0000

Windows 8 News Blog: The recently created Building Windows 8 blog seems to be up in full swing, with new articles about the upcoming operating system being released regularly. Steven Sinofsky revealed in “Improving our file management basics: copy, move, rename, and delete” that Microsoft intents to improve file management processes under Windows 8.

According to Steven, Microsoft had three goals to improve the copy experience:

One place to manage all copy jobs: Create one unified experience for managing and monitoring ongoing copy operations.
Clear and concise: Remove distractions and give people the key information they need.
User in control: Put people in control of their copy operations.

Consolidating the copy experience is a great idea. This means that you won’t have to deal with multiple copying windows when you run multiple copy or move operations in the operating system. All copy jobs are now consolidated in one screen.

Get Ready for Microsoft 13 updates for August Patch Tuesday

Fri, 05 Aug 2011 14:56:00 +0000

The Hacker News: Microsoft has announced that it will release 13 bulletins to address 22 vulnerabilities in Windows, Office, Internet Explorer, .NET and Visual Studio on its next Patch Tuesday. Another “critical” bulletin affects Windows server operating systems, and addresses a code-execution risk on unpatched systems. Also of note is an update restricted to newer versions of Windows (Windows 7 and Windows 2008) that tackles a potential, though difficult to exploit, code-execution risk.

QuickTime 7.7 closes security holes

Thu, 04 Aug 2011 14:06:00 +0000

H-Security Online: Version 7.7 of QuickTime is now available for users running Windows XP SP2 or later and Mac OS X v10.5.8 Leopard. The maintenance and security update addresses a total of 14 security vulnerabilities in the multimedia application.

QuickTime 7.7 closes holes on both platforms that could be used by an attacker to, for example, crash the application or execute arbitrary code on a victim’s system. For an attack to be successful, a victim must first open a specially crafted file or a malicious web site. A cross-origin issue that may lead to the disclosure of video data from another web site has also been fixed. The company notes that, for Mac OS X 10.6 users, these holes have already been addressed in 10.6.8; the latest version of Mac OS X, 10.7 Lion, is not affected.