Most Valued Members peteyt 396 Posted May 19, 2019 Most Valued Members Posted May 19, 2019 Saw this on BBC news about a flaw that apparently was so bad Microsoft has released fixes for XP and some other unsupported versions. Couldn't see Vista but Windows 10 is not affected. https://www.bbc.co.uk/news/technology-48295227 Am I the only one thinking this is a wrong move? Like the Wannacry fix, people who are still using XP could be just persumming next time there is an issue like this they will patch it. XP is so out of date now no matter how many fixes they release it will still be insecure. I can imagine the kind that refuse to update are the people who would complain when something did happen. I'd rather myself Microsoft just left it but I suppose some businesses still also use it with software that won't work on modern OS's and too expensive to get it sorted. People may complain about Windows 10 but security wise it's far better than windows used to be.
itman 1,801 Posted May 19, 2019 Posted May 19, 2019 Microsoft extended support for XP embedded versions just ended on 4/9/2019. I assume that was one factor. Also "in a blast from the past" when MS introduced Win 7, they offered a downgrade option from devices with Win 7 installed to XP for a limited time. This in effect extended XP support on those devices to the end-of-life date for Win 7; i.e. Jan., 2020. The requirement for this was: Quote The downgrade rights are available only from OEM copies of Windows 7, those that are pre-installed by computer https://www.computerworld.com/article/2519032/microsoft-extends-windows-xp-downgrade-rights-until-2020.html So technically speaking, Win XP is still support abet in a limited scope.
Most Valued Members Nightowl 206 Posted May 19, 2019 Most Valued Members Posted May 19, 2019 But even though that it's on limited support , I do believe it's a bit risky to use Windows XP for any kind of usage.
itman 1,801 Posted May 19, 2019 Posted May 19, 2019 2 hours ago, peteyt said: Couldn't see Vista but Windows 10 is not affected. All Windows versions through Win 7 are affected. Also older Win Server OS versions.
itman 1,801 Posted May 19, 2019 Posted May 19, 2019 2 minutes ago, Rami said: I do believe it's a bit risky to use Windows XP for any kind of usage. So is using Win 7 as far as I am concerned.
Most Valued Members peteyt 396 Posted May 19, 2019 Author Most Valued Members Posted May 19, 2019 2 hours ago, itman said: So is using Win 7 as far as I am concerned. Definitely. I understand some of the privacy aspects put people off. Its not something I'm knowledgeable about but I remember complaints about Cortana and location with people complaining about MS knowing this information but many seemed to use Siri which is just the same. Many people seem to want something that can basically know the user and give recommendations based on the user without giving information
Most Valued Members Nightowl 206 Posted May 20, 2019 Most Valued Members Posted May 20, 2019 12 hours ago, peteyt said: Definitely. I understand some of the privacy aspects put people off. Its not something I'm knowledgeable about but I remember complaints about Cortana and location with people complaining about MS knowing this information but many seemed to use Siri which is just the same. Many people seem to want something that can basically know the user and give recommendations based on the user without giving information Switch to Linux if you can , you won't regret it But even in Windows 10 , you can disable all of the Cortana features and also the location and so on.
Most Valued Members peteyt 396 Posted May 20, 2019 Author Most Valued Members Posted May 20, 2019 32 minutes ago, Rami said: Switch to Linux if you can , you won't regret it But even in Windows 10 , you can disable all of the Cortana features and also the location and so on. I do want to look into Linux one day. I know its gotten better but I've heard you need to know a lot of commands and drivers can be a pain
itman 1,801 Posted May 20, 2019 Posted May 20, 2019 (edited) The Win Server versions vulnerable to this are noted below. The question is how many Eset installations have applied it? And it is a Remote Desktop Services vulnerability: Quote Microsoft has released patches for Windows 7 and Windows Server 2008, along with Windows XP and Windows Server 2003, which are no longer supported. Windows 8 and Windows 10 are not affected. Users of Windows 7 and Server 2008 can block unauthenticated attackers from exploiting the flaw by enabling Network Level Authentication (NLA). The threat can also be mitigated by blocking TCP port 3389 at the perimeter firewall. https://www.securityweek.com/wormable-windows-rds-vulnerability-poses-serious-risk-ics Edited May 20, 2019 by itman
Most Valued Members peteyt 396 Posted May 21, 2019 Author Most Valued Members Posted May 21, 2019 22 hours ago, itman said: The Win Server versions vulnerable to this are noted below. The question is how many Eset installations have applied it? And it is a Remote Desktop Services vulnerability: https://www.securityweek.com/wormable-windows-rds-vulnerability-poses-serious-risk-ics Off topic slightly what is the best and easiest way to prevent windows telemetry and do you think this should be something security programs should try to prevent/block or is it beyond what they should do?
itman 1,801 Posted May 21, 2019 Posted May 21, 2019 1 hour ago, peteyt said: Off topic slightly what is the best and easiest way to prevent windows telemetry and do you think this should be something security programs should try to prevent/block or is it beyond what they should do? Win 10 is the main OS that introduced OS telemetry on a level previously unheard of. As far as Win telemetry goes, some of the concerns are well founded whereas others boarder on paranoia. Microsoft designed Win 10 to "be chatty" that is, to provide constant feedback to its monitoring servers. "It's the nature of the animal" so to speak and nothing is going to change that abet direct government intervention against Microsoft. As far as security software getting involved with this, it is frankly out of the scope of what they were designed for. The assumption here is whatever Microsoft is doing telemetry wise is per se legit activity. At least whatever they are doing isn't malicious in intent. Whereas it is possible to "harness" Win 10 telemetry manually, the easiest and safest was to do so is by using third party software designed for this purpose. I use O&O Shutup10: https://www.oo-software.com/en/shutup10 and run it using the default recommended settings. These will block most of the objectionable telemetry activities and leave it place the telemetry activities Win 10 needs to function properly. Assumed is some of these allowed telemetry activities do have purposes other than just legit system activities. Remember that Microsoft provided the Home version for free. In the real world, there is no such thing as a "free lunch."
Most Valued Members peteyt 396 Posted May 22, 2019 Author Most Valued Members Posted May 22, 2019 18 hours ago, itman said: As far as security software getting involved with this, it is frankly out of the scope of what they were designed for. I mentioned this as I saw spybot search and destroy now offer protection against it
itman 1,801 Posted May 22, 2019 Posted May 22, 2019 41 minutes ago, peteyt said: I mentioned this as I saw spybot search and destroy now offer protection against it Have no desire to spend $$$ for this. Has anyone tested how effective it is against all Win 10 telemetry? Quote Our anti-telemetry tool Anti-Beacon Plus is available to all users of the Spybot Professional and the commercial editions.
Most Valued Members peteyt 396 Posted May 22, 2019 Author Most Valued Members Posted May 22, 2019 2 hours ago, itman said: Have no desire to spend $$$ for this. Has anyone tested how effective it is against all Win 10 telemetry? It looks like there is a trial https://www.safer-networking.org/products/spybot-anti-beacon/ but as someone who doesn't know about telemetry I wouldn't be the best to test it
itman 1,801 Posted May 22, 2019 Posted May 22, 2019 (edited) 2 hours ago, peteyt said: It looks like there is a trial https://www.safer-networking.org/products/spybot-anti-beacon/ but as someone who doesn't know about telemetry I wouldn't be the best to test it Here's an article from a reliable source that basically recommends no third party software be used to try harness Win 10 telemetry: https://www.howtogeek.com/273513/why-you-shouldnt-use-anti-spying-tools-for-windows-10/ Again, I have had no issues using O&O ShutUp10 at default settings. Also, O&O is an authorize Microsoft VAR; translation - they are first not going to disable any necessary telemetry activities and second, it can be assumed some telemetry activities of the non-necessary type are allowed. Additionally, O&O does allow you to shut down all telemetry if you wish which is definitely not recommended. Edited May 22, 2019 by itman
itman 1,801 Posted May 23, 2019 Posted May 23, 2019 Eset now has a security blog article on this vulnerability: https://www.welivesecurity.com/2019/05/22/patch-now-bluekeep-vulnerability/ . Of note is Microsoft issued no patch to Vista for this.
Most Valued Members peteyt 396 Posted May 24, 2019 Author Most Valued Members Posted May 24, 2019 16 hours ago, itman said: Eset now has a security blog article on this vulnerability: https://www.welivesecurity.com/2019/05/22/patch-now-bluekeep-vulnerability/ . Of note is Microsoft issued no patch to Vista for this. I notice they state Vista has no patch. Noticed this previously and wondered why considering xp is older than Vista. Is this down to usage e.g. many older businesses still using xp?
itman 1,801 Posted May 24, 2019 Posted May 24, 2019 (edited) 2 hours ago, peteyt said: I notice they state Vista has no patch. Noticed this previously and wondered why considering xp is older than Vista. Is this down to usage e.g. many older businesses still using xp? I am not sure what Eset published is 100% correct. Dell has a good article on OS downgrading rights here: https://www.dell.com/support/article/us/en/04/sln294589/an-understanding-of-both-your-microsoft-windows-downgrade-rights-and-downgrading-from-windows-8-8-1-and-10?lang=en . The "gotcha" is only non-Home versions were offered downgrading rights which would have extended their end-of-support date to the like date from the product they downgraded from. This means that the Vista business versions, if they were downgraded from a like Win 7 version, are still supported until the Win 7 end-of-life date in Jan., 2020. This would imply that the patch was also offered to these Vista versions. Edited May 24, 2019 by itman
Most Valued Members Nightowl 206 Posted May 26, 2019 Most Valued Members Posted May 26, 2019 It's crazy that people still use Vista and XP , I could understand people using Windows 7 but those other 2 are obsolete at the moment.
Most Valued Members peteyt 396 Posted May 26, 2019 Author Most Valued Members Posted May 26, 2019 4 hours ago, Rami said: It's crazy that people still use Vista and XP , I could understand people using Windows 7 but those other 2 are obsolete at the moment. Yeah its like I said I get why people don't like windows 10 but its far more secure and you can customise it and even make it look like previous versions. I've always compared using XP like a prison with a fence but a massive hole in it. You can have all the security and extras but it doesn't change the fact that theres a big hole in the fence and until its fixed theres always a risk.
itman 1,801 Posted May 29, 2019 Posted May 29, 2019 (edited) One Million Devices Open to Wormable Microsoft BlueKeep Flaw Quote One million devices are still vulnerable to BlueKeep, a critical Microsoft bug with “wormable” capabilities, almost two weeks after a patch was released. The flaw (CVE-2019-0708) was fixed during Microsoft’s May Patch Tuesday Security Bulletin earlier this month. System administrators were urged to immediately deploy fixes as the flaw could pave the way for a similar rapidly-propogating attack on the scale of WannaCry. Despite that, researchers on Tuesday warned that one million devices linked to the public internet are still vulnerable to the bug. Making matters worse, a spike in scans for vulnerable systems was spotted over the weekend – potentially indicating that bad actors are looking to sniff out the activity. Errata Security’s Graham conducted a scan using his Masscan Internet-scale port scanner (which searches for open ports) to look for the port (3389) used by Remote Desktop. This pinpointed all open ports – from there, in order to discover whether or not they were vulnerable, Graham used a Remote Desktop Protocol scanning project developed by the Shadowserver Foundation. From there, he found that almost one million devices both reliably talk to the Remote Desktop protocol and are vulnerable to BlueKeep. “The upshot is that these tests confirm that roughly 950,000 machines are on the public Internet that are vulnerable to this bug,” said Graham. “Hackers are likely to figure out a robust exploit in the next month or two and cause havoc with these machines.” In the meantime, vendors are coming out with their own advisories for vulnerable devices. Several impacted devices include Siemens devices used in the medical space – including radiation oncology products, laboratory diagnostics products, Radiography and Mobile X-ray products and point of care diagnostics products. https://threatpost.com/one-million-devices-open-to-wormable-microsoft-bluekeep-flaw/145113/ Edited May 29, 2019 by itman
zafirkalvin 0 Posted July 12, 2019 Posted July 12, 2019 (edited) I do believe Nox Vidmate VLC it's a bit risky to use Windows XP for any kind of usage. Edited July 13, 2019 by zafirkalvin
itman 1,801 Posted July 12, 2019 Posted July 12, 2019 (edited) As noted in the above linked Eset research article on this vulnerability, all Windows desktop versions except Win 8.1 and 10 are affected: Quote The flaw, listed as CVE-2019-0708, affects multiple in-support and out-of-support versions of Microsoft’s operating systems. Users of Windows 7, Windows Server 2008 R2, and Windows Server 2008 with automatic updates enabled are protected. Microsoft also issued special updates for two non-supported versions – namely Windows XP and Windows Server 2003 – which are available via this site. Windows 8 and Windows 10 are not affected by the vulnerability. Edited July 12, 2019 by itman
zafirkalvin 0 Posted July 17, 2019 Posted July 17, 2019 (edited) On 5/19/2019 at 5:53 PM, peteyt said: Saw this on BBC news about a flaw that apparently was so bad Microsoft has released fixes for XP and some other unsupported versions. Couldn't see Vista but Windows 10 is not affected. Am I the only one thinking this is a wrong move? Like the Wannacry fix, people who are still using XP could be just persumming next time there is an issue like this they will patch it. XP is so out of date now no matter how Redtube Beeg Spankbang many fixes they release it will still be insecure. I can imagine the kind that refuse to update are the people who would complain when something did happen. I'd rather myself Microsoft just left it but I suppose some businesses still also use it with software that won't work on modern OS's and too expensive to get it sorted. People may complain about Windows 10 but security wise it's far better than windows used to be. I do believe it's a bit risky to use Windows XP for any kind of usage. Edited July 17, 2019 by zafirkalvin
SeriousHoax 87 Posted July 17, 2019 Posted July 17, 2019 It's better to use an open source tool like this to block Windows Telemetry: https://github.com/10se1ucgo/DisableWinTracking/releases/
Recommended Posts