Microsoft Patch Tuesday fixes 27 Remote Code Execution Flaws

Posted on

Yesterday was Microsoft’s monthly Patch Tuesday. This time, they come with fixes for 48 vulnerabilities, with 27 that could result in remote code execution exploits. The problems exist within Windows, IE, Edge, Sharepoint, SQL Server, Hyper-V, the Windows Subsystem for Linux, and the Windows Kernel itself.

Experts are recommending prioritizing CVE-2017-8620, which is a vulnerability within Windows Search.

Make sure to get your systems patched and update and stay safe out there!

“This is by far the most critical bug for this month,” says Dustin Childs at the Zero Day Initiative, which reports CVE-2017-8620 is “under active attack.” A previous Search flaw also allowed a malicious SMB request to execute code on target machines.

“As with the previous Search flaw, within an enterprise, an attacker could remotely trigger the vulnerability through an SMB connection and then take control of a target computer,” he adds. “That’s pretty close to wormable and just the sort of thing malware writers look for in a bug.”

Read More

Windows Server Insider Build 16257 released

Posted on

The Windows Server Insiders Team has released a new build for those running the new Windows Server Insider Preview. The Windows Subsystem for Linux has been released on the Server build, which is a great addition. Check out the blog post for more.

What’s New in Build 16257 for Windows Server

Windows Subsystem for Linux (WSL) is available on Windows Server

  • Windows Subsystem for Linux (WSL) is now available on Windows Server along with a compliment of Linux distributions.

  • Test WSL on Windows Server.  WSL runs unmodified Linux (ELF64) binaries natively.  With the additions of WSL you can run node.js, Ruby, Python, Perl, Bash scripts or other tools that expect Linux behaviors, environment, or filesystem-layout, the ability to install and run Linux with WSL expands the tools at your disposal on Windows Server.

  • At this time, WSL does not support persistent Linux services (such as daemons and jobs) as background tasks. To enable WSL and install a Linux distribution, see Enable the Windows Subsystem for Linux and Install a Linux distribution in the Windows Server 2016 Installation Guide on GitHub.

  • Read more in this blog or follow the installation guide to try it out.

Read More

Fast Ring Build Released–Build 16251

Posted on

A new build, 16251, has been released to the fast ring. Quite a few nice additions in this build, but the Settings page is going to start getting crowded!

As always, make sure and read the known issues before upgrading. You might find a show stopper in your case. Many times, it’s an issue that is just annoying or doesn’t affect you at all.

Known issues for PC

  • If you installed Builds 16226-16237 and upgrade to this build, Storage Spaces will not work correctly. While Build 16241 contained a fix for the general reported issue with Storage Spaces in that build range, we discovered that the fix only applies for computers not already in the bad state, and need to do some extra work to return those already impacted to the good state. Special thanks to the Insiders that have helped us investigate this!

  • Trying to use the dictation hotkey (WIN + H) in UWP apps won’t work – you’ll see the UI come up and immediately dismiss. If you’d still like to use dictation, the microphone in the touch keyboard will work. You can right-click the Taskbar for an option to show the touch keyboard button if it’s not already visible.

  • We’re investigating your reports that after upgrading to the latest Insider Preview builds, some network settings are lost and revert to default settings. Static IP address configuration is reverted to DHCP. Networks which were marked as private are reverted to public. After the upgrade you will need to manually readjust your network settings back to your preferred settings.

  • Start, Action Center and notification toasts may at times have a background that is 100% transparent. A fix will be available in later flight – for now, if you encounter this issue, try ending ShellExperienceHost.exe via Task Manager or rebooting to resolve the issue.

  • Connecting to a VPN using a solution downloaded from the Windows Store may result in a system crash.

  • The battery flyout might show unexpected text for the % charged (specifically “%1!s!%2!s!% until fully charged”).

Read More

Announcing the Windows Bounty Program

Posted on

Microsoft has announced the Windows Bounty Program for computer security professionals (or those that enjoy looking for security vulnerabilities). The target areas are the Windows Insider slow builds of Windows 10, Hyper-V, Microsoft Edge, Windows Defender Application Guard and the mitigation bypass and bounty for defense. The payouts for finding an exploitable vulnerability range from $500 – $250,000.

The overall program highlights:

  • Any critical or important class remote code execution, elevation of privilege, or design flaws that compromises a customer’s privacy and security will receive a bounty
  • The bounty program is sustained and will continue indefinitely at Microsoft’s discretion
  • Bounty payouts will range from $500 USD to $250,000 USD
  • If a researcher reports a qualifying vulnerability already found internally by Microsoft, a payment will be made to the first finder at a maximum of 10% of the highest amount they could’ve received (example: $1,500 for a RCE in Edge, $25,000 for RCE in Hyper-V)
  • All security bugs are important to us and we request you report all security bugs to secure@microsoft.com via Coordinated Vulnerability Disclosure (CVD) policy
  • For the latest information on new Windows features included in the Insider Previews, please visit the Windows 10 Insider Program Blog
Read More

Windows Server Insider Preview Build 16237

Posted on

The Windows Insider team has released the first Windows Server Insider build – build 16237. This is great for those IT professionals wanting to be on the bleeding edge and learn the new capabilities of the Windows Server OS. In a non-production environment, of course (although, what’s that saying? All environments are dev if you’re brave enough. 🙂 ).

As always, make sure to read the release notes to see if there are any issues that might affect you directly.

Today we are very excited to be releasing the first Windows Server Insider Preview to Windows Insiders: Build 16237. To access to the latest Windows Server preview release, register at the Windows Insiders for Business program or the Windows Insider Program.

Windows Server Datacenter Core and Standard Core editions are headless operating systems and are best managed remotely. For more information, please refer to Configure a Server Core installation of Windows Server with Sconfig.cmd. Updated remote administration information will be provided with future Insider releases.

Read More

More Builds – 16241 for PC and 15230 for Mobile – and Another Bug Bash

Posted on

The Insider team has released new builds for PC (16241) and for Mobile (15230) today. And, the upcoming and final Bug Bash for the Fall Creators Update. With the Bug Bash also comes a couple Mixer (formally Beam) webcasts. If you see MSTechpages there, be sure to say hi!

We’re really excited to do our 2nd (and final) Bug Bash for the Windows 10 Fall Creators Update! The Bug Bash will start at 12am (Pacific Time) on Friday July 14th and will run a full week ending at 11:59 pm (Pacific Time) on Sunday July 23rd. This build will be our Bug Bash build. As usual, we will be publishing new quests so be sure to open Feedback Hub and complete as many quests as you can!

And we’ll also be doing Mixer webcasts at the following dates and times for the Bug Bash:

  • Tuesday July 18th: 1:30pm – 3:00pm (Pacific Time)

  • Friday July 21st: 10:00am – 11:30am (Pacific Time)

Read More

Critical Flaws in Windows NTLM Protocol

Posted on

This Patch Tuesday from Microsoft includes patches for Windows that affects all Windows OS’s released since 2007. Swati Khandelwal has a post about the new vulnerabilities and how they could be exploited. Make sure you run Windows Update to grab the latest updates and protect yourself from these vulnerabilities.

Researchers at behavioral firewall specialist Preempt discovered two zero-day vulnerabilities in Windows NTLM security protocols, both of which allow attackers to create a new domain administrator account and get control of the entire domain.

NT LAN Manager (NTLM) is an old authentication protocol used on networks that include systems running the Windows operating system and stand-alone systems.

Although NTLM was replaced by Kerberos in Windows 2000 that adds greater security to systems on a network, NTLM is still supported by Microsoft and continues to be used widely.

Read More

Build 16237 for PC’s for Fast Ring Insiders

Posted on

Good news for those in the Fast Ring for the Windows Insider program on the desktop. A new build, 16237, has been released. Also, starting July 14th, a new Bug Bash begins! These are fun, a lot of quests to learn more about the new updates and features in the OS, as well as provide feedback and bug reports on those features. It’s always fun! A lot of new improvements this build, too.

Upcoming Bug Bash

We’re really excited to do our 2nd (and final) Bug Bash for the Windows 10 Fall Creators Update! The Bug Bash will start at 12am (Pacific Time) on Friday July 14th and will run a full week ending at 11:59 pm (Pacific Time) on Sunday July 23rd. As usual, we will be publishing new quests and will be doing some Mixer webcasts. So be sure to open Feedback Hub and complete as many quests as you can! More details to come early next week!

Read More

Build 16232 for PC and 15228 for Mobile Released

Posted on

I’m getting slow! It’s been a couple hours since these were released. Build 16232 for the PC and 15228 for Mobile have been pushed out to Fast ring insiders. Some new Windows Defender features that sound nice.

Make sure to read the Known Issues before updating. Some might be a deal breaker for you, or you might have a problem and want to report it but it’s already known.

Known issues for PC

  • Your PC may fail to update to this build with an 0x80070643 and rolls back to the previous build. We are investigating.

  • We’re continuing to investigate reports that the battery status on certain laptops isn’t updating while the device is unplugged. If you think you are seeing this, please send in feedback via Feedback Hub and use the capture feature when logging your feedback so we can get your logs.

  • You may notice some of your inbox apps are now displaying a name that looks like “ms-resource:” and are listed at the bottom of Start. We’re investigating. In the meantime, the app should still launch normally, it’s only the name resource that’s impacted.

  • Some UWP apps such as Twitter will crash on launch.

  • Xbox Live in-game experiences may fail to load. These include gamer profiles, achievement details, and other dialogs that may pop up on top of an Xbox Live-enabled game.

  • Please avoid doing a PC reset via Settings > Update & security > Recovery and choosing “Remove everything”. This may put your device into a reboot loop.

  • Task Manager may hang on launch on this build.

 

Read More

Build 16226 for PC – Fast Ring Insiders

Posted on

Another big update for the fast ring insiders! Build 16226 is here for desktop builds! A lot of new Edge features along with some core Windows features. A big addition many gamers have been asking for:

Track your GPU performance: For the Task Manager fans out there, we’re happy to share that we’ve heard your feedback and we’ve updated Task Manager to now include GPU info. Our engineering team used the feedback you gave us that is part of this Feedback Collection https://aka.ms/olx5pn to prioritize and to design the feature – thank you! The Performance tab shows GPU utilization information for each separate GPU component (such as 3D and Video encode/decode), as well as graphics memory usage stats. The Details tab shows you GPU utilization info for each process. Please note that this feature is still under construction and you will find issues and bugs, as always please send us feedback in Feedback Hub under Desktop Environment > Task manager.

Track your GPU performance in Task Manager.

Read More