Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Lord Xeb

[ARS] Four wormable bugs in newer versions of Windows

Recommended Posts

Posted · Original PosterOP
Quote

Similar to the so-called BlueKeep vulnerability Microsoft patched in May, the four bugs the company patched on Tuesday reside in Remote Desktop Services, which allow a user to take control of a remote computer or virtual machine over a network connection. The bugs—indexed as CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, and CVE-2019-1226—make it possible to for unauthenticated attackers to execute malicious code by sending a specially crafted message when a protection known as Network Level Authentication is turned off, as many administrators in large organizations often do...
...

“The vulnerabilities include the latest versions of Windows, not just older versions like in BlueKeep,” independent security researcher Kevin Beaumont told Ars. “There will be a race between organizations to patch systems before people reverse engineer the vulnerability from the patches to learn how to exploit them. My message would be: keep calm and patch.”

Windows machines that have automatic updating enabled should receive the patch within hours if they haven’t already. Installing Tuesday’s patches is the single most effective way to ensure computers and the networks they’re connected to are safe against worms that exploit the newly described vulnerabilities. For people or organizations that can’t update immediately, a good mitigation is to “enable NLA and leave it enabled for all external and internal systems,” Beaumont said in a blog post.

Source

Nasty man! This could get bad before it gets better. Luckily updates will protect you... as long as you update. Back when these wannacry vrisues were going around, I was a data recovery engineer. The shear number of drives we got in with a virus similar to was amazing. 

 

And worse, something like this could make incidents like Baltimore more commonplace. Either that, or start targeting health care, shipping and a good number of organizations slow to respond to stuff like this. 

 

Well, here is to hoping people patch. 


I am Lord Xeb from OCN. Fear me!

"Everyone is an expert in something. Never approach an interaction thinking someone is otherwise. Knowledge is acquired not earned. Always be humble and wise. Never look down on others for simply being ignorant within your realm of expertise." ~ Unknown

Link to post
Share on other sites

i saw worm and thought of this:

this be hackers when they exploit this vulnerability to gain access to some data...


I once wrote a fan fiction between Luke and Dennis for Luke on one of his streams, he never read it, I SPENT 15MIN ON THAT!!!! (read it here: test1.docx )

and i am also the man who asked Linus to set his profile pic on twitter to something awesome: https://twitter.com/samiscool51/status/758526342396715009

(i didn't expect him to reply, nor for it to turn into official merchandise and actually affect LTT's video style!!!! i am god!!!) 

System Config: https://au.pcpartpicker.com/list/yJ2cQV















Anyone reading this is a very nosy wanker....

Link to post
Share on other sites

something seems off

 

Quote

“The vulnerabilities include the latest versions of Windows, not just older versions like in BlueKeep,” independent security researcher Kevin Beaumont told Ars. “There will be a race between organizations to patch systems before people reverse engineer the vulnerability from the patches to learn how to exploit them. My message would be: keep calm and patch.”

and then straight away

Quote

Windows machines that have automatic updating enabled should receive the patch within hours if they haven’t already.

 

is it patched or not?

Link to post
Share on other sites
4 minutes ago, Arika S said:

something seems off

 

and then straight away

 

is it patched or not?

For those of us who have updates on automatic are fine, for those who have them disabled or organizations with alternative update settings might need to ensure they make this update a priority.  


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Link to post
Share on other sites

Obligatory *laughs in Linux*


I spent $2500 on building my PC and all i do with it is play MTGA & watch anime at 720p...

Builds:

The Toaster Project! Northern Bee! The Cassette Deck!

 

The original LAN PC build log! (Old, dead and replaced by The Toaster Project & 5.0)

Spoiler

"Here is some advice that might have gotten lost somewhere along the way in your life. 

 

#1. Treat others as you would like to be treated.

#2. It's best to keep your mouth shut; and appear to be stupid, rather than open it and remove all doubt.

#3. There is nothing "wrong" with being wrong. Learning from a mistake can be more valuable than not making one in the first place.

 

Follow these simple rules in life, and I promise you, things magically get easier. " - MageTank 31-10-2016

 

 

Link to post
Share on other sites

*laugh in XP inside 7 inside 10*  oh wait... *BSOD*

 

i think i received an update this morning. 🤔


| Intel i7-3770@4.2Ghz | Asus Z77-V | Zotac 980 Ti Amp! Omega | DDR3 1800mhz 4GB x4 | 300GB Intel DC S3500 SSD | 512GB Plextor M5 Pro | 2x 1TB WD Blue HDD |
 | Enermax NAXN82+ 650W 80Plus Bronze | Fiio E07K | Grado SR80i | Cooler Master XB HAF EVO | Logitech G27 | Logitech G600 | CM Storm Quickfire TK | DualShock 4 |

Link to post
Share on other sites
15 hours ago, Genwyn said:

*laughs in windows vista*

Isn't Vista even more vulnerable at this point?


Specifications:

Motherboard: Asus X470-PLUS TUF gaming (Yes I know it's poor but I wasn't informed) RAM: Corsair VENGEANCE® LPX DDR4 3200Mhz CL16 2x8GB

CPU: Ryzen 7 2700X @ 4.1Ghz                                                                                         Cooler: Antec K240 with two Noctura Industrial PPC 3000 PWM

Boot drive: Samsung 970 EVO plus 250GB            Second drive: Micron 1100 2TB         GPU: EVGA RTX 2080 ti Black edition @ 2Ghz

Case: Antec P8                                                                                                                    PSU: Antec HGC850

Link to post
Share on other sites
6 hours ago, Bananasplit_00 said:

Obligatory *laughs in Linux*

you beat me!


I am a christian I will not apoligize.

official owner of the worlds only box cooled laptop.

Homo-sapien. The smartest creature on earth. seriusly? this is the best we could do with ourselves?

The unanimous Declaration of the penguins independance

when in the Course of technological events it becomes necessary for one people to dissolve the political bands which have connected them with another and to assume among the powers of the earth, the separate and equal station to which the Laws of Nature and of Nature's God entitle them, a decent respect to the opinions of mankind requires that they should declare the causes which impel them to the separation.

We hold these truths to be self-evident, that all computers are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are security and customizability . — That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed, — That whenever any Form of Operating System becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Operating System, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their security and customizability. Prudence, indeed, will dictate that Operating Systems long established should not be changed for light and transient causes; and accordingly all experience hath shewn that mankind are more disposed to suffer, while evils are sufferable than to right themselves by abolishing the forms to which they are accustomed. But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Operating systems, and to provide new Guards for their future security. — Such has been the patient sufferance of these Colonies; and such is now the necessity which constrains them to alter their former Systems of control. The history of microsoft windows is a history of repeated injuries and usurpations, all having in direct object the establishment of an absolute Tyranny over these pc's. To prove this, let Facts be submitted to a candid world.

Microsoft has refused there Assent to Laws, the most wholesome and necessary for the public good.

Microsoft has forbidden there users to pass patches of immediate and pressing importance, unless suspended in their operation till there Assent should be obtained; and when so suspended, they have utterly neglected to attend to them.

Microsoft has refused to pass other Laws for the accommodation of large districts of people, unless those people would relinquish the right of Representation in the Legislature, a right inestimable to them and formidable to tyrants only.

Microsoft has called together legislative bodies at places unusual, uncomfortable, and distant from the depository of their Public Records, for the sole purpose of fatiguing them into compliance with there measures.

Microsoft has refused for a long time, after such dissolutions, to cause others to be elected, whereby the Legislative Powers, incapable of Annihilation, have returned to the People at large for their exercise; the State remaining in the mean time exposed to all the dangers of invasion from without, and convulsions within.

Microsoft has endeavoured to prevent the compitition to windows; for that purpose obstructing the The furthurment of technology; refusing to pass others to encourage their migrations hither, and raising the conditions of new Appropriations of pcs.

Microsoft has obstructed the Administration of Justice by refusing there Assent to Laws for establishing Judiciary Powers..

Microsoft has erected a multitude of New Offices, and sent hither swarms of Officers to harass our people and eat out their substance.

Microsoft has combined with others to subject us to a jurisdiction foreign to our constitution, and unacknowledged by our laws; giving there Assent to their Acts of pretended Legislation:

For depriving us in many cases, of the benefit of Trial by Jury:

For abolishing the free System of English Laws in a neighbouring Province, establishing therein an Arbitrary government, and enlarging its Boundaries so as to render it at once an example and fit instrument for introducing the same absolute rule into these Colonies

For taking away our Charters, abolishing our most valuable Laws and altering fundamentally the Forms of our Governments:

For suspending our own Legislatures, and declaring themselves invested with power to legislate for us in all cases whatsoever.

Microsoft has abdicated Government Microsoft, by declaring us out of there Protection and waging War against us.

In every stage of these Oppressions We have Petitioned for Redress in the most humble terms: Our repeated Petitions have been answered only by repeated injury. A Prince, whose character is thus marked by every act which may define a Tyrant, is unfit to be the ruler of a free people.

Nor have We been wanting in attentions to our human brethren. We have warned them from time to time of attempts by their legislature to extend an unwarrantable jurisdiction over us. We have reminded them of the circumstances of our emigration and settlement Microsoft. We have appealed to their native justice and magnanimity, and we have conjured them by the ties of our common kindred to disavow these usurpations, which would inevitably interrupt our connections and correspondence. They too have been deaf to the voice of justice and of consanguinity. We must, therefore, acquiesce in the necessity, which denounces our Separation, and hold them, as we hold the rest of mankind, Enemies in War, in Peace Friends.

We, therefore, the Representatives of the penguins of linux, in General Congress, Assembled, appealing to the Supreme Judge of the world for the rectitude of our intentions, do, in the Name, and by Authority of the good People of these Colonies, solemnly publish and declare, That these united Colonies are, and of Right ought to be Free and Independent Operating System, that they are Absolved from all Allegiance to the Microsoft Emporer, and that all political connection between them and the Operating system windows, is and ought to be totally dissolved; and that as Free and Operating System, they have full Power to levy War, conclude Peace, contract Alliances, establish Commerce, and to do all other Acts and Things which Independent Operating Systems may of right do. — And for the support of this Declaration, with a firm reliance on the protection of Divine Providence, we mutually pledge to each other our Lives, our Fortunes, and our sacred Honor.

 

Link to post
Share on other sites
58 minutes ago, thedude4bides said:

Am I correct in assuming that to exploit these vulnerabilities the attacker would have to be on the same network as you?

No, if you allow internet access for RDP then anyone can from anywhere. Most home users don't port forward RDP though.

Link to post
Share on other sites
4 minutes ago, leadeater said:

No, if you allow internet access for RDP then anyone can from anywhere. Most home users don't port forward RDP though.

Thanks.  I can't remember if I disabled that or not... although, if I didn't it was because doing so interfered with some other feature I use.  Are you saying I can use port-forwarding to mitigate somehow?

Link to post
Share on other sites
12 hours ago, Bananasplit_00 said:

Obligatory *laughs in Linux*

 

I think people should consider a little more deeply before trotting out this meme,  it really doesn't mean anything in the context of the issue.  Most home users are not vulnerable because they do not have the required network settings enabled/disabled and they have automatic updates. 

 

So unless you are managing a corporate network with Linux office computers then Linux holds no advantage to laugh over.


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Link to post
Share on other sites
1 minute ago, thedude4bides said:

Thanks.  I can't remember if I disabled that or not... although, if I didn't it was because doing so interfered with some other feature I use.  Are you saying I can use port-forwarding to mitigate somehow?

other way around, you are only at risk if you do port forward.


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Link to post
Share on other sites
22 minutes ago, mr moose said:

 

I think people should consider a little more deeply before trotting out this meme,  it really doesn't mean anything in the context of the issue.  Most home users are not vulnerable because they do not have the required network settings enabled/disabled and they have automatic updates. 

 

So unless you are managing a corporate network with Linux office computers then Linux holds no advantage to laugh over.

i think the concern is that one employee falls for a phishing email or plugs in a bad usb drive and it compromises the entire company instead of just that computer

Link to post
Share on other sites
21 minutes ago, spartaman64 said:

i think the concern is that one employee falls for a phishing email or plugs in a bad usb drive and it compromises the entire company instead of just that computer

 

  Corporate clients for the most part do not use Linux.    Using Linux on a home computer is not comparable or relevant to a corporate network issue.  It would be like saying "Laughs in S3" if they discover an exploit in NVIDIA game drivers.  


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Link to post
Share on other sites
1 minute ago, mr moose said:

 

  Corporate clients for the most part do not use Linux.    Using Linux on a home computer is not comparable or relevant to a corporate network issue.  It would be like saying "Laughs in S3" if they discover an exploit in NVIDIA game drivers.  

yes but the ones that do can laugh in linux 😛 and theres the risk of your non techie parents clicking on something and getting your computer infected also

Link to post
Share on other sites
2 minutes ago, spartaman64 said:

yes but the ones that do can laugh in linux 😛 and theres the risk of your non techie parents clicking on something and getting your computer infected also

Family computers are much more of a rarity now days, most devices are personal devices and have only one person using them. The exception to that is tablets and phones when showing someone else a video, not that they are actually using the devices just viewing it.

Link to post
Share on other sites

I wonder how many times we will need a global event like "wannacry" before businesses and organizations realize the ironic and problematic nature of being the most lucrative targets, the most inherently vulnerable, and often the most poorly managed and updated, and actually start doing something about the last one.

Link to post
Share on other sites
10 minutes ago, Ryan_Vickers said:

I wonder how many times we will need a global event like "wannacry" before businesses and organizations realize the ironic and problematic nature of being the most lucrative targets, the most inherently vulnerable, and often the most poorly managed and updated, and actually start doing something about the last one.

Never 😉

Link to post
Share on other sites
27 minutes ago, spartaman64 said:

yes but the ones that do can laugh in linux 😛 and theres the risk of your non techie parents clicking on something and getting your computer infected also

 

When the "laughs in Linux" is appropriate I'll join in (I have a Linux system for specific uses), but like the Torvalds giving Nvidia the middle finger, these memes are starting to get used anywhere and everywhere where it doesn't make sense.


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Link to post
Share on other sites
2 minutes ago, mr moose said:

 

When the "laughs in Linux" is appropriate I'll join in (I have a Linux system for specific uses), but like the Torvalds giving Nvidia the middle finger, these memes are starting to get used anywhere and everywhere where it doesn't make sense.

i havent seen that meme in years

Link to post
Share on other sites
2 minutes ago, spartaman64 said:

i havent seen that meme in years

It gets posted here a fair bit.  

 

Here it is being referenced in a thread that has absolutely nothing to do with nvidia only in may.

 

 


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Buy VPN

×