Tag Archives: What

December Patch Tuesday closes year on a relatively calm note

Administrators were greeted with a subdued December Patch Tuesday, a quiet end to what had been a somewhat tumultuous year early in 2017.

Of the 32 unique Common Vulnerabilities and Exposures (CVEs) that Microsoft addressed, just three patches were directly related to Windows operating systems. While not a critical exploit, the patch for CVE-2017-11885, which affects Windows client and server operating systems, is where administrators should focus their attention.

The patch is for a Remote Procedure Call (RPC) vulnerability for machines with the Routing and Remote Access service (RRAS) enabled. RRAS is a Windows service that allows remote workers to use a virtual private network to access internal network resources, such as files and printers.

“Anyone who has RRAS enabled is going to want to deploy the patch and check other assets to make sure RRAS is not enabled on any devices that don’t use it actively to prevent the exploitation,” said Gill Langston, director of product management at Qualys Inc., based in Redwood City, Calif.

The attacker triggers the exploit by running a specially crafted application against a Windows machine with RRAS enabled.

“Once the bad actor is on the endpoint, they can then install applications and run code,” Langston said. “They establish a foothold in the network, then see where they can spread. The more machines you have under your control, the more ability you have to move laterally within the organization.”

In addition, desktop administrators should roll out updates promptly to apply 19 critical fixes that affect the Internet Explorer and Edge browsers, Langston said.

“The big focus should be on browsers because of the scripting engine updates Microsoft seems to release every month,” he said. “These are all remote-code execution type vulnerabilities, so they’re all critical. That’s obviously a concern because that’s what people are using for browsing.”

Fix released for Windows Malware Protection Engine flaw

On Dec. 6, Microsoft sent out an update to affected Windows systems for a Windows Malware Protection Engine vulnerability (CVE-2017-11937). This emergency repair closed a security hole in Microsoft’s antimalware application, affecting systems on Windows 7, 8.1 and 10, and Windows Server 2016. Microsoft added this correction to the December Patch Tuesday updates.

“The fix happened behind the scenes … but it was recommended [for] administrators using any version of the Malware Protection Engine that it’s set to automatically update definitions and verify that they’re on version 1.1.14405.2, which is not vulnerable to the issue,” Langston said.

OSes that lack the update are susceptible to a remote-code execution exploit if the Windows Malware Protection Engine scanned a specially crafted file, which would give the attacker a range of access to the system. That includes the ability to view and delete data, and create a new account with full user rights.

Other affected Microsoft products include Exchange Server 2013 and 2016, Microsoft Forefront Endpoint Protection, Microsoft Security Essentials, Windows Defender and Windows Intune Endpoint Protection.

“Microsoft uses the Forefront engine to scan incoming email on Exchange 2013 and Exchange 2016, so they were part of this issue,” Langston said.

Lessons learned from WannaCry

Microsoft in May surprised many in IT when the company released patches for unsupported Windows XP and Windows Server 2003 systems to stem the tide of WannaCry ransomware attacks. Microsoft had closed this exploit for supported Windows systems in March, but it took the unusual step of releasing updates for OSes that had reached end of life.

Many of the Windows malware threats from early 2017 spawned from exploits found in the Server Message Block (SMB) protocol, which is used to share files on the network. The fact that approximately 400,000 machines got bit by the ransomware bug showed how difficult it is for IT to keep up with patching demands.

“WannaCry woke people back up to how critical it is to focus on your patch cycles,” Langston said.

More than three months elapsed between the time Microsoft first patched the SMB vulnerability in March that WannaCry exploited and when the Petya ransomware — which used the same SMB exploit — continued to compromise people. Some administrators might be lulled into a false sense of security from the cumulative update servicing model and delay the patching process, Langston said.

“They may delay because the next rollup will cover the updates they missed, but then that’s more time those machines are unprotected,” he said.

For more information about the remaining security bulletins for December Patch Tuesday, visit Microsoft’s Security Update Guide.

Tom Walat is the site editor for SearchWindowsServer. Write to him at twalat@techtarget.com or follow him @TomWalatTT on Twitter.

Wanted – SSD 240 gb

Hi all,

Looking for ‘cheap’ SSD. Preferably 240 gb and over.
Let me know what you have got.

Regards,
Matt

Location: London

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Wanted – GTX 980

Looking for a GTX 980 to tide me over until the next gen is eventually released!

Let me know what you have :)

Location: Bristol

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Wanted – GTX 980

Looking for a GTX 980 to tide me over until the next gen is eventually released!

Let me know what you have :)

Location: Bristol

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Wanted – 2 x 3TB WD Red or WD Green HDDs

Anyone have any 3TB WD Red or Green HDDs 3.5″?

I am looking for two. Let me know what you have with a disk smart report.

Thanks

Location: peterborough

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Wanted – GTX 980

Looking for a GTX 980 to tide me over until the next gen is eventually released!

Let me know what you have :)

Location: Bristol

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Wanted – GTX 980

Looking for a GTX 980 to tide me over until the next gen is eventually released!

Let me know what you have :)

Location: Bristol

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Trade – Dell 7720 17r – i7,6gb,1tb,17″. Trade for Tower.

Hi, i am looking to see what offers i can get in a straight sawp for a base/tower unit, i want to do some gaming and have a 1060 3gb ready to go in to a case, so no graphics card will be required.

I have placed a price of £450, the true value is closer to £400 but i dont want to sell the laptop at the moment, i just want to see what i get offered, i would prefer a trade in person if possible.

The laptop is in very good condtion and works as it should.
There are some small bits of plastic that have snapped off the left side over the years, the silver trim around the edge has lost its silver where my arms have rested and there is wear to the touchpad, this is all cosmetic only.

I will post photos if/when there is any interest.

Dell 7720 17r.
17″ 1080p screen.
24x dvdrw drive.
Backlit keyboard (swedish or danish, some of the symbols are in the wrong place), also comes with original unlit keyboard.
6gb ddr3 1600.
1tb WD Blue hard drive.
Wifi/Bluetooth card.
x4 usb 3.0.
i7 3610qm 2.3ghz 3rd gen.
Gt 650m & intel HD4000.
Windows 7 partition & disc.
Boxed with manuals.
90w power supply.

Price and currency: £450
Delivery: Goods must be exchanged in person
Payment method: Bank Transfer or Cash.
Location: Warrington, Cheshire.
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – 3 x XFX R9 nanos (watercooled)

They are pretty cheap for what they are tbh but am open to offers.

For those who do not know the R9 nano has the same GPU as the Fury X, same amount of cores etc and has 4gb HBM memory. It was just downclocked and power limited to meet a 175 watt tdp.

Due to the lower TDP it had less VRMs however with the correct cooling the vrms were able to maintain fury x stock speeds. These have run at around 30 to 35 degrees their whole life.

In terms of performance oob these beat the rx580. I have priced them cheaper due to the fact i have fitted the water blocks. On ebay these are going for 300 plus, probably due to the mini itx size.

equivalent nvidia card is the gtx980

Thanks for the interest

For Sale – 3 x XFX R9 nanos (watercooled)

They are pretty cheap for what they are tbh but am open to offers.

For those who do not know the R9 nano has the same GPU as the Fury X, same amount of cores etc and has 4gb HBM memory. It was just downclocked and power limited to meet a 175 watt tdp.

Due to the lower TDP it had less VRMs however with the correct cooling the vrms were able to maintain fury x stock speeds. These have run at around 30 to 35 degrees their whole life.

In terms of performance oob these beat the rx580. I have priced them cheaper due to the fact i have fitted the water blocks. On ebay these are going for 300 plus, probably due to the mini itx size.

equivalent nvidia card is the gtx980

Thanks for the interest