Archive for the ‘updates’ Category

Hackers abuse ASUS cloud service to install backdoor on users’ PCs

May 16th, 2019
Hackers abuse ASUS cloud service to install backdoor on users’ PCs

Enlarge (credit: Jeremy Brooks / Flickr)

ASUS' update mechanism has once again been abused to install malware that backdoors PCs, researchers from Eset reported earlier this week. The researchers, who continue to investigate the incident, said they believe the attacks are the result of router-level man-in-the-middle attacks that exploit insecure HTTP connections between end users and ASUS servers, along with incomplete code-signing to validate the authenticity of received files before they're executed.

Plead, as the malware is known, is the work of espionage hackers Trend Micro calls the BlackTech Group, which targets government agencies and private organizations in Asia. Last year, the group used legitimate code-signing certificates stolen from router-maker D-Link to cryptographically authenticate itself as trustworthy. Before that, the BlackTech Group used spear-phishing emails and vulnerable routers to serve as command-and-control servers for its malware.

Late last month, Eset researchers noticed the BlackTech Group was using a new and unusual method to sneak Plead onto targets’ computers. The backdoor arrived in a file named ASUS Webstorage Upate.exe included in an update from ASUS. An analysis showed infections were being created and executed by AsusWSPanel.exe, which is a legitimate Windows process belonging to, and digitally signed by, ASUS WebStorage. As the name suggests, ASUS WebStorage is a cloud service the computer-maker offers for storing files.

Read 11 remaining paragraphs | Comments

Posted in ASUS, backdoors, Biz & IT, blacktech group, HTTP, HTTPS, plead, updates, webstorage | Comments (0)

Microsoft going to extreme lengths to ensure May update avoids mistakes of 1809

April 4th, 2019
Stylized image of glass skyscrapers under construction.

Enlarge / Windows is now perpetually under construction. (credit: David Holt / Flickr)

Microsoft really wants to avoid a repeat of the mess surrounding the release of the last Windows 10 feature update. Windows 10 version 1809, the October 2018 update, was found to have a bug that in some circumstances destroyed user data, forcing the company to suspend the update's rollout. It turned out that the bug had been reported but was overlooked, and even once that problem was resolved, that version still suffered certain other awkward bugs.

Accordingly, the company is going to take a very different tack with the next feature update to Windows 10. Codenamed 19H1 and currently still branded 1903 (denoting it was completed in March of 2019), the next update was expected to be released as the April 2019 update. But that's not the case. It's going to be the May 2019 update, because Microsoft is being a great deal more cautious about this release. Next week, a build will be pushed to the Release Preview ring, which should provide around a month of testing before its expected release date.

This alone is a major difference as compared to 1809, as that release largely skipped the release preview ring for reasons that remain unclear. But Microsoft is going much further to make this release a success.

Read 7 remaining paragraphs | Comments

Posted in bugs, microsoft, reliability, Tech, updates, upgrades, Windows, Windows 10 | Comments (0)

It looks like Windows 10 Home can now defer updates for 35 days

March 13th, 2019
A painfully adorable guinea pig sits amidst green grass.

Enlarge / Not every Windows 10 user appreciates being a guinea pig for Windows updates. (credit: Andy Miccone / Flickr)

The next Windows 10 feature update, version 1903, looks like it's going to give Windows 10 Home users a little more flexibility about when they install updates. All versions of Windows 10 allow for updates to be deferred, waiting a number of days after each update is released before attempting to install it.

Currently in Windows 10 version 1809, Windows 10 Home users are limited to a delay of just seven days. In the latest preview build of Windows 10, however, this has been raised to 35 days (via Reddit). This means that users nervous about being the first to use each new update can wait a little over a month before installing it.

While most Windows updates are problem-free for most people, issues do crop up from time to time. Generally, these are resolved within a week or two of the initial release, with Microsoft either reissuing fixed versions of the patches or sometimes blacklisting particular hardware or software combinations that have proven problematic. The 35-day delay is almost invariably going to be sufficient to let people wait for these bugs to be shaken out.

Read 1 remaining paragraphs | Comments

Posted in microsoft, Tech, updates, Windows, Windows 10, Windows Update | Comments (0)

Windows 10 will automatically remove updates, drivers that break booting

March 12th, 2019
failed update screen

Enlarge / Genuinely the worst.

Windows appears to be getting a little smarter about updates that go wrong. A newly published support page (spotted by Windows Latest) describes what the operating system does when a recent update causes a boot failure. First, Windows will uninstall the update and revert to a configuration that should work correctly. It will then block the update for 30 days.

The page states that this approach will be taken for both driver updates and the regular monthly Patch Tuesday updates. It's not unusual for Microsoft to have to issue blocks for these updates to prevent them from being distributed to certain system configurations after problems are found. But this policy allows for more fine-grained blocking, wherein systems will impose a temporary block on themselves should they have to. In most cases, when problems with updates are discovered, they're fixed and the updates are re-issued within a few days or weeks. So a 30-day block should typically give enough time for the update to be fixed prior to the attempted reinstallation.

It's not clear if this approach will be used for the twice-yearly feature upgrades or just the regular monthly Patch Tuesday updates. Microsoft's terminology usually distinguishes between "updates" (which are the things released on Patch Tuesdays) and "upgrades" (which come out twice a year). The description only mentions updates and driver updates. The install mechanism used by upgrades is completely separate from that used by updates, with its own separate rollback logic, so we'd suspect that nothing has changed for those.

Read on Ars Technica | Comments

Posted in microsoft, Tech, updates, Windows | Comments (0)

Mandatory update coming to Windows 7, 2008 to kill off weak update hashes

February 19th, 2019
Mandatory update coming to Windows 7, 2008 to kill off weak update hashes

Enlarge

Windows 7 and Windows Server 2008 users will imminently have to deploy a mandatory patch if they want to continue updating their systems, as spotted by Mary Jo Foley.

Currently, Microsoft's Windows updates use two different hashing algorithms to enable Windows to detect tampering or modification of the update files: SHA-1 and SHA-2. Windows 7 and Server 2008 verify the SHA-1 patches; Windows 8 and newer use the SHA-2 hashes instead. March's Patch Tuesday will include a standalone update for Windows 7, Windows Server 2008 R2, and WSUS to provide support for patches hashed with SHA-2. April's Patch Tuesday will include an equivalent update for Windows Server 2008.

The SHA-1 algorithm, first published in 1995, takes some input and produces a value known as a hash or a digest that's 20 bytes long. By design, any small change to the input should produce, with high probability, a wildly different hash value. SHA-1 is no longer considered to be secure, as well-funded organizations have managed to generate hash collisions—two different files that nonetheless have the same SHA-1 hash. If a collision could be generated for a Windows update, it would be possible for an attacker to produce a malicious update that nonetheless appeared to the system to have been produced by Microsoft and not subsequently altered.

Read 2 remaining paragraphs | Comments

Posted in hashes, microsoft, security, SHA-1, sha-2, Tech, updates, Windows | Comments (0)

The Windows 10 October 2018 Update is now fully available—for “advanced” users

December 18th, 2018
Who doesn't love some new Windows?

Enlarge / Who doesn't love some new Windows? (credit: Peter Bright / Flickr)

The Windows 10 October 2018 Update, version 1809, continues to limp out of the door. While the data-loss bug that saw its release entirely halted has been fixed, other blocking issues have restricted its rollout. It has so far only been available to those who manually check Windows Update for updates, and even there, Microsoft has restricted the speed at which it's distributed.

This particular speed bump has now been removed, and manual checking for updates is now unthrottled. That means a manual check for updates will kick off the update process so long as your system isn't actively blacklisted (and there are a few outstanding incompatibilities that mean it could be).

Microsoft is saying that this upgrade route is for "advanced" users. Everyone else should wait for the fully automatic deployment, which doesn't seem to have started yet. That'll have its own set of throttles and perhaps even new blacklists if further problems are detected. A number of the remaining compatibility problems are more likely to strike corporate users, as they involve corporate VPN and security software. Companies will need to apply the relevant patches for the third-party applications before they can roll out the Windows 10 update.

Read 1 remaining paragraphs | Comments

Posted in microsoft, october 2018 update, patch, Tech, updates, Windows, Windows 10, Windows Update | Comments (0)

Now it’s Office’s turn to have a load of patches pulled

November 20th, 2018
Now it’s Office’s turn to have a load of patches pulled

Enlarge (credit: Benjamin)

After endless difficulties with the Windows 10 October 2018 update—finally re-released this month with the data-loss bug fixed—it seems that now it's the Office team's turn to release some updates that need to be un-released.

On November's Patch Tuesday two weeks ago, Microsoft released a bunch of updates for Office to update its Japanese calendars. In December 2017, Emperor Akihito announced that he would abdicate and that his son Naruhito would take his role as emperor. Each emperor has a corresponding era name, and calendars must be updated to reflect that new name. The Office patches offer updates to handle this event.

Two of these updates, KB2863821 and KB4461522, both for Office 2010, are apparently very broken, causing application crashes. The company has suspended delivery of the patches, but the problem is so severe that Microsoft is recommending that anyone who has installed the updates already should uninstall them pronto (see instructions for KB2863821 here and for KB4461522 here).

Read 2 remaining paragraphs | Comments

Posted in microsoft, office, patches, security, Tech, updates | Comments (0)

After the Windows update fiasco, Microsoft needs to shake up its dev process

October 20th, 2018
Windows 10 during a product launch event in Tokyo in July 2015.

Enlarge / Windows 10 during a product launch event in Tokyo in July 2015. (credit: Kiyoshi Ota/Bloomberg via Getty Images)

It's fair to say that the Windows 10 October 2018 Update has not been Microsoft's most successful update. Reports of data loss quickly emerged, forcing Microsoft to suspend distribution of the update. It has since been fixed and is currently undergoing renewed testing pending a re-release.

This isn't the first Windows feature update that's had problems—we've seen things like significant hardware incompatibilities in previous updates—but it's certainly the worst. While most of us know the theory of having backups, the reality is that lots of data, especially on home PCs, has no real backup, and deleting that data is thus disastrous.

Windows as a service

Microsoft's ambition with Windows 10 was to radically shake up how it develops Windows 10. The company wanted to better respond to customer and market needs, and to put improved new features into customers' hands sooner. Core to this was the notion that Windows 10 is the "last" version of Windows—all new development work will be an update to Windows 10, delivered through feature updates several times a year. This new development model was branded "Windows as a Service." And after some initial fumbling, Microsoft settled on a cadence of two feature updates a year; one in April, one in October.

Read 49 remaining paragraphs | Comments

Posted in development, Features, git, microsoft, source code, Tech, updates, Windows | Comments (0)

Drupal Update Fixes 10 Vulnerabilities, One Critical

February 25th, 2016

Drupal addressed 10 vulnerabilities in the CMS this week, including a critical access bypass issue and another issue that could lead to remote code execution.

Posted in CMS, content management system, Drupal, remote code execution, updates, vulnerabilities, Web Security | Comments (0)

Samsung updates back in the news – for breaking Windows updates

June 25th, 2015

A 22-year-old Microsoft MVP has hit the media spotlight with a blog article about Samsung updates – and it’s not good news for Samsung!

Posted in Featured, Samsung, software clash, updates, Windows Update | Comments (0)