close

Windows Server

Windows Server

For Windows Server 2008 Stragglers, Microsoft Dangles Extended Security Updates

no thumb

To lure organizations as yet utilizing Windows Server 2008 into moving to its cloud, Microsoft is offering a major carrot: Extended Security Updates (ESU) plans at no expense.

Obviously, each carrot is a stick. For this situation, the stick is the looming part of the bargain Windows Server 2008 on Jan. 14, 2020. In particular, Extended Support, which incorporates security refreshes, closes that day for Windows Server 2008 Service Pack 2, Windows Server 2008 R2 SP1, Hyper-V Server 2008 and Hyper-V Server 2008 R2 SP1.

It’s a wide swath of the market that is still on those server working frameworks. Microsoft as of late evaluated that 60 percent of its server introduced base, or 24 million cases, stay on Windows Server 2008 as well as SQL Server 2008, which dropped out of help a month ago.

The other piece of the stick is that associations that need to remain on Windows Server 2008 for reasons unknown must go into a costly contract for Extended Security Updates (ESU) on the off chance that they need any sort of security assurance, and those are accessible for a long time.

The carrot is that Microsoft is offering another course for clients who would prefer not to, or can’t, get off of Windows Server 2008 or SQL Server 2008 immediately. The carrot is a kind of half-move.

What those clients can do is move their cases, as they seem to be, to Azure. Clients who rehost Windows Server 2008 and 2008 R2 outstanding tasks at hand legitimately to Azure will get three entire long periods of ESU at no extra charge. That gives them the alternative of redesigning from Windows Server 2008 at an all the more lackadaisical pace inside those virtual machines.

They’ll be paying Azure facilitating charges and be in the open cloud, however, they don’t need to pay the ESU, so their current activities can proceed to a great extent as it stands.

It’s a genuine move by Microsoft to make Azure engaging associations that have been at the last part of the cloud appropriation bend.

While appealing, this is just one of the choices for moving from Windows Server 2008 preceding the due date. For more detail on choices for on-premises, half and a half and cloud movements, look at the “Accomplice’s Guide to the Windows Server 2008 Deadline” (enlistment required) at our sister site RCPmag.com.

read more
Windows Server

Update Windows 10 Immediately, Warns Microsoft

no thumb

Microsoft is sounding a red alert to Windows 10 users, warning them to update their operating systems immediately.

The company, in a blog post-Tuesday, warned of two “critical” vulnerabilities that rival the previous “BlueKeep” crisis. As with that bug, the new issues are described as “wormable,” meaning hackers could use them to spread malware from one machine to another without any interaction from the user.

Microsoft said, so far, it has no evidence that the vulnerabilities were known to any third parties.

“It is important that affected systems are patched as quickly as possible because of the elevated risks associated with wormable vulnerabilities like these,” said Simon Pope, Microsoft’s director of Incident Response. “Customers who have automatic updates enabled are automatically protected by these fixes.”

If you don’t have automatic updates enabled, you can search for the patch by typing “Windows Update” in the search bar from the system’s start menu search bar.

The vulnerabilities are only present in Windows 10, which runs on more than 800 million devices today. Older systems, such as Windows XP, are not affected.

The comparisons to BlueKeep underscore how serious Microsoft is taking these security flaws. That flaw was deemed so serious that the National Security Agency got involved to warn people to update their systems.

Details shortly…Fortune

read more
UncategorizedWindows Server

Windows 10 serves up more update pain with a side order of random reboots

no thumb

Windows 10 has hit more trouble, with the latest (August) cumulative update for PCs running the May 2019 Update apparently failing to install in some cases – with other worrying problems popping up, too, including random reboots.

The cumulative update in question is KB4512508 which comprises of security fixes for Microsoft’s browsers (Edge and IE), wireless networking, and input peripherals like your mouse and keyboard.

  • Running Windows 7, 8 or 10? You need to patch this now
  • How to reinstall Windows 10
  • Windows 10 May 2019 Update problems: how to fix them

Some folks are seeing this cumulative update failing to install, with Windows 10 throwing out some typically useless error messages including ‘error 0x800f0982’ and ‘error 0x80073701’. Not very helpful when it comes to determining exactly what is going on here (or exactly what isn’t going on, more to the point).

Disgruntled users have posted on Reddit and Microsoft’s own Answers.com forum, reminding the software giant that in some cases they were hit by a similar installation failure with a cumulative update last month.

Microsoft hasn’t chimed in with any potential solution or comment yet, but fingers crossed the firm is looking into the apparent issues.

One user on Answers.com suggests manually downloading and installing the update as a standalone package (rather than through Windows Update), which worked on their Surface Pro hybrid. Of course, your mileage may vary, but it might be worth a shot.

Other more radical suggestions include running a repair install on Windows 10, but rather than take more drastic action, many folks are simply preferring to pause updates for now, and hope Microsoft gets this sorted in short order.

Random reboots

Previous Windows 10 cumulative updates have reportedly failed with the error code 0x800f0982 earlier this year, and on the aforementioned Reddit thread, one person noted they received this error when attempting to install the May 2019 Update itself.

There are apparently further gremlins in the Windows 10 works, too, as Windows Latest – which spotted all this – also points to Reddit complaints about users experiencing their PC randomly rebooting after the May 2019 Update (and this has been reported with the October 2018 Update, as well). Nasty indeed.

Thus far, it seems that these various issues are only affecting a relative minority of Windows 10 users, but particularly in the latter case, they are doubtless highly frustrating problems to run into.

Details shortly…Techradar

read more
UncategorizedWindows Server

Google attacks Windows by comparing it to a broken-down car

no thumb

The fight between the big tech companies can sometimes be vicious, and in a new advert for its Chromebook laptops, Google takes a sly dig at Microsoft’s rival operating system Windows 10, by comparing it to an old car that’s falling apart.

In the advert (which you can view below), Bill Nye extolls the virtues of switching to a Chromebook, including the lack of patches, long boot times and no more Blue Screens of Death.

  • How to run Android apps on your Chromebook
  • Google Fuchsia release date, news, and rumors
  • What is a Google Chromebook?

While Google doesn’t directly call out Windows, in the background of the advert is a broken-down car – which has seen better days – and with the not-too-subtle license plate that reads WNDWS.

“We’ve been through a lot together,” Nye says as he pats the car, which promptly falls apart.

All’s fair

Google’s certainly got its tongue firmly planted in its cheek with that jab at Microsoft, but the message is clear: Windows is an out-of-date and sometimes unreliable operating system, while Chromebooks (and the Chrome OS operating system they run on) offer a more modern experience, free from the frustrations of Windows laptops.

We love a bit of playful banter between companies – such as when MSI rightfully mocked Apple’s ridiculous $999 price tag for a monitor stand – but we probably wouldn’t go so far as to say Windows 10 is falling apart, as Google is seeming to suggest.

Microsoft has been doing a good job of fixing issues and adding new features to its operating system, and while Windows certainly isn’t perfect, it’s a lot better than it used to be.

Having said that, the latest Chromebooks are also better than ever, and with Chrome OS supporting Android and Linux apps, Google’s operating system could soon be a real threat to Microsoft’s dominance.

Details Shortly…TechRadar

read more
Windows Server

Feature Release 19.3: Secure S3 Buckets, Microsoft Teams, & Compliance Heat Map

Screen-Shot-2019-08-15-at-7.34.28-AM-e1565868906573

We are excited to announce our newest release of 2019 which continues our mission to help you effectively leverage CSP security and management tools like AWS’ “GET BucketPolicyStatus” operation, automate remediation including orchestration of 3rd party systems like Microsoft Teams, and make security and compliance insights more accessible with visualizations using our Compliance Scorecard.

Collaboration with our customers and the broader community help shape our releases with improvements to core capabilities around discovery, analysis, and automated remediation of cloud and container infrastructure. Each release also includes several new features and support for the ever-expanding portfolio of services from the major cloud providers.

Highlights:

  • Helping You Use CSP Security & Management Tools
  • Better Automation with Microsoft Teams Integration
  • Enhanced Compliance Scorecard
  • Enhancements and added support for CSP services

 

Helping You Use CSP Security & Management Tools: 
A huge challenge for our customers is knowing what security & management tools and services the cloud service providers (CSPs) offer and where/how to use these.  DivvyCloud is here to help. We stay on top of the latest changes in CSP native tools and when a new one emerges w help you take advantage of it by integrating it into the DivvyCloud platform.

A great example from this most recent release is the recently announced “GET BucketPolicyStatus” operation from AWS.  This operation retrieves the policy status for an Amazon S3 bucket, indicating whether the bucket is public. This sounds simple but turns out to be really complex because there are a ton of configuration permutations that can make a bucket public.  We should know. Before the release of this operation, we had to build all those permutations out to provide this service. When AWS released “GET BucketPolicyStatus” we were able to supplement our model with this additional layer of insight, improving the fidelity of our controls and instantly leveraging this new capability for our customers.

See public access of all of your S3 Buckets at a glance

This is important because breaches of data continue to rise, and the primary cause is a misconfiguration of cloud services.  DivvyCloud’s customers can rest easy when they leverage our controls to detect misconfigurations that could result in data leakage and our automation engine to remediate these issues in real-time.

 

Better Automation with Microsoft Teams Integration: 
DivvyCloud’s automation isn’t just used by customers to reconfigure cloud services, it is also used to drive orchestration, including human-centered remediation.  Key to this is the ability to communicate across a wide array of communication channels supported by the enterprise. We are excited to announce that DivvyCloud is now fully integrated with Microsoft Teams.

The Microsoft Teams integration enables DivvyCloud to send messages to Microsoft Teams as part of an automation workflow. As an example, DivvyCloud customers can quickly identify IAM choices that violate security and compliance policies.  Once identified, a customer can choose to have this automatically trigger a DivvyCloud Bot (a workflow that automates process and best practices as defined by the customer). This workflow can chain together a set of actions, for example reconfiguring an IAM policy, and/or driving human intervention, to remediate the issue.  With DivvyCloud’s Microsoft Teams integration, users can configure a Bot that sends high priority security alerts with detailed information when DivvyCloud detects a cloud user account without multi-factor authentication and assign it to the person in Microsoft Teams who owns the resource for remediation.

 

Enhanced Compliance Scorecard: 
Quickly being able to understand security and compliance insights is one of the most important elements of communicating risk to the diverse set of stakeholders who are responsible for cloud operations in the transformed enterprise.  DivvyCloud provides a few ways to deliver information, including our Compliance Scorecard. The Scorecard delivers a visual representation of risk aligned with our out-of-the-box standards, or your own corporate standards, through an interactive heat map.  With this release, we have made over a dozen improvements based on customer feedback.

 

CSP Service Enhancements: 
In each release, we extend our support for additional cloud service provider services.  For example, in this release we have extended or expanded support for the following AWS services:

  • Glacier
  • VPC Endpoints/PrivateLink
  • Transit Gateway
  • Amazon Managed Streaming for Apache Kafka (MSK)
  • AWS EBS
  • SNS Topics

For a complete listing of supported services, enhancements, and filters click here to see our 19.3 release notes or get a demo of our features in action.

Details Shortly…securityboulevard

read more
Windows Server

Running Windows 7, 8 or 10? You need to patch these critical vulnerabilities now

yhtjrcyr52fVbDkr3txsZ8-650-80

Microsoft has issued patches for a pair of critical vulnerabilities which are ‘wormable’ and present in all recent versions of Windows, with the software giant advising that you should download these as soon as possible due to the risk involved here.

The vulnerabilities in Remote Desktop Services, which allow for remote code execution – meaning the attacker can pretty much pull off anything, such as installing malware or plundering your data – are codenamed CVE-2019-1181 and CVE-2019-1182.

They affect Windows 7 SP1, Windows 8.1, and all supported versions of Windows 10 (as well as Windows Server 2008 R2 SP1, Windows Server 2012/R2, and Windows 10 server versions).

The fact that they are wormable means that malware built to exploit these security flaws could spread from computer to computer without any user interaction, assuming those PCs are vulnerable of course. And naturally, that’s the most worrying kind of malware, where you don’t have to be tricked into clicking some dodgy link or downloading something with a payload inside.

Microsoft stressed: “It is important that affected systems are patched as quickly as possible because of the elevated risks associated with wormable vulnerabilities like these.”

You can check here to download the security patches manually, but if you have automatic updates switched on, your OS will grab the relevant fixes for you (or you could head to Windows Update, and check for new updates).

Remotely dangerous

If all this is ringing a bell or three, that’s probably because we recently witnessed BlueKeep emerging, another wormable vulnerability in Remote Desktop Services, although that particular flaw didn’t affect Windows 8 or Windows 10.

This time around, all versions of Windows are under threat – except for Windows XP – so you should patch up pronto (and if you’re still on XP, well, that’s a far more worrying state of security affairs in itself).

Microsoft does observe, however, that there is no evidence the vulnerabilities were known to any third-parties before this announcement.

Of course, hackers may have previously found the flaws without Microsoft realizing, and at any rate, now the vulnerabilities have been publicly detailed, there’s an obvious danger of a weaponized exploit turning up – and possibly in quite a rapid timeframe.

Details shortly…techradar

read more
Windows Server

Notepad has a major security flaw that leaves Windows PCs vulnerable to hackers

surface-laptop-jpg-crop-768×512

According to TechRadar, a security researcher has recently discovered a major vulnerability in Windows PCs involving Microsoft’s most basic text editor. The Notepad security flaw, as discovered by Google Project Zero security researcher Tavis Ormandy, could be exploited to let hackers take over whole computers “simply by loading some malicious code using Notepad.” And this particular flaw may affect PCs running versions of Windows as early as Windows XP.

The flaw itself, as TechRadar notes, involves taking advantage of a weakness in the Windows Text Services Framework. (This framework deals with things like text inputs, text processing, and keyboard layouts.) Within this framework is the source of the security flaw itself, a component known as CTextFramework. And as The Register reports, this component has its own security flaws that ultimately render it vulnerable to being hacked “via applications that interact with it to handle text on the screen.”

Furthermore, TechRadar notes that Ormandy’s investigation into the Notepad flaw essentially found that the system’s security protocols “can be easily bypassed” and could allow hackers to not only increase their access privileges but also “gain access to multiple systems across the victim’s device.”  Ormandy’s blog post on the matter further described the extent of the CTextFramework vulnerability:

“Firstly, there is no access control whatsoever! Any application, any user – even sandboxed processes – can connect to any CTF session. Clients are expected to report their thread id, process id, and HWND, but there is no authentication involved and you can simply lie. Secondly, there is nothing stopping you pretending to be a CTF service and getting other applications – even privileged applications – to connect to you. Even when working as intended, CTF could allow escaping from sandboxes and escalating privileges.”

According to TechRadar and ZDNet, Microsoft has released a patch for this flaw, which is officially known as CVE-2019-1162. This patch was released on Tuesday, August 13, as part of Microsoft’s monthly release of security updates known as Patch Tuesday. ZDNet reports that the August 2019 edition of Patch Tuesday included patches for a total of 93 security flaws.

Details shortly…Digitaltrends

read more
Windows Server

Microsoft Patches Critical Windows 10 Bug: Update Now

aHR0cDovL3d3dy5sYXB0b3BtYWcuY29tL2ltYWdlcy93cC9wdXJjaC1hcGkvaW5jb250ZW50LzIwMTkvMDgvdXBkYXRlLXByb2dyZXNzLWJhci01MzN4NDAwLmpwZw==

Microsoft yesterday (Aug. 13) discharged another round of security refreshes that address various bugs. The greatest wrongdoers, two shortcomings inside Microsoft’s Remote Desktop Service, consider frameworks to be misused remotely with no verification or client connection. These bugs influenced all clients of Windows 10, yet additionally Windows 7, 8.1, Windows Server 2008 (R2 SP1), and Windows Server 2012.

These Remote Desktop Protocol defects are “wormable,” implying that an assailant may most likely art malware that could spread starting with one machine then onto the next all alone, with no human intercession by any stretch of the imagination. There’s no proof that anybody has misused both of these blemishes yet, however, since they are open, somebody most likely will inside a couple of days.

While the scope of machines influenced is very long, Windows XP, Windows Server 2003 and Windows Server 2008 are not exploitable by the vulnerabilities, as per Microsoft. On the off chance that the updates aren’t connected naturally, you ought to introduce them physically at the earliest opportunity by going into Settings and additionally Control Panel and searching for Updates or Windows Update.

It’s ideal to refresh your frameworks quickly than hazard turning into an unfortunate casualty. While the two Remote Desktop bugs are of high need, they join a rundown of 91 other programming fixes this month.

There’s one admonition: If you’re running Norton/Symantec antivirus programming on Windows 7 or Windows Server 2008, you won’t probably get the August security fixes yet. That is on the grounds that Symantec doesn’t bolster the SHA-2 encryption calculation on Windows 7 or Server 2008, and Microsoft has now moved solely to SHA-2 to carefully “sign” its product refreshes.

Symantec, to its ruin, has had a half year to get ready during the current day, which Microsoft reported back in February. Symantec said in a blog posting today that “an up and coming variant of Symantec Endpoint Protection” would bolster SHA-2, in spite of the fact that it didn’t state when we could anticipate that, or whether Norton antivirus programming (Symantec’s purchaser line) will get the update as well.

Detail shortly…Laptopmag

read more
Windows Server

If you get Windows Update error 0x80092004 on Windows 7 or Server 2008 R2 do this

download (3)

Microsoft discharged updates for every bolstered variant of Windows – customer, and server – on the August 2019 Patch Day. You can look at our review of the updates in the event that you have not done as such as of now.

Reports recommend that a few executives and home clients face issues with the discharged reports on machines running Windows 7 or Windows Server 2008 R2.

Endeavors to introduce the updates KB4512506 (month to month rollup update) or KB4512486 (security-just update) fall flat with the blunder 0x80092004. The blunder related with the mistake code, CRYPT_E_NOT_FOUND, proposes that Windows Update rejects the updates in light of the fact that cryptographic qualities that the update bundles contain are not found.

windows 7 server 2008 r2 update error 0x80092004

Microsoft changed the marking of update bundles for Windows 7 and Windows Server 2008 R2 gadgets on the August 2019 Patch Day just because. The organization signs bundle just with SHA-2 since August 2019; it marked them with SHA-1 and SHA-2 beforehand however chose to drop SHA-1 in view of known shortcomings.

We distributed an article in 2018 about the change expressing that Windows 7 and Server 2008 R2 frameworks required certain patches to keep accepting updates.

It gives the idea that influenced Windows frameworks are searching for SHA-1 in the update bundle and disregard SHA-2. SHA-1 is excluded any longer and that gives off an impression of being the motivation behind why blunder 0x80092004 is tossed on those frameworks.

Tip: it is in every case great to inquire about Windows refreshes before introducing refreshes.

Microsoft uncovered that certain Symantec and Norton programming introduced on Windows 7 or Windows Server 2008 R2 frameworks does not get along with the change and Microsoft settled on the choice to square reports on machines running Symantec and Norton programming until the issue is settled. The security arrangements may square or erase Windows Updates.

While it is conceivable that the issue is connected, for example, those different antivirus arrangements are causing issues with Windows Updates too, all things considered, a required update is absent.

Two updates should be introduced on Windows 7 and Windows Server 2008 R2 frameworks so that SHA-2 marked updates are introduced effectively:

KB4474419 – SHA-2 code marking bolster update for Windows Server 2008 R2, Windows 7, and Windows Server 2008: August 13, 2019

KB4490628 – Servicing stack update for Windows 7 SP1 and Windows Server 2008 R2 SP1: March 12, 2019

In the event that one of these isn’t introduced, SHA-2 marked updates won’t be acknowledged and the mistake is tossed.

Microsoft affirms that KB4474419 is essential on the help site. The organization records KB4490628 on the page also expressing that it unequivocally prescribes that it is refreshed. SSU updates are introduced naturally if Windows Updates is utilized however should be introduced physically if updates are introduced physically. It is hazy why Microsoft does not list the SSU as an essential all the more unmistakably.

You can confirm that these updates are introduced by checking the “Introduced Updates” posting in the Control Panel or by running outsider programming, for example, Nirsoft’s WinUpdatesList.

In the event that at any rate one of the updates isn’t introduced, introduce it on the gadget and run another check for updates after establishment; the August 2019 update ought to introduce fine and dandy this time.

Details shortly…ghacks

read more
Windows Server

Microsoft Warning Impacts 800M Windows 10 Computers

https___blogs-images.forbes.com_gordonkelly_files_2019_02_Windows-10-Edited

Windows clients, stop what you’re doing in light of the fact that Microsoft has issued a basic cautioning overall adaptations of its stages, including each rendition of Windows 10, and told clients they should act now.

Posting in its Security Response Center, Microsoft told clients that it has found two “basic” Remote Code Execution (RCE) vulnerabilities which are “wormable”. This implies they could be weaponized to dispatch malware that bounces consequently from PC to PC, spreading over the world with no activity from the client. Also, there are conceivably a huge number of helpless PCs.

In an announcement, Simon Pope, Microsoft’s Director of Incident Response, affirmed the vulnerabilities influence “every upheld form of Windows 10, including server variants.” Back in March, Microsoft pegged Windows 10 numbers at 800M. What’s more, Pope affirmed other “influenced renditions of Windows will be Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2” – these are significant stages however with far less piece of the pie.

Pope focused on speed is of the substance, expressing: “It is significant that influenced frameworks are fixed as fast as could be allowed,” while ZDNet cautioned clients that it is presently “A race to fix before assaults get in progress”.

The degree of concern is justifiable, especially for Windows 10. In March, Microsoft expressed there are 800M PCs running Windows 10 alone and in its warning security warnings, it cautions: “An assailant who effectively misused this helplessness could execute self-assertive code on the objective framework. An aggressor could then introduce programs; view, change, or erase information; or make new records with full client rights.”

Details shortly…Forbes

read more
1 2 3
Page 1 of 3