• Patch Lady – I smell a Rat

    Posted on August 26, 2019 at 20:03 CDT by Comment in the Forums

    (coming to you from the friendly wifi of United Airlines as I fly to the Quest/The Experts Conference)

    So twice lately someone has asked about articles indicating that we should patch now.  Yesterday.  Like the day before yesterday.  And yet, when I’m reading the articles, I can’t find a single specific update they are talking about.

    https://mspoweruser.com/all-windows-users-should-update-immediately-as-complete-control-hack-is-confirmed/?fbclid=IwAR0r7LXHfmdH9ObKMqiZO1XlRBSOQPgjfpGDqPhppg-KalEKYOxKp0FlOn8

    and

    https://www.forbes.com/sites/daveywinder/2019/08/24/windows-users-warned-to-update-now-as-complete-control-hack-attack-confirmed/#268cd4715bdb

    Okay so the gist of the article (that I can tell is) that a research firm came out with a PR whitepaper on NanoRat 1.2.2 and said that it’s being used more in attacks.   The attacks come in via phishing and macro enabled documents.

    So…..?  This is different than any of the other daily phishing attacks I see in my spam filters?

    And all you can tell me is to “patch now”?  Patching my operating system won’t patch if I’m stupid enough to click on something.  Patching my operating system won’t patch if I’m stupid enough to enter my credentials on a well done web page pretending to be my mail server needing me to “upgrade”.

    Bottom line, telling me to patch now when there’s no specific operating system update in the August updates that will protect us from this is just running around like Chicken Little telling me the sky is falling.

    Come on tech sites, stop using Public relations stunts to write your content.  There’s enough true security stories out there for us to be more than scared over.  (The one that concerns me is the recent ransomware coming into multiple government entities via  a shared managed service providers).

    Make no mistake the bad guys want to get us, but articles like these that give no good solid actionable items other than “patch” when it’s not even Patch Tuesday are just ridiculous.

    Windows News
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.