|
Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems. |
Newsletter Archives
-
Big bunch of bad drivers
At the DEFCON conference this week, a security company called Elysium released quite a bombshell:
Our analysis found that the problem of insecure drivers is widespread, affecting more than 40 drivers from at least 20 different vendors – including every major BIOS vendor, as well as hardware vendors like ASUS, Toshiba, NVIDIA, and Huawei. However, the widespread nature of these vulnerabilities highlights a more fundamental issue – all the vulnerable drivers we discovered have been certified by Microsoft. Since the presence of a vulnerable driver on a device can provide a user (or attacker) with improperly elevated privileges, we have engaged Microsoft to support solutions to better protect against this class of vulnerabilities, such as blacklisting known bad drivers.
In this case, “insecure” drivers are ones that can be used for privilege escalation attacks: A malicious program running on your machine can hook into the driver and get at (or change) key internal data.
Good overview by Catalin Cimpanu at ZDNet.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
‘Minority Report’ coming to NYC
by 1 hour, 21 minutes ago
-
Apple notifies new victims of spyware attacks across the world
by 1 hour, 27 minutes ago
-
Tracking content block list GONE in Firefox 138
by 52 minutes ago
-
How do I migrate Password Managers
by 1 hour, 4 minutes ago
-
Orb : how fast is my Internet connection
by 11 hours, 47 minutes ago
-
Solid color background slows Windows 7 login
by 13 hours, 8 minutes ago
-
Windows 11, version 24H2 might not download via Windows Server Updates Services
by 11 hours, 38 minutes ago
-
Security fixes for Firefox
by 11 hours, 7 minutes ago
-
Notice on termination of services of LG Mobile Phone Software Updates
by 23 hours, 51 minutes ago
-
Update your Apple Devices Wormable Zero-Click Remote Code Execution in AirPlay..
by 1 day, 8 hours ago
-
Amazon denies it had plans to be clear about consumer tariff costs
by 23 hours, 56 minutes ago
-
Return of the brain dead FF sidebar
by 11 hours, 7 minutes ago
-
Windows Settings Managed by your Organization
by 10 hours, 16 minutes ago
-
Securing Laptop for Trustee Administrattor
by 11 hours, 16 minutes ago
-
The local account tax
by 12 hours, 28 minutes ago
-
Recall is back with KB5055627(OS Build 26100.3915) Preview
by 1 day, 21 hours ago
-
Digital TV Antenna Recommendation
by 1 day, 14 hours ago
-
Server 2019 Domain Controllers broken by updates
by 2 days, 9 hours ago
-
Google won’t remove 3rd party cookies in Chrome as promised
by 2 days, 11 hours ago
-
Microsoft Manager Says macOS Is Better Than Windows 11
by 2 days, 14 hours ago
-
Outlook (NEW) Getting really Pushy
by 1 day, 17 hours ago
-
Steps to take before updating to 24H2
by 1 hour, 33 minutes ago
-
Which Web browser is the most secure for 2025?
by 1 day, 21 hours ago
-
Replacing Skype
by 1 day, 10 hours ago
-
FileOptimizer — Over 90 tools working together to squish your files
by 2 days, 8 hours ago
-
Excel Macro — ask for filename to be saved
by 1 day, 6 hours ago
-
Trying to backup Win 10 computer to iCloud
by 1 day, 9 hours ago
-
Windows 11 Insider Preview build 26200.5570 released to DEV
by 4 days, 14 hours ago
-
Windows 11 Insider Preview build 26120.3941 (24H2) released to BETA
by 4 days, 16 hours ago
-
Windows 11 Insider Preview Build 22635.5305 (23H2) released to BETA
by 4 days, 16 hours ago
Remembering Woody
