Newsletter Archives

• Threats to businesses

  Posted on August 19, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.34 • 2024-08-19

  PATCH WATCH

  

  By Susan Bradley

  This month’s updates include fewer vulnerabilities than normal. What is not normal is that some of the bugs have already been exploited.

  I’m not changing my stance about it being wise to wait to see whether there are side effects, but I will review that decision should the need arise. For now, review the special alert.

  There are six bugs under active attack.

  Read the full story in our Plus Newsletter (21.34.0, 2024-08-19).
  This story also appears in our public Newsletter.

  Patch Watch Adobe Acrobat, CVE-2024-38063, CVE-2024-38143, CVE-2024-38173, CVE-2024-38213, KB5020276, KB5040430, KB5040437, Line Printer, Mark of the Web, Newsletters, Patch Lady Posts, Remote Code Execution, Remote Desktop, Secure Boot

• MS-DEFCON 3: Secure Boot triggers recovery keys

  Posted on July 31, 2024 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 21.31.1 • 2024-07-31

  

  By Susan Bradley

  It’s time to check whether your boot drive is encrypted.

  As I predicted, Microsoft’s July 2024 security update may trigger a request for recovery keys among those who enabled BitLocker or drive encryption. That’s because the update included a change to Secure Boot.

  This is problematic enough that I’m lowering the MS-DEFCON level to just 3, rather than the more common level 4 I usually suggest at the end of the month. I think you should install updates, but don’t install and then review. Instead, understand this problem ahead of time, prepare as needed, and then update.

  Anyone can read the full MS-DEFCON Alert (21.31.1, 2024-07-31.

  AskWoody Plus Alert, MS-DEFCON Alerts, Binarly, BitLocker, Drive Encryption, KB5040430, KB5040437, KB5040525, KB5040527, MS-DEFCON, MS-DEFCON 3, Patch Lady Posts, PKfail, Secure Boot