|
Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems. |
Newsletter Archives
-
Exchange Server elevation of privilege bug acknowledged
Remember the 0day exploit in Microsoft Exchange that we talked about two weeks ago?
As I suspected, your Exchange Server is only vulnerable to a man-in-the-middle attack. It isn’t an all-purpose attack: The miscreant has to be able to sit in the middle of an interaction with the Server.
Microsoft finally has an explanation in ADV190007 | Guidance for “PrivExchange” Elevation of Privilege Vulnerability.
A planned update is in development. If you determine that your system is at high risk then you should evaluate the proposed workaround.
The workaround is a one-line PowerShell script that @b talked about last week.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Tracking content block list GONE in Firefox 138
by 2 hours, 16 minutes ago
-
How do I migrate Password Managers
by 1 hour, 39 minutes ago
-
Orb : how fast is my Internet connection
by 6 hours, 37 minutes ago
-
Solid color background slows Windows 7 login
by 7 hours, 58 minutes ago
-
Windows 11, version 24H2 might not download via Windows Server Updates Services
by 6 hours, 28 minutes ago
-
Security fixes for Firefox
by 5 hours, 57 minutes ago
-
Notice on termination of services of LG Mobile Phone Software Updates
by 18 hours, 42 minutes ago
-
Update your Apple Devices Wormable Zero-Click Remote Code Execution in AirPlay..
by 1 day, 3 hours ago
-
Amazon denies it had plans to be clear about consumer tariff costs
by 18 hours, 46 minutes ago
-
Return of the brain dead FF sidebar
by 5 hours, 58 minutes ago
-
Windows Settings Managed by your Organization
by 5 hours, 6 minutes ago
-
Securing Laptop for Trustee Administrattor
by 6 hours, 7 minutes ago
-
The local account tax
by 7 hours, 18 minutes ago
-
Recall is back with KB5055627(OS Build 26100.3915) Preview
by 1 day, 16 hours ago
-
Digital TV Antenna Recommendation
by 1 day, 9 hours ago
-
Server 2019 Domain Controllers broken by updates
by 2 days, 4 hours ago
-
Google won’t remove 3rd party cookies in Chrome as promised
by 2 days, 6 hours ago
-
Microsoft Manager Says macOS Is Better Than Windows 11
by 2 days, 9 hours ago
-
Outlook (NEW) Getting really Pushy
by 1 day, 11 hours ago
-
Steps to take before updating to 24H2
by 1 day, 2 hours ago
-
Which Web browser is the most secure for 2025?
by 1 day, 16 hours ago
-
Replacing Skype
by 1 day, 4 hours ago
-
FileOptimizer — Over 90 tools working together to squish your files
by 2 days, 3 hours ago
-
Excel Macro — ask for filename to be saved
by 1 day ago
-
Trying to backup Win 10 computer to iCloud
by 1 day, 4 hours ago
-
Windows 11 Insider Preview build 26200.5570 released to DEV
by 4 days, 9 hours ago
-
Windows 11 Insider Preview build 26120.3941 (24H2) released to BETA
by 4 days, 11 hours ago
-
Windows 11 Insider Preview Build 22635.5305 (23H2) released to BETA
by 4 days, 11 hours ago
-
No April cumulative update for Win 11 23H2?
by 2 days, 23 hours ago
-
AugLoop.All (TEST Augmentation Loop MSIT)
by 4 days, 11 hours ago
Remembering Woody
