Windows 10: Report: Researchers find a Cortana vulnerability (already patched) which could bypass...

If a report is believed to be true, Microsoft’s Cortana could have been used to bypass the security protection of the Windows 10 operating system. It’s worth noting that the vulnerability has already been patched in June by Microsoft.

At Black Hat in Las Vegas this week, security researchers Amichai Shulman and Tal Be’ery from Kzen Networks revealed how Cortana could be used to bypass the protections. The vulnerability existed in Cortana and Microsoft has patched it a while ago.

“Allowing interaction with a locked machine is a dangerous architectural decision, and earlier this year, we exposed the Voice of Esau (VoE) exploit for a Cortana vulnerability. The VoE exploit allowed attackers to take over a locked Windows10 machine by combining voice commands and network fiddling to deliver a malicious payload to the victim machine,” the researcher explains.

“In this presentation, we will reveal the “Open Sesame” vulnerability, a much more powerful vulnerability in Cortana that allows attackers to take over a locked Windows machine and execute arbitrary code. Exploiting the “Open Sesame” vulnerability attackers can view the contents of sensitive files (text and media), browse arbitrary web sites, download and execute arbitrary executables from the Internet, and under some circumstances gain elevated privileges. To make matters even worse, exploiting the vulnerability does not involve ANY external code, nor shady system calls, hence making code focused defenses such as Antivirus, Anti-malware and IPS blind to the attack,” they explained.

Disclaimer: The information contained in this article is based on a report from Black Hat. Windows Latest makes no claims, guarantees about the accuracy or completeness in this article, and shall not be held responsible for anything we say in this article.

The post Report: Researchers find a Cortana vulnerability (already patched) which could bypass protection appeared first on Windows Latest

Weiterlesen...

 

Patching windows 10 vulnerabilities

Hi,

I'm new to windows and to the community so excuse me if I miss some community guidelines.

I've installed windows 10 (build number 14390) a few days ago, and today out of paranoia run a vulnerability scan using retina community. The report came out very colorful (6 high risk vulnerabilies) . I have almost nothing installed apart from the following:

• Visual Studio Code
• Visual Studio Community edition
• Cmder
• MongoDb/Nodejs with some Npm modules
• VLC

I was confused by the fact that almost all the vulnerabilities were Microsoft Office or Microsoft VB6 related and I don't have any of that installed.

Any idea where should I look for patches or how to proceed to fix those problems?

The report included links for Microsoft security bulletins related to each problem but I could not find any software I have installed in order to update it.

I think it goes without saying that I install all the updates Microsoft update finds daily.

Thank you for your time.

 

Researcher Bypasses Windows Controlled Folder Access

Researcher Bypasses Windows Controlled Folder Access Anti-Ransomware Protection

 

Thecus Releases Patch to Resolve Bash Vulnerability

In order to combat recent bash vulnerability issues, Thecus today released a Bash patch for both Thecus OS5 and OS6 users. It is strongly recommended that all users update their NAS with this latest firmware. The patch will fix the GNU Bash Environment Variable Command Injection Vulnerability, also referred to as Shellshock (CVE-2014-6271, CVE-2014-7169, CVE-2014-7187, and CVE-2014-71861), which allows unauthorized users access to remote Unix/Linux-based systems.





For ThecusOS 6, users can download the OS6 Bash offline patch V1.0. The patch is applicable for the following units:

• N2310, N4310
• N2520, N2560, N4520, N4560

For ThecusOS 5 x64, users can update their firmware to v2.05.06 to apply the Bash patch. This firmware is applicable to the following units:

• N16000 series / N12000 series / N8900 series
• N10850 / N8850 / N6850
• N8810 series / N7710 series
• N8800PRO v2 / N7700 PRO v2
• N7510 / N5550 / N4800 series / N4510U series / N2800

For ThecusOS 5 x86, users can update their firmware to v5.03.02.8 to apply the Bash patch. This firmware is applicable to the following units:

• Thecus XXX series / 1U4600 / N0503 / N4200 series / N5500
• N7700 / N7700SAS / N7700+ / N7700PRO
• N8800 / N8800SAS / N8800+ / N8800PRO
• N4100PRO