Get updating: Microsoft delivers PrintNightmare patch for more Windows versions


ZDNet 08 July, 2021 - 04:32am 15 views

What is the latest security update for Windows 10?

Windows 10 October 2020 Update (version 20H2) Version 20H2, called the Windows 10 October 2020 Update, is the most recent update to Windows 10. ComputerworldWindows 10: A guide to the updates

When does Windows 11 come out?

Windows 11 is being pushed out the door as fast as possible, with Microsoft broadly hinting Windows 11 will be released on Oct. 20 and you can expect to see new Windows 11 PCs in 2021's fourth quarter. ComputerworldThe real reason for Windows 11

Can my PC run Windows 11?

At least 4GB of system memory (RAM). At least 64GB of available storage. One of the officially approved processors (CPUs), currently found on three lists for AMD models, Intel models, and Qualcomm models. A graphics processor that is compatible with DirectX 12 and Windows Display Driver Model (WDDM) 2.0 or greater. PCMag.comCan My PC Run Windows 11?

Microsoft has released patches for more versions of Windows affected by the PrintNightmare bug, but researchers claim the patches don't provide complete protection.

Microsoft released out-of-band patches for Windows systems affected by two critical bugs being tracked as CVE-2021-1675 and CVE-2021-34527, and has advised admins to disable the print spooler service until patches are applied. One is a remote code execution flaw, while the second is a local privilege escalation bug. 

New year, new laptop? These are the devices that should be at or near the top of your shortlist.

"Microsoft identified a security issue that affects all versions of Windows and have expedited a resolution for supported versions of Windows that will automatically be applied to most devices," it said in an update on Wednesday

The company has now released patches for Windows 10 1607 for enterprise customers still on that version, plus Windows Server 2016 and Windows Server 2012.

Upon installing the security update, users who aren't admins are restricted to installing signed print drivers to a print server while admins can install signed and unsigned printer drivers. 

Admins also have the option to configure the 'RestrictDriverInstallationToAdministrators' registry setting to prevent non-administrators from installing signed printer drivers on a print server.

"Prior to installing the July 6, 2021, and newer Windows Updates containing protections for CVE-2021-34527, the printer operators' security group could install both signed and unsigned printer drivers on a printer server," Microsoft notes in an advisory

"After installing such updates, delegated admin groups like printer operators can only install signed printer drivers. Administrator credentials will be required to install unsigned printer drivers on a printer server going forward."

CISA's advice for this bug is available here

SEE: Ransomware: Now gangs are using virtual machines to disguise their attacks

However, via The Register, the creator of the Mimikatz penetrating testing kit, said he has found a way to bypass the patch on systems by using UNC or the Universal Naming Convention (UNC) string, which is used to point to shared files or devices. Reportedly, Microsoft's patch for CVE-2021-34527 improperly checks remote libraries; it doesn't check for UNC for pointing to remote files. 

And security researcher Will Dormann notes that certain registry settings that are meant to mitigate the bug don't prevent local privilege escalation (LCE) or remote code execution (RCE). 

By registering, you agree to the Terms of Use and acknowledge the data practices outlined in the Privacy Policy.

You will also receive a complimentary subscription to the ZDNet's Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe from these newsletters at any time.

You agree to receive updates, alerts, and promotions from the CBS family of companies - including ZDNet’s Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe at any time.

By signing up, you agree to receive the selected newsletter(s) which you may unsubscribe from at any time. You also agree to the Terms of Use and acknowledge the data collection and usage practices outlined in our Privacy Policy.

Users are paying up in the belief they are mining cryptocurrency. In reality, they get nothing.

Updated: The latest major software supply chain hack has impacted more than 1,500 companies. Here is everything we know so far.

The state department has taken its systems offline as a precaution as it readies for the start of Term 3 next week.

Deputy National Security Advisor Anne Neuberger spoke about cybersecurity risks during the US Conference of Mayors.

REvil has lowered its demand to $50 million, but some believe Kaseya and other affected companies still should not pay.

Read full article at ZDNet

Microsoft Just Issued an Emergency Windows Fix. Why You Should Update Your PC Immediately

Inc. 08 July, 2021 - 10:39am

It isn't uncommon for researchers and white hat hackers to search for exploits like these, but the findings aren't generally made public before a company has a chance to fix them. In this case, the vulnerability was first mentioned back in May, when Sangfor tweeted out that it would be presenting on its findings at the BlackHat CISO Summit.

Then, the proof-of-concept was mistakenly published and then quickly removed, but not before it was republished elsewhere--including Microsoft's own GitHub. That effectively made the malicious code available to any would-be attackers. According to Microsoft's Security Response Center (MSRC), the exploit has been detected in the wild, meaning someone is trying to take advantage of it.

PrintNightmare affects the Windows Print Spooler, usually used to allow multiple computers to share a computer. In this case, however, the vulnerability could allow hackers to gain administrative control of a device, access data, and even install programs. 

Microsoft described the issue this way: 

A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

That means that someone could gain full access to your computer, without you ever knowing until the damage was done. 

Microsoft says that its fix "fully addresses the public vulnerability, and it also includes a new feature that allows customers to implement stronger protections." That said, at least one researcher says that the fix doesn't completely fix the problem unless you also disable the "Point and Print" capability. 

In an unusual move, Microsoft is releasing a patch for versions back to Windows 7, and Windows Server 2008, both of which are no longer officially supported or receiving regular security updates. In addition, updates are not yet available for Windows Server 2012 and Windows 10, 1607, though the company says they are coming shortly.

To install the update and protect your PC on Windows 10, click on the Start Menu, and open Settings > Update & Security > Windows Update. The update should be listed as ready to download. Select Download Now, and follow the prompts to install the update. 

Microsoft made this update cumulative, meaning that it includes previous updates that you may not have installed. That said, you should always enable security updates on your computer, to be sure that you are protected from the most recent threats.

Windows 7 and 8.1 users will be able to upgrade to Windows 11 but with a condition 08 July, 2021 - 10:39am

Last month, Microsoft officially announced the Windows 11 operating system, which will be available for free to all users of the Windows 10 operating system, if the computer meets the system requirements of the platform. It turned out that owners of Windows 7, as well as other older versions of the OS, will be able to get the update.

The company itself did not say whether they intend to provide a free update for Windows 7 and 8.1 users. However, some manufacturers have addressed this issue by publishing hardware compatibility lists and ways to activate or emulate the TPM.

Lenovo has published an FAQ page that explicitly states that you can upgrade your computer from Windows 7 to Windows 11; but only using a “clean install”, which actually requires a complete formatting of the system drive. In other words, there is no direct way to upgrade to Windows 11 using a downloadable Windows Update update.

Although Microsoft provides a free upgrade for Windows 10 users, according to Neowin, license keys from Windows 7, 8 and 8.1 will also be supported; so if you have a computer with powerful hardware and an old OS, the upgrade is quite possible.

It is worth recalling that Microsoft still has not closed the loophole for updating Windows 7 to Windows 10. In theory, this allows you to upgrade the OS to the tenth version and then to Windows 11 without having to delete all information from the system disk.

Windows 11 has yet to make its final consumer version; but Microsoft has already revealed how it will update the OS. It has already been said that major updates for Windows 11 will be released once a year; but this time it is reported that the first such update for the new operating system will be released in the second half of 2022.

But that doesn’t mean that Windows 11 will only be updated once a year. The company promises to continue its Patch Tuesday practice for Windows 10. These are cumulative updates that are released once a month. And for some OS versions, additional cumulative updates will be available.

Microsoft also said that it will update each version of Windows 11 for two years; if we are talking about the custom option. Or within three years – options for enterprises and educational institutions.

Chinese Phone blog dedicated to providing breaking news, expert reviews, Chinese Phones, Android Apps, Chinese Android Tablets and how to’s.

Keep up to date with the latest Chinese Android phone news and reviews on our social media channels:

Mandatory Microsoft accounts for Windows 11 Home might be a good thing

PCWorld 08 July, 2021 - 10:26am

BitLocker will be enabled by default on all Windows 11 PCs. Once the drive is encrypted with BitLocker, Windows asks where you’d like to back up the encryption key. The key reduces the odds of the data being tampered with, should your laptop get stolen or lost. It’s stored inside of the firmware TPM in the CPU, or in a discrete TPM 2.0 module, where it will be called upon to unseal the drive during the login process.

If you opted not to store your BitLocker key in an Microsoft account, and you lost the key—you’re out of luck.

Note, however, that only Windows 11 Home requires the login, while Windows 11 Pro won’t. A Windows 10 Pro user is likely to be more advanced and able to manage the key on their own—or accept Microsoft’s help and store the key in their Microsoft account.

If you think your PC will never get of your control, think again. I recently found an abandoned gaming PC someone had tossed on the road. Besides pulling the graphics card out of the box, I also saved the 128GB SSD and 1TB hard drive. And yes, there was no BitLocker, so it was easy to access the resume, personal files, games saves and business files the person had left there, assuming unplugging the SATA cable was enough to prevent access. I erased the data before redeploying the drives and graphics card to a needy person. If this person had had BitLocker forced on by default, the data would have been out of my grasp.

One of founding fathers of hardcore tech reporting, Gordon has been covering PCs and components since 1998.

PCWorld helps you navigate the PC ecosystem to find the products you want and the advice you need to get the job done.

Technology Stories