Windows 10 Cumulative Updates
June 13, 2017 at 7:57 pm #9080
April 18, 2019 at 11:05 am #32769
More Windows insiders news for those not on the list. A few more interesting bits this time.April 18, 2019 at 1:56 pm #32772
Thank you for the posting @WoF, but every time that I hear the bugler call that there is a new wonder package, I fail to find much if anything to quicken my pulse. Perhaps the ability to remove some of the passenger junk such as Groove and its pals will be welcome, but the new features in the last few builds have apparently passed me by. The likes of emojis never knowingly come into my orbit and the last look at the wonderful new stuff show left me wondering why I was not slain by the excitement.
That said, I am happy that it remains stable and reliable, though for example the snipping tool continues to do all I need and is easier to use than the snip and sew or what ever it is now called.April 18, 2019 at 7:34 pm #32787
I would quite like to try the Windows sand box but I can’t because it uses virtualisation so its for Pro and Enterprise only.
May be I will buy a new Pro key.April 18, 2019 at 7:56 pm #32788
And they have added a new setting to focus assist, which is nice because I didn’t know such a thing existed ?
You can now block all notifications except alarms when you are using an app full screen, on top of when you are gaming or duplicating your display.
Well you will be able to when its rolled out to everyone ?August 28, 2019 at 7:14 am #36092
I would assume that anyone reading this thread keeps their updates current. Good for you as it looks like the sky is falling. According to this link not only should you update Windows but also all your software and drivers as well!August 28, 2019 at 11:43 am #36101
Hmm. Not sure how this malware could work. To take that sort of control over a system you must instal a kernel mode driver because that is the only way that user mode code can gain access to kernel mode. Nothing much to do with permissions but you will also need admin rights to instal a kernel mode driver.
64 bit Windows is REALLY picky about what drivers it will allow and they must be signed at the very least.August 28, 2019 at 11:56 am #36102
If you happen to be a hobbyist trying to write a driver then that would be a pain but Visual Studio offers an option to turn off driver signing for one boot only and if you really want you can add an entry to the BCD that makes it permanent. You will not be able to play any protected media like that though ?August 28, 2019 at 12:38 pm #36104ParticipantDave Rice@ricedgForumite Points: 9,073
Well the exploit tools are available so there must be a way of doing it.
Way above my knowledge.August 28, 2019 at 7:03 pm #36112
Graham it is a user level privilege escalation to kernel level (where drivers operate) via previously unknown bugs in some 40+ Microsoft signed drivers. The list of companies with badly written drivers is on the original link but includes obscure companies such as Intel, Realtek and nVidia!.
The malware need only get access to user level e.g. one of the common browser exploits.August 29, 2019 at 12:14 pm #36157
I didn’t read the original post and link properly. It does say that this works by exploiting a bug in existing drivers that are already signed.August 29, 2019 at 7:19 pm #36171
Off thread a bit, but Kaspersky is good at giving a flag when updates to non-Kaspersky software and drivers are needed.January 15, 2020 at 11:20 am #39773
Windows 10 has such a huge security flaw that the NSA issued a warning and M$ have patched it.
Update asap obviously!January 15, 2020 at 2:23 pm #39782
I suppose its for security reasons but it is annoying that they never say what the flaw actually is. A flaw in the cryptographic API could be anything.January 15, 2020 at 2:43 pm #39783
Graham, there are more details here,
‘According to a security advisory published today, “a spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.”‘
but if you know your way around elliptic curve encipherment and how you can use this to spoof Crypt32.dll you are a much better man than I. It sounds like rounding errors, but that does not get me much further in my understanding.
I think I prefer the Wired article as the more detailed article falls into my ‘too hard’ bucket.January 15, 2020 at 3:05 pm #39784
The NSA bulletin is here. I think you would need to read it in conjunction with how elliptic curves are used to generate keys in order to understand the vulnerability. If you do this and understand it then please post a synopsis of your findings.January 15, 2020 at 3:29 pm #39785
Now looks like it has little/nothing to do with the workings of elliptic curves. The Washington Post delelved into it and found the real issue is much simpler – a handshake verification failure as revealed in this blog.
the real threat was “an error in the software code that fails to properly check the authenticity [of network communications]”, in other words cryptographic certificate spoofing; a failure in the trust chain that ensures your computer is talking to who it thinks it’s talking to (or is about to install software that was actually written by those who you believe wrote it).”January 15, 2020 at 4:45 pm #39787
One to watch for and it may or may not affect others is that after updating, my machine demanded a change of the ‘expired’ password. It took a little while to sort out the no_expiry_please option. As a stop gap, I changed it to something really Noddy, and then changed it back once more. The better fix was then applied, after I had a good old root of the internet.January 15, 2020 at 5:03 pm #39788
Thanks – I have updated two machines but no sign of the expired password glitch. It maybe because I do not use M$ addresses/passwords in the Admin account.January 15, 2020 at 5:43 pm #39792ParticipantBob Williams@bullstuff2Forumite Points: 13,458
Updated this desktop and will update SWMBO’s asap. Also came with 2 other updates:
.net framework 3.5 & 4.8 (KB4532938)
Windows Malicious Software Removal Tool for January 2020 (KB890830)
No problems so far. After my last post regarding SWMBO’s laptop, I think I will carry out a fresh install of 10 on this desktop. After backup of course.
When the Thought Police arrive at your door, think -
I'm out.January 16, 2020 at 8:54 am #39802
Interestingly, my wife’s machine did not suffer the expired password issue when that updated. It appears to be another random artefact.
- You must be logged in to reply to this topic.