LISTSERV - VICUG-L Archives - LISTSERV.ICORS.ORG

VICUG-L Archives

Visually Impaired Computer Users' Group List

VICUG-L@LISTSERV.ICORS.ORG

	LISTSERV Archives
	VICUG-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	FW: [jobs-blind-chat] Security alert for windows
From:	Madison Martin <[log in to unmask]>
Reply To:	Madison Martin <[log in to unmask]>
Date:	Wed, 14 Aug 2019 16:40:42 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (119 lines)

-----Original Message-----
From: [log in to unmask] [mailto:[log in to unmask]] On Behalf
Of Robert Sollars
Sent: August-14-19 4:32 PM
To: [log in to unmask]; [log in to unmask]
Subject: [jobs-blind-chat] Security alert for windows

It's been a busy year at Microsoft
<https://www.komando.com/happening-now/567153/microsoft-releases-windows-eme
rgency-security-patch-to-combat-fast-spreading-malware>  in terms of
security. In 2019 alone, several vulnerabilities were revealed by
researchers, only to quickly be patched before hackers had a chance to
exploit them. But in a high-risk software environment like today, at least
Microsoft is taking some responsibility for the threats facing its platform
<https://www.komando.com/happening-now/524270/latest-microsoft-hack-forces-t
hem-to-issue-patch> . Although, some would say too little too late.

Even after all the patches, if you thought Windows 10 was out of the woods
just yet you'd be sadly mistaken. A critical new vulnerability was
discovered that can potentially give hackers remote access to any computer
they infect. Worse still, the flaw is "wormable," meaning it has the
potential to spread itself further without any input from users.

Even if you've updated your Windows machine recently, Microsoft doesn't want
any users missing out on its latest security patch. We have more details on
this frightening new threat, and what you can do to protect your PC from
being hijacked by cybercriminals.

BlueKeep II: Electric Boogaloo

Security researchers at Microsoft have discovered a new vulnerability
<https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabiliti
es-in-remote-desktop-services-cve-2019-1181-1182/>  affecting all versions
of its platform, including Windows 10. This security flaw takes advantage of
Windows' Remote Desktop Services, which normally allows a user to access
their computer over the internet with special software.

In the case of this vulnerability, a hacker can easily exploit the flaw to
gain remote access to a computer without the user's permission. They would
then be able to make changes, install software, and create new user accounts
with full privileges.

On top of this, Microsoft has stated that the vulnerability is "wormable,"
which would allow any exploitative malware to reproduce and spread to other
computers on its own.

Due to sharing a number of aspects with the BlueKeep flaw discovered earlier
this year
<https://www.komando.com/happening-now/571333/still-havent-updated-windows-n
ow-the-us-government-is-begging-you-heres-what-you-need-to-do-now> ,
analysts have tentatively dubbed the issue BlueKeep II. Despite its similar
name and origins, however, this new flaw requires a separate fix.

As part of its discovery announcement, Microsoft released a number of
patches to address the security flaw. Because the vulnerability is so
severe, the company is urging anyone with a Windows computer to update their
device as soon as possible. Doing so would help stifle any malware pandemics
before they had a chance to kick off in the first place.

Am I at risk? How can I update my system?

As Microsoft states in its announcement, this issue is considered an
"elevated risk." This means updating should be an urgent matter
<https://www.komando.com/tips/573630/windows-pc-just-not-working-right-try-a
-clean-install>  for anyone with an affected Windows machine. Depending on
which operating system your PC is running, the steps to update may be
different.

Thankfully, Microsoft has provided download links for all versions of the
patch
<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019
-1182> . The newest automatic updates available for your device, however,
will also include the patch going forward.

Here's a brief summary on how to update your system from the settings menu:

On Windows 8, open the Start menu by pressing the Windows button on your
keyboard, and then click on Store. Click on the Update Windows button once
you've entered the store. From here, you'll be able to access the latest
update.

On Windows 10, you can upgrade your system by going to Settings and clicking
on Update & Security. On this screen, you can click Check for updates to see
the newest version available for your computer.

_._,_._,_
________________________________

Groups.io Links:

You receive all messages sent to this group. 

View/Reply Online (#648) <https://groups.io/g/jobs-blind-chat/message/648>
| Reply To Group
<mailto:[log in to unmask]:%20%5Bjobs-blind-chat%5D%20Secu
rity%20alert%20for%20windows>  | Reply To Sender
<mailto:[log in to unmask]:%20Re:%20%5Bjobs-blind-chat
%5D%20Security%20alert%20for%20windows>  | Mute This Topic
<https://groups.io/mt/32880004/1607068>  | New Topic
<https://groups.io/g/jobs-blind-chat/post> 

Your Subscription <https://groups.io/g/jobs-blind-chat/editsub/1607068>  |
Contact Group Owner <mailto:[log in to unmask]>  | Unsubscribe
<https://groups.io/g/jobs-blind-chat/leave/3873843/609594938/xyzzy>
[[log in to unmask]]

_._,_._,_

    VICUG-L is the Visually Impaired Computer User Group List.
Archived on the World Wide Web at
    http://listserv.icors.org/archives/vicug-l.html
    Signoff: [log in to unmask]
    Subscribe: [log in to unmask]

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG