All posts tagged Security

Restart issues after installing MS10-015

I am writing to let you know that we are aware that after installing the February security updates a limited number of users are experiencing issues restarting their computers. Our initial analysis suggests that the issue occurs after installing MS10-015 (KB977165). However, we have not confirmed that the issue is specific to MS10-015 or if it is an interoperability problem with another component or third-party software. Our teams are working to resolve this as quickly as possible. We also stopped offering this update through Windows Update as soon as we discovered the restart issues. However, those using enterprise deployment systems such as SMS or WSUS will still see and be able to deploy these packages.

Link – http://blogs.technet.com/msrc/archive/2010/02/11/restart-issues-after-installing-ms10-015.aspx

Attack on Windows BitLocker

Fraunhofer SIT has presented a method for discovering the BitLocker drive encryption PIN under Windows. The method even works where TPM is used to protect the boot process. The trick? An attacker with access to the target computer simply boots from a USB flash drive and replaces the BitLocker bootloader with a substitute bootloader which mimics the BitLocker PIN query process but saves the PINs entered by the user to disk in unencrypted form.

Although the BitLocker boot process carries out an integrity check on the system, and thereby the Windows installation, it does not check the bootloader itself â€“ not that the actual attack described even gets as far as the Windows boot process. Consequently, according to the Fraunhofer SIT report, even if a Trusted Computing Module (TPM) is fitted, it fails to protect against such an attack.

Link – http://www.h-online.com/security/news/item/Attack-on-Windows-BitLocker-877894.html

Microsoft prepares massive patch push for October

On Tuesday, Microsoft will publish thirteen security bulletins, eight critical and five important, that will address thirty-four vulnerabilities. Historically, this monthâ€™s releases will earn the title of the largest Microsoft patch release since the program started in 2003.

Link – http://www.thetechherald.com/article.php/200941/4589/Microsoft-prepares-massive-patch-push-for-October

Microsoft Security Essentials Review

Last year, Microsoft announced that it was halting development of its highly regarded Windows Live OneCare product (see my review of Windows Live OneCare 2.0) and would instead release a free anti-malware solution codenamed Morro by the end of 2009. Morro, of course, became known as Microsoft Security Essentials (MSE), and as promised it is absolutely free and available to all genuine Windows XP, Vista, and 7 users, and will come in both 32-bit and 64-bit variants (32-bit only on XP).

Link – http://www.winsupersite.com/win7/mse.asp

Microsoft: Security Essentials final edition in coming weeks

Microsoft’s Security Essentials team has confirmed the final version of Microsoft Security Essentials (MSE) will be made available in the coming weeks.
MSE is Microsoft’s free anti-virus and anti-spyware product that is set to replace Microsoft’s paid Windows Live OneCare subscription service which was withdrawn earlier this year. In an email to beta testers the team thanked testers for their participation and encouraged them to upgrade to version 1.0.1500.0 of the beta to ensure a "smooth experience". Neowin exclusively revealed Security Essentials in June when it was codenamed "Morro". Morro was renamed Security Essentials and appeared in beta form in late June.

Link – http://www.neowin.net/news/main/09/09/21/microsoft-security-essentials-final-edition-in-coming-weeks

Microsoft to release free security software soon

Microsoft plans to release the final version of its free antivirus software soon, according to a note sent to testers late Sunday.

"The final version of Microsoft Security Essentials will be released to the public in the coming weeks," Microsoft said in the note.

Microsoft first announced its plans for the product, then code-named Morro, last November, at the same time the company said it was scrapping its paid Windows Live OneCare product.

Link – http://news.cnet.com/8301-13860_3-10357370-56.html