Critical Flaws in Computers Leave Millions of PCs Vulnerable

Discussion in 'Hardware Components and Aftermarket Upgrades' started by Dr. AMK, Nov 21, 2017.

  1. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,807
    Messages:
    26,595
    Likes Received:
    48,999
    Trophy Points:
    931
    Windows: Attack on Bitlocker via TPM Borncity.com | March 15, 2019
    [​IMG]
    Windows Bitlocker encryption is not foolproof. Now a new attack method on Bitlocker encryption over the TPM chip has become known. But needs access to a notebook or computer...
     
  2. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,807
    Messages:
    26,595
    Likes Received:
    48,999
    Trophy Points:
    931
    Just don’t use WinRAR, OK? Askwoody.com | March 17, 2019

    I’ve been trying to avoid this topic, but it now appears to be engulfing the blogosphere.

    If you use WinRAR, you were suckered. I’ve never recommended it. But if for some reason you’ve installed it — or even paid for it — uninstall it and get something worthwhile (and free!) like 7-Zip or one of a dozen alternatives.

    @mn- posted about WinRAR’s security problems back in February, when they were discovered and disclosed. Martin Brinkmann had thorough coverage on ghacks. It all has to do with an ancient archiving format called ACE, and the “19-year-old” security hole is being exploited right now. McAfee says they’ve found “over 100 unique exploits and counting,” but I think they’re double-dipping. Catalin Cimpanu on ZDNet has a recent accounting.

    WinRAR devs released WinRAR 5.70 Beta 1 on January 28 to address this vulnerability, however, users have to manually visit the WinRAR site, download and then install it. The vast majority of users are most likely unaware that this vulnerability even exists, let alone that they need to install a critical security update.​

    Tempest, meet teapot. But if you have WinRAR for some bizarre reason, get rid of it.
     
  3. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    8,994
    Messages:
    10,837
    Likes Received:
    8,140
    Trophy Points:
    931
    Never used it anyway but lately I have seen many people using 2009 or 2012 version on Win 10 (Technically it was W7/8.1 forced upgrade to 10)
     
    Riley Martin and Dr. AMK like this.
  4. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,807
    Messages:
    26,595
    Likes Received:
    48,999
    Trophy Points:
    931
    'ShadowHammer' infects Asus PCs through its Asus Live Update utility pcworld.com | March 25, 2019
    Kaspersky Lab confirmed that perhaps a million Asus PCs have unwittingly downloaded an infected version of the Asus Live Update utility.

    "Over 57,000 users, and possibly up to a million, have downloaded and installed a version of the Asus Live Update utility that was poisoned with a backdoor and hosted on the official Asus servers."

    We've reached out to Asus for comment, and will update this story when we hear back.

    What this means for you: Given that Asus is usually considered to be the fifth-largest PC vendor in the world, and that ShadowHammer used authentic certificates, the attack is significant. Fortunately, you’re unlikely to be a target. The earlier ShadowPad triggered the download of malware only if a target was considered “interesting,” and it’s likely your PC isn’t. Still, if you’re concerned, Asus Live Update can apparently be safely uninstalled: Asus describes the process here, though it can be performed normally though Windows as well.

    ----------------------------------------


    Hackers Get to ASUS Live Update Servers, Plant Malware in Thousands of Computers Techpowerup.com
    In a chilling reminder of just why system software should always be manually updated and never automatically, Vice Motherboard citing Kaspersky Labs reports that hackers have compromised the Live Update servers of ASUS, making them push malware to thousands of computers configured to fetch and install updates automatically. These include not just PC motherboards, but also pre-builts such as notebooks and desktops by ASUS. Smartphones and IoT devices by ASUS are also affected. Hackers have managed to use valid ASUS digital certificates to masquerade their malware as legitimate software updates from ASUS.

    Kaspersky Labs says that as many as half a million devices have fallen prey to malware pushed to them by ASUS. The cybersecurity firm says it discovered the malware in January 2019 when implementing a new supply-chain detection technology, and informed ASUS by late-January. Kaspersky even sent a technically-sound representative to meet with ASUS in February. Kaspersky claims that ASUS has since been "largely unresponsive since then and has not notified ASUS customers about the issue." ASUS is already drowning in bad-rep from the PC enthusiast community for its Armoury Crate feature that lets motherboard BIOS push software to a Windows installation through an ACPI table dubbed "the vendor's rootkit," which ASUS enabled by default on new motherboards. Who knows what recent motherboard BIOS updates have pushed into your PC through this method.
     
    Last edited: Mar 25, 2019
  5. Robbo99999

    Robbo99999 Notebook Prophet

    Reputations:
    4,239
    Messages:
    6,742
    Likes Received:
    5,957
    Trophy Points:
    681
    Yep, I don't use any "Live Update" features, I could install a Live Update program from my motherboard manufacturer (MSI, not Asus), but chose not to, I just update manually.
     
    Papusan, Vasudev and Dr. AMK like this.
  6. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,807
    Messages:
    26,595
    Likes Received:
    48,999
    Trophy Points:
    931
    Asus Challenges Kaspersky's Operation ShadowHammer Numbers
    by Tomshardware.com | March 26, 2019

    ASUS Releases Fix For Live Update Shadowhammer Backdoor Malware Attack Hothardware.com
    ASUS goes on to clarify that the backdoor only affected its notebooks running earlier versions of Live Update. The company has also made available a security diagnostics tool that scans your system to determine if you’ve been backdoored [Download Link]. If the diagnostic tool determines that you were targeted, ASUS recommends that you back up your files and restore your PC to its factory default settings.
    I neither do live updates from Micro$h4fts Win Update. Always manual install of patches. You risk malware from all places if you allow automatic updates:)
     
    Last edited: Mar 26, 2019
  7. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    7,087
    Messages:
    20,399
    Likes Received:
    25,150
    Trophy Points:
    931
    It's easy enough to track down the latest version package from the vendor site + other newer models updates + OEM updates.

    Who wants to get a bunch of "surprises" auto-installed, only to find 1/2 of them aren't the newest and the other 1/2 are items you've already uninstalled.

    It can be said it's nice to see the auto-update options, see the items and version numbers to then be motivated to seek out the newest versions on the product pages, but I'd rather just go to the product pages - newest products support pages first thing.
     
    Riley Martin and Papusan like this.
  8. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    8,994
    Messages:
    10,837
    Likes Received:
    8,140
    Trophy Points:
    931
    Even hashes or checksums are important too.
    I always get few surprises from WU so I disabled it permanently!
     
    Riley Martin, Papusan and hmscott like this.
  9. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,807
    Messages:
    26,595
    Likes Received:
    48,999
    Trophy Points:
    931
    Microsoft Discovers Backdoor-Like Flaw In Huawei Matebook Driver Tomshardware.com | March 26, 2019
    Microsoft security researchers discovered a security flaw in Huawei’s device manager driver for the Matebook line of Windows 10 PCs that could undermine low-level kernel protections, not unlike the WannaCry backdoor the NSA developed and then was leaked to the public. The news comes at the heels of Huawei being accused by the U.S. government and other governments of being an espionage arm for the Chinese government. ZDNet first reported the news.
     
  10. TANWare

    TANWare Just This Side of Senile, I think. Super Moderator

    Reputations:
    2,547
    Messages:
    9,585
    Likes Received:
    4,995
    Trophy Points:
    431
    The title for Huawei is a bit misleading since it was discovered and patched by January.
     
Loading...

Share This Page