The computer and software security thread

Technology, computers, internet, websites, mobiles, cameras, audio and video.
SPONSORS: Hua Hin Web Design
Post Reply
User avatar
laser
Member
Member
Posts: 76
Joined: Sun Oct 26, 2014 5:17 pm
Location: HH/EU/Oz

Re: The computer and software security thread

Post by laser » Thu Jan 18, 2018 5:38 pm

Steve's utility is a convenient alternative to a PowerShell script given by Microsoft earlier to the IT crowd.. It is looking for the subkey "FeatureSettingsOverride" under the Registry key
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management].
That key is created by a successful Win update. One also can check its presence 'manually' in Regedit, without any utility and running scripts. If it's not there then the OS is not patched.

The utility provides easy button clicks to enable/disable the 'protections' by changing flag values in that subkey. But only can and will do that if the update was installed, else sensibly disables/greyes the buttons.

Now, why would be an update ineffective? MS made this announcement:
https://support.microsoft.com/en-us/hel ... s-software
Antimalware tend to mess with the kernel, hence any OS update can result in BSOD errors on millions of boxes. To prevent problems, users can try hard but MS only will update Win if found the specific Registry key shown in the article. That key shall be created by antimalware vendors (using an update) confirming that their software can handle the changes. Users also can create the key manually but then should uninstall the antimalware before installing the MS update.

Installing the MS updates only deals with the OS - Windows. The processor microcode fixes will be done via BIOS/UEFI flashing, if and when vendors provide patches.

Homer
Legend
Legend
Posts: 2750
Joined: Sun Mar 21, 2010 3:11 pm

Re: The computer and software security thread

Post by Homer » Thu Jan 18, 2018 7:22 pm

At times like this, it's good to know this guy is on the job: https://www.askwoody.com/

Homer
Legend
Legend
Posts: 2750
Joined: Sun Mar 21, 2010 3:11 pm

Re: The Digital Surgery

Post by Homer » Mon Apr 02, 2018 6:51 pm

Are you running Win7 64-bit? Updated Windows since Jan 1? Well, Microsoft just said 'Oops'. Several of the updates released since Jan 1 introduced a bug making in-memory objects wide open to exploits. Not exploits written by rocket scientists, but ones written by people who barely know how to write an exploit.

Two ways to fix this. First is uninstall everything from Jan 1 til now. Second is install KB4100480. But don't do either until you've verified you've installed anything listed on the top of this page: https://support.microsoft.com/en-us/hel ... -2018-1038 At the bottom of that page below 'How to get this update' are instructions for installing KB4100480

The explanation https://www.askwoody.com/2018/patch-lad ... -to-patch/

The Oops https://portal.msrc.microsoft.com/en-US ... -2018-1038

Post Reply

Who is online

Users browsing this forum: Google [Bot] and 6 guests