Tag: windows

WCry is so mean Microsoft issues patch for 3 unsupported Windows versions

Enlarge (credit: Health Service Journal) A day after a ransomware worm infected 75,000 machines in 100 countries, Microsoft is taking the highly unusual step of issuing patches that immunize Windows XP, 8, and Server 2003, operating systems the company stopped supporting as many as three years ago. The company also rolled out a signature that allows its Windows Defender antivirus engine to provide “defese-in-depth” protection. The moves came after attackers on Friday used a recently leaked attack tool developed by the National Security Agency to virally spread ransomware known as WCry . Within hours, computer systems around the world were crippled, prompting hospitals to turn away patients and telecoms, banks and companies such as FedEx to turn off computers for the weekend. The chaos surprised many security watchers because Microsoft issued an update in March that patched the underlying vulnerability in Windows 7 and most other supported versions of Windows. (Windows 10 was never vulnerable.) Friday’s events made it clear that enough unpatched systems exist to cause significant outbreaks that could happen again in the coming days or months. In a blog post published late Friday night , Microsoft officials wrote: Read 9 remaining paragraphs | Comments

See the original article here:
WCry is so mean Microsoft issues patch for 3 unsupported Windows versions

Google Found Over 1,000 Bugs In 47 Open Source Projects

Orome1 writes: In the last five months, Google’s OSS-Fuzz program has unearthed over 1, 000 bugs in 47 open source software projects… So far, OSS-Fuzz has found a total of 264 potential security vulnerabilities: 7 in Wireshark, 33 in LibreOffice, 8 in SQLite 3, 17 in FFmpeg — and the list goes on… Google launched the program in December and wants more open source projects to participate, so they’re offering cash rewards for including “fuzz” targets for testing in their software. “Eligible projects will receive $1, 000 for initial integration, and up to $20, 000 for ideal integration” — or twice that amount, if the proceeds are donated to a charity. Read more of this story at Slashdot.

More:
Google Found Over 1,000 Bugs In 47 Open Source Projects

Renault And Nissan Plants Hit By Massive Ransomware Attack

French auto giant Renault became the first major French company to report being affected by Friday’s ransomware attack that affected tens of thousands of computers in almost 100 countries across the world, reports Automotive News . An English plant of Renault’s alliance partner Nissan was also hit by the attack. Read more…

See more here:
Renault And Nissan Plants Hit By Massive Ransomware Attack

Researchers Find New Version Of WanaDecrypt0r Ransomware Without A Kill Switch

Remember that “kill switch” which shut down the WannCry ransomware? An anonymous reader quotes Motherboard: Over Friday and Saturday, samples of the malware emerged without that debilitating feature, meaning that attackers may be able to resume spreading ransomware even though a security researcher cut off the original wave. “I can confirm we’ve had versions without the kill switch domain connect since yesterday, ” Costin Raiu, director of global research and analysis team at Kaspersky Lab told Motherboard on Saturday… Another researcher confirmed they have seen samples of the malware without the killswitch. Read more of this story at Slashdot.

Original post:
Researchers Find New Version Of WanaDecrypt0r Ransomware Without A Kill Switch

Windows Server will add the Linux subsystem, join the Insider program

(credit: Microsoft) SEATTLE—When Microsoft first introduced the Windows Subsystem for Linux (WSL) at last year’s Build developer conference , it said that it was doing so to make developers who were familiar with the Linux command line feel comfortable on Windows . The immediate and inevitable question was “Well, what about Windows Server?” Development is one thing, but what if organizations wanted to occasionally deploy their Linux software on Windows? Although Windows Server 2016 and Windows 10 share many components, the Server operating system hasn’t thus far included WSL, consistent with the “developer only” rationale. But that’s going to change: at Build this week, Microsoft announced that WSL will be included in Server later this year. Microsoft still isn’t positioning this as a way of running Linux server in production on Windows; rather, the company says the addition will be useful for administrative tasks. With WSL, Windows can run scripts written for Linux. But we’re hard-pressed to see things stopping there; it seems inevitable that at some point, Windows will offer the ability to run Linux server software as one of its features. Read 3 remaining paragraphs | Comments

Read More:
Windows Server will add the Linux subsystem, join the Insider program

Today’s Massive Ransomware Attack Was Mostly Preventable—Here’s How To Avoid It

Ransomware may be mostly thought of as a (sometimes costly) nuisance, but when it hinders the ability of doctors and nurses to help people with an emergency medical problems, that qualifies as armed robbery. Read more…

View the original here:
Today’s Massive Ransomware Attack Was Mostly Preventable—Here’s How To Avoid It

WCry is so mean Microsoft issues patch for 3 unsupported Windows versions

Enlarge (credit: Health Service Journal) A day after a ransomware worm infected 75,000 machines in 100 countries, Microsoft is taking the highly unusual step of issuing patches that immunize Windows XP, 8, and Server 2003, operating systems the company stopped supporting as many as three years ago. The company also rolled out a signature that allows its Windows Defender antivirus engine to provide “defese-in-depth” protection. The moves came after attackers on Friday used a recently leaked attack tool developed by the National Security Agency to virally spread ransomware known as WCry . Within hours, computer systems around the world were crippled, prompting hospitals to turn away patients and telecoms, banks and companies such as FedEx to turn off computers for the weekend. The chaos surprised many security watchers because Microsoft issued an update in March that patched the underlying vulnerability in Windows 7 and most other supported versions of Windows. (Windows 10 was never vulnerable.) Friday’s events made it clear that enough unpatched systems exist to cause significant outbreaks that could happen again in the coming days or months. In a blog post published late Friday night , Microsoft officials wrote: Read 9 remaining paragraphs | Comments

Continue Reading:
WCry is so mean Microsoft issues patch for 3 unsupported Windows versions

Google Found Over 1,000 Bugs In 47 Open Source Projects

Orome1 writes: In the last five months, Google’s OSS-Fuzz program has unearthed over 1, 000 bugs in 47 open source software projects… So far, OSS-Fuzz has found a total of 264 potential security vulnerabilities: 7 in Wireshark, 33 in LibreOffice, 8 in SQLite 3, 17 in FFmpeg — and the list goes on… Google launched the program in December and wants more open source projects to participate, so they’re offering cash rewards for including “fuzz” targets for testing in their software. “Eligible projects will receive $1, 000 for initial integration, and up to $20, 000 for ideal integration” — or twice that amount, if the proceeds are donated to a charity. Read more of this story at Slashdot.

See the original article here:
Google Found Over 1,000 Bugs In 47 Open Source Projects

Renault And Nissan Plants Hit By Massive Ransomware Attack

French auto giant Renault became the first major French company to report being affected by Friday’s ransomware attack that affected tens of thousands of computers in almost 100 countries across the world, reports Automotive News . An English plant of Renault’s alliance partner Nissan was also hit by the attack. Read more…

Follow this link:
Renault And Nissan Plants Hit By Massive Ransomware Attack

Researchers Find New Version Of WanaDecrypt0r Ransomware Without A Kill Switch

Remember that “kill switch” which shut down the WannCry ransomware? An anonymous reader quotes Motherboard: Over Friday and Saturday, samples of the malware emerged without that debilitating feature, meaning that attackers may be able to resume spreading ransomware even though a security researcher cut off the original wave. “I can confirm we’ve had versions without the kill switch domain connect since yesterday, ” Costin Raiu, director of global research and analysis team at Kaspersky Lab told Motherboard on Saturday… Another researcher confirmed they have seen samples of the malware without the killswitch. Read more of this story at Slashdot.

Read More:
Researchers Find New Version Of WanaDecrypt0r Ransomware Without A Kill Switch