“For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner… During the installation of CCleaner 5.33, the 32-bit CCleaner binary that was included also contained a malicious payload that featured a Domain Generation Algorithm (DGA) as well as hardcoded Command and Control (C2) functionality. We confirmed that this malicious version of CCleaner was being hosted directly on CCleaner’s download server as recently as September 11, 2017.”
[Read more…] about CCleaner Compromised
Security
Glasswire
Saw a web monitoring program called Glasswire.
Looks interesting but I don’t just install stuff. I go to https://www.glasswire.com/. There is no About page, no real contact info. There isn’t a single persons name listed anywhere. No country of origin. Nothing. Can’t find anything on Wikipedia.
Now I’m a little suspicious.
[Read more…] about Glasswire
Thursday Random Stuff…
Software Updates
AxCrypt 2.1.1534
Google Chrome 60.0.3112.113 Google Chrome Web 32-bit or Google Chrome 64-bit
Kodi 17.4
New Nvidia Drivers
Nvidia GeForce Game Ready Driver 385.41 WHQL
“Provides the optimal gaming experience for Destiny 2 PC Open Beta, PlayerUnknown’s Battlegrounds, ARK: Survival Evolved, F1 2017, Pro Evolution Soccer 2018, and Quake Champions Early Access.”
FCC Refusing To Release Net Neutrality Complaints
Stop hiding 47,000 net neutrality complaints, advocates tell FCC chair
“The FCC has refused to release the text of most neutrality complaints despite a Freedom of Information Act (FoIA) request that asked for all complaints filed since June 2015. The FCC has provided 1,000 complaints to the National Hispanic Media Coalition (NHMC), which filed the public records request but said last month that it’s too “burdensome” to redact personally identifiable information from all 47,000.”
HaPpY BiRtHdAy WiNdOwS 95!
Apparently there are only 7 Windows 95 machines still connected to the internet.
Here is my Windows 95 virtual machine (network disabled).
Tuesday Random Stuff…
From Russia With Love
Back in May I linked to an article where DHS and the FBI were questioning Kaspersky’s relationship to the Russian government. Now they are warning businesses that Kaspersky products are an “unacceptable threat to national security“.
The World Is Not Enough
A German site called Born’s Tech and Windows World is reporting that Microsoft “signed a waiver (cease and desist) not to download install files for a new operating system without user’s consensus. This was the consequence of Microsoft’s attempt, to force Windows 10 upgrades to Windows 7/8.1 systems from July 2015 up to July 2016.“.
Tomorrow Never Dies
Acronis True Image 2018 has been released. Bunch of new features I’m not interested in. I’ll be skipping this one.
Spectre
I had mentioned I wanted to see the movie Logan Lucky because it had both James Bond (Daniel Craig) and Kylo Ren (Adam Driver). This past weekend I did go see it. I thought it was hysterical. Both guys played parts that were absolutely nothing like their most popular characters. This may have been my favorite Daniel Craig performance.
Quantum of Solace
Good grief, not you too Firefox. Neowin is reporting that “Mozilla has announced that it would like to collect anonymous user data in order to “better understand how people use” Firefox. The proposed move is quite contentious for many users because Mozilla is making it opt-out; many users feel betrayed by the move given that Mozilla touts Firefox as a privacy-oriented browser.”
Skyfall
I generally don’t like to rain on person’s parade, at least publically, but…
I’m a Geek. I love space news, space movies, NASA, etc. But I just didn’t get the whole eclipse thing. Yes, I watched it for a few minutes. Yes, I had the glasses on. I didn’t go out of my way for it, I pulled into a parking lot. It was about as unexciting and uneventful as I expected.
One of my favorite reporters was equally unimpressed:
Wednesday Morning Random Stuff…
Adobe Updates
APSB17-23 Security Updates Available for Adobe Flash Player
Download for Firefox
Download for Internet Explorer
Google Chrome and IE for Win10 do their own updates. Flash for IE Win10 was part of yesterdays updates (KB4034662).
APSB17-24 Security Updates Available for Adobe Acrobat and Reader
Tor Browser 7.0.4
Download
Release Announcement
Etc.
Best practices for passwords updated after original author regrets his advice
Off Topic
Struggling for inspiration? A pint of beer could release creative block, say scientists
Tuesday Random Stuff…
Finally some time off. On Thursday and Friday I got to watch the Detroit Tigers win 2 in Baltimore. Also we did some biking there including a stop at Fort McHenry and Faidley’s Seafood (best Crab Cakes I’ve ever had). Sunday we rode our bikes from Old Town Alexandria to Mount Vernon. Sunday evening we took a Potomac River cruise to view Washington D.C. from the water. There was beer involved 🙂 Monday I got to watch ex-Tiger Max Scherzer and the Washington Nationals get a win against the Miami Marlins. So now, back to work.
Time To Run Windows Update
Updates available for all things Microsoft.
For Win10 see: August 8, 2017—KB4034674 (OS Build 15063.540)
For everything else see the Microsoft Security Update Summary for August 2017 at the end of this post for a full breakdown.
Firefox 55
“Today’s release brings innovative functionality, improvements to core browser performance, and more proof that we’re committed to making Firefox better than ever. New features include support for WebVR, making Firefox the first Windows desktop browser to support VR experiences. Performance changes include significantly faster startup times when restoring lots of tabs and settings that let users take greater control of our new multi-process architecture. We’ve also upgraded the address bar to make finding what you want easier, with search suggestions and the integration of our one-click search feature, and safer, by prioritizing the secure – https – version of sites when possible.”
Download: 32-bit & 64-bit
All Downloads
Patch Tuesday
Time To Run Windows Update
Among the updates are several critical updates for all Windows versions. Full breakdown of patches at the end of this post.
See also:
Windows 10 July 11, 2017—KB4025342 (OS Build 15063.483)
Flash Updated
Version 26.0.0.13 is out.
APSB17-21 Security updates available for Adobe Flash Player
Download for IE
Download for Firefox
CCleaner
Monthly update is out. Get 5.32 version here.
After less than a handful of days off over a 6 week period I took a few off and headed to WVA:
Click the read more link below to see the Microsoft Security Update Summary for July 2017
[Read more…] about Patch Tuesday
Patch Tuesday, Part 2
More updates coming out…
Windows XP Patched Again (Vista Too)
June 2017 security update release
“Microsoft releases additional updates for older platforms to protect against potential nation-state activity” (WannaCry/WannaCrypt)
Microsoft security advisory 4025685: Guidance for older platforms: June 13, 2017
“This section summarizes resources for customers running editions of Windows XP, Windows Vista, Windows 8, or Windows Server 2003.”
The above link has links to all the downloads/KB articles.
Firefox 54
“Version 54.0, first offered to Release channel users on June 13, 2017
Today’s release is the first to run Firefox using multiple operating system processes for web page content, making Firefox faster and more stable than ever. Learn more about how multiple processes strike a “just right” balance between performance and memory use on the Mozilla Blog. Dive into the details (including performance benchmarks) on Medium.”
Peek Squad
Ah, Geek Squad. Remember the good old days when they were just searching your electronics for nudes and posting them on the web? You would think an outfit with a 1.1 satisfactory rating would strive to do better, but alas…
EFF – Why We’re Suing the FBI for Records About Best Buy Geek Squad Informants
“Law Enforcement Should Not Be Able to Bypass the Fourth Amendment to Search Your Devices
Sending your computer to Best Buy for repairs shouldn’t require you to surrender your Fourth Amendment rights. But that’s apparently what’s been happening when customers send their computers to a Geek Squad repair facility in Kentucky.“
Patch Tuesday
Windows Updates
Updates, Update Rollups…
See:
Microsoft Security Update Summary for June 2017 farther down this post.
June 2017 Security Release
For Win10: 2017-06 Cumulative Update for Windows 10 Version 1703 for x64-based Systems (KB4022725)
June 13, 2017—KB4022725 (OS Build 15063.413 and 15063.414)
It should be noted that Windows Telemetry update KB2952664 is back in Optional Updates.
Watch AskWoody for more on this months updates.
Flash Updated
APSB17-17 Security updates available for Adobe Flash Player
Download
Latest Video Drivers
AMD Crimson ReLive Edition 17.6.1 (6/8/2017)
Nvidia Ceforce Game Ready Driver 382.53 WHQL (6/9/2017)
Best Of The Rest
CCleaner 5.31
FileZilla 3.26.2
More On Wanna Cry Attacks
I’d Rather Be Lucky Than Good
Some Geek registered the domain name involved in the attacks and slowed the attacks to a crawl. Despite the articles claim, it did not “put out the fire”. The attack is still alive.
But I’ll repeat myself
At the risk of being crude
There must be fifty ways
To leave your lover…
Get rid of SMB1 dammit!
(Paul Simon – 50 Ways to Leave Your Lover)
***Microsoft – Customer Guidance for WannaCrypt attacks***
XP Patched Too
Hit the link above. Downloads at the bottom of the article.
Below is my XP Pro Virtual Machine.
As you can see I normally have the network connection disabled.
Other steps you can take.
– Disable all Exceptions on the firewall
– Disable the Server service
– Unbind file and printer sharing
There are other steps but XP is supposed to be dead. If you care about security you are only using it in a VM with no internet connection, if at all.
