Popular Post webfact Posted July 8, 2021 Popular Post Share Posted July 8, 2021 Microsoft has urged Windows users to install an essential update for a damaging new exploit SOPA IMAGES/LIGHTROCKET Gordon Kelly Senior Contributor Windows 10’s one billion users need to be on high alert because Microsoft has issued a serious update warning and everyone needs to take action. The warning is in response to ‘PrintNightmare’, a critical zero day flaw in the Windows Print Spooler service which is actively being exploited by hackers to remotely execute code with system-level privileges (the ultimate goal for attacks). Now Microsoft has issued a series of fixes which, while flawed, are essential updates for all Windows users. Full story: https://www.forbes.com/sites/gordonkelly/2021/07/07/microsoft-windows-10-security-warning-printnightmare-fix-patch-free-windows-10-upgrade/ -- © Copyright Forbes 2021-07-08 1 1 1 Link to comment Share on other sites More sharing options...
Popular Post OneMoreFarang Posted July 8, 2021 Popular Post Share Posted July 8, 2021 Often the only thing the user has to do is restart the computer. Windows knows that important updates are waiting. If the user does not restart the computer then Windows will do it at some time automatically. It's better when the user does that restart manually when it's convenient for the user. 3 Link to comment Share on other sites More sharing options...
tgw Posted July 8, 2021 Share Posted July 8, 2021 the vulnerability has been published over a month ago so much for zero day 1 1 Link to comment Share on other sites More sharing options...
BritManToo Posted July 8, 2021 Share Posted July 8, 2021 I'd be happy if I could just get Bing out of my windows 10. It's still there on 'right-click' menu, and on the start-up Edge search window. No matter what I do. 2 Link to comment Share on other sites More sharing options...
OneMoreFarang Posted July 8, 2021 Share Posted July 8, 2021 6 minutes ago, tgw said: the vulnerability has been published over a month ago so much for zero day The vulnerability was published some time ago. The fix is new and it's good that information about the fix is published now. Link to comment Share on other sites More sharing options...
mahtin Posted July 8, 2021 Share Posted July 8, 2021 7 minutes ago, BritManToo said: I'd be happy if I could just get Bing out of my windows 10. It's still there on 'right-click' menu, and on the start-up Edge search window. No matter what I do. search 'disable bing' 2 Link to comment Share on other sites More sharing options...
fdsa Posted July 8, 2021 Share Posted July 8, 2021 > ‘PrintNightmare’, a critical zero day flaw in the Windows Print Spooler service which is actively being exploited by hackers to remotely execute code with system-level privileges this reminds me of the thread where one user claimed "you can't hack a computer by its IP address!". well - find a Windows computer with a direct IP address or DMZ router setup and voila. Link to comment Share on other sites More sharing options...
BritManToo Posted July 8, 2021 Share Posted July 8, 2021 (edited) 53 minutes ago, mahtin said: search 'disable bing' The search bing menu 'right click' sidebar is always there ...... no way to remove it. Edited July 8, 2021 by BritManToo Link to comment Share on other sites More sharing options...
Popular Post tgw Posted July 8, 2021 Popular Post Share Posted July 8, 2021 2 minutes ago, fdsa said: this reminds me of the thread where one user claimed "you can't hack a computer by its IP address!". well - find a Windows computer with a direct IP address or DMZ router setup and voila. still, knowing someone's IP address is does not in any way facilitate hacking that computer. also, your "and voilà" step completely forgets to mention how you propose to introduce the malicious code into the computer. 3 Link to comment Share on other sites More sharing options...
Popular Post Russell17au Posted July 8, 2021 Popular Post Share Posted July 8, 2021 1 hour ago, BritManToo said: The search bing menu 'right click' sidebar is always there ...... no way to remove it. I think you will find that "Bing" is the search platform that is permanently connected to Microsoft Edge. If you want to get rid of "Bing" you may need to change your internet browser from Microsoft Edge to Google Chrome 4 1 Link to comment Share on other sites More sharing options...
tgw Posted July 8, 2021 Share Posted July 8, 2021 all posts about Bing in this thread are off topic 1 1 1 Link to comment Share on other sites More sharing options...
Popular Post johng Posted July 8, 2021 Popular Post Share Posted July 8, 2021 2 hours ago, fdsa said: "you can't hack a computer by its IP address!". My computers IP address is 192.168.1.5 ???? 1 5 Link to comment Share on other sites More sharing options...
ukrules Posted July 8, 2021 Share Posted July 8, 2021 2 hours ago, BritManToo said: The search bing menu 'right click' sidebar is always there ...... no way to remove it. It's not on mine and I didn't remove it either. 1 1 Link to comment Share on other sites More sharing options...
mrfill Posted July 8, 2021 Share Posted July 8, 2021 2 hours ago, fdsa said: > ‘PrintNightmare’, a critical zero day flaw in the Windows Print Spooler service which is actively being exploited by hackers to remotely execute code with system-level privileges this reminds me of the thread where one user claimed "you can't hack a computer by its IP address!". well - find a Windows computer with a direct IP address or DMZ router setup and voila. Do a search for 'firewall' and learn. 2 Link to comment Share on other sites More sharing options...
KhunBENQ Posted July 8, 2021 Share Posted July 8, 2021 22 minutes ago, johng said: My computers IP address is 192.168.1.5 ???? Mine is 192.168.1.7 We must be very close :>) 1 Link to comment Share on other sites More sharing options...
Popular Post tgw Posted July 8, 2021 Popular Post Share Posted July 8, 2021 4 minutes ago, KhunBENQ said: Mine is 192.168.1.7 We must be very close :>) cartoon for IT nerds: check out https://xkcd.com for often brilliant cartoons. 1 2 Link to comment Share on other sites More sharing options...
KhunBENQ Posted July 8, 2021 Share Posted July 8, 2021 This morning I wanted to start Windows Update. What I get translates like: "An error occured. Try again later." A typical MS joke. Absolutely no hint what is wrong, no number, no nothing. Fiddled with Update repair instructions. Brought me to BSOD followed by unsuccessful PC repair. Finally a restore point brought me back to see above. Oh no. Link to comment Share on other sites More sharing options...
mrfill Posted July 8, 2021 Share Posted July 8, 2021 3 hours ago, OneMoreFarang said: Often the only thing the user has to do is restart the computer. Windows knows that important updates are waiting. If the user does not restart the computer then Windows will do it at some time automatically. It's better when the user does that restart manually when it's convenient for the user. Well, it will do that but not if a 'smart' user has disabled updates, thinking they are terribly clever. The greatest vulnerability in Windows is the windows user. Anyway, the 'fix' is up to Microsoft's usual impeccable standard..... https://uknewstoday.co.uk/2021/07/07/microsoft-struggles-to-wake-from-its-printnightmare-latest-print-spooler-patch-can-be-bypassed-researchers-say/ Other operating systems are available..... 1 Link to comment Share on other sites More sharing options...
KeeTua Posted July 8, 2021 Share Posted July 8, 2021 3 hours ago, fdsa said: this reminds me of the thread where one user claimed "you can't hack a computer by its IP address!". well - find a Windows computer with a direct IP address or DMZ router setup and voila. From my very brief reading domain controllers are mainly vulnerable to this exploit. It still requires an authenticated domain user account to use this exploit to gain control of the domain controller typically authenticated users have access to the print spooler on the domain controller. The big worry is there are domain user account credentials available for sale on the Internet. At home as long as your Window's firewall setting recognizes the network you are using as public, as opposed to a home network, then your computer would not be vulnerable to this exploit even if you invited a hacker to your network to try it. You would probably need to enable printer sharing on your home computer to expose the necessary ports to be attacked and then if you're behind a router which you haven't enabled port forwarding on the attack could only happen from someone on your home network. 1 Link to comment Share on other sites More sharing options...
OneMoreFarang Posted July 8, 2021 Share Posted July 8, 2021 17 minutes ago, KeeTua said: The big worry is there are domain user account credentials available for sale on the Internet. Maybe you should improve your knowledge about domain user accounts. As far as I am concerned hackers can buy millions of those account credentials. It's won't help them to access my domain. Every admin is responsible for his domain(s). Link to comment Share on other sites More sharing options...
JimmyJ Posted July 8, 2021 Share Posted July 8, 2021 38 minutes ago, mrfill said: Well, it will do that but not if a 'smart' user has disabled updates, thinking they are terribly clever. The greatest vulnerability in Windows is the windows user. Anyway, the 'fix' is up to Microsoft's usual impeccable standard..... https://uknewstoday.co.uk/2021/07/07/microsoft-struggles-to-wake-from-its-printnightmare-latest-print-spooler-patch-can-be-bypassed-researchers-say/ Other operating systems are available..... Good luck in disabling updates. I wish it was possible. 1 Link to comment Share on other sites More sharing options...
ukrules Posted July 8, 2021 Share Posted July 8, 2021 36 minutes ago, KeeTua said: if you're behind a router which you haven't enabled port forwarding on the attack could only happen from someone on your home network. That's the way I read about this problem too, for nearly all home users it's a non event and will never be a problem. If you're a large corporate on the other hand then this will be a nightmare. I've read accounts of hospitals / labs where the label printers have all stopped working after they applied the patch - this is not good for medical diagnostics, without labels the samples can't be processed. 1 Link to comment Share on other sites More sharing options...
ukrules Posted July 8, 2021 Share Posted July 8, 2021 2 minutes ago, JimmyJ said: Good luck in disabling updates. I wish it was possible. It is if you have Win 10 Pro. 1 Link to comment Share on other sites More sharing options...
JimmyJ Posted July 8, 2021 Share Posted July 8, 2021 3 minutes ago, ukrules said: It is if you have Win 10 Pro. Yes, and for my next pooter I'm going to buy Pro only for that reason. Link to comment Share on other sites More sharing options...
ThaiFelix Posted July 8, 2021 Share Posted July 8, 2021 Now Microsoft has issued a series of fixes which, while flawed, are essential updates for all Windows users. Isnt that just typical. 1 Link to comment Share on other sites More sharing options...
KeeTua Posted July 8, 2021 Share Posted July 8, 2021 35 minutes ago, OneMoreFarang said: Maybe you should improve your knowledge about domain user accounts. As far as I am concerned hackers can buy millions of those account credentials. It's won't help them to access my domain. Every admin is responsible for his domain(s). But if you're allowing remote access to a domain, a very typical scenario, the users will need to authenticate to the domain controller for network access. If you have 100s of users allowed to authenticate that's a lot of potential for unauthorized access. A user is working from home and walks away from his computer for 5 minutes without locking the session that is still logged into the domain and his teenage son runs a script and takes control of the domain controller via the spooler service. How do your protect your domain from that scenario? The scenarios are countless. But usually no major harm would come to the network if a standard user account were to be compromised, the wayward son's script would fail, until an exploit like this comes along. Link to comment Share on other sites More sharing options...
Bangkok Barry Posted July 8, 2021 Share Posted July 8, 2021 4 hours ago, BritManToo said: I'd be happy if I could just get Bing out of my windows 10. It's still there on 'right-click' menu, and on the start-up Edge search window. No matter what I do. Set your preferred search site to Google (which I assume you have done already and Edge ignores you) and type your search directly into the address window (where this site address is now but in a new tab). That works. I have recently changed Edge to Brave though, after Edge kept giving me nonsense prices for things I looked up on Lazada. Edge and Lazada no longer appear to be compatible. Link to comment Share on other sites More sharing options...
connda Posted July 8, 2021 Share Posted July 8, 2021 5 hours ago, BritManToo said: I'd be happy if I could just get Bing out of my windows 10. It's still there on 'right-click' menu, and on the start-up Edge search window. No matter what I do. Install Linux Mint. It will solve your problem. <laughs> 1 1 Link to comment Share on other sites More sharing options...
BritManToo Posted July 8, 2021 Share Posted July 8, 2021 32 minutes ago, Bangkok Barry said: Set your preferred search site to Google (which I assume you have done already and Edge ignores you) and type your search directly into the address window (where this site address is now but in a new tab). That works. I have recently changed Edge to Brave though, after Edge kept giving me nonsense prices for things I looked up on Lazada. Edge and Lazada no longer appear to be compatible. It's gone from my startup edge window now. It's just the highlight text and right-click menu I can't get rid from. Link to comment Share on other sites More sharing options...
ukrules Posted July 8, 2021 Share Posted July 8, 2021 1 hour ago, connda said: Install Linux Mint. It will solve your problem. <laughs> I'm going to 'bing' that a little later to see what it is ???? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now