June 12, 2018—KB4284835 (OS Build 17134.112)

June 12, 2018—KB4284835 OS Build 17134.112 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Provides protections from an additional subclass of speculative execution side channel...

May 8, 2018—KB4103721 (OS Build 17134.48)

May 8, 2018—KB4103721 OS Build 17134.48 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue with the April 2018 Windows Servicing update that causes App-V Scripts User Scrip...

Windows SMBv1 Transaction race condition

Added: 03/15/2018 CVE: CVE-2017-0146 BID: 96707 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. SMBv1 was the first version of this protocol and is still supported by modern Windows versions. Problem A race condition when...

Back to Basics: Worm Defense in the Ransomware Age

This post was authored by Edmund Brumaghin "Those who cannot remember the past are condemned to repeat it." - George SantayanaThe PrequelIn March 2017, Microsoft released a security update for various versions of Windows, which addressed a remote code execution vulnerability affecting a protocol...

Scanner Shows EternalBlue Vulnerability Unpatched on Thousands of Machines

Many digital trees have died for the cause of informing Windows admins about the SMBv1 vulnerability that spawned the WannaCry and ExPetr/NotPetya malware attacks. Yet a relatively small sample of data collected from a freely available tool shows that thousands have not gotten the message, or hav...

Windows SMBv1 Remote Command Execution

Added: 04/26/2017 CVE: CVE-2017-0143 BID: 96703 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. SMBv1 was the first version of this protocol and is still supported by modern Windows versions. Problem A vulnerability in the...

PT-2017-1936 · Microsoft · Windows Server 2012 +9

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to Windows 10 and Windows Server 2016, including Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1 Description: The vulnerabilit...

PT-2017-1939

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description The issue exists due to insufficient input validation in the SMBv1 protocol of the Microsoft Windows operating system. It allows a remote attacker to execute arbitrary code using...

Cumulative update for Windows 10 Version 1607: September 13, 2016

Cumulative update for Windows 10 Version 1607: September 13, 2016 This article is superseded by KB 3193494. Summary This security update includes improvements and fixes in the functionality of Windows 10 Version 1607. It also resolves the following vulnerabilities in Windows: 3183038 MS16-104:...

MS16-110: Description of the security update for Windows: September 13, 2016

MS16-110: Description of the security update for Windows: September 13, 2016 Summary To learn more about the vulnerability, see Microsoft Security Bulletin MS16-110. More Information Important We recommend that you install this security update on all client and server operating systems listed in...