Most Common Exploits of 2017 in Microsoft Office, Windows

The standard exploit affects Microsoft Office possesses been searched by attackers in North Korea, China, and Iran.

The most famous exploits in 2017 targeted Microsoft Office and Windows, report researchers at AlienVault, who repeat the most common flaws remain exploited for an extended time of time.

Annually, the company records anonymized security events from customers and of their vendors’ threat reports recorded via its Open Threat Exchange (OTX) platform. It combines findings from your two datasets right single picture of a year’s threat landscape.

There certainly is significant difference concerned with the most common exploits reported by vendor reports on OTX, and from AlienVault’s customers. The dataset of 80 vendor reports indicates four inside the top 10 exploits from 2017 target Microsoft Windows and three affect Office. Might one vulnerability each for Adobe Flash, Microsoft .NET, and Android/Linux on the list.

The top-ranked exploit, CVE-2017-0199, will be an Office exploit in which was used by targeted attackers in North Korea, China, and Iran, and by criminal groups deploying Dridex. CVE-2012-0158, the last most-referenced vulnerability, affects Microsoft Windows.

AlienVault threat engineer Chris Doman reports Microsoft has “exceptionally mature” ways to prevent exploits. However, because its software could be widely used, exploits that slip by way of the cracks can be used heavily should they are discovered.

When put next with the vendors’ threat reports, the AlienVault customer dataset is large and contains vast amounts of security events. Probably the most common exploits reported are fairly old and affect Windows 2000, Miniupnp, SNMP, OpenSSL Poodle, and PHP. You will find there’s one Microsoft Office vulnerability (CVE-2011-1277) plus Apache Struts vulnerability on the list.

Doman notes could be is biased toward “noisy” network-based exploit attempts from worms and exploit scanners, and for that reason the company will still be collecting vulnerabilities from 2001 and 2002. It advises consulting the dataset on vendor reports when planning defense tactics.

Other key findings include discovery that most of effective exploits are quickly adopted by criminal and nation-state groups. NjRat malware variants were most commonplace persisting on networks. On your geographical level, they noticed a small increase of attackers present in Russia and North Korea, in addition a “significant drop” in activity from threat actors located in China.

 

Advertisements

Half-Goodbye: Windows 8.1 Officially Enters Extended Support

Windows 8.1 has officially entered extended support an excellent month’s Patch Tuesday rollout as well operating system not receive new features and updates with the exception that security patches.

Based on Microsoft’s lifecycle fact sheet for a desktop computer, Windows 8.1 continue to receive extended support until January 10, 2023, and next will become unsupported.

Therefore beyond this date no updates will be shipped and systems still running it lets you do remain likely to be attacks dependent on found vulnerabilities ¡§C that just about what happens with Microsoft windows these days.

“Mainstream support vs. extended support ”

With the official documentation since support services for Windows, Microsoft explains that during mainstream support, its computer receives incident support (no-charge incident support, paid incident support, support charged constant, support for warranty claims), security update support, plus the ability to request non-security updates.

However, once a product enters extended support, it only gets paid support, security update support at no additional cost, while non-security related updates require Extended Hotfix Support as being purchased. Typically, if you want whatever else beyond critical security updates, you make payment for.

Even though the end of Windows 8.1 is approaching, this doesn’t seem to be an excessive amount a headache for Microsoft, as users have formerly migrated en-masse to Windows 10. In step with NetMarketShare data, Windows 8.1 is running on just 5.71% of systems worldwide, while Windows 7 will be leading choice with 43.08%. Windows 10 may possibly be the runner-up with 32.93%.

More concerning for Microsoft is the current market share of Windows 7, as this particular OS version will reach end of extended support before Windows 8.1 (in January 2020) also there are signs that it’ll still be running in a significant array of machines when the time comes.

Microsoft still has some two yearsrrr time to convince users reduce on Windows 7 and upgrade to Windows 8.1 or Windows 10, though that’s clearly those a very difficult option to take given that the OS survived critical moments including the free upgrade promo for Windows 10.

 

GSW Recaps Telnet Server for Windows 2017 Year and Looks to 2018

Georgia SoftWorks looks at the past year developing the GSW Telnet Server for Windows, SSH Server for Windows in conjunction with other products. Furthermore, they discuss plans for those 2018 year.

“2017 appears to have been an exciting year at Georgia SoftWorks,” said Steve Lindsey of Georgia SoftWorks. “We started all four celebrating GSW’s 25th Year Anniversary, made updates for our GSW Telnet Server and SSH Server for Windows, and they had several reseller and product milestones.”

Georgia SoftWorks launched their GSW UTS (Universal Terminal Server, the GSW Telnet Server and SSH Server for Windows) Version 8.08.0002 in February of 2017, which added Windows Server 2016 support along with an SSH Shield feature for logging support. The GS_GET and GS_PUT are increasingly being supported in the Windows “Long Name Files” documentation in Version 8.08.0003, released in May 2017.

“This past year marked Times since launching the DTIO Engine, a product that boosts the performance and raises the session count associated with the Telnet and SSH Server, and Decade since launching Team Services, a breakthrough collaboration feature with the GSW UTS,” said Lindsey.

Georgia SoftWorks noted significant reseller milestones in 2017. BSD Solutions, IMEC Technologies and SYSSOFT LLC celebrated 5 Year Anniversaries. Mega Sonic Co and SoftLine Company celebrated 10 Year Anniversaries, and Hiresoft Solutions (formerly Aspxx Ltd), LE Consult, MI9 Software Development, Lake Country Systems, and HighJump Software all reached their 15 Year Reseller Milestone selling the GSW Telnet Sever and SSH Server.

“In 2018, GSW offers to continue to grow our reseller network and continue to strengthen our current products as new technology develop. During the 1st Quarter of 2018 there is a major announcement with respect to the strengthened security in the GSW SSH products. We’ve been working on something new launch for Andriod devices which everybody will see shortly,” said Lindsey. “Georgia SoftWorks might be at Modex in April 2018, which is leading trade extravaganza for logistics, manufacturing and distribution industries.”

Georgia SoftWorks is the software development company stuck Dawsonville, Georgia USA possessing gained worldwide recognition on their development of the GSW Telnet Server for Windows and SSH Server for Windows. The GSW Telnet and SSH Server for Windows are industrial quality software planned for superior operation from the most demanding mobile RF Terminal environments. GSW has end-users and resellers debts continent (except Antarctica). Their software will be used in a variety of industries, including government, automobile manufacturing, schools, oil companies, airlines, pharmaceutical, medical, food and beverage and also.

About Georgia SoftWorks:

Established in 1991, Georgia SoftWorks is the privately held software development company renowned creating high performance data communications, system and telecommunications applications. Georgia SoftWorks has bought a worldwide presence using industrial SSH/Telnet Server for Microsoft Windows. GSW’s long-term resolve for SSH/Telnet has activated the pioneering of major features in particular Session Shadowing, Session Monitoring, Graceful Termination, Automatic Logon, Logon Scripting and a lot more recently Team Services technology that enables mobile device users to transfer, swap, share and recover mobile device sessions. GSW furthermore has provided the actual SSH Server to provide Digital Certificate Authentication with Internet Information Server (IIS) like certificate to user account mapping. Consists of ‘One-to-one’ and ‘Many-to-one’ mapping methods and furthermore support certificate trust lists (CTL).

 

Windows 8.1 enters extended support: What might you expect?

Microsoft completed mainstream support for Windows 8.1, higher than five years after its debut. The operating platform, which was offered becoming a free upgrade to Windows 8 users, has gone to the extended support phase, that will continue to take delivery of updates, albeit in a very more limited fashion.

During mainstream support, which ended January 9, Microsoft provided security and non-security updates and accepted requests for product changes. Extended support is why the average Windows 8.1 user will merely receive security updates.

Microsoft says that it is possible to receive non-security updates additionally, but that only applies to Windows 8.1 customers who’ve got what it calls “Extended Hotfix Support.” Though, this does not affect “desktop operating system consumer products” — which quite likely means Windows 8.1 users which also has a non-Pro or Enterprise version installed.

Windows 8.1 will exit extended support on January 20, 2023, so there is still quite far to go before Microsoft finally pulls the plug. When compared with Windows 7, Windows 8.1 users have three more many extended support available. However, there’s a simple way to migration to a newer product totally free.

The free Windows 10 upgrade offer, that were officially available until a year ago, is still around for users who require assistive technologies, as soon as we reported recently. There is no verification method set up when you trigger an upgrade, so, from a technical perspective, it is possible for Windows 8.1 users to help make the jump with the latest version belonging to the operating system.

 

Five SQL Server database trends to be prepared for in 2018

Here’s a list of notable trends involving SQL Server that IT teams has to be ready for about the next A year. Among them: increased application of the cloud, AI, Linux and containers.

The pace of improvement in IT seems to accelerate every year, and that’s certainly true for SQL Server. The new year…

saw the release of SQL Server 2017, which followed over the heels belonging to the 2016 version with added support for Linux, Python even more.

But there’s not enough available time to relax: SQL Server database administrators has to be ready to obtain a host of extra changes and technology in 2018. Let us take a look at five major SQL Server database trends that database administrators (DBAs), developers and then it managers need to be on top of since we head into your next 12 months.

Security threats and adoption of SQL Server 2016/2017. If this wasn’t already squarely an increased priority for doing it organizations, data security will probably have been pushed there via recent rash of ransomware attacks, like Petya, and high-profile data breaches at companies particularly Equifax, which exposed there’s data of up to 143 million U.S. residents, and Uber, which allowed hackers to access 57 million user accounts.

SQL Server 2016 introduced several new safety features, including Always Encrypted, row-level security and dynamic data masking, and SQL Server 2017 further boosted the database engine’s security capabilities with expanded administrative credentials and new configuration sources of .NET common language runtime assemblies.

Adoption of the latest SQL Server releases is frequently slow because users are wary of changing systems which have been working smoothly, but these continued threats and hacks give businesses great increase their security measures throughout every one of the levels of the application stack, for instance database stack.

Continued cloud growth. If you happen to went to the PASS Summit 2017 user group conference from the fall, or you heard from anyone that did, you will understand that Microsoft is all about the cloud. The Azure platform is Microsoft’s future, as well as its clear that cloud usage is increasing fast, and it may continue to do so in 2018.

SQL Server database trends also point toward the cloud: Azure SQL Database now has reached programming parity with on-premises version of SQL Server. At PASS Summit, Rohan Kumar, gm of Microsoft’s database systems group, told the crowd about Microsoft’s cloud-first release cadence, of which new features and innovations are tested and implemented within the cloud database think twice before it in to the on-premises product.

While DBAs usually aren’t first in line to embrace the cloud, the use of doing so keep growing, and the barriers to adoption continually shrink. Keeping up with Azure SQL Database also, the related cloud data management services is growing more important prior to now.

AI-infused databases. There’s no doubt that AI is now the hottest buzzword in IT. It seems like just about each IT method now suddenly AI-enabled, and SQL Server isn’t a exception. Inside April 2017 post, Joseph Sirosh, now corporate vice president in charge of Microsoft’s cloud AI platform group, touted SQL Server as “the first RDBMS [relational database management system] with built-in AI.”

Facing built-in AI to get an RDBMS really mean? Preferably, Microsoft is talking about the fact that AI functionality sold at the Machine Learning Services element of SQL Server 2017 enables users function machine learning and AI libraries developed in R or Python into routines that are able to run on SQL Server systems; this gives analytics applications to be executed when the data is hosted and not needing to first surface it to an alternative application layer. SQL Server DBAs and developers must understand how these AI design patterns can with the database platform.

SQL Server on Linux also in containers. Clearly, two of the biggest changes with SQL Server 2017 are its support for Linux and Docker containers, which could have a big influence future database trends. The SQL Server 2017 release on Linux has shown to be a high-performing platform, already having set some TPC benchmark records.

But the addition of Linux support unwraps SQL Server for free implementations, it also indicates that SQL Server DBAs who once only had to deal with Windows may now have to aquire some basic Linux skills under their belts.

Likewise, while still included in the infancy, container support helps SQL Server move toward never-ending integration and continuous deployment cycle that matches better into your growing DevOps development paradigm. Although it may still regarded as a bit early to obtain SQL Server containers into production, they’re beneficial to developers and testers.

Containers can turn SQL Server into a component that is easy and quick to deploy, devoid of the lengthy installation needed. You also need the option of combining a SQL Server instance as well as data in a single package, making your SQL Server development environment very easy to recreate and tell you different teams.

The latest SQL Server software update cycle. The biggest pain points with them today is keeping up with security patches and software updates — and someone of the biggest new database trends that DBAs will have to cope with in 2018 is going to be changing update cycle for SQL Server.

Frist by SQL Server 2017, Microsoft is no longer working with old model under which cumulative updates (CUs) were released every sixty days and service packs (SPs) containing lots of the fixes using the preceding CUs were released each year.

The company won’t deliver SPs anymore — there may only be CUs, that are delivered occasionally at first, and then suddenly less frequently. By now, Microsoft plans to issue a CU for the first One year after a major version of SQL Server is released, after which you’ll once per quarter through out the five-year product lifecycle. For older releases, the SP establishes something new baseline; CUs then will be provided every One full year or so.

 

Windows Meltdown-Spectre fix: The way to check if your AV is blocking Microsoft patch

Antivirus firms are gradually adding support for Microsoft’s Windows patch to the Meltdown and Spectre attack techniques that affect modern CPUs.

As Microsoft warned immediately, it’s not delivering its January 3 Windows security updates to customers cons running third-party antivirus, unless the AV is confirmed to end up being compatible with it.

Microsoft’s testing found some antivirus products were producing errors through making unsupported calls into Windows kernel memory, creating blue screen of death (BSOD) errors.

Third-party Windows antivirus products need to support Microsoft’s security update and hung a Your computer windows registry key for purchasers to receive the update via Windows Update.

To ensure matters more confusing, only a few antivirus vendors are actually doing both, handy folks require admins to the registry key themselves, using Microsoft’s instructions. Additionally, some antivirus companies haven’t completed compatibility testing.

Microsoft hasn’t said which antivirus products are compatible beyond its very Windows Defender and Microsoft Security Essentials. However, security researcher Kevin Beaumont has made a public spreadsheet that may help IT admins get ready for installing Microsoft’s mitigations for attack techniques which affect CPUs from Intel, AMD and Arm, albeit to differing degrees.

Trend micro coupon says its products Trend micro coupon OfficeScan, Worry-Free Business Security, and Deep Security are affected by Microsoft’s new demand for vendors to be sure of compatibility with all the patch. While company has completed testing and confirmed compatibility, customers who believe Windows Update currently really should set the registry key themselves.

It hasn’t completed compatibility testing for its products yet because Microsoft released the patch previous expected, as documented in Trend Micro. The organization had been ideal expected Patch Tuesday on January 9 rather than just January 3. Per se, the company is already working on setting the registry of their products.

Others that incorporate confirmed compatibility but haven’t set the registry enter their products include CrowdStrike, Endgame, McAfee, and SentinelOne. Microsoft offers separate instructions for setting the registry key on Windows Server and Windows clients.

Antivirus businesses that have confirmed compatibility too the registry keys throughout their products include Avast, Avira, EMSI, ESET, F-Secure, Kaspersky, and Malwarebytes.

Symantec is typically in this second group however, many customers have reported that your Symantec Endpoint Protection (SEP) tray icon is reporting “multiple problems” after applying Microsoft’s update and Symantec’s updated Erasure engine.

“On January 4, 2018, Symantec released a current Eraser engine to assure compatibility with your Microsoft out-of-band update that was released the day before. While this engine update resolves the compatibility issues this became meant to address, some environments have reported together with the SEP system tray icon after applying both updates,” Symantec says within the support note.

Applying the gw990 updates and dealing with antivirus compatibility issues are simply half the perfect solution.

As Microsoft noted previously, mitigating Meltdown and Spectre also requires installing firmware updates from hardware vendors.

And the operating system updates address Meltdown, Spectre fixes depend firmware updates from hardware vendors that implement microcode fixes from chip vendors. In Intel’s case, its microcode update introduces its Indirect Branch Prediction Side Channel Analysis Method.

Microsoft has released this firmware via UEFI updates with the Surface Pro 3, Surface Pro 4, Surface Book, Surface Studio, Surface Pro Model 1796, Surface Laptop, Surface Pro with LTE Advanced, and Surface Book 2.

“The updates is going to be available for has a tendency to devices running Windows 10 Creators Update (OS version 15063) and Windows 10 Fall Creators Update (OS version 16299). It will be possible to receive these updates through Windows Update or at the Microsoft Download Center,” says Microsoft.

Google has devised its unique software alternative mitigation for ones microcode fix getting a technique called Retpoline. This addresses one of two Spectre attacks often known as “branch target injection”.

 

Windows 10: Chrome vs Firefox vs Edge in Microsoft’s new battery life showdown

Microsoft has manage a fresh list of tests it says show its Edge browser gives the longest the battery when browsing the online market place on a Windows 10 computer.

The company ran a HD video within loop on the Chrome, Firefox and Microsoft Edge browsers, measuring the times of day it took so that the battery died within a Surface Book computer.

Thanks to some extent to performance optimizations expressed by recent Fall Creators Update to Windows 10, Microsoft says Edge lasted the longest, able to stream video tesla’s invention was branded 60% longer than Firefox and almost 20% longer than Chrome. To generally be more precise, while Edge lasted about 16 hours eight minutes, Chrome lasted about 13 hours 32 minutes and Firefox about nine hours and 52 minutes.

However, Microsoft’s claims are put in context, as it is not at the first time Microsoft has published tests purporting to show Edge beating rival browsers on battery.

Microsoft ran the same tests in April in ’09, when it published movies showing Edge outlasting Chrome and Firefox.

After that Microsoft attributed the highest battery performance of Edge to your browser prioritizing HTML5 content over Flash and optimizations within hood.

Therefore the tech site Linus Tech Tips attemptedto replicate Microsoft’s findings by reproducing the tests with the same machines and methodology. However, their findings were different, with both Chrome and Firefox lasting slightly in excess of Edge when playing exactly the same video on loop.

Despite Microsoft wishing to heavily push its Edge browser, to extent of tying Windows 10’s in-built Search function to Edge, its userbase remains relatively small.

One issue for Edge is, compared to the broad range of extensions and add-ons intended for Chrome and Firefox, Microsoft’s browser is equipped with an limited collection of extensions.

The Windows Fall Creators Update upgraded Edge to EdgeHTML 16, adding a selection of new features, support kids web technologies besides other performance improvements.

The 2nd major feature update to Windows 10 give web pages to with less difficulty work offline in Edge, all of which will add support for push notifications in web apps.