Sunday 22 October 2017

New Service coming Mid-November

That's right I'm in the middle of a collaboration between a few companies to bring you a product/service that you will wonder, (1) why someone hasn't done it before and (2) how can I not have this, it will also give you peace of mind, security, be affordable and save you money. 

The best way to make sure you're in with a chance of being eligible for the fist release (limited to 50 people) is to ensure you are following all my outlets and are a active and regular sharer of content * :-

So get clicking and follow on you preferred channel/outlet - don't forget its limited to 50 for the first release @ this price and terms, whilst your following the above links, have a nosey around what else I have to offer, you might just find exactly what you need or be able to bookmark something for a later date.

Why not have a look through my online magazine or sign up for the newsletter.

The possibilities are endless, the hints, tips and tricks are all useful and give you the edge and insight you need without the pain of trawling the internet for them.

* I get monthly reports from all my outlets detailing all shares/likes/retweets etc and can who my active followers are, these inevitably are the people that get the best prices and are first on the list for news and new releases - to get on those lists all you have to do is share/like/retweet/add friends regularly - it takes less than 5 minutes a week - less than a minute a day - its really up to you, want to save money then do it.

Friday 20 October 2017

Does Your Computer Need Repairing ?

In this day and age, technology is so ingrained in our daily lives that there are people who find it difficult to function properly without using some form of technology. From household chores to work duties, many use technology to get it done quickly and more efficiently.
The computer is probably one of the most used technology nowadays. It is helpful to all kinds of people, mothers, doctors, office workers, and students. That’s why it is important to take good care of your computer and repair as required. You might not realize that your computer needs repair because you can still use it.
But there are signs that your computer may be functioning less efficiently than it should. Look through the list below of the signs that your computer needs to be repaired.
There are many reasons why a computer might be running slower than usual. It can be due to an operating system that might be outdated. It could also mean that there are too many programs and applications installed on your computer. The important thing to do is that you should not ignore when you notice your computer is getting slower. It might be a sign that something is failing in your computer, and ignoring it might make the condition worse.
While you may feel that a computer may get hot while it is on if it becomes too hot that can become a problem. While the reason may be simple, as some laptops or computers might just be dirty and the cooling system just needs to be cleaned. But sometimes it might also be a serious matter. Some laptops get so hot that their motherboard becomes too damaged to be of use. Make sure to bring your computer to a professional so that they can readily assess what might be wrong with it.
If you find yourself reading many error messages within the day, then you need to check as you might be the victim of a corrupted program or even a virus. Some issues may be easy to diagnose and fix, you just need to research on the error message displayed and look for solutions. But other issues might be harder so you can go to a computer repair service for that.
It’s not uncommon to get the usual web pop-ups when you browse all over the internet. But if you’ve observed that you’ve been getting more than the usual number of pop-ups, then it might be because of a virus or malware. Make sure to approach the right people to help you as sometimes the solutions you will see online do not really help at all. It’s better to trust the expertise of professionals so you can be assured that your computer is in good hands.


Spiceworks - Community Digest
Is there a chance you'll come across XP running in the wild in 2017? Sadly, the answer is yes. And the organizations who haven't moved on from Windows XP might surprise you. 
Read full post »

Microsoft Patch Tuesday - October 2017

Talos Blog - Microsoft Patch Tuesday - October 2017

Posted: 10 Oct 2017 01:25 PM PDT
Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 63 new vulnerabilities with 28 of them rated critical and 35 rated important. These vulnerabilities impact Graphics, Edge, Internet Explorer, Office, Sharepoint, Windows Graphic Display Interface, Windows Kernel Mode Drivers, and more. 

Vulnerabilities Rated Critical

The following vulnerabilities are rated "Critical" by Microsoft: 

CVE-2017-11813, CVE-2017-11822 - Internet Explorer Memory Corruption Vulnerability

Two vulnerabilities have been identified in Internet Explorer that could result in remote code execution in the context of the current user. These vulnerabilities manifest due to improper handling of objects in memory when attempting to render a webpage. Both vulnerabilities could be exploited if, for example, a user visits a specially crafted webpage that exploits one of these flaws.

CVE-2017-11762, CVE-2017-11763 - Microsoft Graphics Remote Code Execution Vulnerability

Two vulnerabilities have been identified in the font library of the Microsoft Graphics Component that could allow an attacker to execute arbitrary code. These vulnerabilities manifest due to the library incorrectly handling specialty embedded fonts within a web page or document. Exploitation of these two vulnerabilities could be achieved if a user navigates to a malicious web page or if the user opens a specially crafted document that exploits these vulnerabilities.

Multiple CVEs - Scripting Engine Memory Corruption Vulnerability

Multiple vulnerabilities have been identified in the scripting engines of Edge and Internet Explorer that could allow an attacker to remotely execute arbitrary code. These vulnerabilities all manifest due to the scripting engines in Edge and Internet Explorer improperly handling objects in memory. As a result, successful exploitation could lead to arbitrary code execution in the context of the current user. Scenarios where these vulnerabilities would likely be exploited include web-based attacks where the user navigates to a malicious web page designed to exploit of these vulnerabilities or, in some cases, opens a Microsoft Office document containing an embedded ActiveX control marked "safe for initialization."

The following is a list of CVEs related to these vulnerabilities:

  • CVE-2017-11767
  • CVE-2017-11792
  • CVE-2017-11793
  • CVE-2017-11796
  • CVE-2017-11797
  • CVE-2017-11798
  • CVE-2017-11799
  • CVE-2017-11800
  • CVE-2017-11801
  • CVE-2017-11802
  • CVE-2017-11804
  • CVE-2017-11805
  • CVE-2017-11806
  • CVE-2017-11807
  • CVE-2017-11808
  • CVE-2017-11809
  • CVE-2017-11810
  • CVE-2017-11811
  • CVE-2017-11812
  • CVE-2017-11821

CVE-2017-11779 - Windows DNSAPI Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in Windows DNS that could allow an attacker to execute arbitrary code in the context of the Local System account. This vulnerability manifests in DNSAPI.dll as a result of improperly handling DNS responses. A scenario where this vulnerability could be exploited would be one where an attacker stand ups a malicious DNS server to transmit specially crafted DNS responses to the target.

CVE-2017-11771 - Windows Search Remote Code Execution Vulnerability

An arbitrary code execution vulnerability has been identified in Window Search that could allow an attacker to elevate their privileges and subsequently execute code in the elevated context. This vulnerability manifests due to improper handling of objects in memory. For this vulnerability to be exploited, an attacker would need to either have access to the targeted host to exploit this vulnerability, or remotely trigger it through an SMB connection.

CVE-2017-8727 - Windows Shell Memory Corruption Vulnerability

A remote code execution vulnerability has been identified in Internet Explorer which could allow an attacker to execute arbitrary code in the context of the current user. This vulnerability manifests as a result of Internet Explorer improperly accessing objects in memory via the Microsoft Windows Text Services Framework. An attacker could create a specially crafted web page that exploits this vulnerability and subsequently socially engineer a user to visit the page to compromise users. Additionally, attackers could leverage vulnerable or compromised websites or sites that display user-provided content or advertisements to exploit and compromise users.

CVE-2017-11819 - Windows Shell Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in Microsoft web browsers which manifests due to improper handling of objects in memory. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the current user. An attacker could leverage this vulnerability to exploit users by crafting a specially formed web page and socially engineering users to visit such a page. Other scenarios include an attacker leveraging vulnerable or compromised websites or sites that display user-provided content or advertisements to exploit this vulnerability and compromise users.

Vulnerabilities Rated Important

The following vulnerabilities are rated "important" by Microsoft:

CVE-2017-11790 - Internet Explorer Information Disclosure Vulnerability

An information disclosure vulnerability has been identified in Internet Explorer that could allow an attacker to obtain information that could be used to further compromise an affected system. This vulnerability manifests due to Internet Explorer improperly handling objects in memory. A user who navigates to an attacker-controlled web page could be exploited. Additionally, users who navigate to site that hosts user-generated content could also be exploited.

CVE-2017-11794 - Microsoft Edge Information Disclosure Vulnerability

An information disclosure vulnerability has been identified in Edge that could allow an attacker to obtain information that could be used to further compromise an affected system. This vulnerability manifests due to Edge improperly handling objects in memory. A user who navigates to an attacker-controlled web page could be exploited. Additionally, users who navigate to site that hosts user-generated content could also be exploited.

CVE-2017-8726 - Microsoft Edge Memory Corruption Vulnerability

A remote code execution vulnerability has been identified in Edge that could allow an attacker to execute arbitrary code in the context of the user. This vulnerability manifests due to Edge improperly handling objects in memory. Possible scenarios where an attacker could compromise a user could include a web-based attacks where a user navigates to a specially crafted web page under the attacker's control. Other possibilities include a user opening a Microsoft Office document containing an embedded ActiveX control marked "safe for initialization".

CVE-2017-8693 - Microsoft Graphics Information Disclosure Vulnerability

An information disclosure vulnerability has been identified in the Microsoft Windows Graphics Component that could allow an attacker to obtain information that could be used to further compromise an affected system. This vulnerability manifests due to the Graphics component improperly handling objects in memory. Exploitation of this vulnerability could be achieved if an authenticated user were to launch a specially crafted executable designed to exploit this vulnerability. 

CVE-2017-8717, CVE-2017-8718 - Microsoft JET Database Engine Remote Code Execution Vulnerability

Two arbitrary code execution vulnerabilities have been identified in the Microsoft JET Database Engine that could allow an attacker to execute arbitrary code in the context of the current user. These vulnerabilities manifest as buffer overflow conditions when triggered. For an attacker to successfully exploit these vulnerabilities, a user would need to open or preview a specially crafted Microsoft Excel document on an affected version of Windows. An email-based attack where an attacker sends a victim a specially crafted Excel document is the most likely scenario where a user could be compromised.

CVE-2017-11826 - Microsoft Office Memory Corruption Vulnerability

A vulnerability have been identified in Microsoft Office that could allow an attacker to execute arbitrary code on an affected system. This vulnerability manifests due to Office improperly handling objects in memory. A users who opens a maliciously crafted Office document could be exploited, resulting in arbitrary code execution of the attacker's choice in the context of the current user. Scenarios where this could occur include email-based attacks, where the attacker sends the victim a message with a malicious attachment, or web-based attacks where the user downloads and opens a malicious Office document. Note that in certain conditions, the Preview Pane is an attack vector as well.

CVE-2017-11825 - Microsoft Office Remote Code Execution Vulnerability

A vulnerability has been identified in Microsoft Office that could allow an attacker to execute arbitrary code on an affected system. This vulnerability manifests due to Office improperly handling objects in memory. A users who opens a maliciously crafted Office document could be exploited, resulting in arbitrary code execution of the attacker's choice in the context of the current user. Scenarios where this could occur include email-based attacks, where the attacker sends the victim a message with a malicious attachment, or web-based attacks where the user downloads and opens a malicious Office document.

Multiple CVEs - Microsoft Office SharePoint XSS Vulnerability

Multiple vulnerabilities in Microsoft Office Sharepoint have been identified that could could allow an attacker to execute a cross-site scripting (XSS) attack. These vulnerabilities manifest due to Sharepoint Server improperly sanitizing specific web requests from a user. Successful exploitation of these flaws could allow an attacker to execute scripts in the context of the current user, read content that the attacker would not otherwise have permission to view, or execute actions on behalf of the affected user.

The following CVEs reflect these vulnerabilities:

  • CVE-2017-11775
  • CVE-2017-11777
  • CVE-2017-11820

CVE-2017-11776 - Microsoft Outlook Information Disclosure Vulnerability

An information disclosure vulnerability in Microsoft Outlook has been identified that could leak sensitive information to third-parties. This vulnerability manifests when Outlook fails to establish a secure connection. An attacker who exploits this vulnerability could obtain the email content of a user.

CVE-2017-11774 - Microsoft Outlook Security Feature Bypass Vulnerability

A security feature bypass vulnerability has been identified in Microsoft Outlook that could be used to execute arbitrary commands. This vulnerability manifests due to Office improperly handling objects in memory. A user who opens a specially crafted document file could be exploited. A scenario where this could occur would be in a file-sharing attack where an attacker gives the user a file and socially engineers them to open it.

CVE-2017-11772 - Microsoft Search Information Disclosure Vulnerability

An information disclosure vulnerability has been identified in Windows Search that could allow an attacker to obtain information that could be used to further compromise an affected system. This vulnerability manifests due to Window Search improperly handling objects in memory. Exploitation of this vulnerability could be achieved if an authenticated user sends specially crafted messages to the Window Search service. Alternatively, this vulnerability could be exploited remotely in an enterprise setting over an SMB connection from an unauthenticated attacker. 

CVE-2017-11823 - Microsoft Windows Security Feature Bypass

A vulnerability had been identified in Device Guard that could allow an attacker bypass a security control and inject malicious code into a Windows Powershell session. This vulnerability manifests as a flaw in how the Device Guard Code Integrity policy is implemented. An attacker who has access to a local machine could inject malicious code into a script that is trusted by the Code Integrity policy. As a result, the injected code could be run with the same trust level as the script, bypassing the Code Integrity policy control.

CVE-2017-11786 - Skype for Business Elevation of Privilege Vulnerability

A privilege escalation vulnerability has been identified in Skype for Business that could allow an authenticated attacker to potentially impersonate a user. This vulnerability manifests due to Skype for Business improperly handling specific authentication requests. An attacker who initiates an instant message session while a specially crafted profile image is set could exploit this vulnerability and steal an authentication hash that could be reused in different contexts. Successful exploitation would allow an attacker to perform actions that a user is permitted to do, resulting in various outcomes such as privilege escalation.

CVE-2017-11769 - TRIE Remote Code Execution Vulnerability

An arbitrary code execution vulnerability has been identified in Windows that could allow an attacker to execute code in the context of the current user. This vulnerability manifests due to the way certain Windows components improperly handle loading DLL files. Successful exploitation could allow an attacker to perform actions or execute commands within the context of the current user.

CVE-2017-8689, CVE-2017-8694 - Win32k Elevation of Privilege Vulnerability

Two vulnerabilities in Windows Kernel-Mode Drivers have been identified that could allow a privilege escalation attack to occur. These vulnerabilities manifest due to improper handling of objects in memory. Successful exploitation of these vulnerabilities would result in an attacker obtaining administrator privileges on the targeted system. Users who run a specifically crafted executable that exploits this vulnerability could leverage this vulnerability to perform actions as an administrator on the affected system.

CVE-2017-11783 - Windows Elevation of Privilege Vulnerability

A privilege escalation vulnerability has been identified in Windows that could allow an authenticated attacker to elevate their privileges to that of an administrator. This vulnerability manifests due to Windows improperly handling calls to Advanced Local Procedure Call (ALPC). A user who creates a specially crafted application and executes it on an affected system could exploit this vulnerability.

CVE-2017-11816 - Windows GDI Information Disclosure Vulnerability

An information disclosure vulnerability has been identified in the Microsoft Windows Graphics Device Interface (GDI) that could allow an attacker to obtain information that could be used to further compromise an affected system. This vulnerability manifests due to the GDI improperly handling objects in memory. Exploitation of this vulnerability could be achieved if an authenticated user were to launch a specially crafted executable designed to exploit this vulnerability. 

CVE-2017-11824 - Windows Graphics Component Elevation of Privilege Vulnerability

A privilege escalation vulnerability has been identified in the Microsoft Windows Graphics Component that could allow an attacker to elevate their privileges to that of an administrator. This vulnerability manifests due to the Graphics component improperly handling objects in memory. Exploitation of this vulnerability could be achieved if an authenticated user were to launch a specially crafted executable designed to exploit this vulnerability.

CVE-2017-11817 - Windows Information Disclosure Vulnerability

An information disclosure vulnerability has been identified in the Windows kernel that could allow an attacker to obtain information that could be used to further compromise an affected system. This vulnerability manifests due to the kernel improperly initializing objects in memory. Exploitation of this vulnerability could be achieved if an authenticated user were to launch a specially crafted executable designed to exploit this vulnerability. 

CVE-2017-11784, CVE-2017-11785 - Windows Kernel Information Disclosure Vulnerability

Two information disclosure vulnerabilities have been identified in the Windows kernel that could allow an attacker to obtain memory addresses and bypass Kernel Address Space Layout Randomization (KASLR). Exploitation of these vulnerabilities could be achieved if an authenticated user were to launch a specially crafted executable designed to exploit them. 

CVE-2017-11765, CVE-2017-11814 - Windows Information Disclosure Vulnerability

Two information disclosure vulnerabilities have been identified in the Windows kernel that could allow an attacker to obtain information that could be used to further compromise an affected system. These vulnerabilities manifest due to the kernel improperly initializing objects in memory. Exploitation of these vulnerabilities could be achieved if an authenticated user were to launch a specially crafted executable designed to exploit them. 

CVE-2017-8715 - Windows Security Feature Bypass Vulnerability

A vulnerability had been identified in Device Guard that could allow an attacker to bypass a security control and inject malicious code into a Windows Powershell session. This vulnerability manifests as a flaw in how the Device Guard Code Integrity policy is implemented. An attacker who has access to a local machine could inject malicious code into a script that is trusted by the Code Integrity policy. As a result, the injected code could be run with the same trust level as the script, bypassing the Code Integrity policy control.

CVE-2017-11781 - Windows SMB Denial of Service Vulnerability

A denial of service vulnerability has been identified in Microsoft SMB that could allow an attacker to crash an affected host. This vulnerability manifests due to SMB improperly handling certain requests. An attacker who sends a vulnerable server specially crafted requests could exploit this vulnerability and create a denial of service condition for users.

CVE-2017-11782 - Windows SMB Elevation of Privilege Vulnerability

A privilege escalation vulnerability has been identified in the default Windows SMB Server configuration that could allow anonymous users to access certain named pipes. These named pipes could be used to send specially crafted requests to services that accept requests via named pipes. An attacker who is able to send SMB messages to an affected SMB server could exploit this vulnerability.

CVE-2017-11815 - Windows SMB Information Disclosure Vulnerability

An information disclosure vulnerability has been identified in Windows SMB that could allow an attacker to access files they otherwise should not have access to. This vulnerability manifests due to SMB server improperly handling certain requests. An attacker who is able to authenticate to the SMB server and send it SMB messages could exploit this vulnerability.

CVE-2017-11780 - Windows SMB Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in Microsoft Server Message Block 1.0 (SMBv1) which could allow an attacker to compromise SMBv1 servers. This vulnerability manifests due to the way SMBv1 servers handle certain requests. Exploitation of this vulnerability could be achieved by an unauthenticated attacker by sending specially crafted requests to the affected server.

CVE-2017-11818 - Windows Storage Security Feature Bypass Vulnerability

A security feature bypass has been identified in Microsoft Windows storage which could allow an application with a certain integrity level to execute code at a different level. This vulnerability manifests due to Windows improperly validating an integrity-level check.

CVE-2017-8703 - Windows Subsystem for Linux Denial of Service Vulnerability

A denial of service vulnerability has been identified in the Windows Subsystem for Linux (WSL). This vulnerability manifests as due to the WSL improperly handling objects in memory. An attacker who creates a specially crafted application and executes it on an affected system could exploit this vulnerability.

CVE-2017-11829 - Windows Update Delivery Optimization Elevation of Privilege Vulnerability

A privilege escalation vulnerability has been identified in Windows Update Delivery Optimization that could allow an attacker to overwrite files of a higher privilege than what the attacker possesses. This vulnerability manifests due to Windows Update Delivery Optimization improperly enforcing file share permissions. An attacker who is able to log into the system and create a Delivery Optimization job could exploit this vulnerability.