An ingenious graduate student at Eindhoven University explains how an attacker can totally bypass OS and hardware security, given physical access to a Thunderbolt 3 port and the right tools. You’ve been warned!
On Saturday, May 2nd, my virtual friend and fellow Finn Toni sent me an email with a screenshot showing Win10.guru on his mobile device. Automatic HTTP to HTTPS redirecting had somehow been disabled. Worse the only content visible on our home page was some strange ads in Japanese. As we pay for GoDaddy, our hosting
When I learn that a Servicing Stack Update (SSU) shipped alongside the latest Cumulative Update for Update/Patch Tuesday, I can’t find it in Settings/Update & Security/Update History. Turns out you must dive into Control Panel instead… Who knew?
When I say that some alerts alarm but others do not, I mean that some alerts from monitoring and security tools are routine and should be ignored. The key lies in understanding which ones to skip, and which ones to take seriously.
In November 2018, I wrote a post for TenForums.com entitled “Realtek Audio Console REQUIRES a Realtek HD (UAD) Driver!” I’ve kept that thread reasonably up-to-date since then, and it’s picked up nearly 300 follow-on responses and comments. But recently, some members of the TF community have taken offense — and in at least one case,
In recognition of “the public health” situation, MS will pause publishing its optional non-security releases starting in May. This is discussed in an item dated March 24, entitled “Timing for upcoming optional C and D releases” at the Windows Message Center (MS DOCs). The optional C and D releases represent classifications for updates that fix
If you’ve got a PC with a Sandy Bridge (mobile, E, or EP), Denverton, Valley View, or Whiskey Lake U CPU, you’ll want to install KB4497165. Oh, and you must be running Windows 10 1903 or 1909, too. Doesn’t work with Insider Preview versions.
SMB, or server message block, is a simple and easy-to-implement networking protocol. The first version, SMB1, has been around since 1983. It’s now outdated, insecure, and unsuited for modern network use. But it just keeps chuggin’ along anway.
On January 30, the Microsoft Update Catalog received a number of new Intel Microcode update items. These address CPU-level hardware vulnerabilities in most PCs, and are worth installing.
An accidental launch of Google’s Password Checkup utility points out some possible security compromises and “less-than-best” practices in my password stable. I take corrective action, but it’s slow and intense work. Sigh.