ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Big Patch Tuesday - updating the cryptographic functions in Windows

    IT Discussion
    6
    11
    556
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • NicN
      Nic
      last edited by

      https://krebsonsecurity.com/2020/01/cryptic-rumblings-ahead-of-first-2020-patch-tuesday/

      Krebs has the scoop on the rumors, as usual.

      1 Reply Last reply Reply Quote 2
      • J
        JasGot
        last edited by

        Hmmm...... Makes me contemplate whether Windows 7 security updates end at 12:00am on Jan 14 or at 11:59pm on Jan 14th.

        This could immediately place Windows 7 OSes at more risk, than people may have thought, this soon after the end of security updates.

        scottalanmillerS 1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @JasGot
          last edited by

          @JasGot good question.

          1 Reply Last reply Reply Quote 0
          • ObsolesceO
            Obsolesce
            last edited by

            Sounds like convenient timing IMO.

            Win7 support ends, no more security updates. New big security issue in all Windows versions, not patched in unsupported versions.

            1 Reply Last reply Reply Quote 0
            • NicN
              Nic
              last edited by

              Here's the full story:
              https://www.washingtonpost.com/national-security/nsa-found-a-dangerous-microsoft-software-flaw-and-alerted-the-firm--rather-than-weaponize-it/2020/01/14/f024c926-3679-11ea-bb7b-265f4554af6d_story.html

              ObsolesceO 1 Reply Last reply Reply Quote 0
              • ObsolesceO
                Obsolesce @Nic
                last edited by

                @Nic said in Big Patch Tuesday - updating the cryptographic functions in Windows:

                Here's the full story:
                https://www.washingtonpost.com/national-security/nsa-found-a-dangerous-microsoft-software-flaw-and-alerted-the-firm--rather-than-weaponize-it/2020/01/14/f024c926-3679-11ea-bb7b-265f4554af6d_story.html

                Probably because the NSA is using windows...

                coliverC 1 Reply Last reply Reply Quote 0
                • coliverC
                  coliver @Obsolesce
                  last edited by

                  @Obsolesce said in Big Patch Tuesday - updating the cryptographic functions in Windows:

                  @Nic said in Big Patch Tuesday - updating the cryptographic functions in Windows:

                  Here's the full story:
                  https://www.washingtonpost.com/national-security/nsa-found-a-dangerous-microsoft-software-flaw-and-alerted-the-firm--rather-than-weaponize-it/2020/01/14/f024c926-3679-11ea-bb7b-265f4554af6d_story.html

                  Probably because the NSA is using windows...

                  Or this is already in the wild.

                  JaredBuschJ 1 Reply Last reply Reply Quote 0
                  • JaredBuschJ
                    JaredBusch @coliver
                    last edited by

                    @coliver said in Big Patch Tuesday - updating the cryptographic functions in Windows:

                    @Obsolesce said in Big Patch Tuesday - updating the cryptographic functions in Windows:

                    @Nic said in Big Patch Tuesday - updating the cryptographic functions in Windows:

                    Here's the full story:
                    https://www.washingtonpost.com/national-security/nsa-found-a-dangerous-microsoft-software-flaw-and-alerted-the-firm--rather-than-weaponize-it/2020/01/14/f024c926-3679-11ea-bb7b-265f4554af6d_story.html

                    Probably because the NSA is using windows...

                    Or this is already in the wild.

                    More likely the reason.

                    NicN 1 Reply Last reply Reply Quote 1
                    • NicN
                      Nic @JaredBusch
                      last edited by

                      @JaredBusch my bet is the NSA was using it, but now some other nation state has found it and is using it. Which is why NSA now wants us all to patch it.

                      JaredBuschJ coliverC 2 Replies Last reply Reply Quote 2
                      • JaredBuschJ
                        JaredBusch @Nic
                        last edited by

                        @Nic said in Big Patch Tuesday - updating the cryptographic functions in Windows:

                        @JaredBusch my bet is the NSA was using it, but now some other nation state has found it and is using it. Which is why NSA now wants us all to patch it.

                        That is definitely a better clarification of the likely reason now that you mention it

                        1 Reply Last reply Reply Quote 1
                        • coliverC
                          coliver @Nic
                          last edited by coliver

                          @Nic said in Big Patch Tuesday - updating the cryptographic functions in Windows:

                          @JaredBusch my bet is the NSA was using it, but now some other nation state has found it and is using it. Which is why NSA now wants us all to patch it.

                          Yeah this was my point earlier. This tracks with their behavior with EternalBlue.

                          1 Reply Last reply Reply Quote 0
                          • 1 / 1
                          • First post
                            Last post