Tag Archive for: added

New Windows Search zero-day added to Microsoft protocol nightmare

/in


Windows cybersecurity

A new Windows Search zero-day vulnerability can be used to automatically open a search window containing remotely-hosted malware executables simply by launching a Word document.

The security issue can be leveraged because Windows supports a URI protocol handler called ‘search-ms’ that allows applications and HTML links to launch customized searches on a device.

While most Windows searches will look on the local device’s index, it is also possible to force Windows Search to query file shares on remote hosts and use a custom title for the search window.

For example, the popular Sysinternals toolset allows you to remotely mount live.sysinternals.com as a network share to launch their utilities. To search this remote share and list only files matching a particular name, you could use the following ‘search-ms’ URI:

search-ms:query=proc&crumb=location:%5C%5Clive.sysinternals.com&displayname=Searching%20Sysinternals

As you can see from the command above, the search-ms ‘crumb’ variable specifies the location to search, and the ‘displayname’ variable specifies the search title.

A customized search window will appear when this command is executed from a Run dialog or web browser address bar on Windows 7, Windows 10, and Windows 11, as shown below.

Windows Search on a remote file share
Windows Search on a remote file share
Source: BleepingComputer

Notice how the window title is set to the ‘Searching Sysinternals’ display name we specified in the search-ms URI.

Threat actors could use this same approach for malicious attacks, where phishing emails are sent pretending to be security updates or patches that need to be installed.

They can then set up a remote Windows share that can be used to host malware disguised as security updates and then include the search-ms URI in their phishing attachments or emails.

However, it would not be easy to get a user to click on a URL like this, especially when it displays a warning, as shown below.

Browser warning when launching URI protocol handlers
Browser warning when launching URI protocol handlers
Source: BleepingComputer

But Hacker House co-founder and security researcher Matthew Hickey found a way by combining a newly discovered Microsoft Office OLEObject flaw with the search-ms protocol handler to open a remote search window simply by…

Source…

Google’s ‘My Activity’ page is now more secure with added password protection

/in


One of the biggest themes of Google I/O 2021 surrounded keeping your accounts and information secure. There are coming to apps like Google Photos with its Locked Folders, along with a slew of new improvements to the built-in password manager on Chrome for Android. Now, Google is adding another way to keep your precious information protected, and it has everything to do with the My Activity landing page.

Google’s My Activity page is essentially a hub where you can view all of the different information that Google has stored regarding your account. This includes Search results, Maps, YouTube, Shopping, and more. But until now, this information could have been accessed by anyone who’s able to log into your account, or even if you left a browser window open on your computer.

VPN Deals: Lifetime license for $16, monthly plans at $1 & more

Starting today, when you visit the ‘My Activity’ page (via 9to5Google), a little prompt appears stating “Safer with Google – You can add more security to My Activity by turning on extra verification.” This bubble points to a new section under Google protects your privacy and security.

From here, you can either click Manage or Dismiss within the bubble, or click Manage My Activity verification. A new pop-up window will appear in the same browser tab, providing you the option to either Require extra verification or not. When requiring the extra verification, you’ll need to again enter your Google account password, before being able to view your “My Google Activity” page.

We’re a little bit surprised that this wasn’t already available. But we’re also happy to see that Google keeps an eye on the “little” things that we can do to make our accounts and information more secure.

Interview: Diablo Immortal devs talk adapting Diablo lore in new ways
a return to the past

Interview: Diablo Immortal devs talk adapting Diablo lore in new ways

Diablo Immortal has quickly become one of the most anticipated mobile games in recent memory. As it enters its second closed alpha, we caught up with Julian Love and Justin Dye from Blizzard to chat about the game’s design, narrative, and how it fits into the Diablo lore.

Sweat harder with these true wireless earbuds
Break a sweat

Sweat harder with these true wireless earbuds

Like to listen to music or podcasts…

Source…

Choosing a VPN for Added Internet Security

/in

But VPNs are also useful for home use, especially if you have doubts about the security of your WiFi network. It can be tricky to pick a good VPN, security experts say. Consumer-grade VPNs often don’t …
internet security – read more