Tag Archive for: updates

Google releases security updates for Android owners with millions warned over ‘critical’ flaws putting phones at risk

/in


Millions of Android owners are being urged to update their devices to fix security flaws making their phones vulnerable to hackers.

Google this week released its March security updates, revealing 60 flaws including critical-level vulnerabilities that need to be addressed.

WATCH THE VIDEO ABOVE: Flip phones making a return with a modern twist.

Watch the latest News on Channel 7 or stream for free on 7plus >>

The flaws are fixed by two security patches, 2023-03-01 and 2023-03-05, that can be downloaded by updating the device.

The first patch fixes core Android components like framework, system and Google Play, while the second deals with fixes for third-party vendor components from MediaTek, Unisoc and Qualcomm.

“The most severe of these issues is a critical security vulnerability in the system component that could lead to remote code execution with no additional execution privileges needed,” Android says in its latest security bulletin.

“User interaction is not needed for exploitation.”

Google chooses to withhold additional information on the two critical-level security flaws affecting the Android system, tracked as CVE-2023-20951 and CVE-2023-20954, to prevent hackers from exploiting devices before the owners have the chance to apply the updates, Bleeping Computer reports.

Two other critical severity vulnerabilities, tracked as CVE-2022-33213 and CVE-2022-33256, have been identified on closed-source Qualcomm components, while all other flaws are high-severity vulnerabilities.

To update your device, head to settings and system update or select security and privacy and then choose security update.

“We encourage all users to update to the latest version of Android where possible,” Android said.

To learn if a device is updated to the necessary security patch level, visit here.

Aussie woman gets stuck in KFC drive through after alcohol interlock goes off.

Source…

Malware infecting widely used security appliance survives firmware updates – Ars Technica

/in


Malware infecting widely used security appliance survives firmware updates

Threat actors with a connection to the Chinese government are infecting a widely used security appliance from SonicWall with malware that remains active even after the device receives firmware updates, researchers said.

SonicWall’s Secure Mobile Access 100 is a secure remote access appliance that helps organizations securely deploy remote workforces. Customers use it to grant granular access controls to remote users, provide VPN connections to organization networks, and set unique profiles for each employee. The access the SMA 100 has to customer networks makes it an attractive target for threat actors.

In 2021, the device came under attack by sophisticated hackers who exploited what was then a zero-day vulnerability. Security appliances from Fortinet and Pulse Secure have come under similar attacks in recent years.

Gaining long-term persistence inside networks

On Thursday, security firm Mandiant published a report that said threat actors with a suspected nexus to China were engaged in a campaign to maintain long-term persistence by running malware on unpatched SonicWall SMA appliances. The campaign was notable for the ability of the malware to remain on the devices even after its firmware received new firmware.

“The attackers put significant effort into the stability and persistence of their tooling,” Mandiant researchers Daniel Lee, Stephen Eckels, and Ben Read wrote. “This allows their access to the network to persist through firmware updates and maintain a foothold on the network through the SonicWall Device.”

To achieve this persistence, the malware checks for available firmware upgrades every 10 seconds. When an update becomes available, the malware copies the archived file for backup, unzips it, mounts it, and then copies the entire package of malicious files to it. The malware also adds a backdoor root user to the mounted file. Then, the malware rezips the file so it’s ready for installation.

“The technique is not especially sophisticated, but it does show considerable effort on the part of the attacker to understand the appliance update cycle, then develop and test a method for persistence,” the researchers wrote.

The persistence techniques…

Source…

Windows 11 just got some vital security updates, so don’t hang around, patch now

/in


Windows 11 just got a raft of security fixes in the latest round of monthly patching from Microsoft, including some crucial ones.

Security should always be a high priority when it comes to your PC (Image Credit: Pexels)

Open Gallery 2

Security should always be a high priority when it comes to your PC (Image Credit: Pexels)

VIEW GALLERY – 2 IMAGES

In fact, there are three fixes for zero-day vulnerabilities provided, meaning bugs in Windows 11 which are public knowledge. And in this case, these security flaws are being actively exploited by nefarious types – so they represent a clear potential danger to Windows 11 users.

In total, there are 77 vulnerabilities fixed by Microsoft’s February patch for Windows 11 PCs, and nine are labeled as ‘critical.’

Let’s take a closer look at those worrying zero-day flaws, the first of which is CVE-2023-21823, which affects not just Windows 11 but also Windows 10 systems. This is a remote code execution vulnerability an attacker can use to leverage system privileges, and what’s particularly concerning is that according to a recent report, it’s not hard to exploit.

A security expert, Mike Walters (VP of vulnerability and threat research at Action1), told Forbes: “This vulnerability is relatively simple to exploit, utilizes local vectors, and requires low levels of access.”

It also doesn’t need the user to do anything (like click on something and fall for a pop-up prompt, for example) in order to work.

There’s a really important thing to note on this one, and that’s rather than being deployed by Windows Update, the fix for this vulnerability is being piped to Windows PCs via an update from the Microsoft Store. In other words, if you’ve disabled automatic updates from the store, that’s something you need to be aware of.

The other zero-days are CVE-2023-23376, an elevation of privilege vulnerability (local, as opposed to a glitch that can be remotely exploited), and CVE-2023-21715 which affects Microsoft Publisher. The latter allows an attacker to evade security countermeasures that block Office macros which could be malicious, but unless you run Publisher, this isn’t one to fret over.

With a total of 77 security fixes here, it’s pretty obvious that this is an update you should grab – although that’s fewer vulnerabilities than the previous January cumulative…

Source…

End Of The Road For Windows 7 Security Updates: ‘It’s About Time’

/in


Security News


Kyle Alspach


With Microsoft closing the book on Windows 7 bug fixes, one solution provider says we’re unlikely to see history repeat itself with the shift from Windows 10 to 11.

ARTICLE TITLE HERE

At long last, we’ve reached the end of the line with Windows 7.

On Tuesday, Microsoft cut the cord on security updates for the long-persevering operating system, which was hugely popular with many businesses in its day — and for some users, up through the present day.

[Related:
Microsoft Seeing Exploits Of Windows Zero Day Vulnerability
]

While the official end of support date for Windows 7 arrived back in January 2020, Microsoft had consented to continue offering Windows 7 security updates to businesses willing to pay for them. (Microsoft understands that “everyone is at a different point in the upgrade process,” wrote Jared Spataro, corporate vice president for Microsoft 365, in a blog post in 2019.)

Those “extended” Windows 7 security updates, however, came to a close on Tuesday. That gave Windows 7, which launched in the fall of 2009, a more than 13-year run.

As much as many businesses relied on Windows 7, “it’s about time” that the operating system reach its finale, said Luis Alvarez, president and CEO of Salinas, Calif.-based Alvarez Technology Group.

“In so many ways [the extended security updates] were a false sense of security for a number of people,” he told CRN. “They believed they could keep their Windows 7 systems secure by paying an annual fee — but really, the underlying issues that caused those security vulnerabilities weren’t being patched.”

Alvarez said that his firm can now get the “last stragglers” within the client base off of Windows 7, and onto Windows 10, the successor to Windows 7, or the latest version of the operating system, Windows 11.

Looking ahead, Alvarez doesn’t believe that we’ll encounter this type of issue again with…

Source…