Submitted via IRC for Bytram
Microsoft regularly issues security updates, but it added a little something extra on Tuesday: it's letting all customers, even those using older versions of Windows, update their software.
This move is an attempt to avoid another ransomware outbreak like WannaCry, also called WannaCrypt, which rocked the web last month.
"The WannaCrypt ransomware served as an all too real example of the danger of cyber attacks to individuals and businesses globally," Adrienne Hall, general manager of Microsoft's Cyber Defense Operations Center, wrote in a blog post. "In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyber attacks by government organizations, sometimes referred to as nation-state actors or other copycat organizations."
Microsoft said it made the decision to apply this assortment of updates to provide further protection against potential attacks with similar characteristics as WannaCrypt. The security updates will be delivered automatically through Windows Update to devices running Windows 10, Windows 8.1 and Windows 7.
Source: CNET
Also at Ars Technica
(Score: 2) by zocalo on Wednesday June 14 2017, @03:09PM (1 child)
UNIX? They're not even circumcised! Savages!
(Score: 2) by jdccdevel on Wednesday June 14 2017, @06:10PM
I noticed a while back that links in certain SPAM email had that OWA specific mangling done at the source. (I wouldn't touch OWA with a 50ft pole, but incoming email already had the links mangled.)
I suspect spammers were exploiting some loophole preventing proper scanning of OWA enabled links by A/V software for people using it. (or maybe some sort of email verification via outlook url pre-fetching, who knows.)
I spent an hour or so that afternoon working out what was going on and setting up a rule to block email with the OWA style links entirely.
I haven't seen one since so I'm not sure if that sort of SPAM is still a thing.
The only possible use I can think of for such url mangling is running a proxy on the email server. I bet it's so if you're running a local copy on a PC with filtered web access, you can still get remote content (pictures and such) in the email.
If that's what's going on, I bet someone is already exploiting it to bypass web filters... wouldn't that be a security nightmare!
But that's all speculation on my part. Regardless it seems like one more potential exploit waiting to happen.