Sci-tech

Microsoft Pushes Rare Windows XP Patch For WannaCry-Style Wormable Exploit

Microsoft Pushes Rare Windows XP Patch For WannaCry-Style Wormable Exploit

It also affects Windows 2003 and Windows XP-older versions of Windows that Microsoft doesn't typically patch.

Microsoft had already released a patch for the flaw, but many older and vulnerable OSes were never updated.

Microsoft also patched CVE-2019-0953, a remote code vulnerability in Microsoft Office which lets an attacker run code as the targeted user by persuading them to open a malicious file.

Microsoft says it has not yet observed any exploitation of the vulnerability. The vulnerability is present in Windows 7, Windows Server 2008 and Windows Server 2008 R2, but not in newer systems.

Those running Windows 7, Windows Server 2008 R2, and Windows Server 2008, Pope explains, will receive the patch automatically through the Windows Update system as usual; Windows XP and Windows 2003 users, by contrast, need to download and install a manual update - or, Pope recommends, 'upgrade to the latest version of Windows'.

Windows 10 and 8 remain unaffected by this issue as "Microsoft invests heavily in strengthening the security of its products, often through major architectural improvements that are not possible to backport to earlier versions of Windows". Microsoft has a comprehensive list at this page.

Australian dies in Alaskan plane crash
The National Transportation Safety Board said it was launching a "Go Team" to investigate the cause of the accident. Emergency response crews transport an injured passenger to an ambulance at the George Inlet Lodge docks.

This is a flaw in Remote Desktop Services (RDS) which could allow an attacker to remotely execute arbitrary code on a target system after connecting using RDP. "This vulnerability will make that process even easier".

One of the priorities this month is CVE-2019-0863, which is an elevation of privilege vulnerability in Windows that's already being exploited by attackers.

MDS attack methods can be used to gain access to confidential data, according to a write-up by researchers at Vrije Universiteit Amsterdam, who described "Rogue In-Flight Data Load" (RIDL) and "Fallout" methods.

The Patch Tuesday releases also fix several critical remote code execution vulnerabilities targeted the Edge and Internet Explorer 11 browsers. They haven't been detected in active use. However, the company did provide fixes in KB4500705, which users will have to apply manually.

The vulnerability was privately reported to Microsoft by the UK's National Cyber Security Center and is considered high-severity and requires low complexity to exploit. We expect all future Intel® processors include hardware mitigations addressing these vulnerabilities. If you have automatic updates enabled on your Windows machine, you are automatically protected. The vulnerability was publicly known before this disclosure, but there is no indication that it's being exploited in the wild.

Microsoft is warning of "potential performance impacts" from the updates.


  • PGA Championship 2019: How to watch

    PGA Championship 2019: How to watch

    To Harrington, nothing compares with representing the continent in what has become the most intense event in golf . Daly won the 1991 PGA Chmpionship, earning a lifetime exemption to the tournament, and the 1995 British Open.
    'The Jeremy Kyle Show' Cancelled By ITV After Death Of Guest

    'The Jeremy Kyle Show' Cancelled By ITV After Death Of Guest

    Simon Wessely, a former head of the Royal College of Psychiatrists, said shows like Jeremy Kyle were "the theatre of cruelty". In June past year , a former priest from Eastry in the county and his young husband appeared on an episode of Jeremy Kyle .
    Jeremy Kyle show suspended indefinitely after guest dies following filming

    Jeremy Kyle show suspended indefinitely after guest dies following filming

    The programme attempts to mediate an array of issues and conflicts between family and friends in front of studio audience. The show was recorded on May 2 but Ms Callaghan revealed she last saw him four days before he was found dead last week.
  • Serena Williams opens clay season with easy win

    Serena Williams opens clay season with easy win

    Serena holds an 18-12 lead and she won the most recent meeting when she defeated Venus in the third round of the 2018 U.S. In the meantime she is enjoying sharing her favourite sites in Rome with her daughter Olimpia who turns two in September.
    Djokovic beats Tsitsipas to win third Madrid Open title

    Djokovic beats Tsitsipas to win third Madrid Open title

    I just play for my happiness and I play when I really want to play. "I went on the court and I was mentally prepared for a fight". Tsitsipas has won three of his last four final appearances overall and is 1-1 in final appearances on clay.
    Russian Federation  tells Pompeo: Enough mistrust, let's reboot our ties

    Russian Federation tells Pompeo: Enough mistrust, let's reboot our ties

    And in response to media reports that he was about to send 120,000 troops to the Middle East in the event of hostilities, U.S.
  • WestJet to be acquired by Onex in $5B deal

    WestJet to be acquired by Onex in $5B deal

    WestJet ( WJA.TO ) said Onex ( ONEX.TO ) first approached it about the prospect of a takeover in March. Onex also failed in its effort in 2007 as part of a consortium to buy Australia's Qantas Airways Ltd.
    Madonna Defends Decision to Perform at Eurovision in Israel

    Madonna Defends Decision to Perform at Eurovision in Israel

    Earlier this week Madonna confirmed she will bring her Madame X theatre tour to the United Kingdom next year. Hantman also said that Madonna was already "on her way" to Israel to take part in Saturday's show.
    Putin, Austrian president to discuss Iran

    Putin, Austrian president to discuss Iran

    And as you mentioned before, I mean, the origin of this meeting today was that phone call that Trump and Putin had. But they often find themselves on opposite sides, even if they share a stated basic goal.
  • FCC Chairman Pushes for Default, Free Robocall Blocking

    FCC Chairman Pushes for Default, Free Robocall Blocking

    Pai's declaratory ruling mandates that blocking should not interfere with emergency communications systems in any way. He raised the threat of regulatory action "if the companies do not take the steps necessary to protect consumers".
    Dog disease that can be passed to humans confirmed in Iowa

    Dog disease that can be passed to humans confirmed in Iowa

    AHeinz57 Pet Rescue and Transport said a dog breeder in Knoxville, Iowa had pets that tested positive for the infection. Heinz said all of the dogs in the rescue's care tested negative for the disease in the first round of tests.
    Sale strikes out 17, but Rockies win

    Sale strikes out 17, but Rockies win

    First time I've been in something like that, you know, watching the strikeouts and watching the pitch count. Nolan Arenado 's two-run homer in the seventh was one of only three hits the Rockies managed against Sale.