QR.bizNewsMicrosoft Releases Patches for a Critical Windows Flaw Allowing WannaCry-Style Attacks

Microsoft Releases Patches for a Critical Windows Flaw Allowing WannaCry-Style Attacks

In particular, although the advisory lists Windows 7, Windows Server 2008 and Windows Server 2008 R2 as affected, Microsoft is also releasing updates for out-of-support systems that include Windows XP and Windows 2003.

That flaw, spotted by researchers at NCC Group, is a logic vulnerability that can be exploited to gain "remote access to a host's storage via Edge, Internet Explorer, Firefox and Chrome on Microsoft Windows by a malicious Citrix server".

"This vulnerability is pre-authentication and requires no user interaction", the MSRC blog post says. "Any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017".

There is now no indication that the flaw is already being exploited, but Microsoft said it is "highly likely" that malicious actors will soon write an exploit to incorporate it into malware.

Those running Microsoft XP or Server 2003 at an enterprise level can obtain a security patch here.

It's not generally available yet, but Microsoft has already issued the second quality update for Windows 10 version 1903. It explains "Microsoft invests heavily in strengthening the security of its products, often through major architectural improvements that are not possible to backport to earlier versions of Windows".

Microsoft advises that "all affected systems - irrespective of whether NLA is enabled or not - should be updated as soon as possible".

This time a year ago stats put Windows 7, which was first released back in 2009, ahead of the newer Windows 10 OS.

The Windows exploit (CVE-2019-0708) affects machines running Windows 7, Windows Server 2008 R2, and older versions.

This is a flaw in Remote Desktop Services (RDS) which could allow an attacker to remotely execute arbitrary code on a target system after connecting using RDP. With NLA enabled, systems are protected against "wormable" malware or advanced malware threats that could exploit the vulnerability, as NLA requires authentication before the vulnerability can be triggered.

The latter is only a partial mitigation.

For May 2019 Patch Tuesday, Microsoft has released fixes for 79 vulnerabilities, 22 of which are deemed critical. "This vulnerability will make that process even easier". Referred to as the May 14, 2019-KB4500154 Update, this update brings the Windows 10 Mobile operating system to build number 15254.566.

Microsoft Patches 'Wormable' Flaw in Windows XP, 7 and Windows 2003

Mobile wallet Ipaymu and QR codes increase sales in Indonesia

Nowadays the majority of payment transactions in Indonesia are conducted by means of cash. However, modern technical solutions soon will be able to change this situation. Recently an e-wallet Ipaymu was introduced to citizens of the country, which will help to draw attention of smartphone users with the possibility to make mobile payments by means of QR technologies and will probably increase the popularity of cashless payments.

QR codes are used for medical purposes

QR codes have gained popularity around the world. They are used in all spheres of a human activity, helping him to get quick access to the information of his interest, for convenience of making purchases and payment of bank receipts.

New opportunities with the mobile wallet of FIS based on QR codes

Mobile payments become popular around the world. Many banks and financial institutions create special applications for smartphones due to which clients can make transactions by means of their mobile devices.

RuEn
Login with: