More from: Microsoft

Dark Reading was good today

Dark Reading was good today. Several interesting tid bits. Suggest that you check it out at http://www.darkreading.com/

Accused LinkedIn, DropBox Hacker Appears in US Court After Diplomatic Battle

In the Czech Republic since October 2016, Yevgeniy Nikulin had requested asylum there after warrants for his arrest were issued by both Russia and the US. The Czech government denied his bid for asylum and turned him over the US, where he appeared in a federal courtroom on Friday morning.

Nikulin, the Russian hacker accused of being responsible for breaching DropBox and the 2012 LinkedIn attack that saw 117 million passwords stolen, has been extradited to the US in a process that has implications for the larger relationship between the US and Russia.  https://www.darkreading.com/attacks-breaches/accused-linkedin-dropbox-hacker-appears-in-us-court-after-diplomatic-battle/d/d-id/1331413

The Cybersecurity Mandates Keep On Coming

With threats more complex than ever, and with more data to protect and more technologies touching that data, more cyber regulation is bound to happen. The questions are How can a company possibly keep up, and Are we safely in compliance? https://www.darkreading.com/risk/compliance/the-cybersecurity-mandates-keep-on-coming/a/d-id/1331366

Microsoft Rushes Out Fix for Major Hole Caused by Previous Meltdown Patch

While fixing an obscure potential vulnerability, they created a real hack vector! Don’t cha jus’ luv high tech?

Chris Goetti, director of product management at Ivanti, says … “When Microsoft issued a fix for Windows 7 and Windows Server 2008, they made a mistake and ended up opening up read and write access in RAM so anybody could access anything in memory and write to it,”

Cautions Jack Danahy, CTO and co-founder of Barkly. “This is an easy-to-exploit zero-day vulnerability and a much more probable attack vector that the original problem that Microsoft was trying to correct. … Microsoft accidentally distributed a new zero-day vulnerability of their own design.”

Microsoft has rushed out an out-of-cycle security patch to address problems created by what were supposed to be fixes for the Meltdown vulnerability that it had previously issued for 64-bit Windows 7 and Windows Server 2008 systems. https://www.darkreading.com/attacks-breaches/microsoft-rushes-out-fix-for-major-hole-caused-by-previous-meltdown-patch/d/d-id/1331415#



Windows 10 Delete Fingerprint Data

How to remove fingerprints from Windows 10

If you ever delete an account from Windows 10 BUT FORGET to FIRST delete all the fingerprint data belonging to that account, the fingerprint data stays forever in that specific device. The only way you can create another account and use your fingerprints to login again is to get new fingerprints. 8*)

But there is a fix! Following the threads all afternoon I eventually came across this thread on Microsoft’s support blog. https://social.technet.microsoft.com/Forums/en-US/93a122ff-3455-4b29-b3e8-2b72d49d19e3/windows-81-delete-all-fingerprint-data?forum=w81previtpro

DELETE C:\Windows\System32\WinBioDatabase\[GUID].DAT file and then restart the computer.

I had to boot into a Linux partition to get enough “administrator rights” to delete the files, but once deleted I could once more use the fingerprint functionality.

 


Windows 10 Upgrade Change

locked-computer-cartoonMicrosoft has changed their position on encouraging users of the old Windows 7 and 8 to upgrade to the Windows 10 platform. Windows 10 will effectively be the “last” Windows as there will not be replacements, rather merely updates and upgrades as in Linux.

As such, those who miss this opportunity to upgrade will eventually end up paying money to buy Windows 10 Readmore..