Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Microsoft releases 11 security updates, 6 rated critical

Ms. Smith | July 14, 2016
Lucky you, it's that time again. Happy patching!

Kuzma explained, "This impacts the application whitelisting functionality on Windows 8.1 and newer. I suspect we'll be seeing a lot more like this as researchers and attackers both look for ways to bypass this technology."

MS16-094 fixes a flaw in Secure Boot security features that could by bypassed if an attacker installs an affected policy on a target device. However, an attacker would need either physical access or administrative privileges to pull that off.
Kuzma noted:

"Secure boot isn't very secure, I'm afraid, when policy application and handling errors strip away its most critical protections. An attacker being able to disable integrity checks is the first step in establishing difficult to detect and difficult to remove persistence. AND it could potentially disable BitLocker encryption. Sounds like this vulnerability was a great tool for Folks That Spy On People."

That's it for July. We'll see if the list is longer in August after Black Hat and Def Consecurity conferences. Until then, happy patching!

Source: Networkworld


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.