sexta-feira, 24 de março de 2017
segunda-feira, 20 de março de 2017
Windows 10 Will Download Some Updates Even Over a Metered Connection
Windows 10 Will Download Some Updates Even Over a Metered Connection
URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Dt-8dDqsRoA/windows-10-will-download-some-updates-even-over-a-metered-connection
Reader AmiMoJo writes: Until now Windows 10 has allowed users to avoid downloading updates over metered (pay-per-byte) connections, to avoid racking up huge bills. Some users were setting their ethernet/wifi connections as metered in order to prevent Windows 10 from downloading and installing updates without their permission. In its latest preview version of the OS, Microsoft is now forcing some updates necessary for "smooth operation" to download even on these connections. As well as irritating users who want to control when updates download and install, users of expensive pay-per-byte connections could face massive bills.
Read more of this story at Slashdot.
sábado, 18 de março de 2017
Windows 10 UAC Bypass Uses Backup and Restore Utility
Windows 10 UAC Bypass Uses Backup and Restore Utility
URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/6zqSvclL1JI/windows-10-uac-bypass-uses-backup-and-restore-utility
An anonymous reader writes: "A new User Access Control (UAC) bypass technique relies on altering Windows registry app paths and using the Backup and Restore utility to load malicious code without any security warning," reports BleepingComputer. The technique works when an attacker launches the Backup and Restore utility, which loads its control panel settings page. Because the utility doesn't known where this settings page is located, it queries the Windows Registry. The problem is that low-privileged users can modify Windows Registry values and point to malware. Because the Backup and Restore utility is a trusted application, UAC prompts are suppressed. This technique only works in Windows 10 (not earlier OS versions) and was tested with Windows 10 build 15031. A proof-of-concept script is available on GitHub. The same researcher had previously found two other UAC bypass techniques, one that abuses the Windows Event Viewer, and one that relies on the Windows 10 Disk Cleanup utility
Read more of this story at Slashdot.
terça-feira, 7 de março de 2017
BREAKING: CIA turned every Microsoft Windows PC in the world into spyware. Can activate backdoors on demand, including via Windows update. - r/Bitcoin
BREAKING: CIA turned every Microsoft Windows PC in the world into spyware. Can activate backdoors on demand, including via Windows update. - r/Bitcoin
URL: https://www.reddit.com/r/CryptoCurrency/comments/5y1qrz/breaking_cia_turned_every_microsoft_windows_pc_in/
submitted by /u/CryptoChief
[link] [comments]
Assinar:
Postagens (Atom)