cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II

The (Windows) sky is falling! (again ...)

OK, lots and lots and lots of stories today about a (the?) MS Windows RDP bug/vulnerability/patch.

 

Yes, if you're running XP, Win 7, Win 2003, or Win Server 2008 you should definitely get patched.  (I'm assuming that a lot of you are, and that's why Windows Update still hasn't rebooted my Win 10 machine this week ...)  (Which begs the question of why people are still running XP, Win 2003, or Win Server 2008.  Yes, I have been disappointed ever since I updated from Win 7 to Win 10, and this is the first time I've been somewhat relieved ...)

 

But why is everyone so panicked about it?  Well, it's a remote execution bug, and it doesn't need a login.  Therefore, it could (potentially) be used to create a worm.  So far it doesn't seem that anyone has actually seen one, but it could be created.  And, for users of XP, Win 7, Win 2003, or Win Server 2008 that would be bad.

 

Anybody you rely on run XP, Win 7, Win 2003, or Win Server 2008? ...


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
20 Replies
Flyslinger2
Community Champion

If that Russian hacker makes his way into that network and is able to takeover the sewing machine what rogue clothing could we expect?  🙂

 

The weakest link breaks the chain. I remind myself that all the time. Most times it is the actual user. In this case definitely tech.

CraginS
Defender I


@Flyslinger2 wrote:

If that Russian hacker makes his way into that network and is able to takeover the sewing machine what rogue clothing could we expect?  🙂


Mark,

Commie Russki RED Hacker?

Don't you mean rouge clothing?

 

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
rslade
Influencer II

> CraginS (Advocate I) posted a new reply in Industry News on 05-17-2019 05:03 PM

>       Uh.... Why does a sewing
> machine need to be connected to the Internet?

For the same reason a sniper rifle and a ... ummm ... how do a put this without
running afoul of the dreaded "community" pr0n filter ... personal intimacy
enhancement device? does ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
A ship in port is safe, but that is not what ships are built for.
- (John A.?/William?) Shedd
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
rslade
Influencer II

> @CraginS wrote  Uh.... Why does a sewing machine need to be connected to the
> Internet

> AlecTrevelyan (Contributor III) posted
>   So it can spool all of the forum threads!  

Have a care, Alec. You could get stitched up for patching Cragin's post so that
you can needle him and embroider the discussion.

(Gloria once considered getting a networked sewing machine. I warned her that, if
we connected it to our home network, there was a good chance she'd be quilting
something and it would start spelling out "YOU HAVE NEW MAIL" ...)

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Every exit is an entry somewhere else. - Tom Stoppard
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
rslade
Influencer II

> Flyslinger2 (Community Champion) posted a new reply in Industry News on

> If that Russian hacker makes his way into that network and is able to takeover
> the sewing machine what rogue clothing could we expect?

Mao jackets?

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
There are two ways of constructing a software design: one way is
to make it so simple that there are obviously no deficiencies,
and the other way is to make it so complicated that there are no
obvious deficiencies. - C. A. R. Hoare
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
dw_98
Reader II

Can anyone advise if the patches for win xp includes all embedded win xp or only Windows XP Embedded SP3 x86? 

Can this patch be used for any win xp embedded os?

dw_98
Reader II

Does Microsoft provide any verification tools to check if the os is still vulnerable eg after patch? 

Caute_cautim
Community Champion

Simply ask the Banks why the majority of them are still running Windows XP on there ATMs?

 

Why, cost? 

 

Regards

 

Caute_cautim

 

 

rslade
Influencer II

> dw_98 (Reader I) posted a new reply in Industry News on 05-19-2019 09:20 PM in

> Can anyone advise if the patches for win xp includes all embedded win xp or
> only Windows XP Embedded SP3 x86?  Can this patch be used for any win xp
> embedded os?

You can probably get more detail at
https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-
2019-0708

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Metabolically challenged - politically correct term for dead
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
rslade
Influencer II

> Caute_cautim (Community Champion) posted a new reply in Industry News

 

> Simply ask the Banks why the majority of them are still running Windows XP on
> there ATMs?   Why, cost?

 

Yeah, definitely cost.

 

Remember the old joke:

Q: If you have two products, both almost identical, but one is labelled "This doesn't work!" which one do you buy?
A: Depends on which one is on sale ...


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468