If you own any sort of computer with an INTEL cpu I suggest you update the operating system ASAP

This applies to apple or pc of any variety with an intel cpu that is on the internet

Windows xp and up

Affects linux as well

Not sure how far back apple will update

Don’t argue just do it

You have been warned

If you own any sort of computer with an INTEL cpu I suggest you update the operating system ASAP

This applies to apple or pc of any variety with an intel cpu that is on the internet

Windows xp and up

Affects linux as well

Not sure how far back apple will update

Don’t argue just do it

You have been warnedRe: zombieload?

Cheers
James

Hi

The side channel attack from exploits like zombieload do not require the average home PC to be replaced. If your running a server hosting operation with high value customers or ones requiring high security then if you had other VMs running on that box run by miscreants then you should be concerned. They could possibly then read the memory of other VMs.

Mike

If you own any sort of computer with an INTEL cpu I suggest you update the operating system ASAP



"update the operating system ASAP" - given it is not 1 April, can you please clarify. ie electronic update, or replace CPU or????

"update the operating system ASAP" - given it is not 1 April, can you please clarify. ie electronic update, or replace CPU or????Well it would be a software update, not hardware

Did mine late yesterday. Our organisation put out an update for when shutting down.
I see WhatsAp is also updating.

Live Cyber Attack Threat Map | Check Point Software (https://threatmap.checkpoint.com/ThreatPortal/livemap.html)

Use your computers operating systems software update utility to update your computer

Windows updates the software

MAC updates the efi subsystem via the software update

Linux updates system libraries etc

I see WhatsAp is also updating.

They are saying to update but my latest version is 2.19.134 which was updated on 10 may so is 5 days old. This is also the latest update on the WattsApp update link in the Playstore. So I am not sure what we are supposed to up date too.

On the operating system update - my last lot of updates were last night but INCs post prompted me to go into it again and overnight a whole lot of updates have been listed which I have updated. If you updated yesterday, you need to update again as there a lot of new ones - many related to security.

Garry

still running windows xp. what should i do?

Kiss your arse goodbye - you are history [bigrolf]

still running windows xp. what should i do?
run windows update :p

run windows update :p

ha, that would actualy work
https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708

If you own any sort of computer with an INTEL cpu I suggest you update the operating system ASAP

This applies to apple or pc of any variety with an intel cpu that is on the internet

Windows xp and up

Affects linux as well

Not sure how far back apple will update

Don’t argue just do it

You have been warned

What happens if we don't upgrade?

Hmmmm. That may explain my work computer forcing an urgent update and reboot just now...

What happens if we don't upgrade?

You are most likely vulnerable just by having your computer on and connected to the internet, you need to be doing nothing special to be caught up in this.


A remote code execution vulnerability exists in Remote Desktop Services (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708) – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

This is now talking about RDP and Windows Terminal Services. Quiet different to side channel attacks and speculative execution attacks. The original post was about an Intel vulnerability which applied to all operating systems. And hence why the second poster asked if it was about zombieload, being the latest exploit of that nature.

This is now talking about RDP and Windows Terminal Services.
it's a pretty scary thing this vulnerability.

What happens if we don't upgrade?

you make many others including those people you consider friends, vulnerable by allowing access to their info on your system

be a good man and look after your mates...

nice,,
update KB4494441 -Error 0x80070005

microsoft says to sfc /scannow

ok--

"Windows Resource Protection could not perform the requested operation."

sigh..

you make many others including those people you consider friends, vulnerable by allowing access to their info on your system

be a good man and look after your mates...

I am doing it as we speak[thumbsupbig]

you make many others including those people you consider friends, vulnerable by allowing access to their info on your system

be a good man and look after your mates...A bit like people who don't vaccinate against horrible diseases and then infect others, but that's another thread.

I did a forced Windows update late this arvo and there were four updates waiting to go, despite my having only updated yesterday.
Watching threat.live.com is interesting to see the live threats flowing around the world system. I see Australia ranks about sixth in the world for attacks.

Don't forget to update your phones.

This is now talking about RDP and Windows Terminal Services. Quiet different to side channel attacks and speculative execution attacks. ...

deleted.

I'm just confused

Just update everything.

Is this anything like the Y2K scare?
Wot if I have a Tandy TRS-80 computer? lol

Is this anything like the Y2K scare?
Wot if I have a Tandy TRS-80 computer? lol

Your safe. No speculative execution. No side channel attacks. No build-in low level management chip. No vulnerable UEFI. It can't run Windows. Best though is that todays hackers are too young to know it even exists :-)

Mike

Does anybody know the update command in XtreeProGold? I was always told not to run the latest software.

Does anybody know the update command in XtreeProGold? I was always told not to run the latest software.

[biggrin][thumbsupbig][bigrolf]

[biggrin][thumbsupbig][bigrolf]

Have to admit, that was hilarious...

Does anybody know the update command in XtreeProGold? I was always told not to run the latest software.

Sorry I can't help there. I don't use that anymore, I went back to using DESQview. It's much better. Uses less RAM. :-)

I'd best get back to writing my letter in ed.

Mike

References for the young:
DESQview - Wikipedia (https://en.wikipedia.org/wiki/DESQview)
ed (text editor) - Wikipedia (https://en.wikipedia.org/wiki/Ed_(text_editor)) "the most user-hostile editor ever created"
and the MS-DOS version of it Edlin - Wikipedia (https://en.wikipedia.org/wiki/Edlin)

i prefer vi.

All updated on my desk top now - thanks for the heads up.

I'm away, my PC at home is running - uploading power generation and consumption info to PVOutput via the 'net.

Win 10 with auto update turned off.

This explains the "intel microcode" urgent update yesterday morning.

i prefer vi.

Special just for Eevo as we like his two liners so much...

How do you generate a random string?
Put a Windows user in front of vi and tell them to exit.

Mike

Users of old windows systems should take note.


Alert Service | Stay Smart Online (https://www.staysmartonline.gov.au/alert-service)

Always good to know of potential threats, not just to OSes, but any software.

But really? Remote Desktop(RDP) .. does anyone in the private arena use this service, or have RDP running all the time?

FWIW, most remote PC help services will ask for the helpee to install remote PC software like TeamViewer anyhow.

Always good to know of potential threats, not just to OSes, but any software.

But really? Remote Desktop(RDP) .. does anyone in the private arena use this service, or have RDP running all the time?

FWIW, most remote PC help services will ask for the helpee to install remote PC software like TeamViewer anyhow.

You lost me at OSes. [bigsad]

You lost me at OSes. [bigsad]

[biggrin]

OS = Operating Systems ;)

Think back and try to remmber the last time you've used Remote Desktop?
Probably didn't know it existed.

Having trouble with the computer, in Windoze, Remote Desktop allows the PC fixer-upperer to control your PC from afar(anywhere in the world).
They scout around to see what the trouble is, they (sometimes) fix it, and you you go again .. till the next time.

But think about it for a sec ... you need to allow someone full access to your PC via remote control.
M$ turned it off by default in some long forgotten Windows version many years ago.

In a corporate environment it made sense to have RDP running all the time, so admins could sort out work computers in the comfort of their comfy chairs elsewhere.
But even that situation wasn't common, as most workplaces would have had other remote desktop software for that specific situation(usually, TeamViewer, as said above).