Wednesday Newsbytes: Another Buggy Windows Update, Microsoft Finds Apple Flaw, AI-Generated Text Poisoning the Internet, Billionaires are a Security Risk…and more!
Every day we scan the tech world for interesting news in the world of technology and sometimes from outside the world of technology. Every Wednesday, we feature some news articles that grabbed our attention over the past week. We hope you find this week’s ‘Wednesday Newsbytes’ informative and interesting!
Windows 10 users encounter ‘blue screen of death’ after latest Patch Tuesday update
Microsoft said it is working on a fix for the issue and has offered users a temporary workaround
Microsoft has warned that some Windows 10 users may encounter the infamous ‘blue screen of death’ (BSOD) after installing its latest ‘Patch Tuesday’ security updates.
In an update on the Windows Health Dashboard, the company revealed that the blue screen issue could affect selected users who downloaded the KB5021233 update in this month’s recent raft of security fixes.
KB5021233 was initially intended to resolve an issue affecting the Camera app after users reported that the app stops responding when memory is low.
The issue has so far affected users operating several different versions of Windows 10, the firm revealed, including 22H2, 21H2, 21H1, and 20H2.
Impacted users have been met with the BSOD and error code 0xc000021a upon startup, and have been unable to access devices.
“After installing KB5021233, there might be a mismatch between the file versions of hidparse.sys in c:/windows/system32 and c:/windows/system32/drivers (assuming Windows is installed to your C: drive), which might cause signature validation to fail when cleanup occurs,” Microsoft confirmed in its update over the weekend.
How to fix the issue
Microsoft revealed it is currently “working on a resolution” for the issue and said it will provide an update in an upcoming release…
Microsoft finds macOS bug that lets malware bypass security checks
Apple has fixed a vulnerability attackers could leverage to deploy malware on vulnerable macOS devices via untrusted applications capable of bypassing Gatekeeper application execution restrictions.
Found and reported by Microsoft principal security researcher Jonathan Bar Or, the security flaw (dubbed Achilles) is now tracked as CVE-2022-42821.
Apple addressed the bug in macOS 13 (Ventura), macOS 12.6.2 (Monterey), and macOS 1.7.2 (Big Sur) one week ago, on December 13.
Gatekeeper bypass via restrictive ACLs
Gatekeeper is a macOS security feature that automatically checks all apps downloaded from the Internet if they are notarized and developer-signed (approved by Apple), asking the user to confirm before launching or issuing an alert that the app cannot be trusted.
This is achieved by checking an extended attribute named com.apple.quarantine which is assigned by web browsers to all downloaded files, similar to Mark of the Web in Windows.
The Achilles flaw allows specially-crafted payloads to abuse a logic issue to set restrictive Access Control List (ACL) permissions that block web browsers and Internet downloaders from setting the com.apple.quarantine attribute for downloaded the payload archived as ZIP files.
As a result, the malicious app contained within an archived payload launches on the target’s system instead of getting blocked by Gatekeeper, allowing attackers to download and deploy malware…
Read more at Bleeping Computer.
Critical Windows code-execution vulnerability went undetected until now
Microsoft elevates security rating for vulnerability resembling EternalBlue.
Researchers recently discovered a Windows code-execution vulnerability that has the potential to rival EternalBlue, the name of a different Windows security flaw used to detonate WannaCry, the ransomware that shut down computer networks across the world in 2017.
Like EternalBlue, CVE-2022-37958, as the latest vulnerability is tracked, allows attackers to execute malicious code with no authentication required. Also, like EternalBlue, it’s wormable, meaning that a single exploit can trigger a chain reaction of self-replicating follow-on exploits on other vulnerable systems. The wormability of EternalBlue allowed WannaCry and several other attacks to spread across the world in a matter of minutes with no user interaction required.
But unlike EternalBlue, which could be exploited when using only the SMB, or server message block, a protocol for file and printer sharing and similar network activities, this latest vulnerability is present in a much broader range of network protocols, giving attackers more flexibility than they had when exploiting the older vulnerability.
“An attacker can trigger the vulnerability via any Windows application protocols that authenticates,” Valentina Palmiotti, the IBM security researcher who discovered the code-execution vulnerability, said in an interview. “For example, the vulnerability can be triggered by trying to connect to an SMB share or via Remote Desktop. Some other examples include Internet exposed Microsoft IIS servers and SMTP servers that have Windows Authentication enabled. Of course, they can also be exploited on internal networks if left unpatched.”…
How AI-generated text is poisoning the internet
Plus: A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?
This has been a wild year for AI. If you’ve spent much time online, you’ve probably bumped into images generated by AI systems like DALL-E 2 or Stable Diffusion, or jokes, essays, or other text written by ChatGPT, the latest incarnation of OpenAI’s large language model GPT-3.
Sometimes it’s obvious when a picture or a piece of text has been created by an AI. But increasingly, the output these models generate can easily fool us into thinking it was made by a human. And large language models in particular are confident bull********: they create text that sounds correct but in fact may be full of falsehoods.
While that doesn’t matter if it’s just a bit of fun, it can have serious consequences if AI models are used to offer unfiltered health advice or provide other forms of important information. AI systems could also make it stupidly easy to produce reams of misinformation, abuse, and spam, distorting the information we consume and even our sense of reality. It could be particularly worrying around elections, for example…
Read more at MIT TECHNOLOGY REVIEW.
Google Introduces End-to-End Encryption for Gmail
A new encryption software update is being rolled out in a beta test for eligible Google Workspace users
Google Workspace is rolling out a new security update on Gmail, adding end-to-end encryption that aims to provide an added layer of security when sending emails and attachments on the web. Customers will continue to have control over encryption keys and identity services that provide access to those keys.
The update is still in the beta stages, but eligible Workspace customers with Enterprise Plus, Education Standard, and Education Plus accounts can fill out an application to test the program through Google’s support center. Once the encryption update has been completed, Gmail Workspace customers will find that any sensitive information or data delivered cannot be decrypted by Google’s servers.
According to the support center, the application window will be open until January 20, 2023, and once users have accessed the feature, they will be able to choose to turn on the additional encryption by selecting the padlock button when drafting their email. But once activated, some features will be disabled, including emojis, signatures, and Smart Compose…
Billionaires Are A Security Threat
Elon Musk’s Twitter takeover is a case study in destruction. It doesn’t have to be this way.
Elon Musk’s acquisition of Twitter is particularly hard to swallow because every report of internal chaos reminds us that we may have sacrificed the most promising mode of online communication invented in decades by failing to identify it for what it was back when we had the chance. Musk’s purchase should never have been possible in the first place because Twitter should never have been an asset. It is “the public conversation layer of the internet,” as founder Jack Dorsey once put it, and consequently has functioned as the de facto center of our global alert system through the pandemic. It is astonishing that it is even still possible for one person to own this. It’s like owning email.
In the field of information security, there’s a kind of vulnerability known as the evil maid attack whereby an untrusted party gains physical access to important hardware, such as the housekeeping staff coming into your hotel room when you’ve left your laptop unattended, thereby compromising it. We have here a new analog, just as capable of wrecking systems and leaking data. Call it the “evil billionaire attack” if you’d like. The weapon is money, and more specifically, the likelihood that when the moment arrives you won’t have enough of it to make a difference. The call is coming from inside the house.
The reason this strategy works is that most ideas of any consequence are owned by people with more money than you…
Thanks for reading this week’s Wednesday Newbytes. We hope you found these articles informative, interesting, fun, and/or helpful. Merry Christmas! Darcy & TC
I have to let you know how much I enjoy the Wednesday Newsbytes every week, so much informative and interesting information in one place. Merry Christmas to you, your families and staff.
Thanks so much. Merry Christmas, Bette!
I updated the Buggy window and it messed up my email. When I forward an email message It comes out on the forwarded email as all garbled letters, numbers, etc. I have to copy the original email (usually a prayer need…that SHOULD NO be changed in any way) before hitting Forward and then delete all the garbled mess and paste the original email before I can forward the original message. I have tried turning off my computer for 5 minutes but it still has this bug messing up my Forward to others. Now what?