科技回声

7 条评论

dlsa将近 4 年前

So these vulns weren't needed any more by some 3 letter agency? Or were they being used by someone a 3 letter agency didn't like? Or were about to be?Security warfare is fascinating to watch from the mud huts.

评论 #27444437 未加载

评论 #27443844 未加载

userbinator将近 4 年前

–CVE-2021-33742, a remote code execution bug in a Windows HTML component.The only one that stands out as being a real concern, but who's willing to bet it requires JS to exploit (or even if not, the attackers prefer to obfuscate it using JS)? Turning off JS by default in IE is probably the single most effective way of preventing these attacks. Even if you don't use IE, it'll greatly reduce the attack surface. I've browsed the shadier parts of the Internet for literally decades this way.

评论 #27443884 未加载

评论 #27444732 未加载

评论 #27448336 未加载

评论 #27443286 未加载

评论 #27443851 未加载

评论 #27443353 未加载

ck2将近 4 年前

So wait, Microsoft is still making patches for Windows7, they just aren't supplied via the windows-update ?<a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB5003667" rel="nofollow">https://www.catalog.update.microsoft.com/Search.aspx?q=KB500...</a>Is there a third party program that finds/installs the windows 7 updates?

评论 #27444259 未加载

评论 #27445038 未加载

nodesocket将近 4 年前

Are these on the same level as Stuxnet? For an amazing technical deep dive into each 0-day Stuxnet vulnerability watch this talk with Bruce Dang from Microsoft[1]. I really enjoy his natural speaking style (it's like talking about Stuxnet over beers with him).[1] <a href="https://youtu.be/rOwMW6agpTI?t=409" rel="nofollow">https://youtu.be/rOwMW6agpTI?t=409</a>

joenathanone将近 4 年前

Do the Microsoft links not work for anyone else too? I get a "Something went wrong" error on all the links. Would like to read more about specific vulns.

评论 #27442655 未加载

waynesonfire将近 4 年前

are these the six zero days that were used to get those bit coins back?

评论 #27442645 未加载

评论 #27443071 未加载

afrcnc将近 4 年前

Wow... patch tuesday analysis from a reporter who doesn't know how virus total works <a href="https://twitter.com/silascutler/status/1383085248381128715" rel="nofollow">https://twitter.com/silascutler/status/1383085248381128715</a>

评论 #27445260 未加载

评论 #27442988 未加载

7 条评论

dlsa将近 4 年前

评论 #27444437 未加载

评论 #27443844 未加载

userbinator将近 4 年前

评论 #27443884 未加载

评论 #27444732 未加载

评论 #27448336 未加载

评论 #27443286 未加载

评论 #27443851 未加载

评论 #27443353 未加载

ck2将近 4 年前

评论 #27444259 未加载

评论 #27445038 未加载

nodesocket将近 4 年前

joenathanone将近 4 年前

Do the Microsoft links not work for anyone else too? I get a "Something went wrong" error on all the links. Would like to read more about specific vulns.

Microsoft Patches Six Zero-Day Security Holes

7 条评论

Microsoft Patches Six Zero-Day Security Holes

7 条评论