Microsoft 's patches for the Meltdown vulnerability have had a fatal flaw all these past months , according to Alex Ionescu , a security researcher with cyber-security firm Crowdstrike . Only patches for Windows 10 versions were affected Vulnerability-related.DiscoverVulnerability , the researcher wrote today in a tweet . Microsoft quietly fixed Vulnerability-related.PatchVulnerability the issue on Windows 10 Redstone 4 ( v1803 ) , also known as the April 2018 Update , released Vulnerability-related.PatchVulnerability on Monday . `` Welp , it turns out Vulnerability-related.PatchVulnerability the Meltdown patches for Windows 10 had a fatal flaw : calling NtCallEnclave returned back to user space with the full kernel page table directory , completely undermining the mitigation , '' Ionescu wrote . Microsoft issued Vulnerability-related.PatchVulnerability today an security update , but it was n't to backport the `` fixed '' Meltdown patches for older Windows 10 versions . Instead , the emergency update fixed Vulnerability-related.PatchVulnerability a vulnerability in the Windows Host Compute Service Shim ( hcsshim ) library ( CVE-2018-8115 ) that allows an attacker to remotely execute code on vulnerable systems . Microsoft classified Vulnerability-related.DiscoverVulnerability CVE-2018-8115 as a `` critical '' issues . A patched hcsshim file is available Vulnerability-related.PatchVulnerability for download from GitHub . `` We are aware and are working to provide Vulnerability-related.PatchVulnerability customers with an update , '' a Microsoft spokesperson told Bleeping Computer today in an email . It may be that if Microsoft does n't bundle these fixes in an out-of-band update , they will most likely arrive Vulnerability-related.PatchVulnerability in Microsoft 's May 2018 Patch Tuesday , but this is only our speculation . Microsoft released Vulnerability-related.PatchVulnerability its Meltdown and Spectre patches on January 4 , a day after security researchers disclosed Vulnerability-related.DiscoverVulnerability the two flaws , vulnerabilities that allow attackers to retrieve data from protected areas of modern CPUs . The Redmond-based OS maker has had a hard time patching Vulnerability-related.PatchVulnerability the two flaws , and the company recently issued Vulnerability-related.PatchVulnerability additional security updates to fix Vulnerability-related.PatchVulnerability the original Spectre mitigations , and also deliver Vulnerability-related.PatchVulnerability Intel CPU microcode updates , as a favor to Intel .

Microsoft 's new Outlook 2010 update ought to provide Vulnerability-related.PatchVulnerability the critical security fixes without the crashes . Microsoft has released Vulnerability-related.PatchVulnerability a new update for Outlook 2010 that should plug Vulnerability-related.PatchVulnerability its critical security flaws without causing crashes . Microsoft earlier this week warned that the 64-bit version of the security update KB 4461529 from its November Patch Tuesday was causing Outlook 2010 crashes . Despite the crashes , Microsoft warned users not to remove the update , which plugged Vulnerability-related.PatchVulnerability four remote code execution flaws that it said were more likely be exploited Vulnerability-related.DiscoverVulnerability . Until a new update was released Vulnerability-related.PatchVulnerability Microsoft recommended users try Outlook Web Access instead . As spotted by Woody Leonhard , Microsoft this week released Vulnerability-related.PatchVulnerability KB 4461585 for Outlook 2010 , which includes patches for the four flaws and should n't trigger crashes . Microsoft confirmed it does fix Vulnerability-related.PatchVulnerability the crash issues caused by KB 4461529 . The fixed update can be downloaded Vulnerability-related.PatchVulnerability from Microsoft 's download center and not the Microsoft Update Catalog . Microsoft cautions the update is only for the .msi edition of Office 2010 and not for Office 365 Home . `` Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer ( .msi ) -based edition of Office 2010 . It does n't apply to the Office 2010 Click-to-Run editions , such as Microsoft Office 365 Home , '' Microsoft notes . Microsoft has set out instructions for checking which edition you have in a blogpost . There are no further updates available Vulnerability-related.PatchVulnerability for the Outlook 2010 non-security updates KB4461522 and KB2863821 , which Microsoft pulled on Vulnerability-related.PatchVulnerability November 15 because they were causing crashes in Access and other apps . Microsoft recommended users uninstall both the updates .

Panda Security researchers have been following and analyzing ransomware attacks Attack.Ransom that have been targeting European business for a few months now , and have tied them to the same group . Through it , the attackers can chose which contact email to provide Attack.Ransom to the victim in the ransom message , which files and folders will be encrypted , whether the malware will autodelete after the encryption process , and so on . These attacks are a definite indication that the Ransomware-as-a-Service trend is gaining momentum , and ransomware-wielding crooks don ’ t need to be extremely skilled to perform the attacks . In these specific cases , securing RDP servers is critical , and can be done by either making them inaccessible from the Internet , or by employing long and hard-to-guess passwords and two factor authentication for user accounts with remote access . Encrypting the remote connection is also a good idea . Vulnerable RDP servers provide attackers with a perfect staging point within the organization ’ s network . From there , they can find more information about the machines on the network , and make a more informed decision about which of them hold information and files that are crucial for the firm

Trend Micro has identified more malicious Android apps abusing the name of the popular mobile game Super Mario Run . We earlier reported about how fake apps were using the app ’ s popularity to spread ; attackers have now released versions of these fake apps that steal Attack.Databreach the user ’ s credit card information . Super Mario Run is a mobile game that Nintendo first released on the iOS platform in September 2016 , followed by the Android version on March 23 , 2017 . Mobile games have always proven to be attractive lures Attack.Phishing for cybercriminals to get users to download their malicious apps and potentially unwanted apps ( PUAs ) . This is not the first time that the name of a popular game was abused ; we ’ ve discussed how the popularity of Pokémon Go was similarly abused . Based on feedback from the Smart Protection Network™ , we saw more than 400 of these apps in the first three months in 2017 alone . In the same time frame , we saw 34 fake apps explicitly named Attack.Phishing “ Super Mario Run ” —it ’ s a noteworthy trend , as we saw the first of these only in December 2016 . In this post we ’ ll discuss the behavior of a new credit card stealing variant named “ Fobus ” ( detected as ANDROIDOS_FOBUS.OPSF ) . Cybercriminals frequently take advantage of popular and hotly anticipated titles to push their own malicious apps . These are usually distributed via third-party app stores . Some users may utilize such app stores to download “ unreleased ” versions of legitimate apps , or to obtain apps for free . These apps are illegitimate in the first place , and the risks to end users are quite high . We strongly advise that users download and install apps only from legitimate app stores such as Google Play or trusted third-party app store . In other cases , an attacker may even provide Attack.Phishing a fake app store that resembles Attack.Phishing Google Play . Alternately , a message supposedly from a friend sent Attack.Phishing via social media may lead to a malicious app . Disabling the “ Allow installation of apps from unknown sources ” setting prevents apps inadvertently downloaded these ways from being installed . By default , this setting is set to off . Only turn it on if you know you are installing an app from a trusted third-party app store . To carry out malicious behavior such as installing other apps on the user ’ s device without any user input and consent , or hiding icons and processes , an app needs device administrator privileges . Legitimate apps seldom require these ; users should double check whenever an app asks for them . This is particularly true of games , which do not require device administrator privileges . A “ game ” asking for these privileges is likely to be malicious or a PUA . Trend Micro solutions Users should only install apps from the Google Play or trusted third-party app stores and use mobile security solutions such as Trend Micro™ Mobile Security to block threats from app stores before they can be installed and cause damage your device or data . Enterprise users should consider a solution like Trend Micro™ Mobile Security for Enterprise . This includes device management , data protection , application management , compliance management , configuration provisioning , and other features so employers can balance privacy and security with the flexibility and added productivity of BYOD programs .

Security researchers from Neseso are sounding the alarm on a vulnerability they 've discovered Vulnerability-related.DiscoverVulnerability in Samsung smart TVs that Samsung declined to fix Vulnerability-related.PatchVulnerability . The security flaw affects Vulnerability-related.DiscoverVulnerability Wi-Fi Direct , a Wi-Fi standard that enables devices to connect with each other without requiring a wireless access point . Smasung uses Wi-Fi Direct with its smart TVs to allow TV owners to connect to the TV via their phones , laptops , or tablets , directly , and not through the local access point . Neseso researchers claim Vulnerability-related.DiscoverVulnerability that Samsung has failed Vulnerability-related.DiscoverVulnerability in the implementation of this standard , as Samsung TVs only use MAC addresses to authenticate users . Other vendors use more solid authentication systems based on a Push-Button or PIN . Because anyone can sniff and spoof MAC addresses , this vulnerability opens the user 's TV to getting hacked by anyone in the range of the TV 's Wi-Fi Direct coverage . `` Once connected , the attacker has access to all the services provided by the TV , such as remote control service or DNLA screen mirroring , '' Neseso researchers wrote in their report . The dangers are palpable for companies , as most have smart TVs in their offices , employee lounges , customer waiting rooms , or board rooms . Worse is that the Samsung smart TV Wi-Fi Direct feature is enabled by default every time the device boots up . Users are notified on screen when a whitelisted device connects to the TV via Wi-Fi Direct , but those warnings could be misinterpreted by TV owners , or missed altogether if nobody 's watching the TV . Contacted by Neseso in mid-March , Samsung answered it does n't view this feature as a security risk and declined to provide Vulnerability-related.PatchVulnerability a firmware update , telling Neseso they do n't view this issue as a `` security threat . '' Researchers tested their attack on Samsung UN32J5500 Firmware version 1480 , but say that other versions are most likely vulnerable Vulnerability-related.DiscoverVulnerability as well . There is currently no workaround for protecting against attacks via Wi-Fi Direct except turning off the feature every time you boot/reboot your device . Earlier this month , at the Security Analyst Summit 2017 , security expert Amihai Neiderman disclosed Vulnerability-related.DiscoverVulnerability about the presence of 40 zero-day vulnerabilities in Tizen , the operating system that runs on Samsung smart TVs . The flaws were all unpatched Vulnerability-related.PatchVulnerability at the time they were reported Vulnerability-related.DiscoverVulnerability .

Intel is reporting Vulnerability-related.DiscoverVulnerability a firmware vulnerability that could let attackers take over remote management functions on computers built over nearly the past decade . The vulnerability , disclosed Vulnerability-related.DiscoverVulnerability on Monday , affects Vulnerability-related.DiscoverVulnerability features in Intel firmware that are designed for enterprise IT management . Enterprises using Intel Active Management Technology , Intel Small Business Technology and Intel Standard Manageability on their systems should patch Vulnerability-related.PatchVulnerability them as soon as possible , the company says . The vulnerable firmware features can be found Vulnerability-related.DiscoverVulnerability in some current Core processors and all the way back to Intel 's first-generation Core , called Nehalem , which shipped in 2008 . They 're part of versions 6.0 through 11.6 of Intel 's manageability firmware . No consumer PCs are affected , the company said . Nor are data-center servers running Intel Server Platform Services . Intel Active Management Technology is a feature in Core processors that lets organizations remotely track , manage and secure whole fleets of connected computers . For example , it can be used to monitor and repair retail checkout systems , digital signage and PCs at places like stores , offices and schools . Intel didn ’ t provide Vulnerability-related.DiscoverVulnerability technical details of the vulnerability , but it said Vulnerability-related.DiscoverVulnerability a hacker could use the flaw to take over the remote management functions . In an email , Intel said Vulnerability-related.DiscoverVulnerability it learned Vulnerability-related.DiscoverVulnerability about the vulnerability from a security researcher in March . “ We are not aware Vulnerability-related.DiscoverVulnerability of any exploitation of this vulnerability , ” the company said . Intel said it has prepared Vulnerability-related.PatchVulnerability a patch and is working with manufacturers to roll it out Vulnerability-related.PatchVulnerability to users as soon as possible . Intel ’ s security advisory also lays out steps users can take to find out if they ’ re affected . For example , PCs built with its vPro technology will have the vulnerable Intel Active Management feature .

Microsoft has released Vulnerability-related.PatchVulnerability an emergency security update to patch Vulnerability-related.PatchVulnerability below-reported crazy bad remote code execution vulnerability in its Microsoft Malware Protection Engine ( MMPE ) that affects Vulnerability-related.DiscoverVulnerability Windows 7 , 8.1 , RT and 10 computers , as well as Windows Server 2016 operating systems . Google Project Zero 's security researchers have discovered Vulnerability-related.DiscoverVulnerability another critical remote code execution ( RCE ) vulnerability in Microsoft ’ s Windows operating system , claiming that it is something truly bad . Tavis Ormandy announced during the weekend that he and another Project Zero researcher Natalie Silvanovich discovered Vulnerability-related.DiscoverVulnerability `` the worst Windows remote code [ execution vulnerability ] in recent memory . This is crazy bad . Report on the way . '' Ormandy did not provide Vulnerability-related.DiscoverVulnerability any further details of the Windows RCE bug , as Google gives a 90-day security disclosure deadline to all software vendors to patch Vulnerability-related.PatchVulnerability their products and disclose Vulnerability-related.DiscoverVulnerability it to the public . This means the details of the new RCE vulnerability in Windows will likely be disclosed Vulnerability-related.DiscoverVulnerability in 90 days from now even if Microsoft fails to patch Vulnerability-related.PatchVulnerability the issue . However , Ormandy later revealed Vulnerability-related.DiscoverVulnerability some details of the Windows RCE flaw , clarifying that : The vulnerability they claimed to have discovered Vulnerability-related.DiscoverVulnerability works against default Windows installations . The attacker does not need to be on the same local area network ( LAN ) as the victim , which means vulnerable Windows computers can be hacked remotely . The attack is `` wormable , '' capability to spread itself . Despite not even releasing any technical details on the RCE flaw , some IT professionals working for corporates have criticized the Google Project Zero researcher for making the existence of the vulnerability public , while Twitter 's infosec community is happy with the work . `` If a tweet is causing panic or confusion in your organization , the problem is n't the tweet , the problem is your organization , '' Project Zero researcher Natalie Silvanovich tweeted . This is not the first time when Google 's security researchers have discovered Vulnerability-related.DiscoverVulnerability flaws in Microsoft ’ s products . Most recently in February , Google researchers disclosed Vulnerability-related.DiscoverVulnerability the details of an unpatched vulnerability impacting Vulnerability-related.DiscoverVulnerability Microsoft 's Edge and Internet Explorer browsers . Microsoft released Vulnerability-related.PatchVulnerability a patch as part of its next Patch Tuesday but criticized Google for making all details public , exposing millions of its Windows users at risk of being hacked . Microsoft has not yet responded to the latest claims , but the company has its May 2017 Patch Tuesday scheduled tomorrow , May 9 , so hopefully , it will include a security patch to resolve Vulnerability-related.PatchVulnerability this issue .