THAT UN-PATCHABLE FLAW in the Nintendo Switch ? Yeah , the Japanese gaming firm has only gone and fixed Vulnerability-related.PatchVulnerability it , according to console hacker Michael . Michael , who goes by the Twitter handle @ SciresM , tweeted that it 's bad news for console hackers and Nintendo is pushing out Vulnerability-related.PatchVulnerability new console models with a fix that stops tech-savvy folks from messing around with the software that the hybrid games console can boot with . The flaw was thought to be un-patchable as it affected Vulnerability-related.DiscoverVulnerability the Nvidia Tegra X1 chip that sits at the heart of the console . But Nintendo hates piracy more than most games firms , and as such , will release new versions of the Switch that do n't have the silicon-level flaw in them . The patch involves using a system called ‘ iPatches ' which updates Vulnerability-related.PatchVulnerability parts of the code applying to the Tegra X1 's fuses which plugs Vulnerability-related.PatchVulnerability the boot hacking exploit . Current consoles out in the wild will still be vulnerable Vulnerability-related.DiscoverVulnerability due to the patch needing to be applied Vulnerability-related.PatchVulnerability at a hardware level , but new models wo n't be susceptible to the hack . But there 's a bit of an odd situation here , as the new consoles will come running 4.1.0 versions of the Switch firmware ; the latest Switch firmware is 5.1.0 . So while the new Switchers will come off the production line immune to the Tegra X1 exploit , they will still be vulnerable Vulnerability-related.DiscoverVulnerability to other hacking techniques . With this in mind , Michael advises that people keen to crack into their Switch consoles should not apply Vulnerability-related.PatchVulnerability any updates , as the older version of the console 's firmware is the easier it 's to hack . So while the un-patchable flaw may have been fixed Vulnerability-related.PatchVulnerability the current iteration of the Switch is still no un-hackable . Not that hacking the Switch is a good idea if you want to run pirated games , as Nintendo takes a very dim view of that and cracks down so hard on pirates that it 'll permanently ban any console caught with bootlegged software from its online network . With The Legend of Zelda : Breath of the Wild and Mario Odyssey alone there are tens of hours of gaming to be had on the Switch . let along all the stuff that 's incoming and the suite of indie titles the console supports . So if you desperately need to hack the Switch to play more games , perhaps it 's time to take a break from gaming and go out into the sun ; we hear the UK is lovely at the moment .

Microsoft has rolled-out Vulnerability-related.PatchVulnerability security updates to fix Vulnerability-related.PatchVulnerability a critical remote code execution flaw affecting Vulnerability-related.DiscoverVulnerability Windows Defender and other anti-malware products . Ahead of April 's Patch Tuesday , Microsoft has released Vulnerability-related.PatchVulnerability patches for the critical flaw , which affects Vulnerability-related.DiscoverVulnerability Microsoft Malware Protection Engine , or mpengine.dll , the core of Windows Defender in Windows 10 . `` An attacker who successfully exploited Vulnerability-related.DiscoverVulnerability this vulnerability could execute arbitrary code in the security context of the LocalSystem Account and take control of the system , '' warns Microsoft . `` An attacker could then install programs ; view , change , or delete data ; or create new accounts with full user rights . '' Google Project Zero researcher Thomas Dullien , aka Halvar Flake , discovered Vulnerability-related.DiscoverVulnerability that attackers can trigger a memory-corruption issue in the engine if they can get Windows Defender and other affected Vulnerability-related.DiscoverVulnerability security products to scan a specially-crafted file . Microsoft warns there are many ways an attacker could achieve this , including placing the file on a website , in an email or instant message , on any site that hosts files , or in a shared directory . As with similar vulnerabilities reported Vulnerability-related.DiscoverVulnerability last year by the UK 's National Cyber Security Centre ( NCSC ) and Project Zero , an attack would be instant if the affected antivirus has real-time protection enabled . Although the patch is being released Vulnerability-related.PatchVulnerability before Microsoft 's monthly security update , the bug , CVE2018-0986 , is not an out-of-band patch as Microsoft updates Vulnerability-related.PatchVulnerability the engine as needed . Microsoft also notes that the default configuration for Microsoft 's anti-malware products in the enterprise is to automatically receive Vulnerability-related.PatchVulnerability updates .

Microsoft ’ s updates for the Meltdown microprocessor mega-flaw inadvertently left users running Windows 7 64-bit systems open to a “ way worse ” flaw , a researcher has claimed Vulnerability-related.DiscoverVulnerability . To recap , Meltdown ( aka F * * CKWIT or CVE-2017-5754 ) is a proof-of-concept hardware vulnerability uncovered Vulnerability-related.DiscoverVulnerability almost simultaneously by several groups of researchers through which an attacker could access the contents of kernel memory ( passwords , encryption keys , say ) from the part used by ordinary applications . An extremely inviting target for any attacker , which is why Microsoft sprang into action to mitigate Vulnerability-related.PatchVulnerability the vulnerability ( in addition to BIOS updates from vendors ) across different Windows versions in two rounds of updates Vulnerability-related.PatchVulnerability in January and February . But according to Ulf Frisk , something went awry starting with the January update when applied to Windows 7 and Windows Server 2008 R2 , which miss-set controlling permissions for something called the Page Map Level 4 ( PML4 ) . This is a table used by Intel microprocessors to “ translate the virtual addresses of a process into physical memory addresses in RAM. ” Set correctly , only the kernel should be able to access this table . The result of the issue is that an attacker aware of the flaw would have the ability to break out of the application space and take over a system . All this from a simple software mistake : No fancy exploits were needed . Windows 7 already did the hard work of mapping in the required memory into every running process . Exploitation was just a matter of read and write to already mapped in-process virtual memory . No fancy APIs or syscalls required – just standard read and write !

A Warwick company ’ s managing director is warning other businesses to protect themselves from cyber criminals after being held to ransom Attack.Ransom . Kettell Video Productions was targeted by tech scammers who infected its IT systems with viruses before demanding Attack.Ransom £1,000 in online currency Bitcoins or the files would be permanently deleted . Luckily , owner Stuart Kettell routinely backs up all his company ’ s systems so nothing was lost but he warned others to do the same to avoid disaster . “ It was scary : I had no idea about cyber-attacks before and really didn ’ t know what to do , ” he said . “ Critical files , including images and videos for clients , were wiped out along with a lifetime of personal memories . “ The affected files were lost for good – the only way to recover them was with the key code held by the blackmailer – but luckily I back-up everything to an external data cartridge . “ In the end it was more an inconvenience…but it could have threatened the business . “ I would strongly urge all business owners to back-up their essential files. ” Mr Kettell acted quickly when he realised the audio-visual specialists in Arlescote Close were under attack by the web sharks in December , 2015 . “ I noticed all my photos , videos and pdf files ghosting to white with a new filename… it attacked my desktop first then it wormed its way into folders one file at a time every few seconds , ” he said . “ I ’ ve no idea how the malware was introduced as we use software that ’ s designed to prevent against such attacks . “ And the demand for payment Attack.Ransom seemed very professional : I was given links where I could buy Bitcoins and even offered the chance to decrypt one file for free . “ I unplugged my computer , isolated it from the internet , and ran some anti-malware software to stop the virus spreading further. ” Latest figures from the Crime Survey for England & Wales estimated there were 1.3m computer virus offences and 667,000 hacking related offences committed in the year ending September 2016 . Sergeant Gary Sirrell from the cybercrime team at West Midlands Regional Organised Crime Unit said commercial web attacks are increasingly being committed against smaller firms and not big multi-nationals . “ Small and medium sized companies are easier targets : they often don ’ t have the resources or expertise to protect against cyberattacks , ” he said . “ And if they are targeted , the impact can be devastating . “ But there are steps business owners can take to mitigate the risk . “ A really effective tactic involves ‘ layering ’ defences to include a firewall , anti-malware software , staff training and regular re-training ) around phishing email awareness , and finally to plug Vulnerability-related.PatchVulnerability any holes in your defences by updating Vulnerability-related.PatchVulnerability software patches and updates Vulnerability-related.PatchVulnerability in a timely manner . “ By exercising good cyber hygiene , and having a strong backup policy , Stuart avoided the dilemma of whether to see his business significantly damaged , or to have to hand over a ransom Attack.Ransom to organised crime gangs to get his data unlocked . “ If more businesses in the West Midlands proactively took such steps there would be significantly fewer crimes victims . ”