Oleh Diposting pada

Early this year I gave you five reasons to avoid desktop versions of messengers. The fact that many such applications use the Electron framework is one of them. This means that such a messenger works as an additional browser in your system, and its updates are quite difficult to control.

But, as I wrote in that post, it has become clear the problem is much more widespread — affecting not only messengers but hundreds of other apps as well. Chances are, because of Electron-based apps, you have a many more browsers than you think in your system this very minute…

What is Electron, and why do application developers want to use it?

Electron is a cross-platform desktop application development framework that employs web technologies — mostly HTML, CSS, and JavaScript. It was originally created by GitHub for its source code editor Atom (hence its original name — Atom Shell). Later on the framework was renamed Electron, ultimately evolving into an extremely popular tool used to create desktop applications for various operating systems, including Windows, macOS, and Linux.

Electron framework official site

Main page of the Electron framework official site. Source

Electron itself is based on the Chromium browser engine, which is responsible for displaying web content within a desktop application. So any Electron application is effectively a single website opened in the Chromium browser.

Users usually have no idea at all how the thing works. From their point of view, an Electron application is just another program you install, run in the usual way, give access to some files, occasionally update to the newest version, and so on.

Why has Electron grown so popular with developers? The idea is mainly this: no matter what digital service one might want to create, a web version is still needed. And the Electron framework allows you to develop just the web version and, based on it, produce full-fledged apps for all the desktop operating systems out there.

Electron’s other convenience features include making installation packages, their diagnostics, publication to app stores, and automatic updates.

Mullvad VPN uses the Electron framework, too

Et tu autem, Brute! You can find Electron in apps you least expect to

Summing up, the Electron framework is popular among developers — most particularly as it allows to greatly accelerate and simplify the application development process for all desktop operating systems in one go.

Issues with Electron-based applications

Electron-based applications have a number of drawbacks. The most obvious from the users’ perspective is their sluggishness. Electron-based software is usually resource-intensive and suffers from excessive file size. No wonder: each such app carries its whole home on its back like a snail a full-blown Chromium browser. In effect, it operates through that browser — serving as a sort of intermedium.

Next issue: web browsers are a favorite target of cybercriminals. It’s worth repeating: inside every Electron-based app there’s a separate instance of the Chromium web browser. This means your system may have a dozen additional browsers installed, all of which present a tempting target for criminals.

New, serious vulnerabilities pop up almost weekly in a popular browser like Chrome/Chromium: so far this year more than 70 high, and three critical severity-level vulnerabilities have been found in Chromium as of the time of writing. Worse yet, exploits for the world’s most popular browser’s vulnerabilities appear really quick. This means that a good part of Chrome/Chromium holes are not just abstract bugs you treat as a matter of routine — they’re vulnerabilities that can be used for attacks by cybercriminals out in the wild.

List of Chrome/Chromium vulnerabilities found in the first eight months of 2023

Even in fine print, Chromium vulnerabilities found so far in 2023 take up several screens. Source

For the standalone Chrome browser, this isn’t such a serious problem. Google is very quick to release patches and rather persistent in convincing users to install them and restart their browser (it even thoughtfully re-opens all their precious tabs after restarting so they don’t need to fear updating).

Things are very different for the Electron-based apps. A Chromium browser built into such an app will only get patched if the app’s vendor has released a new version and successfully communicated to users the need to install it.

So it appears that, with a bunch of installed Electron apps, not only do you have multiple browsers installed on your system, but also little to no control over how updated and secure those browsers are, or how many unpatched vulnerabilities they contain.

The framework’s creators know full well about the problem, and strongly recommend that app developers release patches on time. Alas, users can only hope that those recommendations are followed.

And here’s a fresh example: On September 11, Google fixed the CVE-2023-4863 vulnerability in Google Chrome. At that point, it was already actively exploited in the wild. It allows a remote attacker to perform an out of bounds memory write via a crafted HTML page, which can lead to the execution of arbitrary code. Of course, this bug is present in Chromium and all Electron-based applications. So, all companies using it in their applications will have to work on updates.

Which desktop applications are based on Electron?

Not many folks seem to know how incredibly common Electron-based desktop applications are. I’ll bet you are using more than one of them. Check them out yourself:

  • 1Password
  • Agora Flat
  • Asana
  • Discord
  • Figma
  • GitHub Desktop
  • Hyper
  • Loom
  • Microsoft Teams
  • Notion
  • Obsidian
  • Polyplane
  • Postman
  • Signal
  • Skype
  • Slack
  • Splice
  • Tidal
  • Trello
  • Twitch
  • Visual Studio Code
  • WhatsApp
  • WordPress Desktop

I personally use around a third of the apps from the list (but, for the record, none of them as desktop applications).

That list is not exhaustive at all though, representing only the most popular Electron-based applications. In total there are several hundred such applications. A more or less complete list of them can be found on a special page on the official website of the framework (but, it seems, not all of them are listed even there).

List of Electron-based applications

The list of Electron-based desktop applications comprises several hundred online services, including about 20 really popular ones. Source

Security considerations

So how to avoid the threats posed by uncontrolled browsers that thoughtful developers are now unpredictably embedding into desktop apps? I have three main tips regarding this:

  • Minimize the number of Electron-based apps as much as possible. It’s not as difficult as it seems: the very fact of using the framework normally suggests that the service has an extremely advanced web version, which is most likely on a par with the desktop application in terms of features and convenience.
  • Try to inventory all Electron-based apps used by your company’s employees, and prioritize their updates. More often than not, these are collaboration applications of different forms and shades — from Microsoft Teams, Slack, and Asana, to GitHub and Figma.
  • Use a reliable security solution. It will help you repel attacks in those periods when vulnerabilities are already known and being exploited but the patches haven’t yet been issued. By the way, Kaspersky products have an exploit protection system: it helps our experts detect the exploitation of new, as yet unknown vulnerabilities, and warns the developers of the corresponding programs about these holes.


#Electronbased #desktop #applications #secure

Oleh Diposting pada

Every now and then, Windows 10 users and administrators wonder why the time on their systems suddenly jumps by several weeks, months or even years (either forward or backward).

What could be the cause of those jumps? Ars Technica journalists did a little research, and found that it might be linked to the Secure Time Seeding feature. In this post I explain how this feature seems to work, and what can be done to prevent such unexpected jumps.

What is Secure Time Seeding?

Secure Time Seeding (STS)

was added to Windows 10 in 2015. The feature is intended to correct discrepancies between the time set in the system and the actual time – primarily when a computer’s battery feeding the internal real-time clock dies and the time settings have nothing in common with reality. Most importantly, STS is able to correct the system time without accessing the current-time servers.

But why is such a correction of time discrepancies even needed? Oddly enough, for security. Typically, client-server data exchange (including system connection to the internet time servers) is protected with SSL/TLS encryption protocols. To establish such a connection with the server, the client first needs to verify its digital certificate, and these certificates have a certain validity period. Therefore, if the time in the system is set with a significant error, the certificate may be considered expired, and a secure connection won’t be established.

So a vicious circle appears: in order to find out the current time, the computer needs to know the current time. It doesn’t have to be perfectly accurate; the approximate time can work too. But the greater the difference between the system time and the actual time, the greater the chance the certificate will get flagged as expired.

STS introduces (at least in its developers’ minds) a way for the system to automatically identify and correct major discrepancies, even when a secure connection cannot be established with any server. This is achieved by using current timestamps and digital-certificate expiry dates contained in the data sent by the servers to the client during the initial establishment of a secure connection (the SSL and TLS handshakes).

The exact algorithm of STS is unknown. But the general idea is that Windows pulls data from the SSL handshake and uses it to compute a reliable range for the current time and assign it a probability. As new data becomes available, the range is updated, and the probability can gradually increase. When it reaches a certain threshold, STS decides to change the system time to the median time from the range it deems reliable. In theory, such precision should suffice to establish a secure connection, connect to a current time server, and get the precise time.

Why you should disable Secure Time Seeding

The main problem is that the feature is enabled in Windows 10 by default and operates regardless of whether the computer’s built-in clock has ever been out of sync. As a result, STS can reset the time at any moment when Microsoft’s secret algorithm decides that there are enough signs that the clock is telling the wrong time and needs fixing.

The reason for such malfunctions in Secure Time Seeding isn’t fully understood. One suggested cause is the significant rise in popularity of SSL/TLS implementations that send an incorrect timestamp during the handshake. The chief suspect here is the frequently used OpenSSL library (which, instead of the current server time, puts random values in the timestamp).

Moreover, this bug can also occur in server versions of the operating system: Windows Server 2016, Windows Server 2019, and Windows Server 2022. And while for regular computer users the issue is little more than a nuisance, for servers it can be catastrophic, since their correct operation often relies on the time being accurate.

There’s an unofficial piece of advice on this from a senior Microsoft technical support official for Active Directory Domain Controller Administrators:

“Hey people, if you manage Active Directory domain controllers, I want to give you some UNOFFICIAL advice that is solely my personal opinion: Disable Secure Time Seeding for w32time on your DCs.”

Unofficial advice from a Senior Windows Escalation Engineer: disable Secure Time Seeding

Unofficial advice from a Senior Windows Escalation Engineer: disable Secure Time Seeding

Disabling Secure Time Seeding in Windows

To disable STS, locate the following key in the Windows registry:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesW32TimeConfig

Find the UtilizeSslTimeData value and set it to 0.

Disabling Secure Time Seeding in the Windows registry

Disabling Secure Time Seeding in the Windows registry

Alternatively, you can run the following command as an administrator in the Windows command prompt (CMD):

reg add HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesw32timeConfig /v UtilizeSslTimeData /t REG_DWORD /d 0 /f

After changing the value, you need to reboot the system. If this is difficult or impossible, you can force the update with this command:

W32tm.exe /config /update

That done, the STS feature will stop bugging you. Now all that remains is to ensure that the system clock always stays accurate. On this point, the Ars Technica article gives a couple of helpful tips for server administrators.


#System #time #jumps #Windows

Oleh Diposting pada

The start of the new school year plunges many parents back into the traditional routine: packing the kids off to school in the morning, and helping with homework in the evening. However, this ordered life is being disrupted by new technologies, which are rewriting the rules of digital hygiene. As ever, the first who have to get to grips with them are the parents.

In this series of posts, we explain what cyberthreats should be front-of-mind for parents in the new school year. Let’s start with the fundamentals, with the hardware — that is, with securing the devices that today’s schoolchildren can’t (or can) live without.

Geolocation, or “where are my kids?”

When I was in school, the only way my folks could track my class-skipping was from the attendance register. Today, parents have it easy in one sense: they can keep a close eye on their kids using smart gadgets. The downside, of course, is that those parents are becoming obsessed with their little ones’ whereabouts and physical safety. Even tiny tots can be watched over by a baby monitor or even a doll. And to oversee school attendance, parents offer their offspring smartwatches and other wearable trackers.

There are security issues common to all these devices. First, in the rush to bring their products to market, developers often fail to test them for vulnerabilities. Second, many of these new devices have uncommon architectures. This can means that either there are no antiviruses for them, or there’s no available interface to put a security solution in place.

This plays rights into the hands of hackers, who can connect to a smartwatch and spy on the wearer, or download a Trojan onto it to steal valuable data.

In addition, a smartwatch or tracker is yet another device you need to buy, monitor its battery, wrestle with the settings… But wait! Your child probably has a smartphone already, right? (To keep it safe, check out our step-by-step guide on how to ensure its security.) So that means you can install the Kaspersky Safe Kids app (available for iOS and Android), which, among other things, lets you monitor your child’s movements in real time. The map simultaneously displays all of your children’s devices, together with the battery level of each, so you can see at a glance where all of them are and whether you need to call someone to get them to recharge their phone.

The Kaspersky Safe Kids home screen shows both where your kids are and how much charge is left on their phones

The Kaspersky Safe Kids home screen shows both where your kids are and how much charge is left on their phones.

By the way, you can now get Kaspersky Safe Kids free with a Kaspersky Premium subscription to protect all of your family members’ devices from just about any threat.

Gadgets for study? We wish…

With the transition to digital teaching aids, parents face the question of which device to get for their kids. A mobile phone won’t do: small screens hurt the eyes. And to write essays you need a normal keyboard.

A shiny new iPad or MacBook Air, then? If it’s a junior schoolchild we’re talking about, bursting with energy, I wouldn’t advise it. An expensive tablet or laptop is likely to get smashed, along with your nervous system. Don’t even ask how many broken screens I, a father of three, have had to replace already. These troubles end only (if you’re lucky) when your kids become teenagers, when they’re likely to start to take more care of their devices — probably due to FOMO, since at that age social life is everything, and for today’s youth a huge part of it takes place online.

Maybe give your kid a hand-me-down laptop or tablet? Your wallet would appreciate it, but it’s not a win-win. Your old devices need to be scrubbed clean (digitally at least) before they get anywhere near your kids. For tablets and mobile devices, a full reset of all settings and data is best; for laptops — reinstall the operating system. And clear all traces of your Apple or Google IDs if you don’t want to repeat my wife’s experience: she gave our daughter her old tablet, which was still logged into all her accounts… linked to her bank cards… So after just a few minutes of play, our daughter went on an online shopping spree!

Another option is “school” tablets and laptops, which are simpler and cheaper models. Some of them, like Chromebooks, are even positioned as more secure. That said, many threats — such as fake browser extensions, hidden cryptominers, phishing/malicious websites — affect Chromebooks, too.

Wi-Fi freeloading is dangerous

A lot of parent-child conflicts these days stem from kids spending too much time online or visiting inappropriate sites. The most common method of control is to limit both screen time and screen access with the help of a parental control app such as Kaspersky Safe Kids. But some parents think it’s enough to just impose general internet-wide restrictions: when the paid-for data allowance runs out — no more access.

But this simply encourages children to look for free access on the side. And they’re sure to find it! Either a friend will set up a Wi-Fi hotspot on their iPhone right there in class, or a nearby cafe will let anyone connect without a password. Needless to say, it’s easy to stumble across a fake access point and fall victim to scammers.

There are two ways to overcome this problem. The radical option is to ban connections to unknown Wi-Fi networks on your child’s smartphone and block access to settings by means of an additional security code (for Android smartphones when using Kaspersky Security & VPN) or Parental Control. This should work for younger schoolchildren.

With teens, bans are likely to fail. So you’ll have to adopt the more liberal option of teaching your child the rules of safe Wi-Fi use. In particular, they need to know that a VPN is not just for anonymous browsing of dubious sites, but for encrypting the connection even when using unsecured Wi-Fi.

Get maxed-out protection

But no matter how you explain the rules of cybersecurity to your kids, remember they’re a lot younger and naiver than you, and therefore more vulnerable to online scams. That’s why it’s imperative to install and configure a reliable security solution on every single device you give them — one that will protect your kids not only from viruses, but also from phishing, spam calls and data leaks, as well as mindfully guard their online privacy.


#safeguard #kids #gadgets #school #year

Oleh Diposting pada

Updating software on employee workstations is a never-ending, constant process. Thus, you may simply lack the resources to keep updating all software. On average, dozens of new vulnerabilities are found every single day; accordingly, many hundreds and even thousands of patches for them are released every month.

This poses the question: what updates should be a priority? And there’s no simple answer to that. Patching strategies can be very different, and finding the one that works best for your company can depend on various circumstances. In this post, I share some thoughts on what software should be patched first — based on the potential risk of vulnerability exploitation.

Got any vulnerabilities on your system?

Some people believe that the number of discovered vulnerabilities speaks of the given software’s quality. Simply put, more bugs means worse software, and a lack of any ever reported means that software is great. These considerations then affect their choices of corporate software.

But this is, of course, a misperception: the number of detected vulnerabilities generally speaks of the program’s popularity, not quality. You can find bugs anywhere. And most of the time, bugs are discovered where people look for them. A company could get by using some long-forgotten software product just because nobody ever found any vulnerabilities in it. But that would be an unwise strategy: what if someone actually tries and succeeds in discovering a whole load of them right away?

In a nutshell, it’s not the number of bugs that matters, but how quickly patches for them come out and if they actually fix problems. Quick and regular patching is a good thing. While rare, sporadic releases — with the vendor trying to pretend that nothing bad has happened — are a disturbing sign; such software should be avoided.

Another good thing is when the developer runs a bug bounty program — even better if the program is open for everyone. A bad thing is a vendor threatening to sue bug hunters (yes, it happens more often than one would imagine), or worse: dragging people to court for reporting vulnerabilities.

Operating systems

But let’s get back to patching prioritization. The obvious candidates for the highest priority are operating systems. All-important OS updates must be installed as quickly as possible. The risk is self-evident: a compromised OS is the key to the rest of the computer’s software.

So if you use Windows, it’s in your best interests to at least look through the list of Microsoft updates on the second Tuesday of each month, and install them ASAP. But you should still follow the news: if a Windows patch comes out on a different date, it should be installed right away.

Browsers

There are several solid reasons to prioritize browser updates. Firstly, browsers account for much of our digital activity these days. Secondly, browsers by definition interact with the internet, so they’re one of the first to be affected by any cyberthreats. Thirdly, attackers spare no effort looking for browser vulnerabilities, often succeed and quickly turn to exploiting them.

So try to install browser patches pronto. Additionally don’t forget to restart your browser after an update: until you do, the old, vulnerable version remains in use. Keep in mind that your system may have more than one browser installed. They all need timely updates.

And speaking of multiple browsers, there’s a couple of things to keep in mind:

  • Internet Explorer: hardly any user’s free choice anymore, but this browser is still featured on any Windows computer — and needs timely patching.
  • Many desktop apps (for example, messengers) are based on the Electron framework — technically a Chromium browser opened in a web app. Don’t forget to update them too, as they automatically inherit every Chromium flaw out there.

Office suites

Attacks through emails with malicious attachments are a classic cybercriminal move. They mostly rely on infected files — especially Microsoft Office and PDF documents. This means that office suite programs’ vulnerabilities often serve as an entry point into the target company’s network. Therefore, you should pay close attention to office software updates.

In most cases, malware attachments don’t open themselves — somebody has to click on them. That’s why it’s important to provide information security training for your employees — for example, on our interactive educational Kaspersky Automated Security Awareness Platform.

It’s also a good idea to set up an internal communication channel with your information security department: on the one hand, to alert your employees about relevant threats and improve general awareness; on the other, to receive their reports on various suspicious activity, including in their email boxes.

Cybersecurity solutions

As mentioned above, vulnerabilities can be found in any software — and security products are no exception. Antiviruses and other information security applications need lots of high-level permissions to operate efficiently, so a successful exploitation of a security solution’s vulnerability might cause very serious problems.

Security software developers are aware of the potential danger of such a scenario better than anyone else. Therefore, they try to promptly respond to reported vulnerabilities and release updates ASAP. Of course, promptness is equally important when installing those patches. We recommend monitoring your security products’ updates diligently and prioritizing their installation.

Work collaboration apps

One more software category that has earned special significance for office employees in the past decade requires special attention. I’m referring to work collaboration apps, such as Microsoft Teams, Slack, Confluence, and the like. In many companies these have gradually taken over a considerable part of business correspondence, file exchange, and conference calls.

Naturally, collaboration tools have become an attractive target for cybercriminals: they can usually learn a lot of juicy things from the content that’s transferred through collaboration apps. It’s important to keep these apps up to date with the latest security patches.

Here’s one more reason not to postpone updating your collaboration tools. As I mentioned above, every app based on the Electron framework is technically a Chromium browser — with all its vulnerabilities so popular among cybercriminals. And guess what? Electron is also quite a common framework for collaboration tools. For instance, it’s the backbone of the desktop versions of both Teams and Slack.

To protect employees’ computers from hacking at those unpleasant moments when a vulnerability has already been found but a patch for it hasn’t yet been released, be sure to use reliable protection on all corporate devices. By the way, a number of our solutions for business — including Kaspersky Endpoint Security for Business and Kaspersky Hybrid Cloud Security Enterprise — feature the built-in Kaspersky Vulnerability and Patch Management system that helps you automate and properly prioritize your software updates.


#software #patched

Oleh Diposting pada

More great news: our recently updated Kaspersky Password Manager now has a built-in function for generating one-time codes for two-factor authentication (2FA). This means no more installing a separate authenticator app — everything you need is right there in our password manager. Now for a few details…

What’s an authenticator?

On this blog, we focus quite a bit on 2FA — app-generated one-time codes in particular. Over the past couple of years, we’ve posted a whole series of materials on this topic, the most important of which make for highly recommended reading:

In a nutshell, you need 2FA to better protect your accounts, so we recommend enabling it on all services that support it. In our view, one-off codes generated in special authenticator apps strike the best balance between security and usability. Such a code must be entered after the regular password, and because it’s valid for a limited time (usually no more than 30 seconds), it’s extremely difficult to intercept.

The 2FA method is both quick and smooth, provides a high level of protection, and requires no additional input or time investment on the part of the user. Before, 2FA meant having an authenticator app on your device — either Google Authenticator or any other that suits you. Now, however, there’s no need to install an additional app: you can generate codes right inside Kaspersky Password Manager, where your passwords are already stored securely. Let’s take a look at the advantages of our built-in authenticator.

1. Familiar interface with cross-platform convenience

Kaspersky Password Manager generates one-time codes in a familiar user-friendly way: in the special Authenticator section is a list of tokens with names and short descriptions, next to which one-time codes appear and a time counter ticks away until the next update of these codes. That’s similar to how it works in other apps, so you’ll have no trouble switching to Kaspersky Password Manager if you already use another authenticator. That’s an obvious advantage, but far from the only one.

A massive plus compared to other authenticators is that Kaspersky Password Manager gives you a universal, cross-platform, all-in-one solution — the app stores your passwords and generates one-time codes on whichever platform you prefer: computer or phone. Kaspersky Password Manager is available not only for Android and iOS, but also for macOS and Windows (support for 2FA code generation in Windows will be added in an upcoming update). The Windows version is especially important: if you’ve read our post about the best authenticator apps, you’ll have noticed that Windows is rather poorly served.

2. Synchronization and security

Next advantage: all Kaspersky Password Manager entries (passwords, notes, authenticator tokens, etc.) are automatically synchronized between all your devices. This allows you to generate an authentication code on any device you’re currently using.

Synchronization uses the cloud, of course, but with maximum security and convenience. For one thing, you don’t have to create an extra account — a My Kaspersky account is all that’s needed, which you already have if you use any of our products. And for another, all authentication tokens are securely protected by the main password, without which no intruder can use your passwords or authenticator — even if they do somehow get inside your My Kaspersky account.

3. Don’t have your smartphone to hand? No problem!

Users of other authenticator apps face the eternal nightmare of leaving behind or, worse, losing their smartphone: recovering authentication tokens is so difficult that we even wrote a special step-by-step guide for that. Now, because Kaspersky Password Manager securely stores your tokens (and with them all passwords) in encrypted form in the cloud, you can use the authenticator at any time on the device you’re using, as well as restore all data on a new device; all you have to remember is your main password.

4. Easy migration

Lastly, one other advantage of the built-in authenticator in Kaspersky Password Manager is quick and easy migration of all data from Google Authenticator. All you need to do is export all tokens from Google Authenticator to one large QR code in the usual way, then scan it in Kaspersky Password Manager — everything will work right away.

As far as we know, no other authenticator app makes it so easy to migrate data from Google Authenticator; the process usually involves lots of sweat and tears as you painstakingly recreate all your tokens one by one. But with Kaspersky Password Manager, four taps on the screen are literally all it takes.

What else can Kaspersky Password Manager do?

Let’s wrap up with a few words about some other useful features in Kaspersky Password Manager besides unbeatable password protection and the new built-in authenticator. This handy app can also:

  • Autofill data in online forms — and not only usernames and passwords, but other information such as addresses and bank card details.
  • Warn you if your password is too weak, was used before, or has been compromised in a known leak.
  • Generate the strongest passwords possible based on customizable random character combinations.
  • Securely store important documents, bank card details, and any other highly valuable information (for example, cryptowallet seed phrases).
  • Encrypt all stored data with the robust AES-256 algorithm. The encryption key is created from the main password and is not stored anywhere, so without the main password it’s simply impossible to decrypt the contents of Kaspersky Password Manager.

Incidentally, the recent update of Kaspersky Password Manager added not only a built-in authenticator, but also support for Opera and Opera GX browsers. So now you can autofill passwords and other data in all the most popular browsers out there: Chrome (and others based on Chromium), Safari, Firefox, Edge, and now Opera.

And remember, the full version of Kaspersky Password Manager comes included in the Kaspersky Plus and Kaspersky Premium subscriptions, along with the most reliable protection possible, unlimited VPN, and a host of other useful features.


#Builtin #authenticator #Kaspersky #Password #Manager

Oleh Diposting pada

We constantly emphasize how important it is to promptly install patches for vulnerabilities in software that is most often being exploited in cyberattacks — operating systems, browsers and office applications. Here is a good illustration of this thesis: according to our statistics on vulnerabilities, the most commonly exploited in the attacks on our customers, CVE-2017-11882 in Microsoft Office is still quite popular among the cybercriminals. And that is despite the fact that the update that fixes this vulnerability was released back in November 2017! Such lasting popularity of CVE-2017-11882 can only mean that someone hadn’t installed patches for the Microsoft office for more than five years.

What is CVE-2017-11882 vulnerability?

CVE-2017-11882 is a RCE vulnerability in the equation editor from the Microsoft Office and it is associated with a failure to handle objects in RAM. To exploit the vulnerability, an attacker must create a malicious file and somehow convince the victim to open it. Most often, such file is sent by e-mail or is hosted on a compromised site.

Successful exploitation of the CVE-2017-11882 vulnerability allows an attacker to execute arbitrary code with the privileges of the user who opened the malicious file. Thus, if the victim has administrator rights, the attacker will be able to take full control of his system — install programs; view, modify or destroy data; and even create new accounts.

At the end of 2017, when information about the vulnerability was first published, there were no attempts to exploit it. But in under a week, a proof of concept (PoC) appeared on the Internet, and attacks using CVE-2017-11882 began over the next few days.

In 2018, it became one of the most exploited vulnerabilities in Microsoft Office. In 2020, during the Covid-19 pandemic, CVE-2017-11882 was actively used in malicious mailouts that exploited the topic of disrupted deliveries due to the medical restrictions. And now, in 2023, this vulnerability apparently still serves malefactors’ purposes!

How to stay safe

Of course, CVE-2017-11882 is not the only vulnerability that has been used in attacks for many years. And not even the most dangerous of them. It is surprising, however, that despite its relative popularity (quite a lot was written about it back in 2017), as well as the availability of updates and more recent versions of MS Office, someone is still using vulnerable versions of the office suite.

So, first of all we recommend all companies that use Microsoft Office to make sure that they are working with the patched version of the suite. It is also usually a good idea to monitor new releases of security patches and install them timely. The rest of the advice is pretty standard:

  • avoid working with office documents with administrator rights;
  • do not open documents sent by unknown persons and for unknown reasons;
  • use security solutions that can stop the exploitation of vulnerabilities.

Kaspersky Endpoint Security for Business detects and blocks exploitation attempts of all known vulnerabilities (including this one), as well as yet undiscovered ones.


#CVE201711882 #exploited

Oleh Diposting pada

I would have to establish a listening device (such as a cell phone with a unique application) near to obtain and decipher the evolutionary sounds. The fan could send customer names, passwords and other delicate data. In addition, this approach would move away on any PC, including those that are not associated with the web or without speakers. An ideal espionage procedure for PC is isolated from networks. Why disconnect a PC? In the event that you have specially delicate data in this regard, you would need the PC to be as safe as it could be expected. A method to do so is to isolate it from some other PC: to do what is called an air hole. To become more familiar with said PC, the individual would need to obtain real admission to the machine first.

Is It True Or Not That You Are Worried About Computer Security?

Transforming the fan of a PC into a specialized device would consider delayed perceptions. Would it be advisable to stress that your PC fan is chatting about you? Probably not. He is obliged to execute different types of malware, except if you are responsible for a high security PC frame. So keep surveillance, make sure you do not participate in dangerous computer forms of behaving and use a decisive reasoning to stay away from social designers who are eager to tangle it. However, it is still great: its fan presumably remains under control for now. How things work. The photopolymer is a reasonable and fluid plastic. A perforated scenario soaked in the tank. The scenario can go everywhere in the tank as the printing system continues.

The photopolymer is delicate for bright light, so when the laser contacts the photopolymer, the polymer solidifies. In the potential out of success that is close to the ESTREOLITOGRAPHY DEVICE (SLA), you can really see the laser as each layer builds. This is definitely not a particularly fast cycle. Contingent of the size and number of elements that are made, the laser may require a little time for each layer. A regular race may require six to 12 hours. Executions north of a few days are viable for huge elements (the most extreme size for the machine shown above is a 10 -inch (25 cm) article in three aspects). This plan changes before working with defenses that raise it from the dish marginally and with any internal support that is expected during the building.

Despite the expected problems, some specialists say that the idea of ​​a computerized wallet is even better than the most established delivery techniques. Did you lose a piece of change? You are not recovering it. Taken mastercard? That trick uploaded his tab in the stores out of control before he even recognized that he was absent. Computerized wallets, however, have built -in repetitive insurance. Both on the web and for disconnected purchases, your computerized wallet depends on advanced endorsements. Computerized statements are basically connections with electronic correspondence that verify their way of life (as well as that of the beneficiary) and give a way to a recipient to encode an answer.

In addition, Cell phones with NFCs have struck the chips explicitly intended to supervise monetary safety. This supposed safe component only houses the information that is expected to begin and end an exchange. In fact, even with your phone and your pin, a programmer cannot obtain information about that fully observed chip. Alte your sound documents and add impacts to make competent quality sound records. Supervises customer requests and quotas in Windows or Mac. Convert your AVI, MPG, VOB, WMV and more in a wide range of document designs. Video supervisor completely unlocked to make competent -looking recordings in minutes. Convert and encode sound documents between numerous sound recording designs in Windows or Mac.

Record and catch recordings of virtually any source that uses the debut in Windows or Mac. Alte your sound documents and add impacts to make quality sound records competent. Supervises customer requests and quotas in Windows or Mac. Convert your AVI, MPG, VOB, WMV and more registration designs video documents. Video manager completely unlocked to make competent -looking recordings in minutes. Convert and encode sound documents between numerous sound recording designs in Windows or Mac. Record and catch recordings of virtually any source that uses the debut in Windows or Mac.

Oleh Diposting pada

The device can be filled completely in less than 10 minutes. The simplest way to recharge the cell phone is to raise a standard phone with a small solar panel that can be used. Some companies sell small arrangements of solar panels that can be connected directly to cell phones or other mobile devices. Solar technology is not limited to mobile phones. Nokia’s concept of Eco Sensor is a futuristic personal digital (PDA) assistant prototype that is equipped with a separate wrist sensor unit. The doll sensor is made of solar cells that provide energy for PDA. This wrist sensor can also produce electricity by capturing the kinetic energy of natural arm movements, such as some watches that have been made today.

The PDA Nokia screen will use a very efficient technology called electrons. To obtain more enlightening information about energy and electronic conservation, see the links on the next page. Community of American motor engineers. McLaren, Warren. “The liquidation iPod: the Ecological Media player of Trevor Baylis.” Treehugger. Nadel, Brian; Moscovciak, Matthew. Nadel, Brian; Moscovciak, Matthew. Nadel, Brian; Moscovciak, Matthew. Ostendorp, Peter. “TV NRDC TV Energy Efficiency Research”. ECOS Consulting. Sweet, Phoebe. “We all need strength, but in the Mequite, priority is clean air.” Las Vegas Sun.

Boston Technology Network. Toto, Serkan. “The world’s first solar battery charger in the world for mobile phones.” Crispy equipment. Shiffman, Betsy. “Why is your energy bill flying?” Forbes. Whether it is a PC game or a new home office platform, it is important to buy the correct software, but buying it without damaging the bank is so important. And we are here to help. Below is a list of offers that cannot be approved. Windows 10 of only $ 14 is a good example of what is offered here. All you need to do is click on our link below and enter our discount code when verifying.

Do it and you will see the price of falling before your eyes! When saying that, we are going to immerse ourselves in good things, okay? Once again, be sure to enter the discount code when verifying to obtain the best available price. After payment, the buyer receives the OEM product key to the email specified during the record, which can be activated directly in the Windows 10 system. Change the product blocking (in this menu you must enter the received button). For Windows PCs, this is simple with Microsoft Windows Movie Maker included the framework.

While it is something simple in its most prominent aspects, the fundamental advantage of the Windows movie manufacturer is that it will acclimatize it with a similar configuration on the screen used by almost all PC programs practically identical. Microsoft Windows Movie Maker is much simpler to work when it is contrasted with a lot of more amazing applications and will work as an ideal manual for what you will experience in case you end up moving to more specialized PC programs. After activating Microsoft Windows Movie Maker or some other simple programming to alter the video, you can usually see the exhibition screen coordinated in 3 different areas.

Within the upper part of the PC screen there are areas in both directions and in the last complete segment that covers the total presentation of the presentation. The upper left region presents a screen in which their brooches will play. The upper right presumably introduces not completely resolved by what it is doing at that time. Log in the PC switch to make a secret phrase and make it safe. With WPA2 Security Empodered, it is impossible for any time in your organization. However, there is a simple method to detect bums: since each device associated with its organization has a novel IP address and a MAC address, you can undoubtedly see a summary of associated devices, frequently registered as “customers”, in one of the pages of configuration for your remote switch.

Numerous gadgets transmit an identification since they have been appointed by their owners, so in the event that you see “John’s laptop” associated with your organization and you do not have a John in the house, you have tracked the inconveniences! Regardless of whether a gadgets shows a name in the switch customer program, you can count the amount of associated devices and contrast with the number of devices that you know should be there to verify if the numbers are deactivated. The Asus ZenBook Pro Duo 15 OLED UX582 offers the customers double screens: an OLED 4K 15.6-inch dash And, in a genuinely, in a genuinely fascinating turn, an OLED 3840 × 1100 14 -inch screen arranged on the console.

Windows considers it a later screen and you can use the scratching schedule packaged to involve it for a wide range of support companies, such as a trackpad or to call a tactile control board for selected adobe applications. The UX582 packs an abundant capacity, which includes a Core i9 chip from the top of the line, GeForce RTX 3070, 32 GB of DDR4 memory and an SSD NVME NVME fast of 1 TB. It is essentially a convenient PC workstation of very good quality, however, the absence of an SD card reader can demonstrate irritating. However, you can continually buy an external SD tracker and pat in one of the PCS Double Thunderbolt 3 ports. In any case, how can it work? Spacers hold the two separate layers. At the time the tablet is on, an electric flow crosses the two layers.

In the event that I place the squeeze on the screen, it makes the two layers come into contact with each other. This changes the electric field for those two layers. Imagine that you have such a tablet and has concluded that you need to start a game. You use your pointer to play the game symbol on your tablet screen. The tension of its touch causes the two layers in the frame resistant contact, changing the electric field. A CPU inside the tablet decipher this adjustment of the field and makes an interpretation of it on the screen. The CPU of the tablet takes these addresses and guides them against their framework. The CPU verifies that you have accessed the application and sends it to you. Resistive screens can be helpless to damage.

Oleh Diposting pada

Your PC must have a GHz processor in any case. In the event that Windows or Linux is running, you really want 256 GB of free RAM; For Macs, it’s 1 GB. It will also require the last Directx (PC) or Quicktime (MAC) update. In the event that it meets the previous requirements of the frame and that you still have establishment problems, consider verifying if you have the latest update of your work frame, as well as renewed controllers for your sound and video programs. You may also have to look at your firewall configuration to make sure Skype can pass.

Some nations, for example, the United Arab Emirates, block Skype calls. You must also make sure you have enough accessible transfer speed on internet. The previous requirements of Skype’s transfer speed fluctuate contingents about the type of call it is making. For example, a voice call needs a discharge/transfer base speed of 30 kbps, however, a video that provides higher quality requires a base discharge speed/transfer of 1.2 Mbps. Finally, I really take a look at its Internet association, in the event that it is slow or impotent, you will not have the option to interact with Skype or admit a call.

Tivo, a DVR brand, allows registration sponsors of their number one television programs and look at them when they need it. In 1997, an organization hit the way people watch television. He guaranteed his clients that they would not need to stress with television plans or discover how to schedule their video recorders. On equal terms, the organization guaranteed that customers would have the option to record programs, even at all times of programs, using a basic connection point. Then, at that point, they could see the programs anywhere they needed.

The organization was tivo, the trailblazer in economically accessible advanced videos (DVR) (DVR). In its 10 years of history, Tivo has sold a lot of DVR and administration memberships. In this article, we will take a look at the way in which the ordinary functions establish and the administrations that Tivo da. The hard drive is associated with the rest of the world through several cats in the back of the set, normally the common RCA associations that it would use to connect, say, a link box or a video recorder. The effort of the recovery of lost information can be expensive.

Consequently, you must obtain the storage support of information in line with the objective that it does not work and stay away from the huge expense of recruiting a competent in the recovery of the information. This organization guarantees its online information reinforcement to an insignificant expense. They can also offer different options; Which believes that your organization will require with respect to the space on the reinforcement server. All in the 21st century anticipate that you and your business should work consistently. People anticipate administration without stopping regardless of anything else.

Many types of organizations such as medical care, production, monetary and administration, work without stopping or possibly their PCs. So, even in the lack of human attention, online administrations answer any questions, take orders, send stocks to the distribution centers and supervise monetary exchanges. Any free time is not passable and can quickly take your business to another place. This misfortune can also be determined in monetary terms. The monetary misfortune of an organization is the united expense of proceeding to continue the work without the information, the expense of reworking the lost information and the expense of recovering the information expertly.

The main explanations behind having established information guarantee is the conceivable monetary misfortune. Time, cash and effort should be spent on information insurance instead of information recovery. Essentially, go to the “your phone” option on your PC and confuse it as necessary. Could you send a message from a PC to a PDA? One of the most direct ways of communicating something specific through its PC is by email. Follow the media in this article to send your most memorable email! Could you send an online message at all?

Assuming you have an Android phone, Google allows you to send free instant messages to anyone using the web work area. In the event that you have an iPhone, you can use messages to send an instant message from the application in a work area or MAC PC. How can I send and receive instant messages online for nothing? Once entered, there are numerous applications through which you can send and receive messages for free. The models incorporate Google Voice, WhatsApp, Sendsmsnow and Afreesms. How could I know when to send text messages and when to call? How would you send photos by email? Coppock, Mark and Martindale, John.

Oleh Diposting pada

Currently, using library cleaning program is also significant to guarantee. It is not really for damage, however, it will protect you from being stolen and assaults on your internet -based presence. Without much stretching, you can have passwords and different individual data saved in the brief web organizer of your PC. With something like Spyware or Adware, people can get this data. In the event that you are looking for antivirus programs on the web, you must be cautious about which you choose. There are a lot of accessible antivirus programs and some of them are formed by the same people from whom they are trying to protect their PC.

If you somehow managed to choose a program like this, you will present the Spyware and the ADWARE to your PC for these people, and prefer not to do so. For this reason, you want to do a lot of exam to solve what you can trust. In the event that it observes that its PC is no longer being executed pleasantly, you really want to contemplate obtaining vault cleaners as the easy record of protecting your data. Assuming that it is not sure, the free download that easily offers the registration explodes. Find additionally on this point of the best website on the website regarding this problem here!

Be that as it may, in case you do not expect lots of external regulators or capacity in the device, in any case they would demonstrate a strong battle horse. In the event that you need a larger screen, an additional presentation and more ports, two excellent options are the 14 -inch MacBook Pro and the 16 -inch MacBook Pro. Both accompany the M1 Pro and 16 GB chip as standard (which can obviously be redesigned in the retail location). In addition, there is more capacity, with 512 GB or 1 TB models.

However, the M1 Pro is the genuine contrast here, with additional GPU centers that can be used to make the required mathematics while using lots of modules, vsts or delivering multichannel synthesis on the screen. Would it be a good idea that the most notable MacBook needs that can buy, then, at that time, that would be the 16 -inch MacBook Pro with the M1 Max, which is a monster that also accompanies 32 GB of RAM and 1TB of storage as standard. You can examine our 16 -inch MacBook Pro polls and 14 -inch Macbook Pro to discover what these forces can be taken into account with the machines that bring to the table.

The Rounds of Bandai Namco (“Pac-Man”), Capcom (“Street Fighter II” and “Phantoms’ N Goblins”), Midway (“Joust”, “Protector” and “Frenzy”), Sega (“Sonic The Hedgehog “) and the lots of others are accessible to cell phones, too. In any case, assuming that you would prefer to play the first variants with an obsolete regulator, the Atari flashback game control center was carried out exclusively to play old Atari 2600 games, which are pre -installed in the control center (cartridges are not required). Steam is also a decent source to buy game downloads that you could believe that they are abandonments, however, they are still accessible for true treatment in more up -to -date stages.

In addition, you can obviously go truly the old school and buy work in the PC center and the games control games through eBay and other internet -based roads, or remove them from their own wardrobe and try them. Many of them are still out there for the moment. However, in the end, all old teams and real media will be the method of the Dodo bird. Mosaics and severe equipment needs advance a similar objective: a predictable style on devices. Since the shipping of Windows Phone 7 at the end of 2010, Microsoft has updated the framework to incorporate different elements, including reorder, perform various tasks, all the most lively tiles, reports and custom -called call tones.

The Windows Phone 7 application market incorporates official applications for famous administrations such as Facebook, Twitter, YouTube, Netflix and Kindle. These applications are useful basic elements of any portable biological system, but Microsoft pushed a totally different center when sending Windows Phone 7: fun. Due to the Xbox Live brand, Windows Phone is full of games, some of which were initially distributed in the Xbox 360’s Xbox Arcade Live. While Apple’s iOS actually has the most punished games library, you can access a part of its best known titles as “Irate Birds” and “Natural Product Ninja” in Windows Phone, and Microsoft offers several special features through of Xbox Live.