Archive

Archive for March 12, 2019

El Samsung Galaxy A50 ya tiene precio y fecha de lanzamiento en Europa gracias a la filtración de una operadora

March 12, 2019 Leave a comment
Categories: Internet Tags: , ,

Patch Tuesday, March 2019 Edition

March 12, 2019 Leave a comment

Microsoft on Tuesday pushed out software updates to fix more than five dozen security vulnerabilities in its Windows operating systems, Internet Explorer, Edge, Office and Sharepoint. If you (ab)use Microsoft products, it’s time once again to start thinking about getting your patches on. Malware or bad guys can remotely exploit roughly one-quarter of the flaws fixed in today’s patch batch without any help from users.

One interesting patch from Microsoft this week comes in response to a zero-day vulnerability (CVE-2019-0797) reported by researchers at Kaspersky Lab, who discovered the bug could be (and is being) exploited to install malicious software.

Microsoft also addressed a zero day flaw (CVE-2019-0808) in Windows 7 and Windows Server 2008 that’s been abused in conjunction with a previously unknown weakness (CVE-2019-5786) in Google’s Chrome browser. A security alert from Google last week said attackers were chaining the Windows and Chrome vulnerabilities to drop malicious code onto vulnerable systems.

If you use Chrome, take a moment to make sure you have this update and that there isn’t an arrow to the right of your Chrome address bar signifying the availability of new update. If there is, close out and restart the browser; it should restore whatever windows you have open on restart.

This is the third month in row Microsoft has released patches to fix high-severity, critical flaws in the Windows component responsible for assigning Internet addresses to host computers (a.k.a. “Windows DHCP client”).

These are severe “receive a bad packet of data and get owned” type vulnerabilities. But Allan Liska, senior solutions architect at security firm Recorded Future, says DHCP vulnerabilities are often difficult to take advantage of, and the access needed to do so generally means there are easier ways to deploy malware.

The bulk of the remaining critical bugs fixed this month reside in Internet Explorer, Edge and Office. All told, not the craziest Patch Tuesday. Even Adobe’s given us a month off (or at least a week) patching critical Flash Player bugs: The Flash player update shipped this week includes non-security updates.

Staying up-to-date on Windows patches is good. Updating only after you’ve backed up your important data and files is even better. A good backup means you’re not pulling your hair out if the odd buggy patch causes problems booting the system.

Windows 10 likes to install patches all in one go and reboot your computer on its own schedule. Microsoft doesn’t make it easy for Windows 10 users to change this setting, but it is possible. For all other Windows OS users, if you’d rather be alerted to new updates when they’re available so you can choose when to install them, there’s a setting for that in Windows Update.

As always, if you experience any problems installing any of these patches this month, please feel free to leave a comment about it below; there’s a good chance other readers have experienced the same and may even chime in here with some helpful tips.

Further reading:

Qualys

SANS Internet Storm Center

Ask Woody

ZDNet

from Krebs on Security https://ift.tt/2UupW81
via IFTTT

There May be A Ceiling on Vulnerability Remediation

March 12, 2019 Leave a comment

Most organizations are doing all they can to keep up with the release of vulnerabilities, new research shows.

from Dark Reading: https://ift.tt/2TKbs6Q
via IFTTT

“Ok Google, arregla Android”: la beta de Android Q incluye una opción para enviar sugerencias a Google

March 12, 2019 Leave a comment

Android Q está casi entre nosotros, el próximo postre androide debería estrenarse de forma inminente tras haber sido rooteado incluso antes de aparecer en escena, y aunque muchas han sido las especulaciones alrededor de sus mejoras, poco se conoce a ciencia cierta de la nueva versión de Android que verá la luz tras el verano de 2019. Lo que sí sabemos es que Google ha escuchado las plegarias de todos

Entra en Andro4all para leer el artículo completo

Puedes unirte a nosotros en Twitter, Facebook o en Google+

¡Suscríbete a nuestro canal de YouTube!

Publicado recientemente en Andro4all

from Andro4all https://ift.tt/2Hh5ioX
via IFTTT

Categories: Internet Tags: , ,

Móviles BQ: catálogo completo de 2019 y mejor precio

March 12, 2019 Leave a comment

Pese a no ser la firma con el catálogo más numeroso del panorama móvil, BQ mantiene un abanico de dispositivos variado e interesante a lo largo de todo el año, cuya renovación no se produce hasta que no es estrictamente necesario. Han pasado ya varios meses desde el último lanzamiento de la firma española, y las últimas noticias relacionadas con la compañía fueron las que nos anunciaron el cambio de

Entra en Andro4all para leer el artículo completo

Puedes unirte a nosotros en Twitter, Facebook o en Google+

¡Suscríbete a nuestro canal de YouTube!

Publicado recientemente en Andro4all

from Andro4all https://ift.tt/2Ht4k8s
via IFTTT

Categories: Internet Tags: , ,

Web Apps are Becoming Less Secure

March 12, 2019 Leave a comment

Critical vulnerabilities in web applications tripled in 2018, according to a new study.

from Dark Reading: https://ift.tt/2JbfG3e
via IFTTT

Citrix Breach Underscores Password Perils

March 12, 2019 Leave a comment

Attackers used a short list of passwords to knock on every digital door to find vulnerable systems in the vendor’s network.

from Dark Reading: https://ift.tt/2ChiaY9
via IFTTT