+20Hello fellow Community -
A recent Windows vulnerability was found giving an attacker the ability to uninstall Windows updates, including those updates which have patched other known vulnerabilities. This is real bad. Well, all found vulnerabilities are bad, but this one really isn't good. You can read more about it below:
+21😮 wow that is quite the vulnerability. Very interesting read and going to take a look in to it more.
+20Same..trying to wrap my brain around it. From the article:
"SafeBreach security researcher Alon Leviev discovered that the Windows update process could be compromised to downgrade critical OS components, including dynamic link libraries (DLLs) and the NT Kernel. Even though all of these components were now out of date, when checking with Windows Update, the OS reported that it was fully updated, with recovery and scanning tools unable to detect any issues....
As a result, I was able to make a fully patched Windows machine susceptible to thousands of past vulnerabilities, turning fixed vulnerabilities into zero-days and making the term "fully patched" meaningless on any Windows machine in the world. "😳😧😭
+10Holy Buckets.
+20Holy Buckets.
Indeed...and no mitigating MS update yet. Only a couple security advisories which may or may not help prevent an attack.
+10This underscores a need for a data pipeline of activity such as monitoring for uninstallation of updates. Wow. thanks for sharing
+20Good point Rick 👍🏻
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
