Register    Login    Search    Articles & downloads     Who We Are    Donate    Jaylach Free Sites

Board index » Technical Forums » Security




Post new topic Reply to topic  [ 55 posts ]  Go to page Previous  1, 2, 3
Author Message
 Post Posted: Wed Jan 17, 2018 7:08 pm 
Offline
Resident Geekazoid Administrator
User avatar

Joined: Wed Mar 21, 2012 5:09 am
Posts: 9438
Location: The state of confusion; I just use Wyoming for mail.
Since there has been another post by BB since my last on JavaScript I'm going to post again instead of editing the previous.

JavaScript is benign Pete. I think that the blocker is probably blocking Java instead. Simplest way to block Java is to just not install their runtime package. Java is a security issue, JavaScript is not. Shoot, JavaScript does not even include the ability to access your hard drive nor can JavaScript access a data base. The only real possibility of JavaScript being an issue is that it would be possible to write JavaScript code that would access a malicious site. Even that would be a waste of effort for the bad guys as you could do it easier with plain old HTML.

LOL! :mrgreen: Before this is argued please remember that, while not much currently, I have done extensive site coding. Shoot, I pretty much totally re-wrote the template code for these forums to give the current appearance. A large portion of this re-write was in JavaScript. ;)

@ Doddie:
Doddie wrote:
Fyi, since installing KB4056894 on 6th January I've had two BSOD, that's two more than I've had since i re-installed Windows 7 on 14th July.

I sort of hate to even bring up this can of worms but some things I read make me wonder... I don't like some of the directions Microsoft is going. Nothing that I could prove but I have to wonder if Microsoft is causing issues with Windows 7 by design trying to promote the continued move to Windows 10...

_________________
Image
Free sites from jaylach.com
I NEVER forget... I just remember late.


Top 
 Profile  
Reply with quote  
 Post Posted: Wed Jan 17, 2018 7:19 pm 
Offline
welcoming committee
User avatar

Joined: Sun Jan 13, 2013 4:13 pm
Posts: 1723
Location: Dunedin, Alba.
jaylach wrote:
Since there has been another post by BB since my last on JavaScript I'm going to post again instead of editing the previous...

Okay, this is now driving me nuts... I've never fully understood what it meant, BUT who or what is "BB"??... i don't see the mystical post above and the mystical poster doesn't actually appear to have posted or have a profile yet he/she continues to be referenced???


Top 
 Profile  
Reply with quote  
 Post Posted: Wed Jan 17, 2018 7:38 pm 
Offline
welcoming committee
User avatar

Joined: Sun Jan 13, 2013 4:13 pm
Posts: 1723
Location: Dunedin, Alba.
jaylach wrote:
I sort of hate to even bring up this can of worms but some things I read make me wonder... I don't like some of the directions Microsoft is going. Nothing that I could prove but I have to wonder if Microsoft is causing issues with Windows 7 by design trying to promote the continued move to Windows 10...


I don't like many things Microsoft do, over the years they've done nothing but infuriate me with many of their decisions (i use that word loosely)... it's almost as if they are hell bent on ruining their business model at times, i mean could you imagine what Windows would look like today if only they'd listened to their users after they moved on from Win95... of course, Microsoft doesn't work like that... they pretended they did, under Bill Gates they gave the appearance they did... the current crop of management though are hell bent on one thing only though, maximizing profits at the expense of the user... it sucks, its wrong, it'll hurt them in the long run.

It's all the more surprising when you drill... err, yawn... down into where Microsoft actually make all their money, it's surprisingly little from the Windows Operating System... you'd think that would make it less likely that ego's would be running the shop, but apparently not.

Microsoft when they first started weren't profit driven, it was all about numbers of users... that's my understanding of the OS business back in the 80's and 90's, you got the numbers and the profit followed.

We are where we are, bean counters counting the cents/pennies... it's no wonder we get what we pay for.

I don't necessarily blame Microsoft for that because the world has become a culture of everything for as little effort these days, Microsoft if they really wanted too could push back and give the consumer what they want but it'll never happen because there are too many people in that organisation wanting fat cheques for no effort.

I won't hold my breath and i won't be silent.


Top 
 Profile  
Reply with quote  
 Post Posted: Sat Feb 03, 2018 3:39 pm 
Offline
welcoming committee
User avatar

Joined: Sun Jan 13, 2013 4:13 pm
Posts: 1723
Location: Dunedin, Alba.
As sure as night follows day, so it begins:

Quote:
Earlier this month, three major chip manufacturers announced that vulnerabilities known as Meltdown and Spectre (CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754) affected processors deployed in millions of devices.

For the past year or so, FortiGuard Labs has been tracking the efforts of cybercriminals to develop new attacks designed to exploit known vulnerabilities. As detailed in our Fortinet Threat Report for Q2 of 2017, a full 90% of organizations recorded exploits for vulnerabilities that were three or more years old. Even 10+ years after a flaw’s release, 60% of firms still see related attacks.

The rate at which the cybercriminal community is targeting known vulnerabilities is clearly accelerating, with the WannaCry and NotPetya exploits serving as perfect examples of the need to patch vulnerable systems as soon as possible. Which is why our concerns were raised when we recently learned about some of the largest vulnerabilities ever reported – ones that affect virtually every processor developed since 1995 by chip manufacturers Intel, AMD, and ARM.

We aren’t the only ones concerned. Others in the cybersecurity community have clearly taken notice, because between January 7 and January 22 the research team at AV-Test discovered 119 new samples associated with these vulnerabilities. FortiGuard Labs has analyzed all of the publicly available samples, representing about 83 percent of all the samples that have been collected, and determined that they were all based on proof of concept code. The other 17 percent may have not been shared publicly because they were either under NDA or were unavailable for reasons unknown to us...
Full article: https://blog.fortinet.com/2018/01/30/th ... nd-spectre


Top 
 Profile  
Reply with quote  
 Post Posted: Sun Mar 04, 2018 7:15 pm 
Offline
welcoming committee
User avatar

Joined: Sun Mar 04, 2018 5:26 pm
Posts: 54
Location: Upstate NY
jaylach wrote:
I'm not going to run out and buy it either. When I used NOD32 I got it free through being an MS MVP.

Should you ever be interested in trying ESET again, Aryeh has made it available to rMVPs.

Regarding Spectre & Meltdown, see the Windows Experience Blog article for "Additional steps being taken to address Spectre and Meltdown vulnerabilities" and "Antivirus (AV) Software Compatibility".Update on Spectre and Meltdown security updates for Windows devices.

Also see KB4090007, Intel microcode updates

_________________
Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.


Top 
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
 
Post new topic Reply to topic  [ 55 posts ]  Go to page Previous  1, 2, 3

Board index » Technical Forums » Security


Who is online

Registered users: No registered users

 
 

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:

Similar topics


Jump to:  

cron