Microsoft wraps up 2021 with 64 patched vulnerabilities-
including Windows 7 fixes
https://news.sophos.com/en-us/2021/12/14/microsoft-wraps-up- 2021-with-64-patched-vulnerabilities-including-windows-7-fixes/
I found this comment somewhat amusing yet disconcerting:
"fixes apply to versions of Windows stretching the way back to
the end-of-life'd Windows 7. In fact, there are 17 bugs being
patched in Windows 7 this month"
WRT Win7, "vulnerability in Windows' Encrypted File System
(EFS) that also extends back to Windows 7 (CVE-2021-43217)-one
that can be triggered regardless of whether or not EFS is in
use on the targeted system. A specially-crafted attack could
result in a buffer overflow write to memory that could result
in unauthenticated code being executed by triggering EFS. This
bug has been publicly disclosed, making it an urgent fix."
The EFS exploit sounds a bit worrisome since "the problem" can
be triggered even when EFS is not even in use. I *was*
thinking of trying it a while back though.
--
../|ug
--- OpenXP 5.0.51
* Origin: (2:221/1.58)
Web-based telnet client
IRC
Email & news access