Windows Search Bug Worth Watching, and Squashing

Patches are available—and should be applied—that address a critical vulnerability in Windows Search that some are calling the next WannaCry. Others aren’t so ready to do that.

Link: https://threatpost.com/windows-search-bug-worth-watching-and-squashing/127434/

Windows SMB Zero Day to Be Disclosed During DEF CON

Microsoft has said it will not patch a two-decade-old Windows SMB vulnerability, called SMBloris because it behaves comparably to the Slowloris attacks. The flaw will be disclosed and demonstrated during DEF CON.

Link: https://threatpost.com/windows-smb-zero-day-to-be-disclosed-during-def-con/126927/

Threatpost News Wrap, June 9, 2017

How EternalBlue was ported to Windows 10, a Facebook phishing study, QakBot, and this week’s Apple security announcements are all discussed.

Link: https://threatpost.com/threatpost-news-wrap-june-9-2017/126163/

NSA’s EternalBlue Exploit Ported to Windows 10

Researchers have ported the EternalBlue exploit to Windows 10, meaning that any unpatched version of Windows can be affected by the NSA attack.

Link: https://threatpost.com/nsas-eternalblue-exploit-ported-to-windows-10/126087/