Patches are available—and should be applied—that address a critical vulnerability in Windows Search that some are calling the next WannaCry. Others aren’t so ready to do that.
Link: https://threatpost.com/windows-search-bug-worth-watching-and-squashing/127434/
Microsoft has said it will not patch a two-decade-old Windows SMB vulnerability, called SMBloris because it behaves comparably to the Slowloris attacks. The flaw will be disclosed and demonstrated during DEF CON.
Link: https://threatpost.com/windows-smb-zero-day-to-be-disclosed-during-def-con/126927/
How EternalBlue was ported to Windows 10, a Facebook phishing study, QakBot, and this week’s Apple security announcements are all discussed.
Link: https://threatpost.com/threatpost-news-wrap-june-9-2017/126163/
Now that researchers have built a port of EternalBlue to Windows 10, they’ve probably only now caught up to what the NSA has had for a long while.
Link: https://threatpost.com/windows-10-mitigations-make-future-eternalblue-attacks-difficult/126132/
Researchers have ported the EternalBlue exploit to Windows 10, meaning that any unpatched version of Windows can be affected by the NSA attack.
Link: https://threatpost.com/nsas-eternalblue-exploit-ported-to-windows-10/126087/