Windows Search Bug Worth Watching, and Squashing

Patches are available—and should be applied—that address a critical vulnerability in Windows Search that some are calling the next WannaCry. Others aren’t so ready to do that.

Link: https://threatpost.com/windows-search-bug-worth-watching-and-squashing/127434/

Windows SMB Zero Day to Be Disclosed During DEF CON

Microsoft has said it will not patch a two-decade-old Windows SMB vulnerability, called SMBloris because it behaves comparably to the Slowloris attacks. The flaw will be disclosed and demonstrated during DEF CON.

Link: https://threatpost.com/windows-smb-zero-day-to-be-disclosed-during-def-con/126927/

Rare XP Patches Fix Three Remaining Leaked NSA Exploits

Microsoft released patches on Tuesday for unsupported versions of Windows, a decision prompted by three NSA exploits that remained unaddressed from April’s ShadowBrokers leak.

Link: https://threatpost.com/rare-xp-patches-fix-three-remaining-leaked-nsa-exploits/126256/

NSA’s EternalBlue Exploit Ported to Windows 10

Researchers have ported the EternalBlue exploit to Windows 10, meaning that any unpatched version of Windows can be affected by the NSA attack.

Link: https://threatpost.com/nsas-eternalblue-exploit-ported-to-windows-10/126087/