Windows Meltdown-Spectre fix: How to check if your AV is blocking Microsoft patch SAPC Upgrades

by

Windows Meltdown-Spectre fix: How to check if your AV is blocking Microsoft patch

Antivirus firms are gradually adding support for Microsoft’s Windows patch for the Meltdown and Spectre attack methods that affect most modern CPUs.

As Microsoft warned this week, it’s not delivering its January 3 Windows security updates to customers if they’re running third-party antivirus, unless the AV is confirmed to be compatible with it.

Microsoft’s testing found some antivirus products were producing errors by making unsupported calls into Windows kernel memory, resulting in blue screen of death (BSOD) errors.

Third-party Windows antivirus products need to support Microsoft’s security update and set a Windows registry key for customers to receive the update via Windows Update.

To make matters more confusing, only some antivirus vendors are actually doing both, while others require admins to set the registry key themselves, using Microsoft’s instructions. Additionally, some antivirus companies haven’t completed compatibility testing.

Microsoft hasn’t said which antivirus products are compatible beyond its own Windows Defender and Microsoft Security Essentials. However, security researcher Kevin Beaumont has created a public spreadsheet that may help IT admins prepare for installing Microsoft’s mitigations for the attack techniques that affect CPUs from Intel, AMD and Arm, albeit to differing degrees.

windowspatchav.png
Third-party Windows antivirus products need to support Microsoft’s security update and set a Windows registry key for customers to receive the update via Windows Update. Image: Kevin Beaumont

Credit. http://www.zdnet.com/article/windows-meltdown-spectre-fix-how-to-check-if-your-av-is-blocking-microsoft-patch/

Call 210-549-6477 with questions

Refurbished Computers in San Antonio Texas- SAPC Upgrades

by

If you are looking for the best quality Refurbished Computers in San Antonio Texas and surrounding areas like Live Oak, Converse, Windcrest, Selma and Schertz consider SAPC Upgrades for affordable Refurbished Computers.

This reliable Lenovo, for example, is my favorite choice for basic use. Thesrrefurbished computers out last and preform better than the walmart consumer junk. 

 

 

These dell 6530 laptops are workhorses and perform better than any laptop of the same price new.

Dell_E6530

Dell_E6530

  • Intel Core i7 3520M (2.90 GHz)
  • 16 GB Memory 256 GB SSD
  • Windows 10 Pro 64-Bit
  • DVDRW

 

Laptop Repair in San Antonio Texas-SAPC Upgrades

by

If you are looking for the best Laptop Repair in San Antonio Texas and surrounding areas like Live Oak, Converse, Windcrest, Selma and Schertz consider SAPC Upgrades for affordable fair priced Laptop Repair

  • Protecting your DATA is our #1 goal
  • Fair Flat Rate in shop pricing
  • Free Estimates
  • Malwarebytes Authorized Reseller
  • Friendly, honest communication, no “geek-speak”
  • Professional, experienced technician
  • Microsoft Registered Partner
  • Locally owned and operated since 2003
  • We strive to build lasting relationships with our customers

SAPC Upgrades offers many quality computer repair services.

Laptop Repair San Antonio

Laptop Repair

 

  • LCD Repair
  • Laptop Repair
  • Fast Support
  • Honest Estimates
  • Virus Removal
  • Attention To Detail
  • Malware Removal
  • Data Backup
  • Trojan Removal

Computer Repair San Antonio, Texas-SAPC Upgrades

Computer Repair in San Antonio-SAPC Upgrades

by

If you are looking for the best Computer Repair in San Antonio Texas and surrounding areas like Live Oak, Converse, Windcrest, Selma and Schertz consider SAPC Upgrades for affordable fair priced Computer Repair.

  • Protecting your DATA is our #1 goal
  • Fair Flat Rate in shop/remote pricing
  • Free Estimates
  • Malwarebytes Authorized Reseller
  • Friendly, honest communication, no “geek-speak”
  • Professional, experienced technician
  • Microsoft Registered Partner
  • Locally owned and operated since 2003
  • We strive to build lasting relationships with our customers

SAPC Upgrades offers many quality computer repair services.

Dell,HP,Lenovo,Acer,Sony,Toshiba,ASUS

We Service

 

  • LCD Repair
  • Laptop Repair
  • Fast Support
  • Honest Estimates
  • Virus Removal
  • Attention To Detail
  • Malware Removal
  • Data Backup
  • Trojan Removal
  • North East San Antonio
Computer repair San Antonio Texas

Google 5 Star Rating

All You Need to Know About the WannaCrypt Ransomware

by

WannaCrypt is a ransomware program targeting Windows. On Friday, 12 May 2017, a large cyber-attack using it was launched, infecting more than 230,000 computers in 150 countries, demanding ransom payments in the cryptocurrency bitcoin in 28 languages.

 

It was being spread primarily by phishing emails (most commonly links or attachments) and as a worm on unpatched systems.

The attack affected Telefónica and several other large companies in Spain, as well as parts of Britain’s National Health Service, FedEx, Deutsche Bahn and LATAM Airlines. Other targets in at least 99 countries were also reported to have been attacked around the same time.

WannaCry is believed to use the EternalBlue exploit, which was developed by the U.S. National Security Agency (NSA) to attack computers running Microsoft Windows operating systems. Although a patch to remove the underlying vulnerability for supported systems (Windows Vista and later operating systems) had been issued on 14 March 2017, delays in applying security updates and lack of support by Microsoft of legacy versions of Windows left many users vulnerable. Due to the scale of the attack, to deal with the unsupported Windows systems and to contain the spread of the ransomware, Microsoft has taken the unusual step of releasing updates for all older unsupported operating systems from Windows XP onwards.

Shortly after the attack began, a researcher found an effective kill switch, which prevented many new infections and allowed time to patch systems. This significantly slowed the spread. It was later reported that new versions that lack the kill switch were detected. Cyber security experts also warn of a second wave of the attack due to such variants and the beginning of the new workweek.

As always, be sure your Windows is up to date. XP users should consider upgrading where possible. The vulnerabilities for that operating system will not go away. Don’t click links in an email. Don’t open file attachments.

And, our longest running advice; back up regularly. You can back up to the cloud, or another drive. Programs like Macrium Reflect can Image your drive essentially restoring everything at any time.

Animated Map of How Tens of Thousands of Computers Were Infected With Ransomware

by

https://www.nytimes.com/interactive/2017/05/12/world/europe/wannacry-ransomware-map.html

SPECIAL BULLETIN

by

SPECIAL BULLETIN
Malwarebytes www.malwarebytes.com

Dear ,

A massive ransomware attack spread across the globe today, locking up thousands of hospital, telecommunications, and utilities systems in nearly 100 countries. The attack used data stolen from the NSA to exploit vulnerabilities in Microsoft Windows and deliver the WanaCrypt0r ransomware. The demand was for $300 per PC.

While the ransomware was first detected wreaking havoc in emergency rooms and doctors’ offices in the UK, the infection quickly spread worldwide, including to the US.

We’re alerting you to reassure you that if you’re currently using the premium version (or the premium trial) of Malwarebytes with real-time protection turned on, you are protected from this threat. Our premium technology blocks the WanaCrypt0r ransomware before it can encrypt your files. (The free version of Malwarebytes, however, does not protect you against WanaCrypt0r. To see which version you have, open up your Malwarebytes software and look for the version name at the top of the window.) Learn more about Malwarebytes

If you’re not currently using the premium version of Malwarebytes, we recommend that you update your Microsoft Windows software immediately. Microsoft released a patch for this vulnerability in March, but many users haven’t updated, leaving their computers open to this attack.

Here at Malwarebytes, we pledge to keep you protected and informed about the latest issues. Your peace of mind is our number one priority.

Sincerely,

The Malwarebytes team
P.S. Learn more about this threat here.

Government cracks down on tech support scam

by

The scams tricked people into thinking they had viruses and malware and charged them for unnecessary repairs.

Beware any tech support ads that pop up on your computer.

The Federal Trade Commission, along with federal, state and international law enforcement agencies, said on Friday they caught several scam artists who bilked money out of victims through a tech support scheme.

The scam worked like this: An advertisement designed to look like a security alert would pop up on your computer to warn of a virus or malware, directing the user to call a toll-free number. Some of the messages even included a countdown clock.

Once the person called the number, they were connected to telemarketers claiming to work with well-known companies like Apple or Microsoft. These telemarketers would ask for remote access to the computer and discover a large number of problems (that weren’t really there). They would ultimately charge the user hundreds of dollars for unnecessary repairs.

“Tech support scams prey on people’s fear of losing important work, family photos or sensitive identification information,” said Florida Attorney General Pam Bondi in a statement.

The FTC crackdown nabbed people in Ohio, Alabama, Florida and Colorado.

Source https://www.cnet.com/news/government-ftc-federal-cracks-down-on-tech-support-scam/

Massive Global Ransomware Attack Underway, Patch Available

by

This is a public service security announcement for all users of computers running any version of Windows.

We have confirmed that a serious virulent ransomware threat known as WannaCrypt0r/WannaCry has affected Windows computers on shared networks in at least 74 countries worldwide, with 57,000 reported individual cases being affected. And according to the analysis team at Kaspersky Lab, that number is growing fast.

Once one computer on a network is affected, the malware infection easily spreads to other Windows computers on the same network, shutting down entire government agencies and national infrastructure companies. Hospitals across the UK were being forced to divert patients and ambulance routes as of Friday afternoon, and several utility companies across Europe reported infection across their computer networks according to BBC News.

What Is Ransomware?

Ransomware is a kind of malicious script or software that installs itself on your computer without your knowledge. Once it’s installed and running, it will lock down your system and won’t allow you to access any files or programs on that computer. Usually, as in this current WannaCry exploit, it will alert you to the lockdown with an impossible-to-ignore pop-up screen which informs you that your computer is being held for ransom. To unlock your system and regain access to the computer being held hostage, the lock screen informs you that you must purchase an unlock tool or decryption key from the hacker.

Where Did This Threat Originate?

In this case, Microsoft has been aware of the vulnerability since March 2017, when it published a Security Bulletin covering the potential risk. According to the Spanish newspaper El Mundo, early indicators seem to point to the attack originating in China, but more information is needed.

How Can You Tell If Your Computer Is Infected?

The most obvious way to tell if your computer has been affected is if you are seeing a ransomware pop-up screen when you start up your computer. But because we don’t know how long the malware sits on your computer or network, not seeing this pop-up isn’t necessarily an indication that you haven’t been infected. The bottom line: if your Windows computer has connected to a shared network, such as those found in schools, public places, cafes and businesses, and you don’t have complete control over every computer on that network and haven’t been keeping Windows up-to-date, your computer may be infected.

How to Protect Yourself From the Vulnerability

According to Microsoft a fix for this vulnerability was released on March 14th for all affected versions of Windows. If you are running Windows and have automatic updates enabled you should be okay. If you don’t and haven’t updated recently you should update to the most recently released version immediately. It is important to note that unsupported versions of Windows, like XP, did not receive this security update. Those systems should either be isolated or shut down.

Please pass this along to your friends and family. Those that are less technical may not have updates auto-enabled, and may need a helping hand updating their operating system.

Massive Ransomware attack going worldwide.

by

Massive Ransomware Outbreak

We have an update on this outbreak here. The ransomware is using an NSA exploit leaked by The Shadow Brokers, and has made tens of thousands of victims worldwide, including the Russian Interior Ministry, Chinese universities, Hungarian telcos, FedEx branches, and more. Original article below.

A ransomware outbreak is wreaking havoc all over the world, but especially in Spain, where Telefonica — one of the country’s biggest telecommunications companies — has fallen victim, and its IT staff is desperately telling employees to shut down computers and VPN connections in order to limit the ransomware’s reach.

The culprit for these attacks is v2.0 of the WCry ransomware, also known as WannaCry or WanaCrypt0r ransomware. For those affected, you can discuss this ransomware and receive support in the dedicated WanaCrypt0r & Wana Decrypt0r Help & Support Topic.

WCry ransomware explodes in massive distribution wave

Version 1.0 of this ransomware was discovered by Malwarebytes researcher S!Ri on February 10 and then spotted in a brief campaign on March 25 by GData security researcher Karsten Hahn.

Version 2.0 was detected for the first time around four hours ago by independent security researcher MalwareHunter. The security researcher says the ransomware came out of nowhere and started spreading like wildfire.

In these first four hours, WCry 2.0 made more victims than Jaff, a ransomware spotted this week distributed via the Necurs botnet, the former home of the Locky ransomware. In numbers, in just four hours WCry made 1.5 times more victims than Jaff did all week.

Currently, researchers weren’t able to pinpoint the exact origin of the WCry distribution campaign. At the moment, it could be from malvertising, exploit kits, email spam, or hand-cranked RDP attacks.

Source  https://www.bleepingcomputer.com/news/security/telefonica-tells-employees-to-shut-down-computers-amid-massive-ransomware-outbreak/