Category: Systems and procedures

Microsoft released the January cumulative update KB4528760 for Windows 10 users a couple of days ago. The update introduced a few important security fixes alongside other improvements. However, as is the case with the most Windows 10 Cumulative updates, KB4528760 is not without flaw.

A number of users are now reporting installation issues while trying to install Microsoft’s latest cumulative update, KB4528760. At the time of writing, PCs running Windows 10 May 2019 Update and Windows 10 November 2019 Update are affected. In other words, the installation issue is limited to users running the Windows 10 May 2019 Update or Windows 10 November 2019 Update.

“Can’t update, getting an “We could not complete the install because an update service was shutting down” error,” a user wrote on Reddit.

“There were problems installing some updates, but we’ll try again later. 2020-01 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB4528760) – Error 0x800f0988. Troubleshooter, sfc, dism don’t fix error,” another user said.

A few Twitter users also corroborated the same story. “Ah, apparently KB4528760 is having issues with downloading, so I wouldn’t bother with it for right now. It failed on my PC as well,” a user wrote on Twitter.

However, this is not an officially recognized bug, which means Microsoft is yet to confirm whether it is a bug. Now since it’s not an officially recognized bug, there is no official way of mitigating the issue. On the brighter side, however, except for the installation issues, no other issues have been reported. Also, the issue appears to be limited to a few users only.

How many of you installed the latest cumulative update KB4528760 on your Windows 10 PC? Are you facing any issue after installing the cumulative update? Do sound off in the comments section below.

Less than a day after Microsoft disclosed one of the most critical Windows vulnerabilities ever, a security researcher has demonstrated how attackers can exploit it to cryptographically impersonate any website or server on the Internet.

Researcher Saleem Rashid on Wednesday tweeted images of the video “Never Gonna Give You Up,” by 1980s heartthrob Rick Astley, playing on Github.com and NSA.gov. The digital sleight of hand is known as Rickrolling and is often used as a humorous and benign way to demonstrate serious security flaws. In this case, Rashid’s exploit causes both the Edge and Chrome browsers to spoof the HTTPS verified websites of Github and the National Security Agency. Brave and other Chrome derivatives, as well as Internet Explorer, are also likely to fall to the same trick. (There’s no indication Firefox is affected.)

Rashid’s simulated attack exploits CVE-2020-0601, the critical vulnerability that Microsoft patched on Tuesday after receiving a private tipoff from the NSA. As Ars reported, the flaw can completely break certificate validation for websites, software updates, VPNs, and other security-critical computer uses. It affects Windows 10 systems, including server versions Windows Server 2016 and Windows Server 2019. Other versions of Windows are unaffected.

Rashid told me his exploit uses about 100 lines of code but that he could compress it down to 10 lines if he wanted to remove a “few useful tricks” his attack has. While there are constraints and several potentially difficult requirements in getting the exploit to work in real-world, adversarial conditions (more about that later), Wednesday’s proof-of-concept attack demonstrates why the NSA assesses the vulnerability as “severe” and said sophisticated hackers could understand how to exploit it “quickly.”

“Fairly terrifying”

Other researchers shared the NSA’s sense of urgency.

“What Saleem just demonstrated is: with [a short] script you can generate a cert for any website, and it’s fully trusted on IE and Edge with just the default settings for Windows,” Kenn White, a researcher and security principal at MongoDB, said. That’s fairly horrifying. It affects VPN gateways, VoIP, basically anything that uses network communications.” (I spoke with White before Rashid had demonstrated the attack against Chrome.)

The flaw involves the way the new versions of Windows check the validity of certificates that use elliptic-curve cryptography. While the vulnerable Windows versions check three ECC parameters, they fail to verify a fourth, crucial one, which is known as a base point generator and is often represented in algorithms as G’. This failure is a result of Microsoft’s implementation of ECC rather than any flaw or weakness in the ECC algorithms themselves.

Attackers can exploit the flaw by extracting the public key of a root certificate that ships by default in Windows. These certificates are described as root because they belong to big certificate authorities that either issue their own TLS certificates or validate intermediate certificate authorities that sell certificates on the root CA’s behalf. Any root certificate will work, as long as it’s signed with an ECC algorithm. Rashid’s attack started with a root certificate from Sectigo, the Internet’s biggest CA, which previously used the name Comodo. The researcher later modified his attack to use a GlobalSign root certificate. His code made the switch automatic.

The attacker examines the specific ECC algorithm used to generate the root-certificate public key and proceeds to craft a private key that copies all of the certificate parameters for that algorithm except for the point generator. Because vulnerable Windows versions fail to check that parameter, they accept the private key as valid. With that, the attacker has spoofed a Windows-trusted root certificate that can be used to mint any individual certificate used for authentication of websites, software, and other sensitive properties.

The behavior is tantamount to a law enforcement officer who checks someone’s ID to make sure it properly describes the person’s height, address, birthday, and face but fails to notice that the weight is listed as 250 pounds when the person clearly weighs less than half that.

“It’s such a strange bug, because it’s like they’re only halfway checking something that is at the root of the entire trust system,” White said. “It’s a core part of the whole chain of trust.”

For more detailed technical explanations of the bug, see posts here and here, and the Twitter thread here.

The caveats

As noted earlier, there are several requirements and constraints that significantly raise the bar for Rashid’s attack to work in real-world uses by an adversary. The first is that it most likely requires an active man-in-the-middle attack. These types of attacks, which modify data as it passes through networks, may be difficult to carry out. An alternative to an active MitM is to convince a target to click on a fake URL. This method is much easier, but it also requires some targeting. (It wouldn’t apply to attacks against websites or other servers that require a certificate from the connecting client.)

The exploit also requires that the target has recently visited a site with a transport layer security certificate that’s chained to an ECC-signed root certificate. That’s because the root certificate must already be cached by the targeted system. In the event a targeted system doesn’t have the root certificate cached, Rashid said, an attacker could still pull off an exploit by adding JavaScript that accesses a site chained to the root certificate.

Another constraint: Chrome uses a mechanism known as certificate pinning for google.com and a variety of other sensitive websites. Pinning requires that the certificate authenticating a website contain a specific cryptographic hash, even if the certificate offered is otherwise valid. This measure would prevent exploits from working when they spoofed protected sites.

While installing Tuesday’s patch by Microsoft is by far the only reasonable way to prevent attacks, a Google representative said Chrome developers have already distributed a fix in a beta version and will fold the fix into stable versions soon. A word of caution: even with this fix, users of vulnerable Windows versions will still face considerable risk from other attack scenarios.

A matter of time

Despite the requirements and limitations, the vulnerability is serious. As NSA officials put it in the above-linked advisory:

The vulnerability places Windows endpoints at risk to a broad range of exploitation vectors. NSA assesses the vulnerability to be severe and that sophisticated cyber actors will understand the underlying flaw very quickly and, if exploited, would render the previously mentioned platforms as fundamentally vulnerable. The consequences of not patching the vulnerability are severe and widespread. Remote exploitation tools will likely be made quickly and widely available. Rapid adoption of the patch is the only known mitigation at this time and should be the primary focus for all network owners.

The vulnerability may not pose as extreme a threat as those caused by the Heartbleed flaw in 2014 that allowed attackers to steal private keys, passwords, and other highly sensitive data from hundreds of thousands of vulnerable sites. But because of the breadth of security measures foiled by the Microsoft vulnerability, it’s worse even than Apple’s critical goto fail flaw, which prevented iOS and macOS systems from detecting invalid TLS certificates served by websites. That makes CVE-2020-0601 one of the most severe vulnerabilities in recent memory.

Windows’ automatic update mechanism is likely to have patched vulnerable systems already. For anyone else, fixes for various vulnerable version are available here. Readers who haven’t patched yet should do so immediately.

Windows 10 is a decent operating system now, but it’s had its issues over the years. Early releases spied on users, then in a bid to increase market share, Microsoft began forcing Windows 10 onto people, often against their will.

The twice yearly feature update process has meant we’ve seen rushed, buggy releases screwing up systems too, undermining people’s faith in the OS. Is it time to move away from Windows 10, and start afresh with Windows 11?

Serial concept creator Avdan has given us his vision of Windows 11 in the past, but now there’s a new design from the Hacker 34.

This imagining of Windows 11 gives us a brand new Start menu that Windows 7 users are likely to appreciate. It’s clean, and does away with Windows 10’s tiled design, but not everyone will like the Recommended panel, which suggests other apps people might like to install.

The smaller Action Center meets my approval though, and looks much more modern, as does the updated File Explorer which delivers that most wished for feature — tabs!

Borrowing an idea from smartphones, a new Screen Usage page shows how much time you spend on your PC, fluent design runs across the entire operating system in this concept, and dark mode also darkens your wallpaper.

For the nostalgic, the Hacker 34 also includes an XP mode in his creation, which is a fun addition.

Nearly a billion computers around the world run Windows 10. Critics have praised it. Some users love it while others hate it. Some experts estimate that Windows 10 dominates nearly 40% of the desktop OS market, handily surpassing the popularity of Windows 7.

Speaking of, are you still using Windows 7? Microsoft is ending support for the 10-year-old operating system in January. Tap or click to learn how to bring your PC up to date before it’s too late.

Using the slogan “upgrade your world,” Microsoft has described Windows 10 as the “final” version. Instead of replacing the operating system every few years, Windows 10 users have been able to download free updates. With the return of the Start menu and advent of Microsoft Edge, Windows 10 is arguably the best version ever produced.

But Windows 10 isn’t perfect. The last several updates introduced very pretty serious bugs and flaws that broke essential features and left users with the dreaded “Blue Screen of Death.” Tap or click to get the scoop on one of the worst Windows updates and make sure you have the fix.

The operating system also has some quirks that may have sounded great at company meetings, but the vast majority of folks find these choices odd, annoying, and inconvenient. Luckily, you can change many settings to suit your taste.

How can you make your Windows 10 experience even better? Here are a few suggestions.

1. Take control of updates and reboots

Windows is good at installing updates. This process is straightforward and automatic. The bad news is, you usually have to reboot your computer, and you have no idea when a new update will suddenly start downloading.

Be careful. Did you get an email reminding you to update Windows? It’s a scam! Tap or click to learn how cybercriminals are tricking users into a dangerous ransomware trap.

To prevent these unscheduled interruptions, go to your settings menu, and set time parameters. This way, your computer will stop itself from updating during “active hours.”

You can also pause updates altogether, halting them for up to 35 days.

This might impact your security, so you don’t want to go too long. But if you want a short reprieve, go to your Settings menu, choose the Windows Updates field and find Advanced Options. From there, you can toggle the Pause Updates option and switch it to On.

2. Limit Cortana’s interactions

Like other virtual assistants, Cortana is always listening for the wake command. Unfortunately, a flaw in the programming may allow hackers to break into a Windows 10 computer using Cortana’s voice commands, even while it’s locked. Anyone can issue voice commands to Cortana and force it into downloading malicious malware.

You can stop Cortana from putting your data at risk by removing Cortana from your lock screen and teach it to respond only to your voice alone.

Go to the Talk to Cortana option found in your Settings menu.

Under Hey, Cortana, turn the Let Cortana Respond to Hey, Cortana Switch to On.

Next, click the link labeled Learn How I Say Hey Cortana. This will allow you to go through the voice recognition training.

From here, click on the Cortana start button and repeat the six provided phrases. This will get Cortana familiar with your voice.

After the training is complete, you can go back to Cortana in the Settings menu and enable the Try to Respond Only to Me option.

Get better search results:12 expert tips to search Google better, faster, more strategically

3. Change search from Bing to Google (or your preferred search engine)

Bing is set as the default search engine for Microsoft Edge, but that may not sit well with you. Tap or click here for search engines that don’t track you.

So, here’s how you can change things up a bit.

Start by searching Google.com.

Click on the three dots at the top right corner to go to Settings.

Scroll to the bottom and choose View Advanced Settings.

Go down the list until you find the search in the address bar option. Click it and select Add New.

Click on Google and chose Add as Default. Done.

4. Use a PIN as your login

You can lock your computer with a long, convoluted password, or you can reset it to a simple PIN. Your PIN is only four digits long and doesn’t require any complicated parameters such as special characters or mixed case letters. It’s less secure, of course, but a PIN makes unlocking easier.

Setting up your PIN is pretty simple. Go to Settings > Accounts > Sign In Options. From there, click the Add button under PIN. Enter in any PIN of your choice and restart to give it a try.

5. Resize your Start menu like a pro

The start menu acts as the central hub for everything you do on Windows 10. Because of that, its default appearance can seem a little bland. Users have often complained about the size of the start menu, never realizing that this can also be customized.

To fix it, do the Windows drag. Click on the Start menu and move your cursor to the top edge of the icon until it shows as a two-sided arrow. Click, hold, and drag to resize the menu to your preferred size and let go.

You can easily resize your desktop icons, too. Tap or click here for a step-by-step guide.

6. Play DVDs the easy and free way

By now, you’ve probably noticed that Windows 10 won’t play DVDs, and Windows Media Player has been removed. While Microsoft offers an official DVD playback option, this feature costs $15 and seems to have persistent problems.

Fortunately, there’s a better option available that can have you watching DVDs quickly and free of charge: VLC video player. Tap or click here to download it.

Be sure to download the desktop app instead of the Windows Store version, which won’t support DVDs or Blu-Ray discs.

7. Silence all the annoying announcements

Depending on your settings, Windows may start announcing everything you touch with an actual voice. Windows will also record and recite any text that you type into the Cortana Search Box, which may feel excessive.

You may have inadvertently turned on the Narrator feature, which is used by visually impaired users to better navigate the system without having to type.

To turn the Narrator off, you can either repeat the keyboard combination, CTRL + Windows Key + Enter or go to the Narrator settings app and tap Exit. To keep the Narrator from accidentally coming on again, go back to the Settings > General and uncheck the Enable the shortcut to launch Narrator box. Problem solved.