Patch Tuesday for 1/14/2020: PATCH NOW!!!
BartSimpson @ Mon Jan 13, 2020 3:51 pm
DoD is sending alerts that tomorrow's Microsoft patch must be applied ASAP...some special defense groups have already received and applied it.
What's at stake here is there is a massive exploit in the crypt32.dll file and there is the potential for adversaries to read all of your encrypted traffic, purloin your entire certificate library, and more or less ruin your day.
So apply that friggin' patch ASAP!!! 
xerxes @ Mon Jan 13, 2020 4:27 pm
DrCaleb @ Tue Jan 14, 2020 6:44 am
Yea, flaws in Crypt32.dll that handles all the crypographic APIs.
Or, you could just install Linux. 
BartSimpson @ Tue Jan 14, 2020 12:31 pm
The patch is labeled CVE-2020-0601 and this needs to be patched RIGHT THE FUCK NOW!!!
NSA, FBI, DoD, pretty much everyone is shitting bricks over this one.
Long and short is Windows 10 and Windows Server (anything) is wide open to exploit until you patch.
BartSimpson @ Tue Jan 14, 2020 12:45 pm
Okay: what this exploit does is it allows a hacker/adversary to access your computer or network and manipulate your certificates to make hostile traffic look normal so it can easily transit your firewalls and other protection protocols.
Thanos @ Tue Jan 14, 2020 12:48 pm
Anyone who wants to steal my worthless identity at this stage of my own personal decline & fall is more than welcome to it. Here's hoping that they have better luck at being me than I ever did. 
BartSimpson @ Tue Jan 14, 2020 12:52 pm
Thanos Thanos:
Anyone who wants to steal my worthless identity at this stage of my own personal decline & fall is more than welcome to it. Here's hoping that they have better luck at being me than I ever did.
Dude, 2020 is going to be a great year for you! I'm sure of it!
![[B-o]](./images/smilies/drinkup.gif "Drink up")
Thanos @ Tue Jan 14, 2020 1:01 pm
Thanks, but there's a lifetime of evidence firmly pointing to the contrary.
Tricks @ Tue Jan 14, 2020 5:42 pm
Excellent. Something else for companies to not patch and me to exploit.
CharlesAnthony @ Tue Jan 14, 2020 6:17 pm
BartSimpson BartSimpson:
Okay: what this exploit does is it allows a hacker/adversary to access your computer or network and manipulate your certificates to make hostile traffic look normal so it can easily transit your firewalls and other protection protocols.
Yeah........ can you explain the part where DoDd gives a shit about little old me????
herbie @ Wed Jan 15, 2020 10:47 am
Windows has been checking for updates for 3 days solid.
Downloaded the patch directly yesterday, it's been 'checking for installed updates' since 6 last night.
Updated a customer's laptop yesterday to Win 10, it fails checking for updates.
WTF did Msoft crash?
DrCaleb @ Wed Jan 15, 2020 10:53 am
herbie @ Wed Jan 15, 2020 11:25 am
Sorry Doc, I'm a Debian fan....
Thanos @ Wed Jan 15, 2020 11:27 am
Can't we all just throw these evil machines out and go back to talking on the phone, or meeting together for drinks at the golf course? 
DrCaleb @ Wed Jan 15, 2020 11:32 am
Thanos Thanos:
Can't we all just throw these evil machines out and go back to talking on the phone, or meeting together for drinks at the golf course?
I gave up on facebook because instead of my friends coming over for tea (door was always open) they used it instead. They the elections happened, and everyone went mental. I decided to recuse myself, rather than have to show people I love and respect just how idiotic they had become.
But it's not the computer doing it, it's the people manipulating them through the computer.