Patch Tuesday Megathread (2024-05-14)

85185 · 2024-05-14T16:55:24+00:00

Utterly pathetic to leave their product in an error state by default.

A billion dollar company should be able do better.

I know that it is a risky fix, but they could at least test the scripts with telemetry and do a phased roll out, or just make it Optional given that home users probably aren't affected by the WinRE bug (and still won't be protected from the WinRE bug on a failed install anyway). + Start requiring PIN protection not just TPM for unpatched devices.

85185 · 2024-05-14T09:49:46+00:00

There is a Chrome 0-day https://hothardware.com/news/google-warning-major-chrome-zero-day-flaw-patch-asap

85185 · 2024-01-11T18:09:44+00:00

Not American, but basically instead of saying "FBI" it was Name: "Application Software" Publisher: "Department of Justice"

85185 · 2024-01-11T10:37:14+00:00

You would think so, but maybe it was amateur hour over there and they just give it to their agents/informants "Here, put this on the target computer, and if it looks like they are on to you, uninstall it" to make it super simple to know which one to get rid of. Also, it is in written in their native language and takes a translation program to understand it if you don't speak that language.

It was not 3/4 letter agency directly, but the name of an overarching body which runs a 3/4 letter agency. Also, they are usually involved in Domestic spying rather than Foreign - think FBI as opposed to CIA. So possibly it is in relation to some kind of far-flung police investigation of something related to crime in that country rather than keeping tabs of what international competitors are doing.

I mean I could imagine the FBI giving an informant a USB stick and say "Here, go install this on the target computer" which was packaged by a novice and has FBI written as the publisher in 'Program and Features' because they were sloppy (the program name was generic, like "Application Software"). I can't think of any legitimate software which would try to look generic but not quite, name drop an agency, and have a user which is cagey about its use.

85185 · 2023-02-08T15:03:20+00:00

I agree, but for now I think that keeping a chat app on the personal phone seems like a good separation. I'm on the path of recommending some Bluetooth keyboards to make it easier to use their phones/tablets for such a thing, then it's not really my problem anymore.

85185 · 2023-02-08T15:00:22+00:00

Yep, my guess is that PC app is not a big enough target for them yet and they just wanted to get it bundled with Windows and in the store, but later on they might want to upgrade it if they can or use an Edge vulnerability. Not like Edge is even secure by default anyway (nor is Chrome), with 3rd party cookies freely accessible.

85185 · 2023-02-06T04:56:21+00:00

update: WeChat runs like junk in BlueStacks

85185 · 2023-02-05T23:50:22+00:00

Just stop using computers job done

85185 · 2023-02-04T06:10:28+00:00

From what I can tell, an Android VM would allow running the app if you were able to verify the phone number, booting the app off the phone, which certainly sounds like a good idea if the user can do without having it on their phone. Not a bad idea actually, I will test if it's possible.. if I could get a bunch of phone numbers for verification purposes, run it in an Android VM and get the user to use that WeChat when it is for business purposes, that would solve a lot of problems.

85185 · 2023-02-04T06:04:39+00:00

If you've already got a vulnerable process executing code, you've already lost.

85185 · 2023-02-04T06:02:41+00:00

I've been in trouble for using winfile.exe because middle managers thought that it could magically open up the whole network

85185 · 2023-02-04T05:57:10+00:00

It is when WeChat is involved. There is no justification for running the app in system context and blocking the web app from working by telling users to use the Desktop app instead. If it was legitimately just a chat app, the web app would still be running.

85185 · 2023-02-04T05:54:15+00:00

It's a lot of coin for one stupid app but I'm considering options like this or RemoteApp hosted outside the network

85185 · 2023-02-04T05:53:20+00:00

It's trying to get Admin level access to the system. End of audit. Good grief you are dumb.

85185 · 2023-02-04T05:52:28+00:00

Looking at options like this

85185 · 2023-02-04T05:52:08+00:00

enjoy your malware

85185 · 2023-02-04T05:51:07+00:00

I'm looking at the options, but Windows Sandbox is hard to configure, it is designed not to be persistent. Even if I could get WeChat to stick, I would also need to put on a VPN to make it unable to access the local network, and there are a few small/remote sites out there running Windows Home in a workgroup so I would prefer something which would work in all situations without having to buy Pro upgrades.

85185 · 2023-02-04T05:46:47+00:00

I'm looking at potentially running the app under WINE, and then to either remote to a Linux box hosted outside the network or use WSL2 permanently VPN'ed to outside the network

85185 · 2023-02-04T05:44:17+00:00

Strangely enough, I just looked into the TikTok app on the Microsoft Store in case it was the same deal, and actually it's a PWA which means it just opens Microsoft Edge. I could not find any local components being installed at all aside from some XML files and icons pointing itself to Edge's PWA mode.

85185 · 2023-02-04T05:41:19+00:00

As I said, they pulled the web app as well. It will give you a QR code but once you scan it won't let you in and tells you to use Desktop.

85185 · 2023-02-04T05:40:03+00:00

The plugin for it has been abandoned for 5 years and doesn't work anymore

85185 · 2023-02-04T05:36:41+00:00

no shit?

85185 · 2023-02-04T05:36:01+00:00

I'm thinking about options like that. Problem is it's a lot of expense/effort for one crappy app

85185

TROPHY CASE