Microsoft Security? Just Super Duper

December 31, 2021

I installed software on one of my test machines. Windows’ Defender tool told me I had malware. Not true. To see what would happen, I clicked the offered Defender button and Windows killed a program from a developer doing business as Chris-PC. Helpful? You bet.

I mention this because I think I am the only person in Harrod’s Creek who believes that the Windows 11 release was a way to distract people from Microsoft’s security challenges. I like words like “challenges” and “misstep” because “dumpster fire” is too colorful and “disaster” has been overused.

What’s up with Microsoft security challenges as we creep toward what will be a banner year for some actors? How about these two news stories?

First, we have “Microsoft Teams Bug Allowing Phishing Unpatched Since March.” The main idea is that nine months have bustled by. Teams users could fall victim to some missteps in Microsoft Teams. The write up states:

German IT security consultancy firm Positive Security’s co-founder Fabian Bräunlein discovered four vulnerabilities leading to Server-Side Request Forgery (SSRF), URL preview spoofing, IP address leak (Android), and denial of service (DoS) dubbed Message of Death (Android). Bräunlein reported the four flaws to the Microsoft Security Response Center (MSRC), which investigates vulnerability reports concerning Microsoft products and services. “The vulnerabilities allow accessing internal Microsoft services, spoofing the link preview, and, for Android users, leaking their IP address and DoS’ing their Teams app/channels,” the researcher said. Out of the four vulnerabilities, Microsoft addressed only the one that attackers could use to gain access to targets’ IP addresses if they use Android devices.

Second, we have “Stealthy BLISTER Malware Slips in Unnoticed on Windows Systems.” I learned:

… Blister, acts as a loader for other malware and appears to be a novel threat that enjoys a low detection rate. The threat actor behind Blister has been relying on multiple techniques to keep their attacks under the radar, the use of code-signing certificates being only one of their tricks.

Nope, let’s block Windows 11 users from installing another browser. Let’s kill Chis-PC software. The path forward is to enter 2022 with the ghost of SolarWinds laughing and the ghosts of Christmas yet to come licking their lips in glee.

Stephen E Arnold, December 31, 2021

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta