• MS 2021 wrap up with 64 patches

    From August Abolins@1:396/45.29 to All on Sat Mar 5 20:37:00 2022
    Microsoft wraps up 2021 with 64 patched vulnerabilities-
    including Windows 7 fixes

    https://news.sophos.com/en-us/2021/12/14/microsoft-wraps-up- 2021-with-64-patched-vulnerabilities-including-windows-7-fixes/

    I found this comment somewhat amusing yet disconcerting:

    "fixes apply to versions of Windows stretching the way back to
    the end-of-life'd Windows 7. In fact, there are 17 bugs being
    patched in Windows 7 this month"

    WRT Win7, "vulnerability in Windows' Encrypted File System
    (EFS) that also extends back to Windows 7 (CVE-2021-43217)-one
    that can be triggered regardless of whether or not EFS is in
    use on the targeted system. A specially-crafted attack could
    result in a buffer overflow write to memory that could result
    in unauthenticated code being executed by triggering EFS. This
    bug has been publicly disclosed, making it an urgent fix."

    The EFS exploit sounds a bit worrisome since "the problem" can
    be triggered even when EFS is not even in use. I *was*
    thinking of trying it a while back though.


    --- OpenXP 5.0.51
    * Origin: (1:396/45.29)