Microsoft overlooks four Stuxnet zero-day bugs in Patch Tuesday

microsoft issues record number of patches logoDespite a larger than usual Patch Tuesday addressing 13 vulnerabilities yesterday, Microsoft appears to have left out a few vulnerabilities that the Stuxnet worm exploits. First publicized in July attacking vulnerable systems via a Windows shortcut bug, Stuxnet apparently uses four additional zero-day bugs and two stolen digital certificates to game the OS’s escalation of privileges system, according to security researchers at Kaspersky Labs.

Yesterday’s Patch Tuesday was also notable because it included four critical updates for XP. A previously-known Stuxnet-exploit in Windows’ Print Spooler service was part of yesterday’s Patch Tuesday group. The Windows shortcut issue was patched in August.

The latest vulnerability that Stuxnet has been exploiting involves yet another bug in Windows’ Print Spooler service.  This vulnerability affects Windows XP, Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2, according to Microsoft. The attacker can take control of a computer by sending a specially crafted print request to a vulnerable system where the print spooler service is exposed without authentication.

Microsoft rated the hole  “critical” for Windows XP but only “important” for the other supported versions of Windows.

Microsoft will be addressing these isses.

“These are local EoP issues which means that an attacker, in this case Stuxnet, already has permission to run code on the system or has compromised the system through some other means,” wrote Jerry Bryant, group manager of Microsoft’s Response Commuications on the blog.

First reported by security vendor VirusBlokAda, the worm targeted Siemens’ Simatic WinCC and PCS 7 software, which run on industrial control systems. This has minimized the worm outbreak, as most operators separate the control network from business and public networks.

Computing

Think crypto’s dead? JPMorgan to offer first cryptocurrency backed by a U.S. bank

J.P. Morgan Chase is making history by rolling out a trial, over the next few months, of the first cryptocurrency, dubbed JPM Coin, which is backed by a large United States bank.
Computing

These 30 useful apps are absolutely essential for Mac lovers

There are literally hundreds of thousands of great software programs compatible with MacOS, but which should you download? Look no further than our list of the best Mac apps you can find.
Computing

File Transfer Protocol explained: What FTP is and what it does

FTP stands for "File Transfer Protocol," and it's used to transfer files online. Most internet users don't need it, but web developers use it constantly. Here's what FTP is, how it works, and how you can get started using it.
Computing

Windows 7 is still immensely popular. Is it really better than Windows 10?

With the end of support of Windows 7 approaching, have you been holding off on upgrading to Windows 10? In this guide, we give look at some of the biggest differences between the most popular operating systems.
Gaming

Need help getting the Sleeper Simulant in 'Destiny 2'? We’ve got you covered

The Sleeper Simulant is one of the coolest new Exotic weapons you can unlock in the Warmind expansion of Destiny 2, but it's an involved process that will take awhile. Here's everything you need to know.
Computing

Opera web browser targets enhanced accessibility with major redesign

The browser wars are heating up. In the latest move for Opera, a new development release pushes it even closer to Chrome with a redesign and overall goal of redefining the modern web browser. 
Computing

Breaking: Amazon won’t build headquarters in New York in face of opposition

Amazon has canceled plans for a New York City headquarters afer citizens, civic groups, and politicians pushed back on Governor Andrew Cuomo and New York City Mayor Bill de Blasio's exclamation of economic joy over Amazon's earlier…
Computing

DLSS is finally arriving in games, but how does Nvidia's super-sampling actually work?

Nvidia's new DLSS technology is exciting, but what is it and how does it work? It's not quite anti-aliasing and it's not quite super sampling. It's a little bit of both and the end results can be impressive.
Computing

A new Mac Pro is supposedly coming in 2019, but what will it be like?

Our Mac Pro 2019 rumor roundup covers all the top news, leaks, and rumors about the new Mac Pro set to be announced sometime in 2019. Here's what Apple has said, what the experts think, and what's likely to show up with the new Mac Pro.
Gaming

Take to the virtual skies with these free flight simulators

You don't have to spend the entirety of your paycheck to become a virtual ace, at least when it comes to flight simulation. Our list of the best free flight simulators will let you unleash your inner Maverick.
Gaming

Wage war on a budget with these fun and free first-person shooters

We all know about Halo and Call of Duty by now, but what about quality titles that won't cost you upward of $60? Check out our picks for the best free first-person shooter games from Paladins to Quake Champions.
Computing

Enjoy Windows on a Chromebook with these great tips and tricks

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so in case you're looking to nab some Windows-only software.
Computing

Switch your WMA files for MP3s with our quick conversion tips

The WMA codec may be great when it comes to multi-channel surround sound, but unfortunately, it falters in terms of compatibility. Check out our guide on how to convert WMA files to MP3 via web-based or desktop methods.
Computing

Looking for a new laptop? These 5 notebooks are on sale through Presidents’ Day

If you're ready to ditch your aging notebook, you can score some fantastic Presidents' Day savings right now on Microsoft's Surface Pro 6, Dell's XPS 13, HP's Spectre x360, Lenovo's Yoga C930, and Dell's G5 15 Gaming laptops.