#Microsoft Release Critical Patch for #Windows10 (Download Link Included)

Windows Update

Windows 10 Critical Patch (Click Here for Download Links)

Windows Update may not automatically install this patch so it is recommended to manually install this update if it doesn’t show in your installed updates.  Please ensure you select the correct version of Windows. To check which version of Windows 10 you’re using follow these instructions:

  • Click “Start”
  • Click “Settings”
  • Click “System”
  • Scroll down and Click “About” than scroll down to find your version

advice.png

——————————————————————————————-

——————————————————————————————-

Microsoft

CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

January 14, 2020

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.

An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider.

A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software.

The security update addresses the vulnerability by ensuring that Windows CryptoAPI completely validates ECC certificates.

SOURCE = Microsoft

——————————————————————————————-

——————————————————————————————-

BBC News

Windows 10: NSA reveals major flaw in Microsoft’s code

Jauary 14, 2020

Microsoft has issued a patch and said it had seen no evidence of the bug being exploited by hackers. The issue was revealed during an NSA press conference. It was not clear how long it had known about it before revealing it to Microsoft. Brian Krebs, the security expert who first reported the revelation, said the software giant had sent the patch to branches of the US military and other high-level users ahead of its wider release.

It was, he wrote, “extraordinarily scary”. The problem exists in a core component of Windows known as crypt32.dll, a program that allows software developers to access various functions, such as digital certificates which are used to sign software. It could, in theory, have allowed a hacker to pass off a piece of malicious software as being entirely legitimate.

SOURCE = BBC News

——————————————————————————————-

——————————————————————————————-

PCWorld

Microsoft, NSA confirm killer Windows 10 bug, but a patch is available

January 14, 2020

As expected, Microsoft did reveal a fundamental flaw in Windows that affected Windows 10’s cryptographic library. January’s Patch Tuesday updates issued today, however, fix the issue, which is specific to Windows 10 and Windows Server. The flaw, CVE-2020-0601, was found in the usermode cryptographic library, CRYPT32.DLL, that affects Windows 10 systems. (Contrary to earlier rumors, it does not affect Windows 7, which coincidentally is being shut down Tuesday as well.) Fortunately, Microsoft reported that the library was not in active use, though that doesn’t prevent an attacker from weaponizing it now that it’s been disclosed.

“Exploitation of the vulnerability allows attackers to defeat trusted network connections and deliver executable code while appearing as legitimately trusted entities,” the NSA said. “Examples where validation of trust may be impacted include:  HTTPS connections, signed files and emails, [and] signed executable code launched as user-mode processes.”

Specifically, the attack could allow malware to hide behind a spoofed cyrptographic signature. Antivirus software could therefore identify malware as legitimate applications, or fake banking sites could use the vulnerability to trick a user’s PC into thinking it was legitimate. Microsoft did not cite the source that reported the vulnerability. The Washington Post had reported that the National Security Agency (NSA) had developed the exploit, then turned it over to Microsoft. The NSA itself took credit for the discovery in a security advisory released Tuesday. Specifically, CVE-2020-0601 will affect Windows 10, according to Microsoft. The NSA believes it will affect Windows Server 2016/2019 as well.

SOURCE = PC World

21 Saudi Military Cadets Deported from America Related to Child Porn and Terrorism

———————————————————————————

US expels 21 Saudi military cadets after gun attack

January 14, 2020

Twenty-one members of the Saudi military are being expelled from the US after a cadet carried out a mass shooting at a air base last month. The servicemen are not accused of aiding the 21-year old Saudi Air Force lieutenant. But US Attorney General William Barr said the cadets were found to have had jihadist material and indecent images of children in their possession. Three sailors were killed and eight wounded in the 6 December attack. Training for Saudi servicemen was put on hold in the US after the attack.

Mr Barr told a news conference on Monday that the shooting at Naval Air Station Pensacola had been an “act of terrorism”. He said he had asked Apple to unlock two iPhones that belonged to the gunman, who was killed by police in the attack. The gunman fired a bullet into one phone in an effort to destroy it, Mr Barr said, but FBI investigators were able to restore the device.

“We have asked Apple for their help in unlocking the shooter’s iPhones,” Mr Barr said.” So far Apple has not given us any substantive assistance.”

Continue reading

America on the warpath with Iran

———————————————————————————————————————-

CNN

US strike that killed Iranian commander starkly divides US lawmakers

January 3, 2020

Washington (CNN)The US airstrike that killed Iran Quds Force commander Qasem Soleimani generated starkly different reactions along party lines Thursday night, with Republicans heaping praise on President Donald Trump and Democrats expressing concerns about the legality and consequences of the attack.

The Pentagon confirmed in a statement that Trump had ordered the strike, saying Soleimani “was actively developing plans to attack American diplomats and service members in Iraq and throughout the region. General Soleimani and his Quds Force were responsible for the deaths of hundreds of American and coalition service members and the wounding of thousands more.”

Continue reading

Happy New Year – 2020

—————————————————————————————————–

Wishing you a Happy New Year for 2020.

4TheRecord is now back, having been inactive for nearly two years. I appologise to those who have missed us but due to other commitments was unable to keep this site up to date.

Today this changes and over the coming weeks I will endeavour to update the site and post new content

Many regards

James Newman
Editor-in-chief
4TheRecord.org

 

Tesla Roadstar begins journey to Mars

LIVE VIDEO

——————————————————————————————————————————

CNN

SpaceX launches Falcon Heavy, the world’s most powerful rocket

February 6, 2018

The pioneering rocket firm just pulled off the unexpected, and carried out what appears to be a seamless first-ever launch of its massive new rocket, called Falcon Heavy. That makes SpaceX, the game-changing company helmed by billionaire Tesla CEO Elon Musk, the owner of the world’s most powerful operational rocket. Falcon Heavy took flight Tuesday around 3:45 pm ET from Kennedy Space Center in Florida. About two and a half minutes after launch, the two side boosters on the rocket detached and headed back to Earth.

Elon-Musk

The pioneering rocket firm just pulled off the unexpected, and carried out what appears to be a seamless first-ever launch of its massive new rocket, called Falcon Heavy. That makes SpaceX, the game-changing company helmed by billionaire Tesla CEO Elon Musk, the owner of the world’s most powerful operational rocket. Falcon Heavy took flight Tuesday around 3:45 pm ET from Kennedy Space Center in Florida. About two and a half minutes after launch, the two side boosters on the rocket detached and headed back to Earth.

Continue reading

Spanish Police Use Violence In An Attempt To Prevent People From Voting In Catalan Referendum

5760.jpg

“Catalonia has ‘won right to statehood'” ~Catalan President

————————————————————————————————————————————–

————————————————————————————————————————————–

BBC News

Catalan referendum: ‘Hundreds hurt’ as police try to stop voters

October 1, 2017

Catalan emergency officials say 761 people have been injured as police used force to try to block voting in Catalonia’s independence referendum. The Spanish government had pledged to stop a poll that was declared illegal by the country’s constitutional court. Police officers prevented some people from voting, and seized ballot papers and boxes at polling stations. In the regional capital Barcelona, police used batons and fired rubber bullets during pro-referendum protests. Speaking soon after the polls closed at 20:00 local time (18:00 GMT), Spanish Prime Minister Mariano Rajoy said Catalans had been fooled into taking part in an illegal vote.

s1.reutersmedia.net.jpg

Continue reading

Windows 10: USB Devices set to sleep by default (How to fix)

Windows 10’s users have been reporting issues regarding USB devices either disconnecting and reconnecting at random or in some cases causing the device to stop working until the computer is restarted. Below is a solution to this issue which has been caused by Microsoft setting the devices to sleep by default.

Step 1

Click on “Start” and type “Power Options” than open it.

Start Menu Power Options 1.png Continue reading