-->

Wednesday, July 14, 2021

author photo

Technology - Google News


Microsoft Patch Tuesday, July 2021 Edition – Krebs on Security - Krebs on Security

Posted: 14 Jul 2021 03:01 AM PDT

Microsoft today released updates to patch at least 116 security holes in its Windows operating systems and related software. At least four of the vulnerabilities addressed today are under active attack, according to Microsoft.

Thirteen of the security bugs quashed in this month's release earned Microsoft's most-dire "critical" rating, meaning they can be exploited by malware or miscreants to seize remote control over a vulnerable system without any help from users.

Another 103 of the security holes patched this month were flagged as "important," which Microsoft assigns to vulnerabilities "whose exploitation could result in compromise of the confidentiality, integrity, or availability of user data, or of the integrity or availability of processing resources."

Among the critical bugs is of course the official fix for the PrintNightmare print spooler flaw in most versions of Windows (CVE-2021-34527) that prompted Microsoft to rush out a patch for a week ago in response to exploit code for the flaw that got accidentally published online. That patch seems to have caused a number of problems for Windows users. Here's hoping the updated fix resolves some of those issues for readers who've been holding out.

CVE-2021-34448 is a critical remote code execution vulnerability in the scripting engine built into every supported version of Windows — including server versions. Microsoft says this flaw is being exploited in the wild.

Both CVE-2021-33771 and CVE-2021-31979 are elevation of privilege flaws in the Windows kernel. Both are seeing active exploitation, according to Microsoft.

Chad McNaughton, technical community manager at Automox, called attention to CVE-2021-34458, a remote code execution flaw in the deepest areas of the operating system. McNaughton said this vulnerability is likely to be exploited because it is a "low-complexity vulnerability requiring low privileges and no user interaction."

Another concerning critical vulnerability in the July batch is CVE-2021-34494, a dangerous bug in the Windows DNS Server.

"Both core and full installations are affected back to Windows Server 2008, including versions 2004 and 20H2," said Aleks Haugom, also with Automox.

"DNS is used to translate IP addresses to more human-friendly names, so you don't have to remember the jumble of numbers that represents your favorite social media site," Haugom said. "In a Windows Domain environment, Windows DNS Server is critical to business operations and often installed on the domain controller. This vulnerability could be particularly dangerous if not patched promptly."

Microsoft also patched six vulnerabilities in Exchange Server, an email product that has been under siege all year from attackers. Satnam Narang, staff research engineer at Tenable, noted that while Microsoft says two of the Exchange bugs tackled this month (CVE-2021-34473 and CVE-2021-34523) were addressed as part of its security updates from April 2021, both CVEs were somehow omitted from that April release. Translation: If you already applied the bevy of Exchange updates Microsoft made available in April, your Exchange systems have protection against these flaws.

Other products that got patches today include Microsoft Office, Bing, SharePoint Server, Internet Explorer, and Visual Studio. The SANS Internet Storm Center as always has a nice visual breakdown of all the patches by severity.

Adobe also issued security updates today for Adobe Acrobat and Reader, as well as Dimension, Illustrator, Framemaker and Adobe Bridge.

Chrome and Firefox also recently have shipped important security updates, so if you haven't done so recently take a moment to save your tabs/work, completely close out and restart the browser, which should apply any pending updates.

The usual disclaimer:

Before you update with this month's patch batch, please make sure you have backed up your system and/or important files. It's not uncommon for Windows updates to hose one's system or prevent it from booting properly, and some updates even have been known to erase or corrupt files.

So do yourself a favor and backup before installing any patches. Windows 10 even has some built-in tools to help you do that, either on a per-file/folder basis or by making a complete and bootable copy of your hard drive all at once.

And if you wish to ensure Windows has been set to pause updating so you can back up your files and/or system before the operating system decides to reboot and install patches on its own schedule, see this guide.

As always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there's a better-than-even chance other readers have experienced the same and may chime in here with some helpful tips. Also, check out AskWoody, which keeps a close eye out for specific patches that may be causing problems for users.

Adblock test (Why?)

Someone Thinks They've Resolved Nintendo's Joy-Con Drift Problem With An Incredibly Simple Fix - Nintendo Life

Posted: 13 Jul 2021 07:25 PM PDT

Switch Joy Con© Nintendo Life

If you're desperate to salvage those drifting Nintendo Switch Joy-Con, have watched all the videos online (including our own), and still haven't had any luck, then why not try this new fix that's surfaced on YouTube, which is claiming to have solved Joy-Con drift problems once and for all.

VK's Channel on YouTube identified how the Joy-Con realigns when pressure is applied to the surrounding area of the analog stick - therefore increasing pressure within the Joy-Con (which loosens over time) makes the drift disappear.

Surprisingly, this fix doesn't require any serious technical know-how, but you will need the right tools. All you have to do is open the case and insert a small piece of paper or cardboard (around 1mm) where the analog is located. Yes - it's that simple. It's further explained how the prongs inside the controller lose contact with the pads over time and the paper fills the gap and restores pressure.

The YouTuber also notes how their own drifting Joy-Con have been working fine for around two months now, and that the same fix can be applied to the Nintendo Switch Lite. Skip to 5:55 in the video to see the fix and get the full rundown:

Keep in mind, inserting things into your controllers (even pieces of paper) is at your own risk, and will likely void any warranty. Will you be giving this incredibly simple fix a go? Leave a comment below and tell us if you've had any luck with this fix yourself.

Adblock test (Why?)

MagSafe Battery Pack suggests that iPhone 12 is indeed capable of reverse wireless charging - 9to5Mac

Posted: 13 Jul 2021 03:09 PM PDT

Apple unexpectedly introduced on Tuesday a new MagSafe Battery Pack, which is basically an official power bank for the iPhone 12 lineup. The accessory, which is now available to order from Apple's online store, seems to confirm a long-standing rumor about iPhone 12 being capable of reverse wireless charging.

How it works

Just as the name suggests, Apple's MagSafe Battery Pack is based on the new MagSafe standard, which was introduced last year with iPhone 12. It combines magnets with NFC technology to not only perfectly attach accessories to the back of the iPhone, but also to recharge the iPhone with fast inductive charging.

Instead of having to plug in a cable or connect it to the iPhone via Lightning, all you need to do is place the MagSafe Battery Pack on the back of the iPhone to use the external battery. There are already other similar MagSafe compatible accessories available on the market, but customers can now have an official solution from Apple.

In a support article published earlier today, Apple says that users can recharge the MagSafe Battery Pack's internal battery through a built-in Lightning connector. This can be done whether the accessory is connected to the iPhone or not:

If both your iPhone and MagSafe Battery Pack need to be charged, you can charge them at the same time. Attach your MagSafe Battery Pack to your iPhone and then plug the MagSafe Battery Pack into a power adapter.

However, the same article reveals that there's another way to recharge the MagSafe Battery Pack, and that's by using reverse wireless charging.

Reverse wireless charging

Apple doesn't explicitly say that there's a reverse wireless charging technology behind the MagSafe Battery Pack and the iPhone 12, but this is strongly suggested where Apple mentions that you can plug the Lightning cable into the iPhone, and then it will send power to the external battery through the MagSafe:

You can also charge both if you attach your MagSafe Battery Pack to your iPhone, then plug your iPhone into a power source. You might want to charge this way if you need to connect your iPhone to another device while charging, like if you're using wired CarPlay or transferring photos to a Mac.

For those unfamiliar, reverse wireless charging is a technology that allows users to not only recharge a phone with a wireless charger, but also use the device to recharge an accessory or even other devices by placing it on the back of the phone.

Rumors and what's Next

Back in 2019, rumors suggested that the iPhone 11 would come with this feature, so users would be able to recharge AirPods or even Apple Watch using just the iPhone. While this was never announced by Apple, iFixit found a new board that could be related to reverse wireless charging.

Following the iPhone 12 announcement, FCC filings revealed that the current generation iPhone does indeed support reverse wireless charging, but Apple never mentioned anything about it — which led us to believe that perhaps the feature has been delayed for another year.

However, it seems that Apple has finally decided to enable reverse wireless charging on the iPhone 12 lineup with the new MagSafe Battery Pack. Of course, that leaves us with several other questions. Why has this never been announced before? Will Apple use this technology only for its own accessories?

While we don't have the answers to that, it's not hard to imagine that Apple wanted to ensure that the technology only works with certified accessories. Perhaps future generations of AirPods and Apple Watch will work with reverse wireless charging, but the same cannot be said about current accessories. Keep in mind that this is just speculation.

9to5Mac has reached out to Apple for further clarification on reverse wireless charging, but the company has yet to give us a response.

Check out 9to5Mac on YouTube for more Apple news:

Adblock test (Why?)

This post have 0 komentar


EmoticonEmoticon

Next article Next Post
Previous article Previous Post