Windows Updates March 2017

This month’s Patch Tuesday is a “double whammy”. It includes patches that where skipped in February, as well as newly released patches for March 2017.

Microsoft had skipped February’s Patch Tuesday because of a hiccup with one of the updates. The new update model pushes all updates out as a single update, meaning that instead of being able to skip the bad update, all had to be skipped. Rather than releasing the updates later in the month, Microsoft kept the updates back while they worked on a solution.

Updates cover a range of Microsoft Products, including Internet Explorer, Microsoft Edge, Microsoft Office, Microsoft Windows, Adobe Flash Player, and other critical Windows Components.

Of these updates, 8 are marked Critical and can lead to remote code execution. The remaining 9 updates are marked important, and can lead to elevation of privilege and information disclosure.

The vulnerabilities in Internet Explorer and Edge can both be exploited by an attacker who can trick a user into visiting a specially crafted website. There are known exploits for the vulnerability in Internet Explorer so this is especially important to patch.

The vulnerability in Microsoft Graphics Component, which is used by Windows, Office, Skype, and Silverlight, also has a known exploit, and can be exploited by an attacker who can trick a user into visiting a specially crafted website, or by opening a specially crafted document.

Flash Player update is marked as Critical. I recommend uninstalling flash and disabling it in your web browser. Most users will find they do not require flash on their machines. Even if Flash is disabled, the patch will need to be installed.

User of Windows Vista should really be planning an upgrade to a newer operating system sooner rather than later. After this month’s patches, Windows Vista users will only get one more lot of updates before end of support kicks in. This will leave those users running an operating system with un-patched vulnerabilities.

Running the latest software is an important factor in keeping your PC secure.


Installing Updates

  1. On your keyboard, hold the windows key and press R. This will display the run dialog box.
  2. Type in “control update” and press enter
    windows-updates-march-2017
  3. Click “Check for Updates”. This may take some time as Windows Update searches for the latest patches.
  4. Click on Install Updates, update will install, after which Windows will need to restart.

More information regarding patches can be found on the Microsoft Security Bulletin Website.

 

BPAY Secure Document Leads to Malware

A new spam email is doing the rounds, this time bypassing spam filters for several of my email addresses. As per most of these malicious emails, it contains correct logos and appears to come from an official looking email address.

This email claims to be from BPAY. It goes on to advise the recipient that they have received a BPAY payment. The recipient is then required to open the attached “BPAY Secure Document” in order to view the details of said payment.

Upon opening the attachment, the recipient will be prompted to enable content; which in turn will runs a malicious macro.

BPAY Secure Document

The macro downloads and executes another file; htqpu.exe. Analysis of this file indicates a possible link to Trickbot malware. Trickbot, also known as TrickLoader, is a banking Trojan, designed to target credentials for financial institutions.

If you receive any attachment that requires you to enable macros, I recommend deleting the file right away.

Scams can also be reported to ScamWatch via their website.

 

Netflix Survey Scam

Another spam email doing the rounds, this one offering a chance to win one year of free Netflix. This email has the typical feel of a lottery/survey scam spam email.

The email comes across very professional. It uses correct logos, and from other samples I’ve seen, may address the user by name.  This is to push the legitimacy of the email, and entice the user into clicking the link.  Upon clicking the link, you will be required to fill in personal details, which could then be sold off and used for identity fraud, or could be used by the spammer for future spam campaigns.

Always take care when clicking links in emails. And remember: If it seems too good to be true, it probably is.

Sample of the Netflix Survey Scam email and website

nexflix survey scam email
Sample of Netflix spam email
nexflix survey scam website
Sample of the Netflix scam website

For more blog posts, check out our Tech Tips page.

Computer Maintenance & Repairs, Custom Built Computers, Laptops and more.