Windows 8

Remote Desktop Services Remote Code Execution Vulnerability Is Found (CVE-2019-0708)

Microsoft has released a fix for a critical Remote Code Execution vulnerability (CVE-2019-0708) in remote desktop services that affects older versions of windows used by many organizations worldwide, most notably in the healthcare and finance sectors, but also others as well.

As this vulnerability is placed at the pre-authentication stage and does not require any user interaction, it would allow an attacker to execute malicious code on the victim’s system. According to Microsoft, in order to exploit this vulnerability, an attacker would have to send a specially tailored request to the target systems’ Remote Desktop Service via RDP

To clarify the potential exploitation of this vulnerability, it’s suspected to show similar methods used by the WannaCry attack in 2017 that caused catastrophic disruption and sabotage to thousands of organizations across all industries worldwide.

What is Affected?

Those using out-of-support systems like Windows 2003, 2007, Windows Server 2008 and Windows XP are at risk from this vulnerability.

Those running Windows 8 and Windows 10 are not affected by this vulnerability due to these later versions incorporating more security updates.

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

Microsoft: Meltdown and Spectre Check via PowerShell

Like many folks around the world, I was wondering if this Meltdown and Spectre flaw would impact my computers and virtual machines.  Microsoft has started to release emergency fixes for Windows 10 and its been said that Windows 8 and legacy 7 will also receive patches.

Microsoft has released a PowerShell script that lets users check whether they have protection in place.

Steps to take:

  1. Open PowerShell (I like to use PowerShell ISE)
  2. Run PowerShell as as Administrator.
  3. Type Install-Module SpeculationControl and press Enter.
  4. When the installation completes, type Import-Module SpeculationControl and press Enter.
  5. Type Get-SpeculationControlSettings and press Enter.

In the list of results that’s displayed, you’re looking to see that a series of protections are enabled — this will be listed as True.  Ref: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Should reassemble 

Speculation control settings for CVE-2017-5715 [branch target injection]

  • Hardware support for branch target injection mitigation is present: True
  • Windows OS support for branch target injection mitigation is present: True
  • Windows OS support for branch target injection mitigation is enabled: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

  • Hardware requires kernel VA shadowing: True
  • Windows OS support for kernel VA shadow is present: True
  • Windows OS support for kernel VA shadow is enabled: True
  • Windows OS support for PCID optimization is enabled: True

 

 

 

Remove Wireless Profiles in Windows 10

Similar to my previous post ‘Windows 8: Remove Old Wireless Network Profiles‘ the following are steps which can be preformed in both the command prompt or PowerShell prompt.

Task: Clean up all wireless profiles in Windows 10

Requirements:

  • PowerShell or Command Prompt
  • Elevated Privileges

Steps:

  1. Open, a PowerShell prompt or Command prompt as Administrator
  2. Enter netsh wlan show profiles to show all wireless profiles
    netsh wlan show profiles

  3. Enter netsh wlan delete profile name=”ProfileName” to delete a particular profile by name
    netsh wlan delete profile name=”ProfileName”

     

  4. Or enter  netsh wlan delete profile name=”*” to remove all saved profiles
    netsh wlan delete profile name=”*"

For more info on managing wireless networks on Windows 8, 8.1, 10 check out the following: Manage wireless network profiles

 

I hope you enjoyed this short post, thanks for visiting – jermal

 

Option to mount .iso in Windows 8 missing

Friday, April 10, 2015

By now we are aware that Windows 8 has the ability to mount .ISO files. But what happens when one day you go to click on that .ISO file and the mount option is missing.

This is what happened to me.  To fix this little problem the following steps were followed:

  1. Right click the .ISO file, and select properties in the menu
  2. Under the General Tab, select Change to change the file association
  3. You will be prompted to choose what program should open the file type. Choose Windows Explorer

One you have selected Windows Explorer, the mount option is available again.

 

Windows 8: Remove Old Wireless Network Profiles

Recently I changed wireless access points with another of the same name. Rather than the name remaining “jermsmit.com” in windows it changed to “jermsmit.com 2”. Perhaps just me, but I found this to be a little annoying. So I jumped in the command line (as administrator) and performed the following steps

Opened the command prompt and typed:

  1. netsh wlan show profiles – This shows all wireless profiles on the PC
  2. netsh wlan delete profile name=”ProfileName” – Deletes a profile that’s out of range, you can also use a wildcard “*” to remove all that match.

During my research on how to do this I have found the following: http://windows.microsoft.com/en-us/windows-8/manage-wireless-network-profiles