This is still a terrible time to buy a new computer! Why? Uncertainty around
Intel’s latest Spectre fix, plus a series of back-doors were just discovered in AMD chips. Wait to buy a computer, if you can – this episode explains why. Also, Microsoft is back-peddling on its March 13, 2018 update because it may cause your compute to crash – among other reasons. HP Printers are still being used to penetrate your network, and we will tell you how to make sure you are not at risk. And, believe it or not,even Vape Sticks are not safe from hackers (seriously). Plus, we answer lots of listener questions.
Remember to send your questions to questions@diycyberguy.com
Still a terrible week to buy a new computer!
Hair on Fire 5 of 5
If you can wait to buy an new computer, then WAIT.
Fix – avoid buying a new computer until these issue get permanently resolved because some may not be able to be fixed without chip redesign.
Why?
Intel Still fixing Spectre vulnerabilities. First one in January= FAIL. Latest questionable (Windows rolls back update; see below.)
NEW Vulnerability in AMD Chip Sets; Ryzen and EPYC
Weird story: Researchers informed AMD on March 12, and released it to the public on March 13. Really?!?!? One day?? (More on that story: https://www.techpowerup.com/242346/cts-labs-sent-amd-and-other-companies-a-research-package-with-proof-of-concept-code)
Here’s the issue they discovered:
https://thehackernews.com/2018/03/amd-processor-vulnerabilities.html
Fix – avoid buying a new computer until these issue get permanently resolved because some may not be able to be fixed without chip redesign.
Microsoft Pulls Back March 13, 2018 Update
Hair on fire 5 of 5
Anyone who uses Windows: DON’T RUN THE UPDATE
DO RUN your system backup (time for an episode on that!)
According to Microsoft: Update Improvements include:
This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:
Provides cumulative Spectre and Meltdown protections for 32-Bit (x86) and 64-Bit (x64) versions of Windows except the KB4078130 update that was offered to disable mitigation against Spectre Variant 2.
Security updates to the Microsoft Graphics component, Windows Kernel, Windows Shell, Windows MSXML, Windows Installer, and Windows Hyper-V.
But, there are many reports about problems introduced in the March 2018 patch rollups from Microsoft.
| Symptom | Workaround |
| After installing this update, SMB servers may leak memory. | Microsoft is working on a resolution and will provide an update in an upcoming release. |
| A Stop error occurs if this update is applied to a 32-Bit (x86) machine with the Physical Address Extension (PAE) mode disabled. | Microsoft is working on fixing this issue, and this update is, therefore, currently made available to machines with the Physical Address Extension (PAE) mode enabled. |
| A Stop error occurs on machines that don’t support Streaming Single Instructions Multiple Data (SIMD) Extensions 2 (SSE2). | Microsoft is working on a resolution and will provide an update in an upcoming release. |
| Because of an issue that affects some versions of antivirus software, this fix applies only to computers on which the antivirus ISV updated the ALLOW REGKEY. | Contact your antivirus manufacturer to verify that their software is compatible and that they have set the following REGKEY on the computer:
Key=”HKEY_LOCAL_MACHINE”Subkey=”SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat” Value Name=”cadca5fe-87d3-4b96-b7fb-a231484277cc” Type=”REG_DWORD” Data=”0x00000000” |
| A new Ethernet virtual Network Interface Card (vNIC) may be created with default settings in place of the previously existing vNIC, causing network issues after applying this update. Any custom settings on the previous vNIC are still persisted in the registry but unused. | Apply the resolution documented in KB3125574 (Convenience Rollup) for Known issue 1:
A new Ethernet virtual Network Interface Card (vNIC) may be created with default settings in place of the previously existing vNIC, causing network issues. Any custom settings on the previous vNIC are still persisted in the registry but unused. |
| IP address settings are lost after applying this update. | Microsoft is working on a resolution and will provide an update in an upcoming release. |
Windows 7 and Windows 2008 R2 Virtual Machines may have their interfaces reset — lose IP addresses – so – need to be reconfigured.
Possible memory leaks!!
Crash errors, slow speed, unable to open docus w/ double-click in Word
SYTEM CRASHING – Win7/Win2008
Microsoft downgraded the Windows 7 rollup to “Important”
Not automatic but is still available in Update Catalog.
They have not withdrawn yet, but may.
SOURCE: https://support.microsoft.com/en-us/help/4088878/windows-7-update-kb408887858
OTHER LINKS:
Apple Still Offering $29 Replacement Batteries, But Time is Limited
Fix – Take the $29 offer
How To: To qualify for the reduced pricing:
- out-of-warranty
- iPhone SE, iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, iPhone X
- No damage – can’t prevent battery installation
- discount is available to all users – No battery test or metrics will preclude you.
What’s the Problem?
Lithium ion batteries discharge more quickly depending on age and how they are used. Old phones may have batt life so short they become difficult to use.
Apple actually slowed down older phones with an update late in 2017, but apologized and reversed the update.
How to get replacement:
https://support.apple.com/iphone/repair/battery-power
Google Search terms: “iphone repair battery”
WAIT TIMES!
Could be long: 4 to 6 weeks, but those wait times are getting shorter with reports of 2 weeks for some models. Call your apple support center first.
Expires: Through December 31, 2018, the out-of-warranty battery service fee is $29 for all eligible iPhone 6 or later models. Battery service at $29 may be limited to one repair per iPhone.
RECAP: Get your $29 replacement battery if you have an eligible phone
HP Computer used to attach your network!
Hair on fire 5 of 5
Gotta run updates!! Why? According to HP:
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with certain HP printers. This vulnerability could potentially be exploited to execute arbitrary code.
Reference Number
CVE-2017-2741, PSR-2017-0026
Source: https://support.hp.com/lt-en/document/c05462914
How to fix:
FIRST: Open HP Update.
- WINDOWS 10 – AUTOMATIC
- Windows 8: Press the Windows + Q keys, type HP Update into the Search field, and then click HP Update from the list of results.
- Windows 7/Vista: Click Start (), click All Programs, click HP, and then click HP Update.
- Windows XP: Click Start, click All Programs, click the HP folder, and then click HP Software Update.
SECOND: In HP Update window, click Settings.
In the web section “Check for software updates”, select ‘EVERY’ and then in the dropdown “1-week’.
THIRD: Click OK.
Recap: If you own a HP printer, do this now.
Vape Pens used to spread malware
Hair on fire 1 of 5
Simple fix: DO NOT CHARGE VAPE STICK on the USB port of your computer – use an outlet.
According to Sky News, which broke the story:
Security researchers have demonstrated how e-cigarettes can easily be modified into tools to hack computers.
With only minor modifications, the vape pen can be used by attackers to compromise the computers they are connected to – even if it seems just like they are charging.
Giving a presentation at BSides London, Ross Bevington showed how an e-cigarette could be used to attack a computer by fooling the computer to believe it was a keyboard or by tampering with its network traffic.
While Mr Bevington’s particular form of attack required the victim’s machine to be unlocked, that was not the case for all attacks.
Another hacker and researcher known as Fouroctets published a proof-of-concept video which showed arbitrary commands being entered into his unlocked laptop just after plugging in a vape pen to charge.
Speaking to Sky News, Fouroctets said he had modified the vape pen by simply adding a hardware chip which allowed the device to communicate with the laptop as if it were a keyboard or mouse.
Fouroctets showed Sky News how, using less than 20 lines of code, the computer could be made to download an arbitrary and potentially dangerous file and run it.
While e-cigarettes could be used to deliver malicious payloads to machines, there is usually very little space available on them to host this code.
“This puts limitations on how elaborate a real attack could be made,” said Mr Bevington.
“The WannaCry malware for instance was 4-5MB, hundreds of times larger than the space on an e-cigarette. That being said, using something like an e-cigarette to download something larger from the Internet would be possible.”
How to protect:
- Don’t charge your vape stick in your computer!
- have a good password
- Lock your machine with a passcode when unattended.
Source: https://news.sky.com/story/e-cigarettes-can-be-used-to-hack-computers-10908333
.
Questions from Listeners:
Creative Commons License
This work is licensed under a Creative Commons License: Attribution required if you republish or reuse this material. For details, see:
DIY CyberGuy with David W. Schropfer 
Published by