Search This Blog

Showing posts with label Software update. Show all posts

Windows 10 New Feature Hunts and Thwarts PUAs/PUPs


Per reports, Microsoft has hinted that the next main version of Windows 10 will come stacked with a fresh security feature that would allow the users to facilitate the Windows Defender’s secret feature that helps hunt and bar the installation of known PUAs (Potentially Unwanted Applications).

PUA’s are also widely known as PUPs that stands for Potentially Unwanted Programs. These aren’t as well known by the users in the cyber-crime world as all the other major threats but are a valid threat nevertheless.

Per sources, these are software that is installed on devices via fooling the targets. The term for which the PUP/PUA stands is self-explanatory with regards to applications or programs that your device may not really need.

PUPs/PUAs go around with tactics like either by employing “silent installs” to dodge user permissions or by “bundling” an unrequired application with the installer of an authentic program.

Sources mention that PUAs most commonly contain applications that alter browser history, hinder security controls, install root certificates, track users and sell their data, and display invasive ads.

As per reports, the May 2020 update is to be rolled out to the users in the last week of this month. Microsoft mentioned that it has added a fresh new feature in its setting panel that would allow users to bar the installation of any unwanted applications or programs in the form of known PUAs/PUPs.

As it turns out, researchers mention that the feature has been available in the Windows Defender for quite a lot of time, but for it to kick start it would need group policies and not the usual Windows user interface.

As per sources, to enable the feature a user must go to ‘Start’, ‘Settings’, ‘Update & Security’, ‘Windows Security’, ‘App & Browser Control’, and finally 'Reputation-based Protection Settings’. Once updated, the feature would show two settings, the above-mentioned feature is disabled by default and would need to be enabled manually. However, Microsoft suggests, enabling both the settings.

Reports mention, that the “Block Apps” feature will scan for PUAs that have already been downloaded or installed, so if the user’s using a different browser Windows Security would intercept it after it’s downloaded. However, the “Block Downloads” feature hunts the PUAs while they are being downloaded.

Hackers used ASUS Software Updates to Install malware on thousands of computers





Researchers at cybersecurity firm Kaspersky Lab found out that recent Asus’ software update system was hacked and used to distribute malware to millions of its customers.

The malware was masked as a  “critical” software update, which was distributed from the Asus’ servers. The malicious malware file was signed with legitimate ASUS digital certificates that made it look an authentic software update from the company, Kaspersky Lab says.

 The report of the hack was first reported by Motherboard, and Kaspersky Lab plans to release more details as soon as possible at an upcoming conference.

The intentions of hackers behind doing this is not clear. However, from the early investigation, it is reported that the hackers seem to target a bunch of specific Asus customers as it contains special instructions for 600 systems, which is identified by specific MAC addresses.

Till now, Asus has not contacted any of its affected customers or taken any step to stop the malware. In an email interview with the Verge, Asus said that they would issue an official statement on the malware tomorrow afternoon.

According to the Motherboard, Asus apparently denied that the malware had come from its servers.

“This attack shows that the trust model we are using based on known vendor names and validation of digital signatures cannot guarantee that you are safe from malware,” said Vitaly Kamluk, Asia-Pacific director of Kaspersky Lab’s Global Research and Analysis Team who led the research.



Pilots still waiting for Software Update of Boeing, which was promised last year






After a deadly crash of the Lion Air 737 MAX 8 in Indonesia in last October, company officials have met pilot union, and said that they are planning to the software for their 737 Max jets, but till now there has not been a single update.

Meanwhile, addressing the issue, the United States regulators said the software update would be ready by April.

“Boeing was going to have a software fix in the next five to six weeks,” said Michael, the top safety official at the American Airlines pilots union. “We told them, ‘Yeah, it can’t drag out.’ And well, here we are.”

The planned software update would let pilots to detect the problem, and will them from recurrence of the same problem.  Boeing officials  believe that pilots doesn't need any special training in order to learn the functioning of the software update, but they just need a small briefing on how the software fix would function.