Newsletter

07.06.2021 | 4'' read

Microsoft Print Spooler, Kesaya ransomware mega-hack

by Ryan Naraine

This newsletter is sponsored by MongoDB, the leading modern general purpose database platform and proud supporter of the Diana Initiative, a conference committed to helping all those under-represented in information security.

Notes.

Monday blues.

After a week of stumbling and bumbling, Microsoft has shipped an emergency patch for the ‘PrintNightmare’ zero-day I wrote about last week.

While Windows fleet admins scramble to apply this patch (please do!), the evidence is clear that Microsoft has a severe patch-quality problem that’s now being compounded by poor communications, lack of transparency, and festering feuds with prominent white-hat hackers.

When the demo exploit for ‘PrintNightmare’ appeared online, Microsoft was so slow to react that defenders relied on Twitter threads to determine if the flaw was zero-day or introduced code execution risks. Outsiders outpaced Microsoft at diagnosing its own security problems, often correcting Microsoft’s own mitigation guidance.

While this issue brings the embarrassment to the front burner, anyone paying attention could see it coming. When folks like Google’s James Forshaw and CrowdStrike’s Alex Ionescu go public with their vuln-disclosure frustrations while dealing with Microsoft, it’s clear the problems run deep.

It’s tempting to point-and-laugh but there’s a sobering reality at play here: Microsoft’s code quality affects all of us. We should all be demanding better.


Sponsor message: MongoDB supports the Diana InitiativeMongoDB is the leading modern, general purpose database platform, designed to unleash the power of software and data for developers and the applications they build. The company is proud to support and sponsor The Diana Initiative, an event focused on women, diversity and inclusion in information security. Register here for the virtual conference, scheduled for July 16-17, 2021.


The big Kaseya hack.

New podcast conversation.

On the show this week, I sat down with Algirde Pipikaite from the World Economic Forum to discuss security as a business enabler, the surge in ransomware attacks, the U.S. government response, and crucial conversations happening between the public and private sector.  It’s an important conversation, have a listen!
Readables.

Hacking things.

* My thanks to all the podcast and newsletter sponsors: MongoDBUptycsEclypsium and SecurityWeek.  Our partnership with these companies help to keep our reporting independent and vendor-agnostic.

* Full podcast episodes are available on the SecurityConversations.com home page, and on all major platforms.  Directly subscribe from these links: Apple/iPhoneGoogle/AndroidSpotify and Amazon/Audible.

|

This site uses cookies and may process personal data based on our Privacy Policy