Microsoft and Apple Security Blunders

posted by Roy Schestowitz on Oct 31, 2022

• Microsoft releases out-of-band updates to fix OneDrive crashes

  Microsoft has released out-of-band updates to address a known issue causing OneDrive and OneDrive for Business to crash after installing recent Windows 10 updates.

  The issue occurs when signing out or unlinking OneDrive accounts or sites and folders from Microsoft Teams and SharePoint.

  "After installing KB5018410 or later updates, OneDrive might unexpectedly close," Redmond explained in a Windows health dashboard update on Friday.

• Ransomware attack on Dialog also took down defence app ForceNet

  The external provider affected in the ransomware attack on ForceNet, a service used by the Australian Department of Defence, is Dialog Information Technology, a company owned by Singtel.

  Dialog was hit by an attack which used the Agenda ransomware that runs only on Windows. The group behind the attack announced it on the dark web on 19 September.

• Apple Only Commits to Patching Latest OS Version

  People have suspected this for a while, but Apple has made it official. It only commits to fully patching the latest version of its OS, even though it claims to support older versions.

• Apple clarifies security update policy: Only the latest OSes are fully patched | Ars Technica

  Earlier this week, Apple released a document clarifying its terminology and policies around software upgrades and updates. Most of the information in the document isn't new, but the company did provide one clarification about its update policy that it hadn't made explicit before: Despite providing security updates for multiple versions of macOS and iOS at any given time, Apple says that only devices running the most recent major operating system versions should expect to be fully protected.