Security Leftovers
-
Introduction to certificate compression in GnuTLS | Enable Sysadmin
CCertificate compression improves performance of Transport Layer Security handshake without some of the risks exploited in protocol-level compression.
-
Microsoft fixes ODBC connections broken by November updates [Ed: Microsoft breaks Microsoft]
Microsoft has fixed a known issue affecting Windows apps using ODBC database connections after installing the November 2022 Patch Tuesday updates. This issue impacts both client and server Windows platforms, from Windows 7 SP1 and Windows Server 2008 SP2 up to the latest released Windows 11 and Windows Server 2022.
-
Microsoft fixes issue causing 0xc000021a blue screen crashes [Ed: Positive spin or lipstick on Microsoft destroying people's PCs; bleepingcomputer is a Microsoft-connected site]
Microsoft has addressed a known issue causing Blue Screen of Death (BSOD) crashes with 0xc000021a errors after installing the Windows 10 KB5021233 cumulative update released during the December Patch Tuesday.
-
Microsoft resolves Windows zero-day on January Patch Tuesday [Ed: Lots of unpatched and actively-exploited Windows flaws remain, according to CISA's latest]
Microsoft started off the new year by resolving a Windows zero-day, while it closed the door on further fixes for systems in its extended support update program. Microsoft addressed 101 vulnerabilities on January Patch Tuesday with 98 new bugs and three revisions for earlier security updates. In total, the company corrected 11 critical vulnerabilities and 90 rated important.
-
Microsoft Patch Tuesday, January 2023 Edition
Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. National Security Agency, and a critical Microsoft SharePoint Server bug that allows a remote, unauthenticated attacker to make an anonymous connection.