S
S
SomeDude2017-09-12 12:10:10
Windows
SomeDude, 2017-09-12 12:10:10

Let's try to remember the latest holes in Windows?

The bottom line is that I recently moved to Windows, I had never used it before. There are a lot of all kinds of systems-subsystems, and there are no less holes. For example, you can merge the ntlm hash through a specially crafted shortcut. With samba, there was an epic hole. What else? Many things.
The question is that I would like to know about the main holes and how to close them. Tell me please. Maybe there are other resources.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
A
athacker, 2017-09-12
@SomeDude

You can download and parse feeds from cve.mitre.org: https://cve.mitre.org/data/downloads/index.html
You can use vulners.com, a vulnerability information aggregator. There is a wide range of notification tools, including telegram messages, with the ability to filter by various criteria, there is also an API for obtaining information.
But updates alone do not provide security - the system must be configured accordingly. In this regard, there are regulations developed by different offices. For example, here is a bunch of regulations for different platforms and their versions: https://www.cisecurity.org/cis-benchmarks/

V
Vladimir Frank, 2017-09-12
@frankw

Samba is one of the latest.
Well, there are a lot of holes, but to close them, roll all the updates. And install some kind of antivirus, for example, Komodo, it is free good

A
Artem @Jump, 2017-09-12
curated by the

The question is that I would like to know about the main holes and how to close them.
If you find out - this is on special. resources that specialize in finding and describing vulnerabilities.
If you just need to close - roll up updates, you don't need to know about vulnerabilities for this.
It's just that Windows is more for local networks, and you shouldn't shove it with your bare ass on the Internet.
For good, Windows sits in LAN, and the router looks at the Internet - and access from the Internet to it is either generally closed, or some necessary ports are open.
And on Windows itself, sit less under the administrator, give users only the necessary rights, do not allow the launch of any applications.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question