Posted on 01/14/2020 12:01:09 PM PST by MeganC
Summary
New vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep software up to date. Timely patching is one of the most efficient and cost-effective steps an organization can take to minimize its exposure to cybersecurity threats.
On January 14, 2020, Microsoft released software fixes to address 49 vulnerabilities as part of their monthly Patch Tuesday announcement. Among the vulnerabilities patched were critical weaknesses in Windows CryptoAPI and Windows Remote Desktop Protocol (RDP) server and client. An attacker could remotely exploit these vulnerabilities to decrypt, modify, or inject data on user connections:
CryptoAPI spoofing vulnerability – CVE-2020-0601: This vulnerability affects all machines running 32- or 64-bit Windows 10 operating systems, including Windows Server versions 2016 and 2019. This vulnerability allows Elliptic Curve Cryptography (ECC) certificate validation to bypass the trust store, enabling unwanted or malicious software to masquerade as authentically signed by a trusted or trustworthy organization. This could deceive users or thwart malware detection methods such as antivirus.
Additionally, a maliciously crafted certificate could be issued for a hostname that did not authorize it, and a browser that relies on Windows CryptoAPI would not issue a warning, allowing an attacker to decrypt, modify, or inject data on user connections without detection.
Multiple Windows RDP vulnerabilities – CVE-2020-0609, CVE-2020-0610, and CVE-2020-0611: These vulnerabilities affect Windows Server 2012 and newer. In addition, CVE-2020-0611 affects Windows 7 and newer. These vulnerabilities—in the Windows Remote Desktop client and RDP Gateway Server—allow for remote code execution, where arbitrary code could be run freely. The server vulnerabilities do not require authentication or user interaction and can be exploited by a specially crafted request. The client vulnerability can be exploited by convincing a user to connect to a malicious server.
(Excerpt) Read more at us-cert.gov ...
There is an interesting if somewhat dated WP page relevant to Desktop adoption, in particular, that of the downside of variety:
A criticism often leveled against Linux is the abundance of distributions available.[19][20] As of September 2019, DistroWatch lists 262 major distributions that are active.[21] Critics cite the large number as cause for confusion to prospective users and argue it is a factor preventing the widespread adoption of Linux on consumer desktops.[22][20] Alexander Wolfe wrote in InformationWeek:
Remember the 1980s worries about how the “forking” of Unix could hurt that operating system’s chances for adoption? That was nothing compared to the mess we’ve got today with Linux, where upwards of 300 distributions vie for the attention of computer users seeking an alternative to Windows.
Along with the argument that forking and the resulting fragmentation divides and wastes development efforts and resources, it is asserted that with the lack of standardization between distributions for software libraries, package managers, configurations, as well as the varied desktop environments, the resulting incompatibilities also makes it more difficult for application developers and software maintainers since applications have to be adapted to run on each distribution or family of distributions.[20][24]
This fragmentation also complicates software installation, forcing non-technical users who cannot build applications from source and resolve dependency issues by themselves to rely on precompiled packages from distribution-specific software repositories, which have a more or less limited selection of applications and typically lag behind the latest releases as the software has to be picked up by the software maintainer and packaged to run on the specific distribution and release.[25][26] Caitlyn Martin from LinuxDevCenter wrote critically on the lack of standardization and compatibility between distributions:
We don’t need to keep reinventing Linux, creating distributions that put critical bits in interesting and inventive if unusual places. An application written for Linux should be relatively simple to install on any Linux distribution. It ain’t so. Do we really need hundreds of general purpose distributions, all with different tools, different filesystem layouts, variations on three major software package management schemes and a host of oddball ones, and so on? Do we need yet more to crop up?[27]
More: https://en.wikipedia.org/wiki/Criticism_of_desktop_Linux
Now if the focus could be narrowed down to a primary family of 5 distros, with all programs being compatible btwn them, and maybe allowing certain commercial partnerships that would fund it, as well as getting HP, Dell etc. to really support it, and maybe offering what would otherwise be illegal codecs and drivers for an optional additional free, and promoted with commercials, then I think market share would really increase.
However, it is late in the game as regards desktops for their use has long been surpassed by mobile devices.
I’m not upset, and I am very aware of the situation. I say this as I just sat here this morning before getting online and watched my Wife’s Win 10 update it’s self using my only neighbor’s WiFi without his permission, or even the password to access it entered. Now their arrogance is even abusing my neighbor... There is absolutely NO OTHER internet source where I am right now.
And an update on the update. The Win 10 update completely removed her Grub menu and any option to boot into linux period, even though the Linux was installed over Win 10 as the PRIMARY OS.
What right did MS have to do this? It DOES NOT BELONG TO THEM.
This is inexcusable.
Your accusation is that this is intentional (versus a defect), again is unwarranted since it only happens to some, then it shows there are other factors involved.
The explanation given on a Linux forum which provides the most recommended solution is that,
When you install Windows, Windows assumes it is the only operating system (OS) on the machine, or at least it does not account for Linux. So it replaces GRUB with its own boot loader. What you have to do is replace the Windows boot loader with GRUB
The recourse for such problem is to do to some searching on the Internet which should provide links such as the above and below, though as usual, there are varied solutions proffered. one another one of which is,
I just had to run this in Windows as an administrator: bcdedit /set {bootmgr} path \EFI\ubuntu\grubx64.efi GRUB appears fine on boot and I can boot into Ubuntu and Windows 10 fine.
Another and simpler but less voted for is https://help.ubuntu.com/community/Boot-Repair
. And I see that what you described as has been a problem for some at least as far back as 2015:
After Windows 10 Oct 2018 update, I can no longer boot to Linux . .. https://www.techrepublic.com/ Apr 10, 2019 - I have an Acer ES 15 laptop in a dual boot setup, Windows 10 and Linux Mint 19.1. ... Restart the computer and you should have your grub menu available again. ...
Windows 10 removed grub... : linuxquestions - Reddit https://www.reddit.com/ Feb 15, 2019 - For obvious reasons, I installed ubuntu to SD card and then use grub on the ... Why has windows 10 removed grub and would boot repair fix it the way i want it?
Updates shouldn't wreck GRUB. : Windows10
Daul Boot (Windows 10 / Linux Mint) Grub Menu missing ...
Yet more common has been the inability to boot into Windows after installing Linux:
Installed Linux, now Windows doesn't boot anymore Apr 15, 2017
Can't boot to windows after installing Ubuntu in UEFI - Unix ... https://unix.stackexchange.com/ 2 answers Apr 2, 2019 - Now type exit , remove the Windows installation media and reboot your system. It should come up in Ubuntu just as before. Run sudo update-grub to update the GRUB boot menu. If all goes well, it should now auto-detect the presence of UEFI Windows bootloader and add it to the GRUB boot menu.
(Cannot boot to Windows after installing Ubuntu and running boot-repair )
Can not access Windows 10 after Ubuntu dual boot
Bootloader issues are not new, having experienced them myself, with Linux preventing me from booting into Windows though their installation has become better since, and i think there is a better solution.
However, a better solution at least for Desktops, esp. now, though it takes a little more work at the beginning, is to install Linux on a second separate drive. Unplug any other hard drive and install Linux on the second one, then plug all other drives back in and just used the F12 (usually that is the one) tapping to be able to choose which boot device you want (which may work for the person with the issue you described). That way there is no need for a Windows partition and no mix up.
SSD drives are best, with 120GB as low as 20 or a 240 for $30 , or a 120Gb external maybe a Pioneer USB-C 120GB portable SSD External SSD for $30.00)
Linux will connect automatically to one it has used before if so selected, but a password is initially required, as is the case with Windows unless it is a open wifi. And thus I suspect your neighbors wifi was connected to before due to either of those conditions being the case.
Let me explain... We are pretty much on a desert island. There is only us and one neighbor and we are 40 miles from any other wireless or WiFi period. The only access we have to the internet is by using our phones as modems through our carrier. Same with our neighbor with a different carrier. But because my neighbor’s service is so bad in some parts of his house he had to also buy a repeater/router to boost his carriers data signal, this is indeed within reach of us.
My wife’s laptop is a little over a year old and came factory installed with Win10. Brand new I installed linux 18.3 over windows as dual boat and linux as the primary OS. It has had absolutely no problems at all with this setup for over a year even though she goes and updates the 10 about once a month “just cause” when she goes to see the kids in the city. Even though she hardly ever uses win 10, only for games off line. Until the other morning when she got it out to top the battery off. (which windows STILL uses up even if completely off with all settings set as off... well tested as a fact.)
She fired it up and chose windows to boot from the grub because she wanted to play some windows games while charging it. As soon as it booted up it automatically started to update it’s self. We watched it check for and start to download updates on it’s own. It gave us a message that this was because of the “date” and that some free trial software had expired. Well neither of us had our phones connected to it or hotspots on, in fact we shut off our phones altogether to make sure.
The one and only possible source was my neighbor’s repeater. This computer has never had the access key for it entered, and it has never used that connection before at all period. There was no way this should have happened. And when it was done and rebooted the grub was gone, and there is no way to now access Linux period. I tried many times because I was mad and I DO indeed know what I am doing here, this is not my first rodeo. Windows had not only stole my neighbor’s connection, it stole my wife’s computer and removed our ability to boot the linux that I had as the primary preferred OS.
See the wall of text you shared in the previous? I appreciate the help, but wish you had not spent your time on that. Because I already fixed it in a much simpler manner. I got rid of the win10 garbage altogether... It is a matter of morality, I hate crooked thieves who would steal not only from my friends, but who would steal my wife’s computer thinking it perpetually belongs to them. My wife does not need this arrogant abusive business model you are personally willing to forgive and accept. They had no right...
When you buy a PC the industry forces you into a choice of only two options of OS. A very over inflated price of $1,600 to $4,600 most cannot afford for a MAC to NOT get win 10, or win 10 on everything else most folks can afford. So yes, because of financial budgets, folks are indeed forced into win 10 and their garbage without choice. Most just cannot afford a MAC PC just to get an OS other than windows. Linux is now a very competitive and viable option for those who are just sick of dealing with MS. And I can guarantee you that this dislike for windows 10 is the larger percentage of average users, the numbers support my side of this debate. The haters far outnumber those who will put up with it as a preferred choice.
They had a good OS with Win7, and I would probably still be using it because I did indeed like it. But they went off and screwed that up. Now the closest next best thing I have found to replace win 7 and not be stuck with the win 10 business model is this Mint. At least it is not designed to break it’s self all the time. Once set up, it is easy to use, it always works, it is stable, it is VERY secure, and it hardly if ever needs to be updated at all. Or the biggest one... needing to be fixed after an “official” update breaks it.
Is it Win 7? Of course not, it cannot be expected to be, but this particular Mint version is the next best option, and what small issues that “sometimes” need to be dealt with are very minor compared to the failed win 10 “experience” or the outrageous cost of a MAC that most folks just cannot afford.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.