Security News

There was good news for administrators of Microsoft's SQL Server 2019 last night as Cumulative Update 8 emerged, fixing the borkage of its predecessor. Things haven't been going well for the SQL Server 2019 servicing model: Cumulative Update 2 left the SQL Agent a bit unhappy.

Aussie telco Telstra has apologised after a Border Gateway Protocol routing oddity caused traffic destined for encrypted email service ProtonMail to wrongly pass through Telstra's servers. Switzerland-headquartered ProtonMail raged in a blog post that Telstra had engaged in "BGP hijacking" through what it described as "Incompetence and not malice", complaining that "Around 30 per cent of the global internet looking for us got pointed to Telstra instead".

Over half of exposed Exchange servers are still vulnerable to a severe bug that allows authenticated attackers to execute code remotely with system privileges - even eight months after Microsoft issued a fix. The flaw, which stems from the server failing to properly create unique keys at install time, was fixed as part of Microsoft's February Patch Tuesday updates - and admins in March were warned that unpatched servers are being exploited in the wild by unnamed advanced persistent threat actors.

HP Device Manager, software that allows IT administrators to manage HP Thin Client devices, comes with a backdoor database user account that undermines network security, a UK-based consultant has warned. Nicky Bloor, founder of Cognitous Cyber Security, reports that an HP Inc programmer appears to have set up an insecure user account in a database within HP Device Manager.

HP Device Manager, software that allows IT administrators to manage HP Thin Client devices, comes with a backdoor database user account that undermines network security, a UK-based consultant has warned. Nicky Bloor, founder of Cognitous Cyber Security, reports that an HP Inc programmer appears to have set up an insecure user account in a database within HP Device Manager.

Someone has leaked what appear to be source code files for the Windows XP and Windows Server 2003 operating systems. The source code files for Windows XP and Windows Server 2003 appear to have been made public for the first time.

SEE: Pro tips: Ubuntu 20.04.What you'll needAn instance of Ubuntu Server 20.04.A user with sudo privileges. Sudo apt-get update sudo apt-get upgrade -y How to install Java.

Microsoft earlier this month exposed a 6.5TB Elastic server to the world that included search terms, location coordinates, device ID data, and a partial list of which URLs were visited. The data appears to be generated by the Bing mobile app, which promises users "Getting rewarded is easy, just search with the Bing," and has been downloaded more than 10 million times from Google's Play Store at least.

If you're administrating Windows Server, make sure it's up to date with all recent patches issued by Microsoft, especially the one that fixes a recently patched critical vulnerability that could allow unauthenticated attackers to compromise the domain controller. Dubbed 'Zerologon' and discovered by Tom Tervoort of Secura, the privilege escalation vulnerability exists due to the insecure usage of AES-CFB8 encryption for Netlogon sessions, allowing remote attackers to establish a connection to the targeted domain controller over Netlogon Remote Protocol.

Administrators running Samba as their domain controllers should update their installations as the open-source software suffers from the same ZeroLogon hole as Microsoft's Windows Server. We're told Samba running as an Active Directory or classic NT4-style domain controller is at risk, and although file-server-only installations are not directly affected, "They may need configuration changes to continue to talk to domain controllers."