Latest news with #MitjaKolsek
Forbes
29-04-2025
- Forbes
New Windows 7 And Windows Server 2008 Security Updates Confirmed
Windows 7 users get good security update news. NurPhoto via Getty Images Security updates are very much in the news at the moment, what with a no-reboot patching feature for Windows 11 and Microsoft's announcement that hotpatching will cost at least $1.50 per core for Windows Server 2025 users. Yet, with hundreds of security vulnerabilities being uncovered that impact Windows users, and cybercriminals evolving to strike at record speed, the matter of keeping on top of security updates has never been more vital. Unless you are a user of a Windows platform that has reached end-of-support status, such as Windows 7 or Windows Server 2008 R2, for example. There simply are no security patches available for these two platforms. Or are there? I have some good news for you if you just can't bear to part ways with your favourite Windows computer. The secret to the continuing availability of security patches to protect your systems if you are a hardened Windows 7 or Windows Server 2008 R2 user has been hinted at in a number of my articles. On March 27, I reported how a zero-day vulnerability impacting everything from Windows 7 and Server 2008 R2 to the latest Windows 11 v24H2 and Server 2025 could be mitigated even though Microsoft didn't have any official patch at the time. Back on Dec 7, 2024, I reported how another zero-day, impacting all Windows users, could be fixed using the same method. Those fixes came by way of a micro patching service called 0patch — the same service that can now save you if you want to keep your legacy Windows systems alive and protected. 0patch addresses the vulnerability gap between zero-days being discovered and any official patch being released. It does this by providing what it refers to as micro patches, much like the subscription fee incurring Windows Server 2025 hot patch system. These work by applying the fix in memory without disturbing the process itself and without requiring any reboots. Posting to X, formerly known as Twitter, on April 29, Mitja Kolsek, the CEO of ACROS Security, the company behind 0patch, said: 'Due to (wow!) growing demand, we've decided to extend support for Windows 7 and Windows Server 2008 R2 with security patches for another year (Jan/2027). Reminder: our security patches are the only security patches existing for these Windows versions.' Wow, indeed. So, if you are a user of either platform, now is the time to reach out and get those micro patch security updates to protect your systems and your data. You only have one other choice, it would seem, and that's to remain at risk of attack.
Forbes
26-03-2025
- Forbes
Windows Passwords At Risk As New 0-Day Confirmed—Act Now
This new Windows zero-day has no official fix. NurPhoto via Getty Images Oh boy, it's raining zero days for Windows users right now. Just two weeks on from Microsoft confirming no less than six zero-day attacks impacting users in the Windows operating system, like London buses, another has belatedly arrived. The difference, however, is this latest threat to all users of Windows Workstation and Server versions from Windows 7 and Server 2008 R2 to the latest Windows 11 v24H2 and Server 2025, has no official patch from Microsoft to fix it. This is a problem when you consider the endgame of an attacker exploiting this vulnerability is to steal password cases and bypass authentication protections. The good news is that there is a way to fix it, at least while you wait for Microsoft to act. Here's what you need to know. A private message from Mitja Kolsek on the X social media platform dropped in my inbox late on March 25. I tend to take anything I receive from Kolsek seriously, as he's the CEO of ACROS Security. This company develops and distributes unofficial security patches for zero-day vulnerabilities where no official fix is available. 'We reported this to Microsoft and will not disclose details until they have issued an official patch,' was enough to trigger my journalistic intrigue and should be enough to trigger your desire to apply a temporary fix as well. Why so? Because, Kolsek explained, his researchers uncovered a vulnerability that 'allows an attacker to obtain user's NTLM credentials by having the user view a malicious file in Windows Explorer.' If this sounds familiar, there's a good reason for that: I reported on a very similar Windows zero-day Dec. 6, 2024. Similar, but not the same. The 'impact and attack scenarios of this issue are identical,' Kolsek said, but the latest vulnerability is different and not yet publicly discussed. As already mentioned, Kolsek isn't going to be releasing the full technical details any time soon, at least not until Microsoft has issued a patch. What we do know is that these NT Lan Manager vulnerabilities can enable an attacker to steal Windows credentials by simply tricking the user into viewing a malicious file. NTLM is a suite of Microsoft security protocols providing authentication, integrity and confidentiality to users. This is why the zero-day is of such importance, although it's not thought of as critical. 'These types of vulnerabilities are not critical,' Kolsek said, 'and their exploitability depends on several factors.' But, and it's a big but, they have been used in real-world attacks, and that's all you need to know. Well, that and the minor detail that NTLM exploits, including relay attacks to bypass authentication and pass-the-hash attacks to steal credentials, are widely used to gain access to networks, with all that can bring to the hacking party. Given all of the above and the fact that a Microsoft spokesperson said, 'We are aware of this report and will take action as needed to help keep customers protected,' which likely means waiting until the next Patch Tuesday at least, I'd recommend taking action now. This is where Kolsek and his micro patch solution enter stage left. 0patch seeks to address the vulnerability gap, that time between a zero-day being discovered and an official patch being released, by providing free mini-fixes in the meantime. This works using a patching agent that analyzes processes and applies any new patch in memory without disturbing the process itself. 'Since this is a 0day vulnerability with no official vendor fix available,' Kolsek said, 'we are providing our micropatches for free until such fix becomes available.' If you use Windows, you know what to do.
