🍍David Longenecker🍍
Sysadmins and threat analysts around the world let out a cry of despair this afternoon as the new MSFT patch release format became clear. What used to be a 45-minute analysis literally will take all day, until I figure out how to automate some of it. https://mastodon.social/media/jA1FCoU-6p3P3Ej0JPc
Apr 11, 2017 at 7:02pmWeb
Show thread🍍David Longenecker🍍Apr 11, 2017

Some gems so far:

HyperV VM Escape - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0162

Outlook RCE through read/preview, no attachment needed - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0106

Windows 10 triggers domain account lockouts in half the time by sending twice the bad logins - https://support.microsoft.com/en-us/help/4015219/windows-10-update-kb4015219

Show threadadonis28850Apr 11, 2017
@dnlongen sweet.. lol