Hello, welcome to the Friday, November 2nd, 2018 edition of the Sandsenet Storm Center's Stormcast.

My name is Johannes Ulrich.

And I'm recording from Jacksonville, Florida.

A few days ago, I think, I mentioned the new sandbox feature in Windows Defender.

Well, if you enabled this, make sure it's actually running.

Today, Didi wrote about an interesting bug that he ran into when he enabled this feature.

If you're enabling this feature by setting the respective environment variable and you're

shutting down your system, then you boot it up again.

Well, in this case, the feature will not be enabled. Instead, you have to restart your system.

Now, the two things may sound very similar, but apparently it's not the same thing when it comes

to Windows Defender and enabling this environment

variable. Microsoft is aware of the problem and they announced that they will soon release a

fix for this but until then well just restart your system and that should take care of it.

And then we have an announcement from security company Armis regarding vulnerabilities in

popular Texas instrument Bluetooth low energy chipsets.

Now these chipsets apparently have about 70% of the market.

The disclosure does in particular pertain to these chipsets being used inside of Enterprise

Wi-Fi access points, but it could also be exploited in other devices using these chips.

The first vulnerability relies on Bluetooth low energy advertisement frames.

So this Bluetooth chip sits sits in your access point waiting for someone to connect to it,

and it's looking for these advertisement frames that other Bluetooth low energy devices are sending

out.

...