meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Thursday, June 16th 2016

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 16 June 2016

⏱️ 5 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min infosec news summary. News, patches, vulnerabilities and trends in information security. MS16-072 Causes GPO Issues;

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Thursday, June 16th, 2016 edition of the Sandin and Storm Center's Stormcast.

0:07.0

My name is Johannes Ulrich and the day I'm recording from Washington.

0:11.0

There are multiple reports of problems with one of this Tuesday's Microsoft updates, MS1672, which was a security update for group policy.

0:24.6

It was supposed to fix a vulnerability that, according to Microsoft, could allow elevation of privilege.

0:31.6

An attacker launches a man-in-the-middle attack against the traffic passing between the domain controller and target machine.

0:40.3

What apparently happens now is that group policies can no longer be applied.

0:45.3

In particular, one of the symptoms of the problem that has been repeatedly described is that drive mappings are no longer working correctly.

0:57.0

Hidden drives are now all of a sudden showing up and other tribes are not showing up at all.

1:04.0

At this point I don't see any statement from Microsoft. I'll link to one of Microsoft's support forums where multiple users

1:14.4

do describe the problems and some workarounds that have been working for them. And Apple is

1:22.7

running its worldwide developer conference this year and at this conference Apple also announced

1:30.6

some new requirements for applications that are going to be published in Apple's App Store.

1:38.4

One of these requirements that's supposed to be enforced by the end of this year is that applications will no longer

1:46.5

be allowed to connect via HTTP. Instead, they have to use H.S. We have often heard about

1:55.0

antivirus engines causing issues with false positives, but I think the next story is something new rising antivirus

2:03.2

which is mostly distributed to the Chinese market did include in a recent update

2:09.9

malware itself the sality virus was apparently being distributed with an update for this antivirus product.

2:19.7

The malware was first found by AV test, an antivirus test lab, that noticed that after

2:27.2

an update test machines that ran this virus scanner were infected with the sality virus. Now, typically antivirus scanner updates do not just new signatures, but also do include

2:40.8

new code and apparently the virus was injected in this particular scanner with one of these

2:48.1

code updates.

2:49.8

And last Tuesday, SAP did release an update for its products.

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.