Hello, welcome to the Wednesday, April 19th, 2017 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

One of the many not-so-popular changes Microsoft implemented with the last patch cycle was to block updates for users running Windows 7 and 8.1

on Intel's and AMD's latest CPUs. Microsoft argued that it would be too difficult to make updates

work for older operating systems on these new CPUs and that users just upgrade

to Windows 10.

Now, to be fair here, Microsoft did announce this about a year ago.

Of course, there are many reasons for users to still run the older operating systems.

And for these users, if they're using

these 7th generation CPUs, as they're sometimes called, they now will no longer receive

any updates at all. To remedy the situation, an enterprising developer wrote a patch that

will disable Microsoft's CPU check and allow

users to still update. The patch alters the details that check for the CPU version, so it's

relatively straightforward and allows users to continue to use older operating systems on these

new CPUs. The patch has been

released to GitHub as open source, so you can verify that there is no additional evil payload,

but of course there is a chance that running the older operating system on the new CPU

will cause problems, which is after all what Microsoft

suggested when it announced last year that it would no longer provide updates for these

CPUs.

And talking about patches, more reason to apply last month patches quickly. One critical update addressed CVE 2017-099.

This vulnerability which turns HTA links in Word documents executable

...