Ahhh, patch Tuesday. A day in paradise for security researchers and hackers alike. In this video I break down a new bug revealed in Windows on Today’s Patch Tuesday.
🏫 COURSES 🏫 Learn to code in C at
👕 MERCH 👕 Like the shirt?
📰 NEWSLETTER 📰 Sign up for our newsletter at
🛒 GREAT BOOKS FOR THE LOWEST LEVEL🛒
Blue Fox: Arm Assembly Internals and Reverse Engineering:
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation :
Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software :
The Ghidra Book: The Definitive Guide:
🔥🔥🔥 SOCIALS 🔥🔥🔥
Low Level Merch!:
Follow me on Twitter:
Follow me on Twitch:
Join me on Discord!:
[ad_2]
source
no way haha anyway, you should go learn to code at https://lowlevel.academy (hehe)
Peak security through code obscurity.
Why did you remove your "firmware encryption is bad?" video?
IPv6 does have a private address range just as IPv4 has. So not all IPv6 is routable on the internet.
I thicked ever insecurity box:
– A stupidly large number of open ports.
– Having SMB (v1) enabled all the time.
– Turning off antivirus always.
– Questionable custom Firewall rules.
Turns out randomly choosing to disable IPv6 would actually save my ass.
I feel like I should have anticipated that leaving IPv6 enabled, because it's enabled by default, would be a security vulnerability. Was this really just discovered, or just the cover blown. Systems should be hardened out-of-the-box, requiring users a enable the features that they actually need.
I make sure to update on every Patch Tuesday immediately all household systems, do use MS Edge, but not in IE mode. Remote Desktop to other Household PC pretty often from my Windows 11 Pro Desktop, ((Not sure if thats 100 percent secure or safe to do, but guess im too lazy to go downstairs to the other system to do its updates and such, as well as Maintenance, and monthly backup)
"No one uses Edge." Well, that's not true. They based it on Chromium and a lot of people no longer have any resistance to the MS pressure to use it, so use of Edge is increasing.
"No one uses Edge in IE mode." Oh, bless your heart. You've never worked in the DoD. I'm sure you'll feel really safe learning that a LOT of DoD systems are outdated and can only be accessed using IE or Edge in IE mode.
"just another tuesday for microsoft" 😹
There's an even better patch. It's called Linux.
“Nobody uses Edge” .. There are systems used by our military that only allow logins from Edge 😅
Windows is have a tough time lately.
Hi, I'm Marketing Manager from GEEKOM, the leading mini PC manufacturer. Your YouTube channel is great and would love to work with you. We will send you a free sample of the highest configuration for you to test. Please let me know if you are interested in this 🙂
We really like your channel so feel free to let me know if interested! 🙂
I’ve never heard IPv6 explained so succinctly.👏👏👏
What a shame that companies never have to take responsibility for grossly negligent behaviour. You know: router manufacturers who set the admin password to ‘admin’ because they think it's better than ‘1234’. *Such a law would be great, because then Microsoft would have to pay the customers, because M$ collects even critical error messages hundreds of thousands of times – and ignores them.
How do you "patch"? Aren't Windows security updates automatic?
As of year to date August 2024, Windows CVE's are up to 16 with CVSS3 severity ratings 9 or greater. 2023 saw 65. Per NIST NVD database search.
Kindest regards, neighbours and friends.
guindo IS THE BUG !
Everything is wrong. None of this applies to the "innernet" (aka intranet). The internet, however…
Just a heads up – the newsletter link in your description 404s.
Funny thing regarding public routing, with one of the ISP's I was with if I used my tp-link router rather than the ISP supplied one it would change my IP to the local node and I could ping to thousands of random people computers and routers, in saying that same provider I was able to use for free with a wireguard VPN without paying for a service so was honesty bit weird, if using the ISP provided router it wouldn't let you config the settings but thankfully firewall was actually working, setting up manually would result in router not connecting to network, at least not the TP Link one which had been fine with all other provders, OpenSense and OpenBSD worked like normal
Was able to work around it adding another device and then connecting to that as wan
Too bad my ISP is too crappy to give me anything other than a /64 IPv6 space, which I cant use internally because it uses it to speak to my firewall/router and the modem. So I am forced to NAT ULA addresses anyways.
If you work in a domain with office 365 you better use edge. It's so much easier for users and it's just chrome with a different shell.
idk if my windows auto-updated or not but i may or may not have the update
oooooofs
or or windows broken updates again cus I am on 21H2 …oh wait yeah THAT IS OLD
Who uses Windows?
People ARE talking about it… Not everybody running a Windows Operating System fully understands Microsoft's implementation of the TCP/IP network protocol suite though. However, some of the black-hats/grey-hats sure do. I'm sure the kiddies will have plenty of PowerShell scripts with lots of "mysterious" variables containing base64-encoded Internal Windows API managed C# code ready by the end of the hour/day/week though. They'll begin to launch 'em at residential subnets as usual, gathering the zombies as they waddle towards their masters obediently. Then they'll start blasting 'em at corporate nets, and they'll be saturating cable modems and ATM circuits, looking for vulnerable targets, and causing all sorts of havoc and mayhem, all at an online vulnerable Windows Server 2008-2022 site near you anytime soon (if it hasn't already begun…)!
Business as usual, you know the drill… Put yer helmets on, and hold on to somethin'!
😛
EOF
Is it me or remote escalation bugs in pieces of software that should be decades old (and therefore bug free) are getting more and more common? What exactly is patch Tuesday these days? Adding two bugs for every one you fix?
windows is a bugware,which one of bugs do you want to point to
NAT makes my peer to peer experience terrible.
Not many people use edge. But you can't uninstall it and having it presents security issues.
So why even have IPV6 enabled at all? I had some bugs a while back with my router and ended up disabling, and grandfathered that moving forward to disable/firewall block all IPv6 at my router.
Whats the font
Me who was planning to boot Linux baremetal on my little bro's Xbox Series S:
Hmmmm…. Very interesting must I say. >:)
bro thats funny about granny! my granny plays pinochle on her iphone 24/7! she barely knows how to use the phone, but she knows how to open pinochle xD
Installed – KB5041571 – CVE-2024-38063 – Windows 11 24H2 x64 is a 383Mb download. Requires a reboot after install (followed by another) – windows11.0-kb5041571-x64