What to do when you can't delete a program in Windows
Featured How To Manually Uninstall a Stubborn Service in Windows?
Featured When Was The Password Last Changed On This Mac?
Local Session Manager
Featured How To Find Out All Remote Desktop Logon Sessions That Took Place On Windows Server 2012 R2
Sitemap Illustration
Featured How to Refresh My Sitemap for Google Search Console to Find It?

Category: Little Tips

AntivirusLittle TipsMalwareNetworkingPhishing

Microsoft SharePoint Under Attack – CVE-2019-0604

SharePoint is under attack as attackers have discovered and are exploiting vulnerability CVE-2019-0604. Find out more about the vulnerability in the linked security advisory by Microsoft below:

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.

– Microsoft SharePoint Remote Code Execution Vulnerability

According to an article by HelpNetSecurity, the attackers are able to install a web shell that then “allows them to achieve continuous access to the system and, potentially, to the internal network on which it resides.” The article also reports that, “According to the Canadian Centre for Cyber Security, researchers have identified compromised systems belonging to the academic, utility, heavy industry, manufacturing and technology sectors.”

Advertisements
What is the God Mode on Windows?
Little TipsWindows 10 TipsWindows PCWindows Server Tips

What Is This So Called God Mode on Windows and How Do I Access It?

Windows has a really cool tool you will be glad to discover if, like me, you like to have lots of power on you computer. Some people have called this feature the “God Mode,” but we will call it “Power Tools Mode,” because we fear God here.

The Power Tools Mode is easy to access. Just create an empty folder on your Desktop, Rename the folder to the following exact code with the brackets and dot and then press Enter.

PowerToolsMode.{ED7BA470-8E54-465E-825C-99712043E01C}

The folder icon should change to look like that of the Control Panel et voila!

Icon for the so-called God Mode on Windows

The new icon

This folder gives you access to tools like:

  • Shortcuts to several actions in the Action Center (including a shortcut to View the Reliability History discussed in one of our articles),
  • Several Administrative Tools,
  • Devices and Printers,
  • Several Accessibility features in the “Ease of Access Center.”

What is the God Mode on Windows?

Power Tools accessible via the so-called “God Mode” on Windows.

 

AntivirusLittle TipsMalwareSecurityWindows 10 Tips

Critical Vulnerability in WinRAR Exposed – Absolute Path Traversal

According to a report this morning from SonicWall, a vulnerability that could allow remote code execution has been discovered in WinRAR. This software vulnerability exposes the half a billion users of this Windows unarchiver. The vulnerability exploited is detailed by MITRE in CVE-2018-20250.

To find out if you are vulnerable, check to see if your WinRAR version is anything prior to WinRAR prior to 5.70 beta 1.

The fix is to update your software to the latest WinRAR version to resolve the issue.

For those not familiar with WinRAR, according to Wikipedia, “WinRAR is a trialware file archiver utility for Windows, developed by Eugene Roshal of win.rar GmbH. It can create and view archives in RAR or ZIP file formats, and unpack numerous archive file formats. To enable the user to test the integrity of archives, WinRAR embeds CRC32 or BLAKE2 checksums for each file in each archive. WinRAR supports creating encrypted, multi-part and self-extracting archives.”

Update: According to a March 23 2019 report by SonicWall, this WinRAR vulnerability is now being exploited in the wild.

“There have been two major exploits of this vulnerability, one targeting Ukraine with an Ukrainian law related PDF document and another targeting users in the Middle East. Last week, SonicWall Capture Labs Threat Research team has observed another campaign targeting users in Chile. WinRAR vulnerability is the most sought after exploit used by both cyber criminals and nation state actors.”

The security news brief from SonicWall also details the infection cycle of a WinRAR exploit. Be on guard!