Friday Quick Notes

Breaking from my usual theme of one day, one story, here are a few quick notes for you to ponder over the weekend.

In a story that no one saw coming, Adobe is going to patch a critical zero day flaw, being exploited in the wild.  Next Week.  In fairness to Adobe, they do have to develop, package and test the fixes, so it does take some time, but it doesn’t take the hackers as long to exploit the problem.

I thought I had uninstalled Flash on my machines but after the announcement today I looked and it was back again.  I don’t remember reinstalling it, so maybe some Microsoft update installed them.  Find details on the zero day here.  As of yesterday, this was being exploited in Korea, but likely, as of tomorrow, it will be worldwide.

People like to beat up Google and Android as not being as safe as iPhones and in fairness, beating them up is fun and often accurate.  Still Google is sensitive to being criticized.  They just announced that they removed 700,000 apps from the Google store in 2017.  That’s a lot.  In fact it is up 70% from the year before.  While nothing is perfect, pulling 700,000 apps is a lot of work.  Read the details here.  In an even more encouraging statistic, 99% of the apps were removed before anyone could download and install them.  They also identified 100,000 malicious developers and blocked them from the Google store. Go Google!

Researchers have found a new flaw in Oracle’s Micros point of sale or POS system that is used by 200,000 restaurants and 30,000 hotels in 180 countries.  There is a patch for it, but as we discovered with the Equifax breach, people don’t always install patches.  In the case of restaurants and hotels, when, exactly, do you want to take down your point of sale system to patch it?  The result is that many of these systems will never be patched.  Read the details here.  Note that this site may require you to create a free account.

In a move that I would label “Its about time”, starting March 1, 2018, Microsoft’s anti malware tool will bully the bullies.  Those software tools that claim to have detected a virus and for only $99 or whatever they will remove it for you – Microsoft will label them malware and fix the problem for – by deleting those apps.  Yeah, Microsoft.  Read the details here.

Cybersecurity researchers at Ben Gurion University of the Negev say that medical imaging devices like CT scanners are at risk.  Risk of killing patients if a hacker wanted to, by hacking the PC that controls it and changing the radiation level. Hackers could also hold the imaging devices ransom  – taking them out of service until the ransom is paid or the hospital figures out some other solution.  Apparently, the ransom thing has already happened;  the killing part has only happened to a mannequin.  At least that people are willing to fess up to.  Read the story here.

by