Protect Windows Against Spectre and Meltdown

You might hear about recently published vulnerabilities which affect chipset and they are known as Spectre and Meltdown. They are affecting microprocessor and unlike previous vulnerabilities which updating operating system would fix the issue, updating operating system alone won’t fix the issue. You will need to update your device’s firmware. If you are using Windows operating system, you will need to do the following tasks:

  1. Check for Anti-Malware update and make sure it is fully updated and is compatible with Windows 10. There are report of certain Anti-Malware products which are facing compatibility issue with the update that fix this security vulnerability. You may check with your Anti-Malware manufacturer’s website and see whether they product is compatible for this update or not.
  2. Check for Windows Update and you should get security updates to fix this issue. These updates released on January 3, 2018. So, if you are checking for update today, you should receive them. You might get other Windows Update and in some cases, you will need to restart your PC before be able to get update. Windows Update will let you know what to do.
  3. Once such Windows Update has been installed, you need to check your PC manufacturer’s support website and install the latest firmware for your device. You have to remember installing firmware is sensitive process and it is better to backup your data and read firmware installation guideline with care, before doing that.

There are report that some devices might not get security update to fix this issue. This is because either their Anti-Virus software is not compatible or there is known compatibility issue with update in their devices. For example, certain devices running on AMD processor report problem with booting and bluescreen and they are in hold while problems are being investigated and update will be released once issues have been fixed. For compatibility issue with Anti-Virus, you need to update your Anti-Virus or wait for update from them. In some cases, you will need to wait for other updates before be able to install the update and in some cases, you will need to wait for firmware update from your PC manufacturer. Meanwhile, before patching all devices take extra cation and be aware of unknown websites and links. These updates also reported to have performance issue in some devices. You may read more about this update on Microsoft Support page. Good news for Microsoft Surface users, you may download this update and firmware will be updated through Windows Update for Surface devices. Microsoft Anti-Malware products including Windows Defender, Microsoft Security Essentials, Microsoft System Center Endpoint Protection and others also are compatible Anti-Malware products.

Advertisements

Better Protection with Windows Mobile

Software developers prefers to work on a platform which is very popular and for this reason, nowadays several developers prefer to develop application on Android and iOS devices. Android is very popular but is not secure. I am always recommending Android users to update their device and install Anti-Virus software. Android is not fundamentally secure and when it was being develop, security wasn’t the top priority of the project. The main agenda for the project was a light platform to run on small devices. Then when it becomes popular, security consider the key component for Android but it still failed to provide a secure platform while still malwares are able to get into Google Play and apps could be installed from third-party and install malware. There is security team in Google who are working on securing Android but still foundation of Android is not secure. Apple’s iOS provides a better security and it is secure out of the box, but still it has some security flaws and it is expensive so there are people who couldn’t afford buying it due to price. There are other platforms like Blackberry which provides a fair secure platform but there aren’t reliable development environment and are not popular among developers.

The final option would be Windows Mobile, it has secure foundation which is a lot more secure than Android and more secure than iOS. It has been engineered securely and there wasn’t any report of widespread malwares and hacking in this platform. Developers who have been working on Windows Mobile, enjoy a safe and reliable platform and they are assure that their application run on a platform which hackers couldn’t get in easily and there is a powerful engineering behind it. With recent development of Windows 10, there is concept of Universal Windows Platform (UWP) which you could develop an application and target it for Windows 10 (which there are millions of people using it) and use the same code with a bit of modification run it for Windows Mobile and other Windows Devices (if it meets hardware requirements). For these reasons, it would be wiser for developer to work on UWP app where they develop app for most popular operating system for personal computers which is Windows and have it run for Windows Mobile with few changes on code.

Using this method, they would make sure their app runs on reliable and secure platform and there is not much worry about the device get hacked and data stolen. In Android, even if you follow all best practices for security, your device still could get hacked and when operating system has been hacked, all applications are at risk. You won’t face such issue in Windows Mobile in most cases. This way, you could motivate your users to purchase devices which are more secure and this way you could protect your applications. In any case, you will need to develop app for Windows 10, why not spend a bit of time for Windows Mobile too?

This is important if your applications deal with financial and personal data. So, this is call for action for developers. We are asking developers to develop applications for Windows Mobile to protect us against modern threats and they don’t need spend a lot of time doing that, instead they could go for UWP. This way we could protect millions of users worldwide.

 

Windows Defender Exploit Guard Will Succeed Microsoft EMET

I explained about Microsoft EMET which is really cool tool against 0-days. It doesn’t completely protect you against all threats but it makes your system stronger and you have better protection against exploit. Whenever I visit any user or I want to check any system, I also add Microsoft EMET into it. Last year, we heard a news that Microsoft EMET is going to be discontinued. But I would like to announce good news that Microsoft EMET will be succeed with Windows Defender Exploit Guard. This is feature will be available in upcoming version of Windows 10 and it will be build into Windows, so you don’t need to install it and it will have more features and functionalities.

I am strongly asked you to prepare to upgrade your Windows 10 devices to the latest build and you will get better advantage against 0-days and better control over application security. So, if a developer wasn’t following best practices to secure the application, we could add some restriction that application and makes it harder for hackers and cybercriminals to gain access to our system. You may read more about this new feature on here.

 

Goodbye Windows Vista!

Support for Windows Vista has ended on April 11, 2017. It means, you won’t get any update or support for Windows Vista and if there is new vulnerability or security weakness for Windows Vista, you won’t get fix for it, in the other world security researchers and Microsoft security team won’t spend much time to do research on securing Windows Vista. Windows Vista succeed Windows XP, during those times, Windows XP has been blamed for security weaknesses and high number of malware infection. Windows Vista open up new door for security and new operating system introduced with new and powerful security concepts out of the box. Such as introducing two ways firewall (Windows XP was one-way firewall) and with advance and user friendly setting. Bitlocker introduced in the time of Windows Vista and it helped IT professionals and users encrypt their entire hard drive easily. User Account Control (UAC) also introduced in Windows Vista where it requests for permission whenever user tries to perform administrative tasks. In general, there were several improvements in area of security for Windows Vista. Some users blame Windows Vista, because new security features weren’t very friendly for them. In Windows 7, security enhanced and become friendlier and for this reason, many people upgraded to Windows 7. In Windows 8, security enhanced and Anti-Malware software build into the operating system and this improvement continues in Windows 10 and Windows keep improving in each version and new build and releases.

In case you are using Windows Vista, it is better to upgrade to supported version of Windows, take a look at Windows Vista end of support. It is recommended to upgrade to Windows 10 which is the latest version of Windows and there are several new security features there. When you upgrade from Windows Vista to Windows 10, you need to reinstall your application and in some case, you might need hardware upgrade. However, you must upgrade to supported version of Windows unless, it is just matter of time before new vulnerability discover in the public and cause damage in your system. If you are using Windows Vista, make a wise choice and upgrade today.

 

Why Shouldn’t We Trust Linux on Security?

There are people who think Unix-like operating systems like Linux is safer and more secure compare to Linux. They claim because Linux is open source we could see the source code of it and because it is community driven, then everyone would see and find error and bugs especially security bugs and fix them. Here you will see all these arguments are wrong and Linux is just like scarecrow, where normal people see it like scary and secure from far but security experts will get near and touch it and then it fell down and they will see there is actually nothing there. Firstly, being open source pose more risks, because we don’t have any control about who has access to the source code. Opposite to close-source operating system where people has full control over who has access and why they want to access the source code , in addition, media and external security experts more interested in finding security issues in closed-source operating systems , because they could find story and tarnish reputation of the company, while in open source like Linux, even if hackers take over everything they just write a simple story and no one taking blame and they just say it is community and open to everyone. Support in Linux is also nightmare, the only company who actually doing some support about Linux security is RedHat and in most of the time you should go over forums for hours and hours to figure out which script would solve your issue. It is dangerous especially when your systems are under attacks and immediately you need to close ports, enhance firewall security level, perform some malware scan and while in Windows you could do it with few clicks and very fast, in Linux, you need spend hours to figure out what script you have to write and while you are looking for solution hacker did what they supposed to do. In addition, company like Microsoft, they have full time engineers and team to develop code and fix issues, they are getting paid and they went through security screening and they full time job is to protect Windows and consumers. While in Linux, they never get paid and they just get some money through donation, so they don’t have any duty to fix problems and if they do, they do it for favor and there are many times, when we came across security vulnerabilities and they just say, fix it yourself and share with us. In addition, several attack scenarios which has been fixed in Windows, already exist in Linux. Because it is free, they don’t care much about getting their codes sign and you will face with an OS with several unsigned and unverified codes which bad guys could just replace then whenever they want. There are many cases where an attacker fool users to get a script to fix some issues and inside it hides some malicious activities which result on hacking the server. We could secure Linux, if we pay a lot and develop several applications or enhance already existing security products for Linux, but still it won’t become as secure as Windows. Therefore, if you are wise administrator, instead of putting scarecrow to scare some hackers away, think about a platform which is fundamentally strong like Windows and invest on enhance security on it. You just need to do threat modeling and look into scenario of attacks and then you will know why we need Windows instead of Linux, so do not trust Linux.

Windows Mobile is the Most Secure Mobile Operating System in the World

If you are having a Smart Phone, your phone is running on specific operating system. If you are using iPhone, the operating system is iOS and if you are using other phones, you might be using Android. There is another type of operating system which unfortunately not many people are using it which is Windows Mobile. You may see different Phone Manufacturers who are producing Windows Mobile especially Lumia Phone series which manufactured by Microsoft Mobile and in past it was Nokia. Technically speaking there are advantage and disadvantage of using phone running Windows Mobile, for example you have feature known as Continuum which if your Mobile Hardware support it, you could just take your phone instead of your laptop and connect it to a mouse, keyboard and monitor and use it in place of your laptop or tablet. But here security in Windows Mobile will be discussed.

In term of security, we could say Windows Mobile could consider as the most secure operating system for Mobile Device in the planet. You have good encryption technique in place, you couldn’t just root it and install and copy whatever you want. All application should be signed and usually download from Windows Store. So you couldn’t just take a phone and insert it into your PC to install malware. In addition, security in Windows Store is so high, unlike Apple’s iTunes and Android’s Google Play, which several malwares and unapproved apps have been published. In Windows Store, there wasn’t much case of malware (almost 0) and it is because of its through verification and checking of applications there. In addition, in Microsoft, there is Windows team which is responsible of developing Windows 10 and Windows 10 Mobile and they are one strong team who deal with global cyber-threats and they have better control over handling vulnerabilities.

In general Windows Mobile is secure because of its design and also process to verify applications and deploy updates. In addition, it provides a great tools like Visual Studio to develop apps for Windows Mobile and if you are software developer, you may easily adapt security mythologies like Security Development Lifecycle and make sure your code would be secure out of the box and it will be verified by experts. So if you are care about security for your phone, consider using a device running Microsoft Mobile. If you are developer, you could consider developing App for Microsoft Mobile and good news is you may develop universal App which work on Windows 10 and Windows 10 Mobile and your App would be secure out of the box. In other world, if you App is not secure, it won’t get into Store and this is how trust being built between consumer and developer by making sure they could get apps with peace of mind from Windows Store.

 

Upgrade to Windows 10 is Act for Enhancing International Cyber-Security

Free upgrade to Windows 10 and Windows 7 or Windows 8.1 is still on the way and it will be ended soon. Many people really loved the offer and enjoy upgrade and using Windows 10, while some people didn’t have a very positive experience or they upgrade to Windows 10 and revert back to Windows 7 or Windows 8.1. It is important to review why upgrading to Windows 10 is important. It is not only issue with better operating system but it is matter of security. Experience with fighting against cybercriminals, malwares, hackers and others in all over the world is the general idea behind the Windows 10 security. You are talking about operating system designers who have been fighting against cybercrime for many years in all sectors from home user to industry, government and so on. The experience show taught them how to build the next version of Windows stronger and it was the trend for each version of Windows to become stronger than previous version. Currently, Windows 10 is the strongest Windows against cyber threats. In general, I could say Windows 10 is the most secure Operating System in the planet. In addition, the new model of Windows which is Windows as a Service, enhance this security model meaning, you are receiving new builds and new security improvements will integrate into each build.

Therefore, upgrading to Windows 10 is wise decision in many areas including security. You need to have powerful weapon to fight against powerful enemies and modern hackers and Windows 10 will give you such weapons. When you upgrade to Windows 10, you have all you need to defend against hackers and of course depending on your security requirements you could enhance these features or add new protection or install new programs which enhance your security too. When we look into upgrading to Windows 10 across a country, it means users in the country would have a better protection against cyber-threats so we will see less zombies, malware infection, successful hackers there. This means better national security, because the citizen in the country are protected by default and when citizens are protected, then hackers would have difficult time to setup station there. When we look into Windows 10 upgrade in international point of view, it has high impact on international cyber security. It is very difficult to control every single user in the world to make sure they are protected against cyber threats and their PC is not target for Zombies, botnets, hackers and other cybercrime activities. However, when the have the latest protection in their system through Windows 10, they are protected against most threats out of the box. For this reason, I am asking everyone to encourage your friend to upgrade to Windows 10 and if you haven’t upgrade yet, please do so. It might seem like just another upgrade or another Windows but in reality it is positive act for better international cyber security.