#MSFT Switching To Rollup Updates; GPOs to Block Office 2013 Macros
My Next Class
| Defending Web Applications Security Essentials | San Diego | May 9th - May 14th 2019 |
| Intrusion Detection In-Depth | San Antonio | May 28th - Jun 2nd 2019 |
Starting October 2016, Microsoft Will Use Montly Rollup Updates for Win 7/8.1
https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/
Updated Group Policies To Block Macros in Office 2013
https://isc.sans.edu/forums/diary/MS+Office+2013+New+Macro+Controls+Sorta/21371/
Bypassing Application Whitelisting using WinDbg
http://www.exploit-monday.com/2016/08/windbg-cdb-shellcode-runner.html
Bypassing UAC without writing to disk
https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/
Get a free ISC sticker (login required):
https://isc.sans.edu/sticker.html
https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/
Updated Group Policies To Block Macros in Office 2013
https://isc.sans.edu/forums/diary/MS+Office+2013+New+Macro+Controls+Sorta/21371/
Bypassing Application Whitelisting using WinDbg
http://www.exploit-monday.com/2016/08/windbg-cdb-shellcode-runner.html
Bypassing UAC without writing to disk
https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/
Get a free ISC sticker (login required):
https://isc.sans.edu/sticker.html
iTunes
MP3 Download
RSS Feed
Google Play
Stitcher
Podbean
Amazon Echo
YouTube
Spreaker
iOS App
Spotify
Discussion
Regarding the bypassing of application whitelisting by WinDbg: does WinDbg require 'debug' privs on the system? Would limiting user privileges on the box (no admin/power user, debug, etc) mitigate the WinDbg risk?
Posted by Express26 on Tue Aug 16 2016, 11:14
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
| Defending Web Applications Security Essentials | San Diego | May 9th - May 14th 2019 |
| Intrusion Detection In-Depth | San Antonio | May 28th - Jun 2nd 2019 |
| Defending Web Applications Security Essentials | Munich | Jul 1st - Jul 6th 2019 |
| Intrusion Detection In-Depth | London | Jul 8th - Jul 13th 2019 |
| Intrusion Detection In-Depth | Boston | Jul 29th - Aug 3rd 2019 |
| Defending Web Applications Security Essentials | San Jose | Aug 12th - Aug 17th 2019 |
| Defending Web Applications Security Essentials | Arlington | Aug 14th - Aug 19th 2019 |
| Defending Web Applications Security Essentials | Brussels | Sep 2nd - Sep 7th 2019 |
| Intrusion Detection In-Depth | London | Sep 23rd - Sep 28th 2019 |
| Intrusion Detection In-Depth | Chicago | Oct 9th - Oct 14th 2019 |
