SANS Daily Network Security Podcast (Stormcast) for Tuesday, August 16th 2016

#MSFT Switching To Rollup Updates; GPOs to Block Office 2013 Macros

00:00

My Next Class

Intrusion Detection In-Depth	London	Sep 23rd - Sep 28th 2019
Intrusion Detection In-Depth	Chicago	Oct 9th - Oct 14th 2019

… more classes

Help us make this podcast better by participating in a simple two question survey

Starting October 2016, Microsoft Will Use Montly Rollup Updates for Win 7/8.1
https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/

Updated Group Policies To Block Macros in Office 2013
https://isc.sans.edu/forums/diary/MS+Office+2013+New+Macro+Controls+Sorta/21371/

Bypassing Application Whitelisting using WinDbg
http://www.exploit-monday.com/2016/08/windbg-cdb-shellcode-runner.html

Bypassing UAC without writing to disk
https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking/

Get a free ISC sticker (login required):
https://isc.sans.edu/sticker.html

iTunes

MP3 Download

RSS Feed

Google Play

Stitcher

Podbean

Amazon Echo

YouTube

Spreaker

iOS App

Spotify

Discussion

Regarding the bypassing of application whitelisting by WinDbg: does WinDbg require 'debug' privs on the system? Would limiting user privileges on the box (no admin/power user, debug, etc) mitigate the WinDbg risk?

Posted by Express26 on Tue Aug 16 2016, 11:14

New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form

Top of page

Intrusion Detection In-Depth	London	Sep 23rd - Sep 28th 2019
Intrusion Detection In-Depth	Chicago	Oct 9th - Oct 14th 2019
Intrusion Detection In-Depth	Santa Monica	Oct 21st - Oct 26th 2019
Defending Web Applications Security Essentials	San Francisco	Dec 2nd - Dec 7th 2019
Defending Web Applications Security Essentials	San Francisco	Mar 16th - Mar 21st 2020
Defending Web Applications Security Essentials	Amsterdam	May 11th - May 16th 2020