New Microsoft Graph APIs released today in public preview allow developers and IT professionals to manage Windows 10 updates and expedite Windows 10 security updates in enterprise environments.
Microsoft Graph is an API platform that helps developers create apps capable of accessing Microsoft 365, Windows 10, and Enterprise Mobility + Security data.
Access to deployment service update management capabilities
“By connecting deployment service capabilities with Microsoft Graph, app developers can easily build rich update management tools and extend these experiences with contextual user data (such as leveraging a user’s calendar data when scheduling an update),” Microsoft Principal Program Manager David Mebane explained.
The deployment service Mebane refers to is the Windows Update for Business deployment service, a cloud service announced by Microsoft in March and providing control over the approval, scheduling, monitoring, and safeguarding of Windows Update controls.
With its release, Microsoft has expanded Windows Update device management features available to IT pros, making it possible to:• Schedule update deployments to begin on a specific date (ex: deploy 20H2 to these devices on March 14, 2021) • Stage deployments over a period of days or weeks using rich expressions (ex: deploy 20H2 to 500 devices per day, beginning on March 14, 2021) • Bypass pre-configured Windows Update for Business policies to immediately deploy a security update across your organization when emergencies arise • Ensure coverage of hardware and software in your organization through deployments that are tailored to your unique device population through automatic piloting • Leverage Microsoft ML to automatically identify and pause deployments to devices that are likely to be impacted by a safeguard hold • Manage driver and firmware updates just like feature updates and quality updates
The Microsoft Graph API released today in public preview further extend these fine-grained controls, allowing customers to interact with the deployment service via apps that can help them:• Approve and schedule specific feature updates to be delivered from Windows Update on a specific date – including skipping or not taking feature updates. • Stage deployments over a period of days or weeks using rich expressions (ex: deploy 20H2 to 500 devices per day, beginning on May 11, 2021) • Bypass pre-configured Windows Update for Business policies to immediately deploy a security update across your organization. • Deliver safer update results by leveraging automatic pilots for any deployment.
Deployment service interaction via Microsoft Graph Explorer (Microsoft)
Available starting today
Customers with supported Windows or Microsoft 365 subscriptions can access the deployment services through the new APIs starting today.
To start using the new Microsoft Graph APIs today, you need one of the following subscriptions:
Windows 10 Enterprise E3 or E5 (included in Microsoft 365 F3, E3, or E5)
Windows 10 Education A3 or A5 (included in Microsoft 365 A3 or A5)
Windows Virtual Desktop Access E3 or E5
Microsoft 365 Business Premium
Devices compatible with the deployment service must be Azure AD joined or Hybrid AD joined, and run Pro, Enterprise, Education, or Pro Education editions of Windows 10, version 1709 or later.
Further information on enrolling devices for management, managing feature updates, and expediting security updates is available here.
Microsoft says that Windows devices need to be online for at least eight hours to get the latest updates and have them correctly installed after they’re released through Windows Update.
The amount of time devices running Windows are powered on and connected to Windows Update is tracked by Microsoft as ‘Update Connectivity.’
This measurement correlates the systems’ lack of enough connected time with why they’re not up to date while also making it easier to understand why some devices are unlikely to get recently released updates successfully.
According to David Guyer, a Microsoft Program Manager for Windows Updates in MEM, Windows devices need at least 8 hours online to get the latest updates and successfully install them.
“One of the most impactful things we explored was how much time a device needs to be powered on and connected to Windows Update to be able to successfully install quality and feature updates,” said Guyer.
“What we found is that devices that don’t meet a certain amount of connected time are very unlikely to successfully update. Specifically, data shows that devices need a minimum of two continuous connected hours, and six total connected hours after an update is released to reliably update.
“This allows for a successful download and background installations that are able to restart or resume once a device is active and connected.”
You can track devices with insufficient Update Connectivity via Microsoft Intune by navigating to Devices > Monitor and selecting either the Feature update failures or the Windows Expedited update failures report.
Insufficient Update Connectivity alerts can also be found via the Summary report in Intune by going to Reports > Windows updates > Reports > Windows Expedited update report.
Microsoft Intune Update Connectivity alerts (Microsoft)
When looking at Windows 10 devices that are not fully updated and not meeting minimum connectivity requirements, Microsoft saw that:
Approximately 50% of devices not on a serviced build of Windows 10 do not meet the minimum Update Connectivity measurement.
Approximately 25% of Windows 10 devices on a serviced build but have security updates that are more than 60 days out of date have less than the minimum Update Connectivity.
“When troubleshooting update issues, we have found it is best to select devices that have sufficient Update Connectivity,” Guyer added.
“If a device has insufficient Update Connectivity, then investigating other update issues is complicated because the low Update Connectivity can create new issues that go away once there’s enough connectivity.”
In related news, Microsoft began testing a smarter delivery method for Windows update improvements dubbed ‘Update Stack Package,’ which would deliver improvements to the update experience outside of major OS updates before monthly or feature Windows updates.
The company also redesigned cumulative updates in Windows 11 to allow security and quality updates to install faster as they are approximately 40% smaller than their Windows 10 counterparts.
Last year, Redmond released new APIs for managing Windows Update that enable devs and IT professionals to expedite Windows 10 security updates in enterprise environments.
Microsoft this week revealed that it had fended off a record number of distributed denial-of-service (DDoS) attacks aimed at its customers in 2021, three of which surpassed 2.4 terabit per second (Tbps).
One of the DDoS attacks took place in November, targeting an unnamed Azure customer in Asia and lasted a total of 15 minutes. It hit a peak throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps), making it the largest attack ever reported in history.
“This was a distributed attack originating from approximately 10,000 sources and from multiple countries across the globe, including the United States, China, South Korea, Russia, Thailand, India, Vietnam, Iran, Indonesia, and Taiwan,” Alethea Toh, product manager of Azure Networking, said.
DDoS attacks occur when several compromised devices are employed as a conduit to overwhelm a targeted server, service, or network with a flood of internet traffic with the goal of overloading the systems and disrupting its regular services.
Then in December, Microsoft said it blocked two more attacks that surpassed 2.5 Tbps, both of which were aimed at customers in Asia. The first of the attacks was a 3.25 Tbps UDP attack, while the other intrusion was a 2.55 Tbps UDP flood that lingered for just a little over five minutes.
The report comes more than three months after the tech giant disclosed it acted to blunt a 2.4 Tbps DDoS attack in August 2021 targeting a European customer. Other previous record-breaking attacks include a 2.5 Tbps DDoS attack absorbed by Google in September 2017 and a volumetric strike aimed at Amazon Web Services in February 2020.
Microsoft said it observed a rise in attacks that lasted longer than an hour in the second half of 2021, whereas the proportion of short-lived attacks that were 30 minutes or less dropped from 74% to 57%. That said, the longer duration assaults are experienced as a sequence of multiple short, repeated burst attacks.
The company also said it mitigated an average of 1,955 attacks per day, with a maximum of 4,296 attacks recorded in a single day on August 10, 2021. For the entirety of H2 2021, no fewer than 359,713 unique attacks against its infrastructure were blocked, a 43% increase from the first half of 2021.
The gaming industry emerged as the hardest hit sector, followed by financial institutions, media, internet service providers (ISPs), retail, and supply chain entities. Most of the targeted organizations were located in the U.S., India, East Asia (Hong Kong), Brazil, the U.K., South Korea, Japan, Australia, and the U.A.E.
“We saw a sharp uptick in attacks in India, from just 2% of all attacks in the first half of 2021 to taking the second position at 23% of all attacks in the second half of 2021,” Toh said. “Another driving factor may be that the acceleration of digital transformation, for example, the ‘Digital India‘ initiative, has increased the region’s overall exposure to cyber risks.”
If you start a program and receive an error stating that the program you are trying to run needs the Microsoft Visual C++ 2015 Runtime, you can use this tutorial to install the package so that your program works again.
When developers create a Windows program using Microsoft Visual Studio 2015, there are specific dynamic link libraries (DLLs) that their programs are linked to work correctly.
These DLLs are distributed through the Microsoft Visual C++ 2015 Runtime, and if the package is not installed, users will encounter errors stating that DLLs are missing or you need to install the runtime.
As an example, the video game Valorant released an update today that did not include the Microsoft Visual C++ 2015 Runtime, causing the game not to work after the update was installed.
When users launch Valorant, they are instead greeted with the following error.
Missing Microsoft Visual C++ 2015 Runtime error
“The following component(s) are required to run this program: Microsoft Visual C++ 2015 Runtime”
The good news is that it is really easy to fix this problem by downloading and install the runtime from Microsoft’s website.
To install the Microsoft Visual C++ 2015 Runtime, please follow these steps:
You will be brought to a page where it asks you to select whether you want to download the 32-bit or 64-bit version of Windows. Select the version you need and click the Next button. If you are unsure what version you need, you can use this tutorial to determine what you need.
BleepingComputer suggests that you download and install both the x86 AND x64 versions of the runtime to not run into issues in the future.
The files will now be download to your computer. Once downloaded, double-click on the downloaded vc_redist.x64.exe file.
The Microsoft Visual C++-2015 Redistributable screen will be displayed and ask you to agree to the license terms and conditions. Put a checkmark in the “I agree” box and then click on the Install button.Microsoft Visual C++-2015 Redistributable
If Windows prompts you to allow the program to make changes or continue, click on the Yes or Allow button.
When done, the program will display a message stating that it was successfully installed.Redistributable Installed
Now perform the same steps to install the vc_redist.x86.exe runtime.
You can now close the installer.
If you already had the Visual C++ 2015 Runtime installed, you can run the above redistributables and perform a repair.
Perform a Repair
You can now try to run the program that previously gave the missing runtime error, and it should work again.
Windows Safe Mode is a way of booting up your Windows operating system in order to run administrative and diagnostic tasks on your installation. When you boot into Safe Mode the operating system only loads the bare minimum of software that is required for the operating system to work. This mode of operating is designed to let you troubleshoot and run diagnostics on your computer. Windows Safe Mode loads a basic video drivers so your programs may look different than normal.
For Win98/ME, XP, Vista and Windows 7 there are two methods of booting into Safe Mode, while 95 and 2000 only have one. We will describe these methods below:
F8 – By pressing the F8 key right when Windows starts, usually right after you hear your computer beep when you reboot it, you will be brought to a menu where you can choose to boot into safe mode. If it does not work on the first try, reboot and try again as you have to be quick when you press it. I have found that during boot up right after the computer shows you all the equipment , memory, etc installed on your computer, if you start lightly tapping the F8 key you will usually be able to get to the desired menu.
System Configuration Utility – You can use the System Configuration Utility, or MSCONFIG, found in Windows 98, ME, XP, Windows Vista, and Windows 7 to make Windows boot into Safe Mode on the next reboot. We will go into specific details in the sections below. Please note, that you should not force your computer to boot into Safe Mode using the System Configuration Utility if you suspect you are infected with malware as the malware may corrupt keys required to boot into Safe Mode. You can read more about this here.
Windows 95
Windows 95 can only boot into Safe Mode using the F8 method as it does not have a System Configuration Utility.
Using the F8 Method:
Restart your computer.
When the machine first starts it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. When it is finished with that it will say “Starting Windows 95”. Immediately after seeing “Starting Windows 95” press the F8 key.
You will now be presented with a menu. Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode.
Do whatever tasks you require and when you are done reboot to boot back into normal mode.
Windows 98/ME
NOTE: Windows ME may look slightly different than what is shown in the images below. You should still have no problem following along.
Using the F8 Method:
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a menu.
When you have the menu on the screen. Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode.
Do whatever tasks you require and when you are done reboot to boot back into normal mode.
Using the System Configuration Tool Method:
Step 1: Close all programs so that you have nothing open and are at the desktop.
Step 2: Click on the Start button then click on Run.
Step 3: In the Run field type msconfig as shown in the image below.
Figure 1. Starting Msconfig
Step 4: Press the OK button and the System Configuration Utility will start up. You will then see a screen similar to Figure 2 below.
Figure 2. SCU Startup Screen
Step 5: You should now press the Advanced button designated by the red box in the figure above and you will see a screen similar to figure 3 below.
Figure 3. Advanced Options
Step 6: Place a check mark in the checkbox labeled “Enable Startup Menu” designated by the red box in Figure 3 above. Then press the OK button and then the OK button again. Windows 98/ME will now prompt if you would like to reboot as shown in Figure 4 below.
Figure 4. Confirm Reboot
Step 7: Press the Yes button and your computer will restart into Safe Mode.
Step 8: When the computer boots up perform what diagnostic or troubleshooting tasks you require.
Step 9. When you are finished with these tasks, complete steps 1-7 again, but in Step 6 this time uncheck the checkbox labeled “Enable Startup Menu”.
Step 10: Reboot the computer back into normal mode.
Windows 2000
Windows 2000 can only boot into Safe Mode using the F8 method as it does not have a System Configuration Utility.
Using the F8 Method:
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. When that is completed it will start loading Windows.
When you see the screen that has a black and white bar at the bottom stating “Starting Windows”, tap the F8 key repeatedly until you get to the Windows 2000 Advanced Options Menu
At this menu use the arrow keys to select the Safe Mode option, which is usually the first in the list.
Press the enter key.
Your computer will continue booting, but now will boot into Safe Mode.
Do whatever tasks you require and when you are done reboot to boot back into normal mode.
Windows XP
Using the F8 Method:
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode.
Do whatever tasks you require and when you are done reboot to boot back into normal mode.
Using the System Configuration Tool Method:
Note: If you are having trouble entering Safe Mode via the F8 method, you should not use this method to force it to startup into safe mode. For reasons why, you should read this.
Step 1: Close all programs so that you have nothing open and are at the desktop.
Step 2: Click on the Start button then click on Run.
Step 3: In the Run field type msconfig as shown in the image below.
Figure 4. Starting Msconfig
Step 4: Press the OK button and the System Configuration Utility will start up. You will then see a screen similar to Figure 5 below.
Figure 5. Starting the System Configuration Utility
Step 5: Click on the tab labeled “BOOT.INI” which is designated by the red box in Figure 5 above. You will then be presented with a screen similar to Figure 6 below.
Figure 6. BOOT.INI Tab
Step 6: Put a check mark in the checkbox labeled “/SAFEBOOT” designated by the red box in Figure 6 above. Then press the OK button. After pressing the button you will be presented with a confirmation box as shown in Figure 7 below.
Figure 7. Confirm Reboot
Step 7: Press the Restart button and let the computer reboot. It will now boot up into Safe Mode.
Step 8: When the computer boots up do what diagnostic or troubleshooting tasks that you need to do.
Step 9. When are finished with your tasks, complete steps 1-7 again, but in Step 6 this time uncheck the checkbox labeled “/SAFEBOOT”. Then click on the General tab and set it for Normal startup.
Step 10: Reboot the computer back into normal mode.
Windows Vista
Using the F8 Method:
Restart your computer.
When the computer starts you will see your computer’s hardware being listed. When you see this information start to gently tap the F8 key repeatedly until you are presented with the Windows Vista Advanced Boot Options.
Select the Safe Mode option using the arrow keys.
Then press the enter key on your keyboard to boot into Vista Safe Mode.
When Windows starts you will be at a typical logon screen. Logon to your computer and Vista will enter Safe mode.
Do whatever tasks you require, and when you are done, reboot to go back into normal mode.
Using the System Configuration Tool Method:
Note: If you are having trouble entering Safe Mode via the F8 method, you should not use this method to force it to startup into safe mode. For reasons why, you should read this.
Close any running programs and open Windows so you are back at the desktop.
Click on the Start () button.
In the Start Menu Search Box () type msconfig and press enter on your keyboard.
The System Configuration utility will open and you will see a screen similar to the one below.
Figure 8. Vista System Configuration Utility
Click on the Boot tab.
You will now be at the Boot options screen as shown below.
Figure 9. Vista Boot tab in the System Configuration utility
Put a check mark in the checkbox labeled Safe boot
Press the Apply button and then press the OK button.
You will now be presented with a prompt stating that you need to reboot the computer to apply the change.
Figure 10. Restart Prompt
Click on the Restart button to reboot your computer.
Your computer will now restart directly into Safe Mode. When you get to the Vista logon screen, log on to the computer and perform any necessary tasks.
When done with your tasks, from within Safe Mode, start msconfig.
When the program is open, and you are on the General tab, select the option labeled Normal Startup.
Then press the Apply button and then the OK button.
When the programs prompts you to reboot, allow it to do so, and you will boot back into Windows Vista in normal mode.
Windows 7
Using the F8 Method:
Restart your computer.
When the computer starts you will see your computer’s hardware being listed. When you see this information start to gently tap the F8 key on your keyboard repeatedly until you are presented with the Windows 7 Advanced Boot Options screen as shown in the image below.
Figure 11. Windows 7 Advanced Boot Options screen
Using the arrow keys, select the Safe Mode option you want.
Then press the enter key on your keyboard to boot into Windows 7 Safe Mode.
When Windows starts you will be at a typical logon screen. Logon to your computer and Windows 7 will enter Safe mode.
Do whatever tasks you require, and when you are done, reboot to go back into normal mode.
Using the System Configuration Tool Method:
Note: If you are having trouble entering Safe Mode via the F8 method, you should not use this method to force it to startup into safe mode. For reasons why, you should read this.
Close any running programs and open Windows so you are back at the desktop.
Click on the Start () button.
In the Start Menu Search Box type msconfig as shown in Figure 12 below.
Figure 12. Windows 7 Search box
Then press enter on your keyboard.
The System Configuration utility will open and you will see a screen similar to the one below.
Figure 13. Windows 7 System Configuration Utility
Click on the Boot tab.
You will now be at the Boot screen as shown below.
Figure 14. Windows 7 Boot tab in the System Configuration utility
Put a check mark in the checkbox labeled Safe boot
Press the Apply button and then press the OK button.
You will now be presented with a prompt stating that you need to reboot the computer to apply the change.
Figure 15. Restart Prompt
Click on the Restart button to reboot your computer.
Your computer will now restart directly into Safe Mode. When you get to the Windows 7 logon screen, log on to the computer and perform any necessary tasks.
When done with your tasks, from within Safe Mode, start msconfig.
When the program is open, and you are on the General tab, select the option labeled Normal Startup.
Then press the Apply button and then the OK button.
When the programs prompts you to reboot, allow it to do so, and you will boot back into Windows 7 in normal mode.
From the Windows Start screen, type Advanced startup and when the search results appear, click on the Settings category and then click on the Advanced startup options search option.
When the Settings screen opens, scroll down and click on the Restart now button under the Advanced Startup category and your computer will restart.
When the Advance startup menu appears, click on the Troubleshoot option.
Then click on the Advanced Options button.
Finally click on the Startup Settings option and then click on the Restart button. Your computer will now restart again.
When you get to the Startup Settings screen, press the number for the Safe Mode option you wish to use.
Do whatever tasks you require, and when you are done, reboot to go back into normal mode.
Using the System Configuration Tool Method:
Note: If you are having trouble entering Safe Mode via the Advanced Startup menu, you should not use this method to force it to startup into safe mode. For reasons why, you should read this.
Go to the Windows Start screen and type msconfig. When the msconfig search results appears, click on it.
The System Configuration utility will open and you will see a screen similar to the one below.
Click on the Boot tab.
You will now be at the Boot screen as shown below.
Put a check mark in the checkbox labeled Safe boot
Press the Apply button and then press the OK button.
You will now be presented with a prompt stating that you need to reboot the computer to apply the change.
Click on the Restart button to reboot your computer.
Your computer will now restart directly into Safe Mode. When you get to the Windows 8 logon screen, log on to the computer and perform any necessary tasks.
When done with your tasks, from within Safe Mode, go back to the Start screen by pressing the Tab key on your keyboard. Then start msconfig again by typing msconfig and then clicking on its search result.
When the program is open, and you are on the General tab, select the option labeled Normal Startup.
Then press the Apply button and then the OK button.
When the programs prompts you to reboot, allow it to do so, and you will boot back into Windows 8 in normal mode.
Press the Ctrl+Alt+Delete keys a the same time to enter the Windows security screen.
While holding down the Shift key, click on the Power button () and then click on Restart.
When Windows 10 restarts, you will be at the Choose an Option screen as shown below. At this screen, click on the Troubleshoot button to access the Troubleshoot options.
At the Troubleshoot screen, click on the Advanced Options button to open the advanced options screen.
At the Advanced Options screen, click on the Startup Settings option. This will open the Startup Settings screen.
At the Startup Settings screen, click on the Restart button. Windows will now restart.
After restarting you will be shown a Startup Settings screen. At this screen you should press the number 5 key on your keyboard to enter Safe Mode with Networking.
Your computer will now reboot. Once rebooted, you will be at a login prompt. Login to access Safe mode with Networking.
Problems that can occur by forcing Safe Mode using the System Configuration Utility
It is possible to make your computer continuously boot up into safe mode using the System Configuration utility as described above. The program does this by changing your boot.ini file, the settings file that configures your computer’s boot sequence, and adding the /safeboot argument to your operating systems startup line. An example of this can be seen below.
Original
[operating systems] multi(0)disk(0)rdisk(0)partition(2)\WINDOWS=”Microsoft Windows XP Professional” /FASTDETECT /NOEXECUTE=OPTIN
After using MsConfig.exe
[operating systems] multi(0)disk(0)rdisk(0)partition(2)\WINDOWS=”Microsoft Windows XP Professional” /FASTDETECT /NOEXECUTE=OPTIN /safeboot:minimal
When you are done using safe mode, you would then run the System Configuration utility again and uncheck the /Safeboot option, thus removing the /safeboot argument from the boot.ini file, and allowing your computer to boot up normally.
On a computer that is operating properly this is normally not a problem. Unfortunately, though, a new trick that some of the more recent malware are using is to delete certain Windows Registry keys so that your computer can not properly boot into safe mode. It is in these situations that using the System Configuration utility to boot into safe mode can cause the computer to become inoperable for many users.
This is because once you set the computer to boot into Safe Mode using /Safeboot, it will continuously attempt to start Safe Mode until the /safeboot argument is removed from the boot.ini. Since the malware is not allowing us to actually boot into safe mode, you have no way of getting to a point where you can run the System Configuration utility again to uncheck the /Safeboot option. Thus, you are stuck with a computer constantly attempting to get into safe mode and not being able to do so.
If a situation like this has happened to you it is possible to fix this problem by renaming your boot.ini file. The first step would be to use a boot disk to start your computer. If your computer does not have a floppy disk, then you can typically boot off the Windows CD that came with your computer in order to access the Windows Recovery Console. More information about the Windows Recovery Console can be found here. Once booted to a command prompt, you would simply rename your C:\Boot.ini file to another name like C:\Boot.ini.bak. The command to rename the file at the command prompt is:
ren C:\Boot.ini Boot.ini.bak
Once the file is renamed, you can then remove the boot disk and reboot your computer to get back to normal mode. When booting up after the rename, do not be surprised if you see an error stating that you do not have a valid Boot.ini file. When you get back to normal Windows mode, you can then rename C:\Boot.ini.bak to C:\Boot.ini and run Msconfig again to remove the /safeboot flag.
Conclusion
It is not uncommon when people are helping you troubleshoot your computer that they tell you to enter Safe Mode. With this tutorial you should now know how to enter Safe Mode when it is required.
If you have any questions please feel free to post them in our tech support forums.
Microsoft said it won’t be fixing or is pushing patches to a later date for three of the four security flaws uncovered in its Teams business communication platform earlier this March.
The disclosure comes from Berlin-based cybersecurity firm Positive Security, which found that the implementation of the link preview feature was susceptible to a number of issues that could “allow accessing internal Microsoft services, spoofing the link preview, and, for Android users, leaking their IP address, and DoS’ing their Teams app/channels.”
Of the four vulnerabilities, Microsoft is said to have addressed only one that results in IP address leakage from Android devices, with the tech giant noting that a fix for the denial-of-service (DoS) flaw will be considered in a future version of the product. The issues were responsibly disclosed to the company on March 10, 2021.
Chief among the flaws is a server-side request forgery (SSRF) vulnerability in the endpoint “/urlp/v1/url/info” that could be exploited to glean information from Microsoft’s local network. Also discovered is a spoofing bug wherein the preview link target can be altered to point to any malicious URL while keeping the main link, preview image and description intact, allowing attackers to hide malicious links and stage improved phishing attacks.
The DoS vulnerability, which affects the Android version of Teams, could cause the app to crash simply by sending a message with a specially crafted link preview containing an invalid target instead of a legitimate URL. The last of the issues concerns an IP address leak, which also affects the Android app. By intercepting messages that include a link preview to point the thumbnail URL to a non-Microsoft domain, Positive Security said it’s possible to gain access to a user’s IP address and user agent data.
“While the discovered vulnerabilities have a limited impact, it’s surprising both that such simple attack vectors have seemingly not been tested for before, and that Microsoft does not have the willingness or resources to protect their users from them,” Positive Security’s co-founder Fabian Bräunlein said.
Apple on Wednesday released iOS 15.3 and macOS Monterey 12.2 with a fix for the privacy-defeating bug in Safari, as well as to contain a zero-day flaw, which it said has been exploited in the wild to break into its devices.
Tracked as CVE-2022-22587, the vulnerability relates to a memory corruption issue in the IOMobileFrameBuffer component that could be abused by a malicious application to execute arbitrary code with kernel privileges.
The iPhone maker said it’s “aware of a report that this issue may have been actively exploited,” adding it addressed the issue with improved input validation. It did not reveal the nature of the attacks, how widespread they are, or the identities of the threat actors exploiting them.
An anonymous researcher along with Meysam Firouzi and Siddharth Aeri have been credited with discovering and reporting the flaw.
CVE-2022-22587 is the third zero-day vulnerability discovered in IOMobileFrameBuffer in a span of six months after CVE-2021-30807 and CVE-2021-30883. In December 2021, Apple resolved four additional weaknesses in the kernel extension that’s used to manage the screen framebuffer.
Also fixed by the tech giant is a recently disclosed vulnerability in Safari that stemmed from a faulty implementation of the IndexedDB API (CVE-2022-22594), which could be abused by a malicious website to track users’ online activity in the web browser and even reveal their identity.
Other flaws of note include —
CVE-2022-22584 – A memory corruption issue in ColorSync that may lead to arbitrary code execution when processing a malicious crafted file
CVE-2022-22578 – A logic issue in Crash Reporter that could allow a malicious application to gain root privileges
CVE-2022-22585 – A path validation issue in iCloud that could be exploited by a rogue application to access a user’s files
CVE-2022-22591 – A memory corruption issue in Intel Graphics Driver that could be abused by a malicious application to execute arbitrary code with kernel privileges
CVE-2022-22593 – A buffer overflow issue in Kernel that could be abused by a malicious application to execute arbitrary code with kernel privileges
CVE-2022-22590 – A use-after-free issue in WebKit that may lead to arbitrary code execution when processing maliciously crafted web content
The updates are available for iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, iPod touch (7th generation), and macOS devices running Big Sur, Catalina, and Monterey.
This article describes how to recover a bricked USW-Flex-Mini via recovery mode. The first step in the recovery process is to prepare a web server. See the subsections below on how to do that on each of the different operating systems: Windows, macOS and Ubuntu/Debian and then continue to the recovery instructions once that is done.
The first step in the recovery process is to prepare a web server. See the subsections below on how to do that on each of the different operating systems: Windows, macOS and Ubuntu/Debian.
How to Prepare a Web Server on Windows
1. Download Python for Windows (Executable Installer) here.
2. Open the downloaded file and make sure you select Add Python x.x to PATH during installation.
3. After the Python installation open Command Prompt as Administrator and confirm that Python is installed correctly with the command below:
python -V
4. Create a directory for the web server by running the commands below:
mkdir c:\webserver cd c:\webserver
5. Start the Python web server on port 80. Note that the version of Python can be found with the command from step 3:
3. Create a directory for the web server by running the commands below:
cd ~ mkdir webserver cd webserver
4. Start the Python web server on port 80. Note that the version of Python can be found with the command from step 2:
Python 3.x:
sudo "${python_version}" -m http.server 80
Python 2.x:
sudo "${python_version}" -m SimpleHTTPServer 80
How to Recover a USW Flex Mini
1. Prepare a web server as explained above, and set the server / computer’s IP to a static 192.168.1.99. The way to set a static IP on a computer will vary from platform to platform. Find instructions on how to do that in your product’s documentation (Windows, macOS or Ubuntu/Linux).
2. Download the latest firmware (found in Downloads), rename the binary to fwupdate.bin and place it in the directory that was created earlier (webserver).
3. Power down the switch by unplugging from the power source.
4. Press the switch’s reset button and hold it down as you provide power to the switch. Hold the reset button down for over 10 seconds during boot up. The LED pattern should be: blue-white-off blinking.
5. The USW-Flex-Mini should be updated after a while.
The method described in this article should help recover a “bricked” UniFi AP. This method will not void the device warranty, whereas opening the chassis for serial TTL will void your warranty. Most soft brick issues will be resolved via this procedure. If your issue continues unresolved, it might indicate a hardware issue that cannot be resolved via software. Feel free to contact support if you believe this to be the case.IMPORTANT:When Recovering UAP Gen1 Devices, The device itself will need approximately 5 minutes to finish recovering after the put command is entered.
TFTP for Windows
1. Prior to beginning the TFTP recovery, download the firmware for the device needed by visiting the UniFi Downloads section. Navigate to the UAP in question using the menu on the left, and find the latest firmware file. Confirm it is a .bin firmware file and not the UniFi Network application software file before downloading.
2. Once the correct firmware has been identified, download it and save it on your computer.
3. Unplug the ethernet cable from the UniFi AP.
4. Using a paperclip press and hold the UniFi AP’s reset button. Make sure you can feel it being depressed by the paperclip. Do not release the button until step 6.
5. While keeping the reset button pressed in, plug the ethernet cable back into the AP. Keep the reset button depressed until you see the device’s LED flashing in upgrade mode (read about LED patterns in this article). This may take up to 25 seconds. User Tip: The UAP will not respond to ping requests while in TFTP recovery mode, but will respond to ARP requests.
6. You may release the reset button. Now the device is in TFTP transfer mode.
7. Set a static IP on your Computer’s NIC. A static IP of 192.168.1.25, a subnet of 255.255.255.0 and gateway of 192.168.1.20 will work.
8. Plug the UniFi PoE injector’s LAN cable directly to your computer.
9. This example uses the Pumpkin TFTP software, which you can download here (clicking link will download the .exe file immediately) and disable the firewall or allow the Pumpkin connection. Click on “Put File”.
10. In “Local Files” browse for the firmware you downloaded and saved previously (in step 1).
11. In the “Remote host” field enter the gateway you had predetermined (192.168.1.20), then click OK.
12. At this point, the file should begin transferring. The firmware will upgrade now and the device will automatically reboot once it has finished. Do not reboot it yourself.
TFTP for Linux & macOS
1. Prior to beginning the TFTP recovery, download the firmware for the device needed by visiting the UniFi Downloads section. Navigate to the UAP in question using the menu on the left, and find the latest firmware file. Confirm it is a .bin firmware file and not the UniFi Network application software file before downloading.
2. Once the correct firmware has been identified, download it and save it on your computer. You will need to know the exact path to your file, so for this example, we are moving the downloaded firmware file to /Users/username/.
3. Go to System Preferences > Network and set your computer’s network IP address to 192.168.1.25, subnet 255.255.255.0 and gateway 192.168.1.20. User Tip: Take note of what your IP address is before changing it. You will have to revert back to the original IP address on step 12.
4. On macOS Open Applications > Utilities > Terminal and type:
tftp
On Linux, open the command line application of choice and type the following (substituting the bolded path and firmware name for the name of the file you downloaded in step 2 and the path to where it is saved):
5. A tftp> command prompt will appear. You are ready to reset the AP and connect it to your computer, while it’s in “upgrade mode”.
6. Unplug the ethernet cable from the UniFi AP.
7. Using a paperclip press and hold the UniFi AP’s reset button. Make sure you can feel it being depressed by the paperclip. Do not release the button until step 9.
8. While keeping the reset button pressed in, plug the ethernet cable back into the AP. Keep the reset button depressed until you see the device’s LED flashing in upgrade mode (read about LED patterns in this article). This may take up to 25 seconds. User Tip: The UAP will not respond to ping requests while in TFTP recovery mode, but will respond to ARP requests.
9. You may release the reset button. Now the device is in TFTP transfer mode.
10. On the TFTP command line in Terminal, paste these four lines and hit enter:
connect 192.168.1.20 binary rexmt 1 timeout 60
Click to copy
11. Type the command put followed by the path to the firmware downloaded in step 2 and hit enter. Following the example mentioned in step 2, something similar to this would be typed into the Terminal window:
put /Users/Alex/BZ.qca956x.v3.9.27.8537.180317.1235.bin
IMPORTANT:Remember you must substitute the bolded path and firmware file name with your own path and file name.
Once it is successful, you will see something like this in the Terminal window (bolded words will be different for each user):
tftp> connect 192.168.1.20 tftp> binary tftp> rexmt 1 tftp> timeout 60 tftp> put /path/firmware.bin Sent x bytes in y seconds
The file should begin transferring at this point. The firmware will upgrade and the device will automatically reboot once it has finished. Do not reboot it yourself.
12. Re-connect the PoE injector’s LAN cable into your router. Restore the network IP back to what it was before.User Tip: If your device is having trouble getting adopted by the UniFi Network application after this process, try forgetting the device by going to the UniFiDevices section, clicking on the UAP in question and then within the properties panel that pops up, go to Config (gear icon) > Manage Device > Forget this device. Click on the “Forget” button and try the process again.
This article explains best practices for configuring larger UniFi networks with AirPlay/Chromecast devices. For efficient and reliable channel utilization, networks with more than 100 WiFi clients will need the multicast block option to be enabled on each of their SSIDs. This guide is especially useful for schools, stadiums, public venues, or similar networks.
Note: This guide applies to a network with a UniFi Security Gateway, UDM, or UDM-Pro. If your network does not have one of these, the steps may need to be adapted.
Creating a ChromeCast/AirPlay Network
Once your UniFi Network scales beyond a certain number of WiFi clients, it is important to ensure that every AP’s WiFi channel continues to be used efficiently. The broadcast traffic from more than 100 clients is typically high enough that WiFi performance may start to degrade. We always recommend enabling the multicast block option setting for larger networks.
However, this option causes a problem with users that would like to use their ChromeCast/AirPlay devices on the same WiFi network, because those devices will no longer hear the MDNS broadcasts from other devices on the network. They will no longer be discoverable.
In order to gain the performance benefits of multicast block while still maintaining discoverability to these WiFi clients, please follow these steps:
Go to Settings > WiFi and select on the SSID to check that multicast block is enabled if it has more than 100 clients on it.
Create a separate SSID/VLAN for the ChromeCast/AirPlay clients.
Go to Settings > Networks, and add a New Network.
Go to Settings > WiFi, and add a new WiFi Network, ensuring that the Network from Step “a” is selected, instead of LAN.
Go to Settings > Advanced Features > Advanced Gateway Settings > Multicast DNS and enable Multicast DNS, then click Apply Changes.
Forget the old network on your ChromeCast/AirPlay clients and connect them to the new WiFi Network.
Test Discoverability from the appropriate mobile apps.
Microsoft Visual C++-2015 Redistributable
Redistributable Installed
) button.
) type msconfig and press enter on your keyboard.
) button.
) and then click on Restart.
