fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Windows 10 KB5003637 Update May Block Remote Access to Event Logs

Windows 10 KB5003637 Update May Block Remote Access to Event Logs

Microsoft says that apps may encounter issues accessing event logs on remote Windows 10 devices unless KB5003637 or later updates are installed on both systems.

“Event logs might not be accessible from remote devices unless both devices have updates released June 8, 2021 or later,” Microsoft states on the Windows 10 health dashboard.

“This issue is resolved if the local and remote devices both have KB5003637 installed.”

This Windows 10 known issue impacts only applications using specific legacy Event Logging APIs. Event Viewer and other apps using current non-legacy APIs to access Windows event logs remotely are not affected.

When trying to connect to or from a Windows 10 device on which the  KB5003637 cumulative update was not yet installed, you might see one of the following errors:

  • error 5: access is denied
  • error 1764: The requested operation is not supported.
  • System.InvalidOperationException,Microsoft.PowerShell.Commands.GetEventLogCommand
  • Windows has not provided an error code.

Impacted platforms include both client and server Windows 10 version:

  • Client: Windows 10 21H1; Windows 10 20H2; Windows 10 2004; Windows 10 1909; Windows 10 1809; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 20H2; Windows Server 2004; Windows Server 1909; Windows Server 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

Also Read: Got Hacked? Here Are 5 Ways to Handle Data Breaches

Known issue caused by security hardening changes

According to Microsoft, this is an expected result after Event Tracing for Windows (ETW) security hardening changes addressing the CVE-2021-31958 Windows NTLM Elevation of Privilege Vulnerability.

Microsoft released CVE-2021-31958 security updates during the June Patch Tuesday to address the flaw discovered by Gal Levy and Yuval Sarel from Armis Security.

KB5003637 comes with security updates to the Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cloud Infrastructure, Windows Authentication, Windows Fundamentals, Windows Virtualization, Windows Kernel, Windows HTML Platform, and Windows Storage and Filesystems.

This Windows 10 cumulative update also improves Windows OLE (compound documents) security and when Windows performs basic operations.

“This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website,” Redmond explains in the security advisory.

Also Read: Compliance Course Singapore: Spotlight on the 3 Offerings

“An attacker would have no way to force users to visit this specially crafted server share or website, but would have to convince them to visit the server share or website, typically by way of an enticement in an email or chat message.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us