Results 1 to 6 of 6
  1. #1
    iNET Interactive
    Join Date
    Jan 2010
    Location
    Seattle, WA, USA
    Posts
    376
    Thanks
    1
    Thanked 29 Times in 24 Posts

    A threat from our growing use of MS sign-ins


    Patch Watch

    A threat from our growing use of MS sign-ins


    By Susan Bradley

    Usually, about now we'd simply be wrapping up Windows and Office updates. But this month we must also ensure we're not losing our Microsoft sign-in credentials.

    And for those who have installed Win10 Anniversary Update, there's a slew of fixes for a host of issues.

    The full text of this column is posted at windowssecrets.com/patch-watch/a-threat-from-our-growing-use-of-ms-sign-ins/ (opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.

  2. #2
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,745
    Thanks
    171
    Thanked 648 Times in 571 Posts
    Not to diminish the importance of "Resolving an unpatched MS-credentials leak", but ...

    The research on which this is based is more than a year old (back when Edge was still called Spartan).

    Strange that it took Russian/German VPN providers to get it on our radar (not just here, but all over the place this month).
    Last edited by BruceR; 2016-08-25 at 02:21.

  3. #3
    2 Star Lounger
    Join Date
    Sep 2014
    Location
    Hampshire, UK
    Posts
    169
    Thanks
    4
    Thanked 46 Times in 31 Posts
    Under the summary of other August non-security updates, it states " I've seen reports of side effects with these updates; it's safe to install them." That is clearly contradictory, and I assume that it should read "I have not seen reports etc". On the other hand, if it is written as intended then can we please be told what the side effects are?
    Last edited by Tandor; 2016-08-25 at 12:02.

  4. #4
    New Lounger
    Join Date
    Aug 2016
    Posts
    5
    Thanks
    0
    Thanked 1 Time in 1 Post
    The msleak. etc link reports that it needs Internet Explorer or Edge and stops. I have both installed but Firefox is my default browser. This issue does not seem to be researched as well as most topics.

  5. #5
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Delaware, US
    Posts
    1,160
    Thanks
    19
    Thanked 99 Times in 88 Posts
    I had a look at the registry patch from the linked article and found that it's worth taking the time to read all the comments in that link. Apparently, making this change to the registry brings with it a few potentially broken functions. For me, that meant that I could no longer connect to my NAS. Oops!
    Graham Smith
    DataSmith, Delaware
    "For every expert there is an equal and opposite expert.", Arthur C. Clarke (1917 - 2008)

  6. #6
    New Lounger
    Join Date
    Jan 2010
    Location
    UK
    Posts
    21
    Thanks
    0
    Thanked 4 Times in 4 Posts
    The recommendation in the article will be satisfactory for many. However, it prevents access through Windows Explorer/My Computer to mapped network drives on my NAS so I removed the registry entry. This highlights the need for in-depth research and testing when making recommendations like this. If someone made this registry change and months down the line bought a NAS they'd be in a world of pain trying to sort this out as they'd likely have forgotten this change.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •