February 22, 2022
Good morning, everyone!
The latest critical vulnerabilities:
Patch All the Things!
Beware of Fake Update Installers
Researchers at HP have warned that RedLine stealer malware is being distributed by distributing fake Windows 11 upgrade installers to users of Windows 10:
the actors used the seemingly legitimate “windows-upgraded.com” domain for the malware distribution part of their campaign. The site appears like a genuine Microsoft site and, if the visitor clicked on the ‘Download Now’ button, they received a 1.5 MB ZIP archive named “Windows11InstallationAssistant.zip,” fetched directly from a Discord CDN.
Interestingly enough, there is a similar 'UpdateAgent' malware for Macs being seen around. Regardless of the platform, the steps to protect yourself against attacks like this are the same.
How to Spot Fake Update Requests
Where did the popup come from? If the software is already installed on your Windows computer, a valid update notice will typically pop up from the system tray in the lower right corner of your screen. On a Mac, legitimate notices appear in the upper right corner. If a popup appears in the middle of the screen, especially if you have been surfing the web, it’s probably a trick.
When did the popup appear? As a general rule, legitimate update notices will appear when you log into your computer or an application. If you get a popup right after clicking on an ad or article online, that’s probably a fake.
How to Respond
Always consult original sources of information. For Windows Updates, click on “Windows Updates” in the Start menu; for Mac updates, click on the Apple icon in upper left corner, "About This Mac" and the "Software Update" button. For individual applications, there is usually an option to “Check for Updates” under the “Help” menu. Or you can go to the website for that application and look for update options under the Support or Downloads tab.
Finally, remember that you have to actually install this malware to be infected!
- When you get a popup asking whether you want to install this software, READ IT! Do you really want to install this software?
- Working as a standard user on a regular basis is great protection against attacks like this. Someone will have to type in an administrative password to install the malware.
Talk to you again soon!
Security Awareness Training Available Here, There, Everywhere!
Thanks to COVID-19, lots of things went virtual, including my employee Security Awareness Training. Live training made a comeback a few months ago, but many organizations are retreating. No worries. Wherever you and your employees may be, I can deliver an interesting and informative training session in whatever format you prefer.
Contact me to schedule your employee training sessions. They're fun! ☺