1 00:00:01,680 --> 00:00:03,669 covering the week's top tech stories 2 00:00:03,669 --> 00:00:03,679 covering the week's top tech stories 3 00:00:03,679 --> 00:00:06,950 covering the week's top tech stories with a slight linux bias microsoft is 4 00:00:06,950 --> 00:00:06,960 with a slight linux bias microsoft is 5 00:00:06,960 --> 00:00:08,710 with a slight linux bias microsoft is urgently advising windows server 6 00:00:08,710 --> 00:00:08,720 urgently advising windows server 7 00:00:08,720 --> 00:00:10,549 urgently advising windows server customers to patch a vulnerability that 8 00:00:10,549 --> 00:00:10,559 customers to patch a vulnerability that 9 00:00:10,559 --> 00:00:12,470 customers to patch a vulnerability that allows attackers to take control of 10 00:00:12,470 --> 00:00:12,480 allows attackers to take control of 11 00:00:12,480 --> 00:00:13,910 allows attackers to take control of entire networks 12 00:00:13,910 --> 00:00:13,920 entire networks 13 00:00:13,920 --> 00:00:16,630 entire networks with no user interaction and from there 14 00:00:16,630 --> 00:00:16,640 with no user interaction and from there 15 00:00:16,640 --> 00:00:19,590 with no user interaction and from there rapidly spread from computer to computer 16 00:00:19,590 --> 00:00:19,600 rapidly spread from computer to computer 17 00:00:19,600 --> 00:00:21,830 rapidly spread from computer to computer the vulnerability dubbed cigred by 18 00:00:21,830 --> 00:00:21,840 the vulnerability dubbed cigred by 19 00:00:21,840 --> 00:00:23,670 the vulnerability dubbed cigred by researchers at checkpoint who discovered 20 00:00:23,670 --> 00:00:23,680 researchers at checkpoint who discovered 21 00:00:23,680 --> 00:00:24,070 researchers at checkpoint who discovered it 22 00:00:24,070 --> 00:00:24,080 it 23 00:00:24,080 --> 00:00:26,710 it resides in windows dns a component that 24 00:00:26,710 --> 00:00:26,720 resides in windows dns a component that 25 00:00:26,720 --> 00:00:28,790 resides in windows dns a component that automatically responds to requests 26 00:00:28,790 --> 00:00:28,800 automatically responds to requests 27 00:00:28,800 --> 00:00:30,790 automatically responds to requests to translate a domain into the ipi 28 00:00:30,790 --> 00:00:30,800 to translate a domain into the ipi 29 00:00:30,800 --> 00:00:32,950 to translate a domain into the ipi address computers need to locate it on 30 00:00:32,950 --> 00:00:32,960 address computers need to locate it on 31 00:00:32,960 --> 00:00:34,229 address computers need to locate it on the internet 32 00:00:34,229 --> 00:00:34,239 the internet 33 00:00:34,239 --> 00:00:36,229 the internet by sending maliciously formed queries 34 00:00:36,229 --> 00:00:36,239 by sending maliciously formed queries 35 00:00:36,239 --> 00:00:37,590 by sending maliciously formed queries attackers can execute 36 00:00:37,590 --> 00:00:37,600 attackers can execute 37 00:00:37,600 --> 00:00:40,150 attackers can execute code that gains domain administrator 38 00:00:40,150 --> 00:00:40,160 code that gains domain administrator 39 00:00:40,160 --> 00:00:41,910 code that gains domain administrator rights and then from there 40 00:00:41,910 --> 00:00:41,920 rights and then from there 41 00:00:41,920 --> 00:00:43,990 rights and then from there take control of the entire network the 42 00:00:43,990 --> 00:00:44,000 take control of the entire network the 43 00:00:44,000 --> 00:00:45,990 take control of the entire network the vulnerability is present in all windows 44 00:00:45,990 --> 00:00:46,000 vulnerability is present in all windows 45 00:00:46,000 --> 00:00:47,190 vulnerability is present in all windows server versions from 46 00:00:47,190 --> 00:00:47,200 server versions from 47 00:00:47,200 --> 00:00:50,950 server versions from 2003 to 2019. both microsoft and the 48 00:00:50,950 --> 00:00:50,960 2003 to 2019. both microsoft and the 49 00:00:50,960 --> 00:00:52,950 2003 to 2019. both microsoft and the researchers said that it's wormable 50 00:00:52,950 --> 00:00:52,960 researchers said that it's wormable 51 00:00:52,960 --> 00:00:54,630 researchers said that it's wormable meaning it can spread from computer to 52 00:00:54,630 --> 00:00:54,640 meaning it can spread from computer to 53 00:00:54,640 --> 00:00:56,470 meaning it can spread from computer to computer in a way that's akin to 54 00:00:56,470 --> 00:00:56,480 computer in a way that's akin to 55 00:00:56,480 --> 00:00:58,630 computer in a way that's akin to falling dominoes with no user 56 00:00:58,630 --> 00:00:58,640 falling dominoes with no user 57 00:00:58,640 --> 00:01:00,150 falling dominoes with no user interaction required 58 00:01:00,150 --> 00:01:00,160 interaction required 59 00:01:00,160 --> 00:01:01,830 interaction required computer worms have the potential to 60 00:01:01,830 --> 00:01:01,840 computer worms have the potential to 61 00:01:01,840 --> 00:01:03,750 computer worms have the potential to propagate rapidly just by virtue of 62 00:01:03,750 --> 00:01:03,760 propagate rapidly just by virtue of 63 00:01:03,760 --> 00:01:04,789 propagate rapidly just by virtue of being connected 64 00:01:04,789 --> 00:01:04,799 being connected 65 00:01:04,799 --> 00:01:06,870 being connected and without requiring end users to do 66 00:01:06,870 --> 00:01:06,880 and without requiring end users to do 67 00:01:06,880 --> 00:01:09,030 and without requiring end users to do anything at all 68 00:01:09,030 --> 00:01:09,040 anything at all 69 00:01:09,040 --> 00:01:11,030 anything at all when a worm's underlying vulnerability 70 00:01:11,030 --> 00:01:11,040 when a worm's underlying vulnerability 71 00:01:11,040 --> 00:01:12,789 when a worm's underlying vulnerability easily allows malicious code to be 72 00:01:12,789 --> 00:01:12,799 easily allows malicious code to be 73 00:01:12,799 --> 00:01:13,750 easily allows malicious code to be executed 74 00:01:13,750 --> 00:01:13,760 executed 75 00:01:13,760 --> 00:01:16,390 executed exploits can be especially harmful as 76 00:01:16,390 --> 00:01:16,400 exploits can be especially harmful as 77 00:01:16,400 --> 00:01:18,710 exploits can be especially harmful as was the case with both the wannacry and 78 00:01:18,710 --> 00:01:18,720 was the case with both the wannacry and 79 00:01:18,720 --> 00:01:21,109 was the case with both the wannacry and not pecha attacks from 2016 80 00:01:21,109 --> 00:01:21,119 not pecha attacks from 2016 81 00:01:21,119 --> 00:01:22,950 not pecha attacks from 2016 that shut down networks worldwide and 82 00:01:22,950 --> 00:01:22,960 that shut down networks worldwide and 83 00:01:22,960 --> 00:01:25,510 that shut down networks worldwide and caused billions of dollars in damage 84 00:01:25,510 --> 00:01:25,520 caused billions of dollars in damage 85 00:01:25,520 --> 00:01:27,109 caused billions of dollars in damage checkpoint researchers said that the 86 00:01:27,109 --> 00:01:27,119 checkpoint researchers said that the 87 00:01:27,119 --> 00:01:29,030 checkpoint researchers said that the effort required to exploit sig red was 88 00:01:29,030 --> 00:01:29,040 effort required to exploit sig red was 89 00:01:29,040 --> 00:01:31,350 effort required to exploit sig red was well within the means of skilled hackers 90 00:01:31,350 --> 00:01:31,360 well within the means of skilled hackers 91 00:01:31,360 --> 00:01:32,550 well within the means of skilled hackers while there's no evidence that the 92 00:01:32,550 --> 00:01:32,560 while there's no evidence that the 93 00:01:32,560 --> 00:01:34,789 while there's no evidence that the vulnerability is actively underexploited 94 00:01:34,789 --> 00:01:34,799 vulnerability is actively underexploited 95 00:01:34,799 --> 00:01:35,990 vulnerability is actively underexploited at the moment 96 00:01:35,990 --> 00:01:36,000 at the moment 97 00:01:36,000 --> 00:01:38,069 at the moment checkpoint and said that's likely to 98 00:01:38,069 --> 00:01:38,079 checkpoint and said that's likely to 99 00:01:38,079 --> 00:01:40,230 checkpoint and said that's likely to change and if it does the destructive 100 00:01:40,230 --> 00:01:40,240 change and if it does the destructive 101 00:01:40,240 --> 00:01:41,910 change and if it does the destructive effects would be high 102 00:01:41,910 --> 00:01:41,920 effects would be high 103 00:01:41,920 --> 00:01:43,590 effects would be high microsoft rated the chances of 104 00:01:43,590 --> 00:01:43,600 microsoft rated the chances of 105 00:01:43,600 --> 00:01:45,749 microsoft rated the chances of exploitation as more likely 106 00:01:45,749 --> 00:01:45,759 exploitation as more likely 107 00:01:45,759 --> 00:01:48,310 exploitation as more likely many outside researchers concurred 108 00:01:48,310 --> 00:01:48,320 many outside researchers concurred 109 00:01:48,320 --> 00:01:49,429 many outside researchers concurred security reacher 110 00:01:49,429 --> 00:01:49,439 security reacher 111 00:01:49,439 --> 00:01:51,510 security reacher researcher marcus hutchins fears 112 00:01:51,510 --> 00:01:51,520 researcher marcus hutchins fears 113 00:01:51,520 --> 00:01:53,429 researcher marcus hutchins fears attackers will exploit cigred 114 00:01:53,429 --> 00:01:53,439 attackers will exploit cigred 115 00:01:53,439 --> 00:01:55,190 attackers will exploit cigred in an attempt to wage crippling 116 00:01:55,190 --> 00:01:55,200 in an attempt to wage crippling 117 00:01:55,200 --> 00:01:57,030 in an attempt to wage crippling ransomware campaigns 118 00:01:57,030 --> 00:01:57,040 ransomware campaigns 119 00:01:57,040 --> 00:01:58,709 ransomware campaigns in that scenario attackers would take 120 00:01:58,709 --> 00:01:58,719 in that scenario attackers would take 121 00:01:58,719 --> 00:02:00,709 in that scenario attackers would take control of a network's dns server and 122 00:02:00,709 --> 00:02:00,719 control of a network's dns server and 123 00:02:00,719 --> 00:02:02,550 control of a network's dns server and then use it to push malware to all 124 00:02:02,550 --> 00:02:02,560 then use it to push malware to all 125 00:02:02,560 --> 00:02:04,630 then use it to push malware to all connected client computers 126 00:02:04,630 --> 00:02:04,640 connected client computers 127 00:02:04,640 --> 00:02:06,469 connected client computers microsoft issued a fix as part of this 128 00:02:06,469 --> 00:02:06,479 microsoft issued a fix as part of this 129 00:02:06,479 --> 00:02:08,229 microsoft issued a fix as part of this month's update tuesday 130 00:02:08,229 --> 00:02:08,239 month's update tuesday 131 00:02:08,239 --> 00:02:10,309 month's update tuesday organizations that use windows dns 132 00:02:10,309 --> 00:02:10,319 organizations that use windows dns 133 00:02:10,319 --> 00:02:12,229 organizations that use windows dns should carefully assess the risks and 134 00:02:12,229 --> 00:02:12,239 should carefully assess the risks and 135 00:02:12,239 --> 00:02:20,830 should carefully assess the risks and install tuesday's patch as soon as 136 00:02:20,830 --> 00:02:20,840 137 00:02:20,840 --> 00:02:22,650 possible 138 00:02:22,650 --> 00:02:22,660 possible 139 00:02:22,660 --> 00:02:27,930 possible [Music] 140 00:02:27,930 --> 00:02:27,940 141 00:02:27,940 --> 00:02:33,509 [Music] 142 00:02:33,509 --> 00:02:33,519 143 00:02:33,519 --> 00:02:35,599 you