SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Wednesday, July 23rd, 2025: Sharepoint 2016 Patch; MotW Privacy and WinZip; Interlock Ransomware; Sophos Patches

5 snips

Jul 23, 2025

Microsoft has rolled out crucial security updates for SharePoint 2016, addressing serious vulnerabilities. Meanwhile, WinZip's latest version improves privacy by concealing download URLs in zipped files. The podcast also delves into the Menace of Interlock ransomware, providing detailed insights from a recent government collaboration. Lastly, Sophos has patched multiple vulnerabilities in its firewalls, two of which are critical but affect a limited user base. Stay informed to keep your systems secure!

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ADVICE

Proper SharePoint Patch Sequence

Apply SharePoint 2016 security updates in sequence: install the security update, reboot, then apply the language pack update.
Avoid applying both updates simultaneously as it causes failures.

ADVICE

Update Machine Keys After Exploit

After patching SharePoint, update your machine keys if attackers stole them.
Failure to update machine keys leaves your system vulnerable to repeated compromise.

INSIGHT

WinZip Improves MotW Privacy

WinZip 7.10 now defaults to excluding the download URL from Mark of the Web metadata in ZIP files for privacy.
This change still flags files as from the Internet but hides the specific download source from recipients.

Get the Snipd Podcast app to discover more snips from this episode

Get the app