2.5 Admins cover image

2.5 Admins

2.5 Admins 208: All CPUs suck

Aug 15, 2024
Discover how to exploit a Windows security flaw that reverts systems to outdated versions. Delve into a critical IPv6 vulnerability with a high CVSS score and the challenges of inadequate mitigation guidance from Microsoft. Explore alarming CPU vulnerabilities in AMD and Intel chips, including the sync close bug and damaging firmware issues. Learn about the complexities of using Samba on Linux within Active Directory, with practical insights on managing file permissions and access controls.
30:10
Creator website

Podcast summary created with Snipd AI

Quick takeaways

  • The podcast highlights a new attack vector that allows malicious users to exploit Windows systems by rolling back updates, increasing security threats.
  • Significant vulnerabilities in AMD and Intel processors raise concerns about hardware security management and the importance of timely software updates for system integrity.

Deep dives

Exploiting Windows Update Vulnerabilities

A new attack vector has been identified concerning the Windows Update system, which allows malicious actors to roll back system updates and exploit previously patched vulnerabilities. This technique requires administrative access but can serve as a 'toehold' attack, enabling further exploitation of the system. The implications are significant; reverting to an earlier, vulnerable version can expose systems to known exploits that should otherwise be mitigated by updates. The ease with which attackers can execute this further complicates the security landscape for Windows users.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode