Jul 21, 2021
Recommendations to Turn Off Your Printers - eCar Fire Warning Craig Peterson: Hey, we got another emergency patch out from our friends at Microsoft. And in this case, it has to do with printers and remote printer access. Do you have employees working from home?
Microsoft has their big monthly patches that they release. They also have weekly patches that they released that are for slightly more critical vulnerabilities. And then they have. Patches that are released because there is a severe problem going on right now while that's what we are staring down.
There is a vulnerability called print nightmare, and this is located in the windows print. Spooler serve. Now the windows print spooler services, what it sounds like. This is the service that handles all of your print jobs. So if you are using this service, Turns out there's a serious bug and Microsoft tried to patch it once and failed.
[00:01:10] And they've got another patch out right now seems to be working, but organizations are really urged to deploy these patches as soon as possible or deceased. Inbound remote printing until they can be applied. So that's why I said, if you have people who are working from home, because many of us turned on remote desktop and you better make sure that's properly patched up so that people could.
[00:01:37] Then and get a desktop. Although Microsoft has an interesting solution that is going to be announced in early August about having your own windows machine there in their cloud. So it looks like you'll be able to have windows machine for about 35 bucks a month. Microsoft will have to keep it up to date.
[00:01:56] I think that's a very cool thing, but they're coming out with that here very shortly. Within the next month or so, we'll see what happens, but this is a problem because if it's exposed to the internet, We're expecting to actually already be seeing active exploit. Now here's the problem Microsoft's trying to solve.
[00:02:19] We have three different types of patches. You have the monthly patches that they release. You have your, which of the patch Tuesday. You also have patches that are released every week, which are more critical. And then these types of patches, these are patches for what are called. Zero day attacks. There is nothing normal out there, a regular stuff that would catch this and stop it.
[00:02:46] Now, the advanced malware protection that we use from Cisco, it will catch this sort of thing, but it'll only catch it after it's been seen a few times and then identified, obviously by now it's been identified. So it's pretty darn cool. So Microsoft's monthly updates. Last month included a patch for another vulnerability in the windows print spooler service.
[00:03:11] And it was initially called a local privilege ex escalation issue. That means that you had to be on that computer in order to gain access to these advanced privileges and features. Turns out that it wasn't entirely just local. And now there is a new one where it can be exploited to get remote code execution and not just privileged privilege, escalation.
[00:03:39] That means that they can now run programs on your computer. And with privilege escalation, they can run those programs as whomever they might want to do. So this is pretty big Blackhat USA conference coming right up and they are going to be hosting one of their talks called diving into spooler and what they did to discover these local and remote.
[00:04:09] Vulnerabilities in the windows print spooler Hey, it's definitely a problem. There is a proof of concept exploit out there, and that means that the bad guys are not too long from coming up with their own. So there you go. Again, patch it up close and remote access, at least for the time being. To your print spooler because it could be a very big deal.
[00:04:34] Another thing you could do is disable the prince Pooler service. You can just use stop service dash name spooler dash force, and that will. Pop it right on down. Okay. And then by the way, in case your machine reboots, you probably wouldn't do a set service dash named spooler dash start-up type disabled in order to make sure it doesn't restart, but there'll a lot to worry about right now, a whole lot, frankly, to worry about right now because of the Russians are coming.
[00:05:06] Here's another one. This is Chevy bolt. Now, I have had some major complaints about Tesla and the way Tesla has these door handles that recess in entirely and how it has happened that during an accident, those door handles don't pop out and people cannot be extracted from cars. And the biggest problem you have in an accident with a car full of batteries is.
[00:05:34] Of course the high voltage and current that's stored in the batteries that now when they, it out, it starts a toxic fire. Very nasty. Just this week, the national highway traffic safety administration issued an alert for all 2017 to 2019 Chevy. Owners now I know a lot of these bolt owners are actually government agencies.
[00:05:59] They're not individuals, but I thought I'd bring it up. Anyways. There was a fire in a Vermont state representatives. Car's name's Timothy Brown. And his Chevy bolt decided it was going to catch on fire. Now, there was a recall by GM of these Chevy volts that had this problem, and apparently it doesn't entirely.
[00:06:26] Fix it, they are still plaguing GM. And man, in this particular case this rep of course in Vermont being a I don't know, leftist, I have to assume, but a fan of electric cars, his car. Sad they're burning, which is pretty bad, ironic, but this happened when was this? Oh, it looks like this happened just a couple of weeks ago.
[00:06:52] He's the state chairman in Vermont of the house committee on energy and technology. I've been supporting electric vehicles go sponsor bills relating to electric. And plug-in. So now his 2019 Chevy bolt course caught in fire, caught on fire, and there are others out there. 68,000 cars. All right. So two phases to the recall first phase is a temporary solution.
[00:07:20] The second one is a more permanent one. Apparently this has to do with the batteries spontaneous. Catching fire. So this isn't something that's related to a car accident. It's a spontaneous combustion problem. That's not too good. It's a defect in the LG chem battery packs that are in these cars. So here you go.
[00:07:43] If you drive to work every day and you charge your Chevy bolt every night, the United States, federal government is telling you to stop doing that. Yes. If you have a Chevy bolt, they're advising you to not charge it at night. I'm not sure when you're going to charge it. Cause the idea is you charge it at night.
[00:08:03] You drive in the day, right? So they're saying there's, you can't do that. If you have to charge it at night, make sure you park the car away from any structures and definitely do not park your Chevy volt. That might be part of this. Recall inside a garage. How's that for bad, the original recall, by the way, came out in November, 2020 for potential fire hazard in the, again, the high voltage battery pack, those cells could possibly heat up and ignite internally.
[00:08:35] Yeah. And if that fire spreads of the rest of the car and spreads to the building it's parked in or nearby building. Yeah. So keep an eye out. If you have a Chevy bolt, this is the type of problem in a phase as we start more and more to move into the electric vehicle realm. Yeah. Eventually it'll all get worked out, but it isn't perfect today.
[00:08:57] Hey, visit me online Craig peterson.com and keep up with the latest in what you have to do with technology.