SN 739: DOH and Bluekeep

• October's Windows Patch Tuesday BROKE Windows' ability to connect to a significant number of the Internet's websites. Here's how to fix it.
• Chrome 78 disables Code Integrity Check to mitigate "Aw Snap!" crashes.
• "Chrome 78 patches a Chrome 0-day which had been discovered by Kaspersky being exploited in the wild."
• News from the Edge: the first Chromium-based Microsoft Edge Stable Release Candidate.
• Microarchitectural Data Sampling Vulnerabilities.
• Trouble for QNAP NAS devices exposed to the Internet.
• MSP's -- Managed Service Providers -- are a major vector for ransomware delivery.
• Five months after returning a rental car, man still has the remote control.
• Chinese-made drones in the US are being grounded.
• The DNS-over-HTTPS (DoH) controversy.
• BlueKeep-based attacks have finally started, and what we predicted on this podcast has finally happened.

We invite you to read our show notes at https://www.grc.com/sn/SN-739-Notes.pdf

Hosts: Steve Gibson and Jason Howell

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:

• ZipRecruiter.com/securitynow
• LastPass.com/twit
• securitynow.cachefly.com