DOH and Bluekeep – Security Now 739

DNS-Over-HTTPS, Bluekeep, US vs Chinese Drones
• October’s Windows Patch Tuesday BROKE Windows’ ability to connect to a significant number of the Internet’s websites. Here’s how to fix it.
• Chrome 78 disables Code Integrity Check to mitigate “Aw Snap!” crashes.
• “Chrome 78 patches a Chrome 0-day which had been discovered by Kaspersky being exploited in the wild.”
• News from the Edge: the first Chromium-based Microsoft Edge Stable Release Candidate.
• Microarchitectural Data Sampling Vulnerabilities.
• Trouble for QNAP NAS devices exposed to the Internet.
• MSP’s — Managed Service Providers — are a major vector for ransomware delivery.
• Five months after returning a rental car, man still has the remote control.
• Chinese-made drones in the US are being grounded.
• The DNS-over-HTTPS (DoH) controversy.
• BlueKeep-based attacks have finally started, and what we predicted on this podcast has finally happened.

We invite you to read our show notes at

Hosts: Steve Gibson, Jason Howell

Download or subscribe to this show at

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve’s site: also the home of the best disk maintenance and recovery utility ever written Spinrite 6.


Author: admin