A 0-Day vulnerability is in the wild that impacts all current versions of windows, Microsoft is sunsetting the Nokia brand, Samsung has a patch for your SSD, and our Kickstarter of the week!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Windows 0-Day Exploited In Ongoing Attacks

Microsoft is warning users about a new Windows zero-day vulnerability that is being actively exploited in the wild and is primarily a risk to users on servers and workstations that open documents with embedded OLE objects. The vulnerability is currently being exploited via PowerPoint files. These specially crafted files contain a malicious OLE (Object Linking and Embedding) object. This is not the first time a vulnerability in OLE has been exploited by cybercriminals, however most previous OLE vulnerabilities have been limited to specific older versions of the Windows operating system. What makes this vulnerability dangerous is that it affects the latest fully patched versions of Windows.

User interaction is required to exploit this vulnerability,” Microsoft explained in the security advisory. “In an email attack scenario, an attacker could exploit the vulnerability by sending a specially-crafted file to the user. For this attack scenario to be successful, the user must be convinced to open the specially crafted file containing the malicious OLE object. All Microsoft Office file types as well as many other third-party file types could contain a malicious OLE object.”

The vulnerability affects all supported Windows versions, and there is currently no patch for it. Microsoft is still investigating the matter and deciding whether they will issue an out-of-band patch or wait for the next Patch Tuesday to plug the hole.

Microsoft Lumia will replace the Nokia brand | The Verge

Microsoft Lumia is the new brand name that takes the place of Nokia for the software maker. The name change follows a slow transition from Nokia.com over to Microsoft’s new mobile site, and Nokia France will be the first of many countries that adopt “Microsoft Lumia” for its Facebook, Twitter, and other social media accounts. Microsoft has confirmed to _The Verge _that other countries will follow the rebranding steps in the coming weeks.

Microsoft’s decision to drop the Nokia brand itself doesn’t mean that Nokia is going away fully. Nokia still exists as a separate company without its phones business, and the Finnish firm now focuses on mapping and network infrastructure. Microsoft’s choice to use Lumia as the Nokia replacement won’t come as a surprise to many. Nokia’s Windows Phone apps have been rebranded to Lumia recently, and holiday ads will be pushing Lumia instead of Nokia.

Apple Aware of iCloud Login Harvesting in China, Launches Browser Security Guide

Earlier this week, web censorship blog Great Fire suggested that hackers aligned with Chinese authorities were using man-in-the-middle attacks in order to harvest Apple ID information from Chinese users that visited Apple’s iCloud.com website.

In a newly released support document (via The Wall Street Journal), Apple has confirmed that it is aware of the “intermittent organized network attacks” on iCloud users, but says that its own servers have not been compromised.

Unfortunately, many of the victims falling prey to the fake iCloud sites are not using secure browsers that issue warnings when fake websites are visited. According to Great Fire, many Chinese users access the Internet through popular Chinese browser Qihoo, which does not let users know that a fake site is harvesting their information.

The attack works by redirecting Chinese users attempting to access iCloud.com to a fake website that resembles the iCloud website. Users that log into the fake site provide attackers with logins and passwords that can be used to access contacts, messages, photos, and documents stored within iCloud.

Though Great Fire has suggested that Chinese authorities may be involved in the attacks, a spokeswoman for China’s Foreign Ministry (via CNBC) said that Beijing was “resolutely opposed” to hacking.

Samsung Acknowledges and Fixes Bug On 840 EVO SSDs

Samsung has issued a firmware fix for a bug on its popular 840 EVO triple-level cell SSD. The bug apparently slows read performance tremendously for any data more than a month old that has not been moved around on the NAND. Samsung said in a statement that the read problems occurred on its 2.5-in 840 EVO SSDs and 840 EVO mSATA drives because of an error in the flash management software algorithm. Some users on technical blog sites, such as Overclock.net, say the problem extends beyond the EVO line. They also questioned whether the firmware upgrade was a true fix or if it just covers up the bug by moving data around the SSD.

Samsung now producing 32GB DRAM modules, 128GB to follow | Computerworld

Samsung Electronics is now mass producing its most advanced 8Gbit, DDR4 memory and 32GB registered dual in-line memory modules

Using the new 8Gb DDR4 chip, Samsung began producing the 32GB module earlier this month. The new module’s data transfer rate per pin reaches up to 2.4Gbps, which represents about a 29% performance increase over the previous 1.866Mbps bandwidth DDR3 server module.

Beyond the 32GB RDIMM modules, the new 8Gb chips will allow production of server modules with a maximum capacity of 128GB by applying 3D through silicon via (TSV) technology, which will encourage further expansion of the high-density DRAM market, the company said.

Kickstarter of the Week: Hendo Hoverboards – World’s first REAL hoverboard by Hendo

Hendo is introducing the world’s first REAL hoverboard and hover developer kit. We are putting hover technology in YOUR hands.