Here is the notice for those who are not on Security Now. I’m behind, and it sounds like I have some catching up to do.
title: After 20 years in GCHQ
This week we revisit the Windows driver block list which has received a long-needed update and at Microsoft’s own definition of a CVE. We note that sometime today the OpenSSL project will be releasing an update for an ultra-CRITICAL flaw in OpenSSL v3 and we look at a remote code execution flaw in Windows TCP/IP stack. We have a ubiquitous problem in the past 22 years of the widely used SQLite library and a surprising percentage of malicious proofs-of-concepts found in GitHub. Passkeys gets another supporter and the first part of a professional tutorial explaining how to exploit the Chrome browser is released. After some listener feedback and a SpinRite update, we look at the goodbye posting of the UK’s head of cyber security after 20 years.
Here is the 52mb file from Twit for people to download if you wish to do so.
Thanks for listening!