No Source Code For a 14-Year Old Vulnerable DLL? No Problem. (CVE-2018-20250) https://blog.0patch.com/2019/02/no-source-code-for-14-year-old.html
ACROS Security Launches 0patch PRO April 2, 2019 https://www.securityweek.com/acros-security-launches-0patch-pro
Unofficial Patch Released for Java Flaws Found by Google Researcher April 5, 2019 https://www.securityweek.com/unofficial-patch-released-java-flaws-found-google-researcher
0Patch is currently patching "No CVE Microsoft Internet Explorer Missing Error Check on Reading Mark-Of-The-Web" when several of my programs run on my Win10 x64 1809 machine. https://0patch.com/patches.html I can't see a reason not to use this program, at least the free version anyway. If I had a Win7 machine I may even consider the Pro version after January 2020.
I find it ridiculous that you cannot change the default handler for this file type. At least not through the standard UI. You would think Edge would be an option, not IE only.
Microsoft Edge Uses a Secret Trick And Breaks Internet Explorer's Security April 17, 2019 https://blog.0patch.com/2019/04/microsoft-edge-uses-secret-trick-and.html
Also from above 0patch article and for clarification as I posted in the other Wilder's thread on this issue: In other words if you never use Edge, you don't have to worry about IE11 or other software exploiting. As the 0patch article mentions, IE11 is not the only software affected by this vulnerability. -EDIT- Also this is notable: Which means Edge is really the vulnerable browser here.
Woody posted a Tweet today that showed how a Win 7 person like me can easily Block the MHT files at the core of the problem.
I installed the latest 0patch on Windows 10 Home (i3-6100U, 4 GB RAM), but it caused the computer to slow down drastically at reboot and start-up, so I uninstalled it. (It only found code for 2 processes, one of which I don't use.)
I found this regarding the slowness: https://0patch.zendesk.com/hc/en-us/articles/360021236734 ETA: The registry fix did not work for me
I ended up having to reinstall Windows because it kept crashing on startup, and System Restore wouldn't complete, even from Safe Mode. I can't say for certain if this was caused by 0patch, but I don't plan to try it again
BlueKeep RCE Flaw Gets Micropatch for Always-On Servers May 24, 2019 https://www.bleepingcomputer.com/ne...e-flaw-gets-micropatch-for-always-on-servers/
Zero-Day Flaw in Windows 10 Task Scheduler Gets Micropatch May 31, 2019 https://www.bleepingcomputer.com/ne...in-windows-10-task-scheduler-gets-micropatch/
Another Task Scheduler 0day, Another Task Scheduler Micropatch (The SandboxEscaper Saga) https://blog.0patch.com/2019/06/another-task-scheduler-0day-another.html
Windows 7 and Server 2008 Get 0patch Security Fixes After EoS https://www.bleepingcomputer.com/ne...ver-2008-get-0patch-security-fixes-after-eos/
I thought for myself rereading this would help me decide about this program. I'd like to hear from some Wilders OGs (before 2010) about it. At this point it's a no for me.
I'm a Wilder's member since 2012, and I decided to stop using 0patch after having multiple unexplained shutdown errors on Windows 10 Home soon after installing it. I feel that keeping the OS updated through the vendor + hardening w/ OSArmor is good enough for my use case.
Well, Windows 10 is supported OS and will be in foreseeable future, so I don't know what is the point of using 0patch to patch Windows 10.
