CVE-2023-36739 Microsoft 3D Viewer Remote Code Execution remediation

CVE-2023-36739 Microsoft 3D Viewer Remote Code Execution remediation

If you’re dealing with CVE-2023-36739, CVE-2023-36740, and CVE-2023-36760 Microsoft 3D Viewer Code Execution remediation, the best way to do it, assuming you’re not using the app, is to uninstall it. Here’s why this is OK to do, and how to do it. Fixing Windows Store vulnerabilities is hard. And Microsoft 3D Viewer has a history of high severity vulnerabilities dating back to October 2020, so uninstalling it can save you future remediation work.

I get a fair number of questions about vulnerabilities in Microsoft Store apps in my day job, so I share my notes and observations in case they’ll help other people as well.

Read more

A life hack to keep cables organized

A life hack to keep cables organized

We all have a supply of cables that we aren’t using at the moment, but don’t want to discard because we might have a use for them again at some point. And some people will tell you you shouldn’t do that, because the cables will just turn into a tangled mess and you won’t be able to find what you need anyway. Here is a life hack to help you keep those cables organized and keep them from becoming a tangled mess–using something that you would otherwise throw in the trash.

Read more

Whitelist vs blacklist

Whitelist vs blacklist

I’m not a big fan of the whitelist and blacklist terminology. The language is potentially harmful, but besides the racial implications, it’s also unclear. In this blog post, I’ll go over the traditional meaning of whitelist vs blacklist, and you’ll see why I say the alternative, dare I say progressive, terminology is also much more clear.

Read more