Category Archives: Security
Google’s Project Zero team( researcher, Jann Horn, demonstrated that malicious actors could take advantage of speculative execution to read system memory that should have been inaccessible. For example, an unauthorized party may read sensitive information in the system’s memory such as passwords, encryption keys, or sensitive information open in applications.) discovered serious security flaws caused by “speculative execution,” a technique used by most modern processors (CPUs) to optimize performance.
These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running on them.
Desktop, Laptop, and Cloud computers may be affected by Meltdown. Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013)
Because Meltdown and Spectre are flaws at the architecture level, it doesn’t matter whether a computer or device is running Windows, OS X, Android, or something else — all software platforms are equally vulnerable.
CVE-2017-5715 (branch target injection)
CVE-2017-5753 (bounds check bypass)
CVE-2017-5754 (rogue data cache load)
Windows Servers-based machines (physical or virtual) should get the Windows security updates that were released on January 3, 2018, and are available from Windows Update. The following updates are available:
Operating system version Update KB
Windows Server, version 1709 (Server Core Installation) 4056892
Windows Server 2016 4056890
Windows Server 2012 R2 4056898
Windows Server 2012 Not available
Windows Server 2008 R2 4056897
Windows Server 2008 Not available
More read from below links
WinAuth is a portable, open-source Authenticator for Windows that can
be used as a 2FA including Bitcoin / crypto-currency websites, any
service that requires the Google Authenticator, and games such as
World of Warcraft, Diablo III, Guild Wars 2, Rift, ArcheAge. WildStar,
Runescape and Steam.
WinAuth can use a YubiKey to encrypt its data, ensuring your
authenticators’ information cannot be read by anyone even when they
have physical access to your computer.
A YubiKey Standard or NEO 2.2.x or later is required.
HOTP / Counter-based Authenticator
A HOTP authenticator can be Adding a normal “Authenticator” and either
pasting in a counter-based KeyUri or choosing the counter option.
GraphsHTTPS clone URL
Copy to clipboard Subversion checkout URL Copy to clipboard
You can clone with HTTPSor Subversion. Get help on which URL is right
for you.Clone in Desktop Download ZIP Authenticator for Battle.net /
Steam / Guild Wars 2 / Glyph / WildStar / Runescape / SWTOR / Bitcoin
https://winauth.com 367 commits 5 branches 55 releases 2
contributors C# 97.3% C 2.5% Other 0.2% C# C Other
Quickly jump between filesCompare, review, create a pull
requestBranch: master Switch branches/tags Branches Tags 2.x MONO
master origin/master wiki Nothing to showWM6_0.5.1018 3.2.15
3.2.13 3.2.12 3.2.6 3.2.5 3.2.4 3.2.3 3.1.8 3.1.6 3.1.5
126.96.36.199 3.0.21 3.0.20 3.0.17 3.0.14 3.0.12 3.0.11 3.0.10
3.0.8 3.0.7 3.0.6 3.0.5 3.0.0 2.0.10 2.0.9 2.0.8 2.0.7 2.0.6
2.0.5 2.0.4 1.8.1323 1.7.1314 1.7.1311 1.5.1116 1.5.0 1.4.1170
1.4.1168 1.4.1166 1.4.1163 1.4.1161 1.4.1159 1.4.1156 1.3.1051
1.2.1045 1.2.1041 1.1.1035 1.0.1030 0.9.1025 0.8.1016 0.8.1010
0.7.107 0.5.103 0.4.1 0.4 Nothing to showwinauth / You must be
signed in to make or propose changesFix #226: upgrade to .Net 4.5 and
Copy SHA latest commit 618f11fbef
winauth authored Sep 23, 2015
Permalink Failed to load latest commit information.
Authenticator Fix #226: upgrade to .Net 4.5 and force TLS Sep 23,
Third Party Fix #226: upgrade to .Net 4.5 and force TLS Sep 23,
WinAuth.YubiKey Clear password field. Jul 1, 2015
WinAuth Fix #226: upgrade to .Net 4.5 and force TLS Sep 23, 2015
packages Add Steam authenticator May 28, 2015
LICENSE Initial upload of beta version. Jul 27, 2010
README.md Add 3.2.16 Sep 17, 2015
WinAuth.sln Issue#201: don’t decode URI on TextChanged but on
button Jun 18, 2015
winauth3-preview.png Update v3 preview Jul 18, 2013
WinAuth is a portable, open-source Authenticator for Windows that
provides a time-based RFC 6238 authenticator and common
implementations, such as the Google Authenticator. WinAuth can be used
with many Bitcoin trading websites as well as games, supporting
Battle.net (World of Warcraft, Hearthstone, Heroes of the Storm,
Diablo), Guild Wars 2, Glyph (Rift and ArcheAge), WildStar, RuneScape,
SWTOR and Steam.
Download Latest Version
The latest stable version is WinAuth 3.1.8, and is available to
download from this source repository to compile yourself, or as a
pre-compiled binary from WinAuth downloads.
WinAuth 3.2 (development)
The next version of WinAuth is in development. This release includes
both the new Steam Guard Mobile Authenticator, integration with
YubiKey to enhance your authenticator security and a HOTP
WinAuth can be registered as a new mobile device to create a Steam
authenticator and displays the appropriate 5 character codes.
Please read about the Steam Guard Mobile Authenticator for more
Anyone with a YubiKey can now use it with WinAuth to further protect
their data. This will help ensure the authenticators’ secret keys
cannot be read by anyone even when they have physical access to your
A YubiKey Standard / NEO 2.2.x or later is required.
WinAuth 3.2.16 is available to download.
This is a pre-release version and should not be used with live
accounts. The configuration file updated by 3.2 is not backward
compatible with 3.1. Please make a backup of your current
authenticator data first, which is store in c:\Users<username>
WinAuth 3.1 (stable)
WinAuth provides an alternative solution to combine various two-factor
authenticator services in one convenient place.
Download Latest Version (WinAuth-3.1.8)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or (at
your option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see http://www.gnu.org/licenses/.
•Support for time-based RFC 6238 authenticators, and common
implementations such as Google Authenticator.
•Supports Battle.net (World of Warcraft, Hearthstone, Heroes of the
Storm, Diablo III), GuildWars 2, Trion / Glyph (Rift, ArcheAge),
RuneScape, WildStar, SWTOR and Steam
•Supports many Bitcoin trading websites such as Bitstamp, BTC-e,
•Displays multiple authenticators simultaneously
•Codes displayed and refreshed automatically or on demand
•Data is encrypted with your own personal password and can be locked
to Windows machine or account
•Additional password protection per authenticator
•Restore features for supported authenticators, e.g. Battle.net and
•Selection of standard or custom icons
•Hot-key binding with standard or custom actions, such as code
notification, keyboard input, and copy to clipboard
•Portable mode preventing changes to other files or registry settings
•Export in UriKeyFormat
•Importing authenticators in UriKeyFormat and from Authenticator Plus
Download software from