Summary: <ul> <li>A number of ongoing out-in-the-wild attacks </li> <li>Another early-warned Drupal vulnerability </li> <li>A 19-year old flaw in an obscure decompress for the "ACE" archive format</li> <li>Microsoft reveals an abuse of HTTP/2 protocol which is DoSing its IIS servers.</li> <li>Mozilla faces a dilemma about a wanna-be Certificate Authority and they also send a worried letter to Australia. </li> <li>Microsoft's Edge browser is revealed to be secretly whitelisting 58 web domains which are allowed to bypass its "Click-To-Run" permission for Flash.</li> <li>ICANN renews its plea for the Internet to adopt DNSSEC.</li> <li>NVIDIA releases a handful of critical driver updates for Windows.</li> <li>Apple increases the intelligence of it's Intelligent Tracking Prevention.</li> </ul><p>We invite you to read our show notes at <a href="https://www.grc.com/sn/SN-703-Notes.pdf">https://www.grc.com/sn/SN-703-Notes.pdf</a></p> <p><strong>Hosts:</strong> <a href="https://twit.tv/people/steve-gibson">Steve Gibson</a> and <a href="https://twit.tv/people/leo-laporte">Leo Laporte</a></p> <p>Download or subscribe to this show at <a href="https://twit.tv/shows/security-now">https://twit.tv/shows/security-now</a>.</p> <p>You can submit a question to Security Now! at the <a href="https://www.grc.com/feedback.htm" target="_blank">GRC Feedback Page</a>.</p> <p>For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: <a href="https://www.grc.com/securitynow.htm" target="_blank">grc.com</a>, also the home of the best disk maintenance and recovery utility ever written <a href="https://www.grc.com/sr/spinrite.htm" target="_blank">Spinrite 6</a>.</p> <p><strong>Sponsors:</strong></p><ul> <li><a href="http://thehelm.com/SECURITYNOW">thehelm.com/SECURITYNOW</a></li> <li><a href="http://expressvpn.com/securitynow">expressvpn.com/securitynow</a></li> <li><a href="http://Atlassian.com/IT">Atlassian.com/IT</a></li> </ul>
