Security Now with Steve Gibson and Leo Laporte

Nov 1st 2022

Security Now 895

After 20 years in GCHQ

Stranger Strings, PayPal passkeys, new TCP/IP RCE in Windows

Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
Category: Help & How To
  • Picture of the Week. 
  • Windows driver blocklist to be updated next Tuesday. 
  • More Microsoft shenanigans. 
  • An upcoming OpenSSL CRITICAL vulnerability update -- get ready! 
  • A new TCP/IP RCE in Windows. 
  • A study of malicious CVE proof of concept exploits in GitHub. 
  • “Stranger Strings” : An exploitable flaw in SQLite. 
  • PayPal to add support for Passkeys. 
  • A browser exploitation tutorial! 
  • Kathleen Booth: July 9th, 1922 – September 29, 2022. 
  • Closing The Loop. 
  • SpinRite. 
  • After 20 years in GCHQ. 

We invite you to read our show notes at

Download or subscribe to this show at

Get episodes ad-free with Club TWiT at

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site:, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.