Tag: Windows
-
(S)RUM
Veronica Schmitt, a senior digital forensic scientist at DFIRLABS, recently featured on Paul’s Security Weekly, showcasing the Microsoft SRUM system tool (System Resource Utilization Monitor). SRUM was first introduced in Windows 8, and was a new feature designed to track system resource utilization such as CPU cycles, network activity, power consumption, etc. Analysts can use…
-
MS Windows critical font vuln
Microsoft release an out-of-order patch yesterday for a critical vulnerability relating to custom fonts resulting in remote execution of code on a machine. More details here: http://gizmodo.com/go-update-windows-right-now-1719187152 Note that because Windows Server 2003 has just gone end-of-life, there is no update for it.
-
The end of Windows XP
Windows XP support will officially end on April the 8th next week. This is a very important change that appears to have escaped many people. Why important? Because you will no longer be receiving any updates ( security or other ) from Microsoft for XP. That effectively means that if there is a security hole…
-
Indian call centre virus hoax
The Indian Call Centre virus hoax has been around for some years but has mostly targeted the US and Europe. But no more, as this morning I received a call from an Indian-sounding male which ran along exactly these lines. “Sir, we’re calling from Microsoft because your ISP has indicated you have viruses coming from…
-
Windows 8 a KDE clone?
Microsoft has always been accused of following the pack rather than innovating. So it’s no surprise that early screenshots of the Windows 8 copy dialogue seem to be a direct rip-off of the KDE 4 copy dialogue, from the ‘multiple copy operations in single dialogue’ visual aspect: to the bandwidth usage graphs: The…
-
Windows 7 SP1 breaking machines
Since the release of SP1 for Win 7 and Server 2008 R2, there have quite a lot of issues relating to the installation of the service pack. Apparently many are seeing boot failures after the installation of the service pack, specifically with C00000034 fatal errors. Of course, those with WSUS will be getting automatic upgrades…
-
Win 7 SP1 out soon
Windows 7 Service Pack 1 should be available soon and won’t have much new functionality, but will have the usual hot fixes and patches. 3 items that will make an appearance are: Advanced Vector Extensions ( AVX ) which will be available in forthcoming processors RemoteFX – an extension to RDP Dynamic Memory – intelligent…
-
IE hole has first blood drawn by Amnesty International
The latest 0-day hole in Internet Explorer has been exploited by vulnerabilities in the Amnesty International web site. The hole itslef is related to flawed processing routines for parsing certain Cascading Style Sheet combinations in HTML documents. This allows attackers to manipulate certain pointers and execute injected code at the user’s privilege level. The new…
-
ZeuS banking trojan now into SMS
New versions of the ZeuS trojan are starting to target the SMS-TAN system which is used to send transaction numbers ( TANs ) to clients’ cell phones to authenticate that person for a online transaction. Now, the developers of ZeuS have pursued the last strategy to get trojans onto devices in an attack requiring multiple…
-
The Microsoft Tax
The headline phrase typically refers to the buying of computers with Windows pre-installed by the OEM vendor when you don’t need or want it. I.e. you’ve paid more for the machine ( because it includes Windows ) when you aren’t going to use it. Unfortunately this time it refers to you, a citizen, paying extra…
-
Remember that 17-year old bug in Windows …
… I spoke about in late January? Well Microsoft has finally come out and acknowledged it. Over a month later. Well actually 9 months later. The hole, which originated with the release of Windows NT back in 1993 and is present in every 32-bit version of Windows since, including Windows 7, was discovered by Tavis…
-
Another IE hole
Another flaw has been found in versions 7 and 8 of Internet Explorer running on Windows XP. There’s an unpatched bug in VBScript that hackers can use to drop malware on 32-bit Windows XP machines. Microsoft says an exploit “was posted publicly that could allow an attacker to host a maliciously crafted web page and…
-
Another Windows hole
A new critical flaw has been found in all versions of Windows since Windows 2000 and affects even current releases like Windows 7 and Server 2008 R2. The vulnerability was found by 2X Software which says that the flaw can be used to create a DoS attack against any Windows systems from the last 10…
-
New Windows 7 update phones home
Apologies for the late notice on this but I only just learned of it myself: Microsoft will be releasing “Update for Microsoft Windows (KB971033)” today. This however is not an ordinary update. This one will change the current activation and anti-piracy behaviour of Windows 7 by phoning home every 90 days ( for now ).…
-
New research paints grim picture for AntiVirus software
While I’ve never assumed AV software will protect you from all ills on the Internet, new research from SurfRight shows just how bad things are. A sample of just under 110k users ( a very good sample I think ) shows that 32% ( yes 1/3rd ) of all machines running AV software were infected…
