Veronica Schmitt, a senior digital forensic scientist at DFIRLABS, recently featured on Paul’s Security Weekly, showcasing the Microsoft SRUM system tool (System Resource Utilization Monitor). SRUM was first introduced in Windows 8, and was a new feature designed to track system resource utilization such as CPU cycles, network activity, power consumption, etc. Analysts can use […]
Microsoft release an out-of-order patch yesterday for a critical vulnerability relating to custom fonts resulting in remote execution of code on a machine. More details here: http://gizmodo.com/go-update-windows-right-now-1719187152 Note that because Windows Server 2003 has just gone end-of-life, there is no update for it.
Windows XP support will officially end on April the 8th next week. This is a very important change that appears to have escaped many people. Why important? Because you will no longer be receiving any updates ( security or other ) from Microsoft for XP. That effectively means that if there is a security hole […]
The Indian Call Centre virus hoax has been around for some years but has mostly targeted the US and Europe. But no more, as this morning I received a call from an Indian-sounding male which ran along exactly these lines. “Sir, we’re calling from Microsoft because your ISP has indicated you have viruses coming from […]
Microsoft has always been accused of following the pack rather than innovating. So it’s no surprise that early screenshots of the Windows 8 copy dialogue seem to be a direct rip-off of the KDE 4 copy dialogue, from the ‘multiple copy operations in single dialogue’ visual aspect: to the bandwidth usage graphs: The […]
Since the release of SP1 for Win 7 and Server 2008 R2, there have quite a lot of issues relating to the installation of the service pack. Apparently many are seeing boot failures after the installation of the service pack, specifically with C00000034 fatal errors. Of course, those with WSUS will be getting automatic upgrades […]
Windows 7 Service Pack 1 should be available soon and won’t have much new functionality, but will have the usual hot fixes and patches. 3 items that will make an appearance are: Advanced Vector Extensions ( AVX ) which will be available in forthcoming processors RemoteFX – an extension to RDP Dynamic Memory – intelligent […]
The latest 0-day hole in Internet Explorer has been exploited by vulnerabilities in the Amnesty International web site. The hole itslef is related to flawed processing routines for parsing certain Cascading Style Sheet combinations in HTML documents. This allows attackers to manipulate certain pointers and execute injected code at the user’s privilege level. The new […]
New versions of the ZeuS trojan are starting to target the SMS-TAN system which is used to send transaction numbers ( TANs ) to clients’ cell phones to authenticate that person for a online transaction. Now, the developers of ZeuS have pursued the last strategy to get trojans onto devices in an attack requiring multiple […]
The headline phrase typically refers to the buying of computers with Windows pre-installed by the OEM vendor when you don’t need or want it. I.e. you’ve paid more for the machine ( because it includes Windows ) when you aren’t going to use it. Unfortunately this time it refers to you, a citizen, paying extra […]
… I spoke about in late January? Well Microsoft has finally come out and acknowledged it. Over a month later. Well actually 9 months later. The hole, which originated with the release of Windows NT back in 1993 and is present in every 32-bit version of Windows since, including Windows 7, was discovered by Tavis […]
Another flaw has been found in versions 7 and 8 of Internet Explorer running on Windows XP. There’s an unpatched bug in VBScript that hackers can use to drop malware on 32-bit Windows XP machines. Microsoft says an exploit “was posted publicly that could allow an attacker to host a maliciously crafted web page and […]
