45 month ago
merlinmann : Microsoft issues 12 security updates. Many for 'Critical' vulnerabilities - "An unprecedented number of security critical updates have been issued by Microsoft during the past week." So that's...good, I guess?
# copy
50 month ago
kayodeok : Microsoft Security Advisory (913333): Vulnerability in Internet Explorer Could Allow Remote Code Execution - Microsoft is investigating new public reports of a vulnerability in older versions of Microsoft Internet Explorer. Based on our investigation, this vulnerability could allow an attacker to execute arbitrary code on the user's system in the security contex
# copy
50 month ago
kayodeok : Malicious Malware: attacking the attackers, part 2 - Now in part two we finish the discussion by looking at how to own a malicious attacker's precious resources, which he planned to use against us, and then use these resources as a stepping stone to fully achieve our goals
# copy
50 month ago
kayodeok : Malicious Malware: attacking the attackers, part 1 - This article explores measures to attack those malicious attackers who seek to harm our legitimate systems. The proactive use of exploits and bot networks that fight other bot networks, along with social engineering and attacker techniques are all discuss
# copy
50 month ago
kayodeok : Ports Associated with Known Vulnerabilities and Exploits - Our advisories, incident notes, and current activity often include information regarding services that have been targeted for exploitation. The following table lists services and ports that have been mentioned in documents we have published since August 1
# copy
50 month ago
kayodeok : Mark's Sysinternals Blog: Inside the WMF Backdoor - In my opinion the backdoor is one caused by a security flaw and not one made for subterfuge. I sent my findings to both Steve and to Microsoft Monday morning, but because the issue continues to draw media attention I’ve decided to publicly document
# copy
51 month ago
kayodeok : Looking at the WMF issue, how did it get there? - This was a different time in the security landscape and these metafile records were all completely trusted by the OS. To recap, when it was introduced, the SetAbortProc functionality served an important function
# copy
51 month ago
kayodeok : The Windows MetaFile Backdoor? - (The Windows MetaFile ) has the feeling of something that Microsoft deliberately designed into Windows. Given the nature of what it is, this would make it a remote code execution "backdoor."
# copy
51 month ago
kayodeok : Microsoft Security Bulletin MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919) - Patching Time!
# copy
51 month ago
kayodeok : BREAKING NEWS! Microsoft's OFFICIAL SECURITY UPDATE leaked onto the Internet early (and it works great!) - The updated GDI32.DLL file contained in this patch, was built in the evening of December 28th, LAST WEDNESDAY. It is clear that Microsoft jumped on this problem - and had it resolved - almost immediately. But the nature of the installed base of Windows sy
# copy
51 month ago
kayodeok : Microsoft Statement Concerning Windows Meta File Vulnerability - Microsoft has completed development of a security update to fix the vulnerability and is now testing it for quality and application compatibility, with a goal of releasing the fix worldwide on Jan. 10
# copy
51 month ago
kayodeok : Jesper's Blog : Conscientious Risk Management and WMF - Conscientious Risk Management and WMF
# copy
51 month ago
kayodeok : The PC Doctor: WMF exploit - Quick Guide - WMF exploit - Quick Guide
# copy
51 month ago
kayodeok : SANS - Internet Storm Center - Updated version of Ilfak Guilfanov's patch - Ilfak Guilfanov has released an updated version of his unofficial patch for the Window's WMF issue. We have reverse engineered, reviewed, and vetted the version here
# copy
51 month ago
kayodeok : Internet Storm Center on WMF Vulnerability: Trustworthy Computing - This is a bad situation that will only get worse. The very best response that our collective wisdom can create is contained in this advice - unregister shimgvw.dll and use the unofficial patch. You need to trust us.
# copy
51 month ago
kayodeok : WMF Vulnerability Checker - However, there is no safe way to tell if your system is vulnerable. Here is a small utility to address this problem. You can download it from the following link
# copy
51 month ago
kayodeok : WMF vulnerability: It's not a bug, it's a feature - Turns out this is not really a bug, it's just bad design. Design from another era
Rod Begbie : F-Secure : News from the Lab - It's not a bug, it's a feature - The currently-circulating Windows WMF exploit "probably affects more computers than any other security vulnerability, ever." Every PC running any version of Windows since 1990 -- even if fully patched -- is vulnerable! #
deusx : F-Secure : News from the Lab - January of 2006 - ""The WMF vulnerability" probably affects more computers than any other security vulnerability, ever."
Nelson Minar : WMF hole intentional - An image format designed to run arbitrary code. (via Hot Links)
# copy
51 month ago
kayodeok : Overview of the WMF related articles at the Internet Storm Center - Since this is one of the more complex stories to follow I've made a quick overview of the WMF issues.
# copy
51 month ago
kayodeok : WMF Vulnerability: From extreme to in depth - Suppose you are basically just not capable of accepting the risk associated with the WMF vulnerability, almost no matter what you break. In such a case you have big avenues to walk: Ban Microsoft products in your environment
# copy
51 month ago
kayodeok : SANS - Internet Storm Center - WMF Frequently Asked Questions (FAQ) - The WMF vulnerability uses images (WMF images) to execute arbitrary code. It will execute just by viewing the image. In most cases, you don't have click anything. Even images stored on your system may cause the exploit to be triggered if it is indexed by
cobra libre : WMF exploit FAQ - read this if you use windows #
Simon Willison : SANS WMF Exploit FAQ - This is really good.
# copy
51 month ago
kayodeok : Anti-Virus Protection for WMF Flaw Still Inconsistent ... How effective is your antivirus software? - AV-Test, which tests anti-malware products, has been tracking the situation closely and has, so far, analyzed 73 variants of malicious WMF files. Products from the following companies have identified all 73:
# copy
51 month ago
kayodeok : Top 7 PHP Security Blunders - In this article, I'll detail many of the common PHP programming mistakes that can result in security holes. By showing you what not to do, and how each particular flaw can be exploited, I hope that you'll understand not just how to avoid these particular
# copy
52 month ago
kayodeok : Digg Vulnerable to XSS - While trying to use the ‘search’ feature on Digg, I realized that it is vulnerable to Cross Site Scripting (XSS). The search string is echoed back without proper output encoding
# copy
52 month ago
kayodeok : Repeat After Me: Lack of _Output Encoding_ Causes XSS Vulnerabilities - The correct approach to solving XSS problems is to ensure that every user supplied parameter is HTML Output Encoded (Example: < is replaced with
# copy
52 month ago
kayodeok : Microsoft Security Advisory (911302): Vulnerability in the way Internet Explorer Handles onLoad Events Could Allow Remote Code Execution - Microsoft is investigating new public reports of vulnerability in Microsoft Internet Explorer on Microsoft Windows 98, on Windows 98 Second Edition, on Windows Millennium Edition, on Windows 2000 Service Pack 4, and on Windows XP Service Pack 2
# copy
