Site News
Current section

July 30, 2010

StaffCop added!

Voting

Would you prefer to have 1 product that can fight both viruses and spyware or a specialized product for every threat?

1 multifunctional product
2 specialized products
VotingView results

September 14, 2009

Windows bug enables PC hijacking, Microsoft warns

Microsoft Corp. last week confirmed that a bug in Windows Vista, Windows Server 2008, and the release candidates of Windows 7 and Windows Server 2008 R2 could be used to hijack PCs.

The vulnerability in the Server Message Block (SMB) 2 network file- and print-sharing protocol that ships with those versions of the Windows operating system was first disclosed late last Monday, when a researcher posted exploit code.

The next day, Microsoft issued a security advisory confirming the bug and the fact that it could be used to "take complete control of an affected system."

Microsoft did note that the release to manufacturing, or RTM, editions of Windows 7 and Windows Server 2008 R2 are not affected, along with earlier versions of the operating system, including Windows 2000, XP and Server 2003.

However, the vulnerable release candidates have been widely distributed, with millions of users downloading Windows 7 RC when it was publicly available from early May through mid-August.

Microsoft recommended that users either disable SMB 2 by editing the Windows Registry -- a task too daunting for most consumers -- or block TCP Ports 139 and 445 at the firewall until a patch is available. However, the company acknowledged that blocking those ports would cripple several services and applications.

The Windows bug was disclosed the same day Microsoft delivered five critical updates that patched eight vulnerabilities in Windows, including one in the JavaScript engine that ships with every supported version of the operating system.

As expected, a patch for the recently revealed vulnerability in its Internet Information Services Web server wasn't ready in time for the monthly update.



Source: ComputerWorld



All news for September 18, 2009:
20:13Microsoft Internet Explorer SSL security hole lingers
20:11Conservatives call for DNA databases to be reduced
20:09McAfee warns of bogus security suite
20:08Security market remains buoyant in choppy waters
20:07The good and bad of government in the cloud
20:05Vista, Windows 7 Are More Secure than Snow Leopard
20:04Will Google's Buy of reCAPTCHA Hurt Internet Security?
20:01HHS guts health-care breach notification law, groups warn
20:00Man gets 15 months for E-Trade skimming scam
19:59Sophisticated botnet causing a surge in click fraud
19:59Microsoft sues scareware scammers
19:58Software company fined for trading with the enemy
19:58Misdirected spyware infects Ohio hospital
19:57Firefox's Flash check drives 10M to Adobe's download
19:55Microsoft, Yahoo in informal talks with EU over search deal



All news for September, 2009
All news for 2009 year

DONATION: www.anti-keylogger.org and www.keylogger.org is an independent research projects supported by a team of enthusiasts. If you find this project useful and would like to help foster its continued development, please consider making a donation.
donate

Thanks in advance for your support!