Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
Merita achizitionat un Smart ForT...

De ce nu pleaca unii romani in ve...

declaratia 406 sau SAF-T

Brackets vs gutiera dentara
 Control ISCTR/RAR - mici nelamuriri

Dedolarizarea (2023+) șanse ...

CSS suprapunere, de ce nu merge p...

Ford transit mk7 2.2 diesel 2007
 Cutu cu probleme la picioarele di...

Sfat achizitionare placa video

Intelesul unei propozitii -sintaxa

Investitie cu posibil risc?
 De ce oamenii sunt asa de agitați...

Mercedes renunta la multe modele

Invertor Growatt MOD-10KTL3-XH ve...

Alegere SURSA build nou
 

Breaking news

- - - - -
  • This topic is locked This topic is locked
207 replies to this topic

#181
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Raspunsul Microsoft Security Response Center la vulnerabilitatea in MSIE 7

Information on Reports of IE 7 Vulnerability

Asa cum am citit la bink.nu e vorba de o componenta a Outlook Express.

Quote

We’ve gotten some questions here today about public reports claiming there’s a new vulnerability in Internet Explorer 7.  This is an issue that we have under investigation and so we have some technical information we can share about the issue.

These reports are technically inaccurate: the issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all. Rather, it is in a different Windows component, specifically a component in Outlook Express. While these reports use Internet Explorer as a vector the vulnerability itself is in Outlook Express.


#182
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Windows Defender final, inca un tool gratuit

Download: http://www.microsoft...;displaylang=en

Despre Windows Defender: http://www.microsoft...re/default.mspx

#183
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Vulnerabilitate in WinAmp

Highly Critical (Secunia): http://secunia.com/advisories/22580/

Solutie: download Winamp 5.31 http://www.softpedia.../Winamp-5.shtml

#184
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Internet Explorer 7 Popup Address Bar Spoofing Weakness

Less critical (Secunia): http://secunia.com/advisories/22542/

Test aici: http://secunia.com/i..._spoofing_test/

Solutie (pana la aparitia unui patch): Tools --> Internet Options --> Settings (Tabs ) --> When a pop-up is encountered --> Always open pop-ups in a new tab --> OK

IE Address Bar Issue

#185
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Lavasoft Ad-Aware false positives

Lavasoft ne ofera din nou false positives:

Using definitions file:SE1R129 26.10.2006

Quote

ErrorSafe Object Recognized!
    Type               : Regkey
    Data               :
    TAC Rating         : 10
    Category           : Misc
    Comment            :
    Rootkey            : HKEY_USERS
    Object             : [user]\software\microsoft\windows\currentversion\ext\stats\{6bf52a52-394a-11d3-b153-00c04f79faa6}

6bf52a52-394a-11d3-b153-00c04f79faa6 este ID-ul Windows Media Player.

Edited by Daisuke, 26 October 2006 - 20:57.


#186
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
0 day Remote DoS Exploit pentru Windows Firewall/Internet Connection Sharing

Tinta: ipnathlp.dll, fisier folosit de Windows Firewall/Internet Connection Sharing

Exploitul afecteaza XP SP2 cu patch-urile la zi daca serviciul Internet Connection Sharing este pornit.

Internet Connection Sharing poate fi pornit chiar daca Windows Firewall este oprit.

Detalii: Remote DoS released targets Windows Firewall/Internet Connection Sharing (ICS) service component

DoS = denial-of-service attack: http://www.webopedia...DoS_attack.html

#187
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Update - 0 day Remote DoS Exploit pentru Windows Firewall/Internet Connection Sharing

nCircle: Microsoft ICS DoS FAQ

Secunia: http://secunia.com/advisories/22592/ (Less critical)

Produse afectate:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

===============================================

Multiple Browsers Window Injection Vulnerability Test ?

Secunia: http://secunia.com/m...erability_test/

Testul nu a mers la mine in nici un browser (IExplorer 7, Firefox 2.0, Opera 9.02)

#188
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Nou 0-day exploit

Microsoft XML Core Services XMLHTTP ActiveX Control Code Execution Vulnerability

FrSIRT: Critical: http://www.frsirt.co...ories/2006/4334

Produse afectate:
Microsoft XML Core Services 4.0
instalat pe Windows 2000 Service Pack 4, Microsoft Windows XP Service Pack 2, Microsoft Windows Server 2003 si Microsoft Windows Server 2003 Service Pack 1

Microsoft Security Advisory (927892): Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

Workaround pana la aparitia unui patch: setati Internet Explorer Security la HIGH
Tools --> Internet Options --> tab-ul Security --> HIGH in cele 4 zone.

#189
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Microsoft Security Bulletin Summary for November, 2006

Critical: 5
Important: 1

#190
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
SANS Top-20 Internet Security Attack Targets (2006 Annual Update)

... si cum sa te protejezi.

Comunicat de presa: SANS Institute Press Update

6 vectori importanti:

1. Vulnerabilitati 0-day
2. Atacuri care exploateaza diverse produse Microsoft
3. Atacuri tintite.
4. Spear-phishing attacks - email venit aparent de la o persoana de incredere din organizatie destinat unei persoane sau unui departament
5. Atacuri VOIP (Voice over Internet Protocol)
6. Exploatarea vulnerabilitatilor din aplicatii web

#191
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Malware Evolution: July - September 2006


Kaspersky Lab said:

All the events of the third quarter of 2006 lead me to conclude that both the Internet and the field of information security are on the verge of something totally new. I would say that the second stage of both virus and antivirus evolution is now complete.

The first stage was during the 1990s, which simple signature detection was enough to combat simple viruses. At this stage, malicious code was not highly technical and did not use complex infection methods.

The start of the new millennium brought email and network worms to the fore. These malicious programs exploited vulnerabilities and the human factor in order to spread. The ability of worms to infect a large number of machines in a short space of time led to the rise of cyber criminality, and technologies used by viruses became more complex, as did the range of malicious programs. Spam, phishing, mobile malware, vulnerabilities in browsers and networking equipment, and blended threats, which spread not only via email, but also via the Internet and instant messaging clients all played their roles. Reaction time became critical, with antivirus companies starting to used code emulation, Anti-Rootkit technologies, and techniques to protect users' confidential data.


#192
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Adobe Reader - Vulnerabil

Pana la aparitia unui patch:
Stergeti AcroPDF.dll din C:\Program Files\Adobe\Acrobat 7.0\ActiveX.

Adobe: Potential vulnerabilities in Adobe Reader and Acrobat

FrSIRT (Critical): Adobe Reader and Acrobat ActiveX Control Remote Code Execution Vulnerabilities

Versiuni vulnerabile: Adobe Standard, Reader & Professional 7.0.0 - 7.0.8

Edited by Daisuke, 29 November 2006 - 22:35.


#193
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Stirile de azi:

Adobe Security Update
Adobe Reader 8 : http://www.adobe.com.../readstep2.html


Vulnerability in Microsoft Word Could Allow Remote Code Execution

Limited “zero-day” attacks folosind o vulnerabilitate in MS Word: Microsoft Security Advisory (929433)

#194
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Noua vulnerabilitate 0 day si nou exploit pentru MS Word

Microsoft Word 0-Day Vulnerability II

#195
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Patch day

Vulnerabilitati peticite:
Critical: 3
Important: 4

Microsoft Security Bulletin Summary for December, 2006


Microsoft Security Bulletin MS06-072 Cumulative Security Update for Internet Explorer

Microsoft Security Bulletin MS06-073 Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution

Microsoft Security Bulletin MS06-074 Vulnerability in SNMP Could Allow Remote Code Execution

Microsoft Security Bulletin MS06-075 Vulnerability in Windows Could Allow Elevation of Privilege

Microsoft Security Bulletin MS06-076 Cumulative Security Update for Outlook Express

Microsoft Security Bulletin MS06-077 Vulnerability in Remote Installation Service Could Allow Remote Code Execution

Microsoft Security Bulletin MS06-078 Vulnerability in Windows Media Format Could Allow Remote Code Execution


Detalii de la SANS Internet Storm Center: Microsoft Black Tuesday - December 2006 overview

Edited by Daisuke, 12 December 2006 - 22:16.


#196
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
O noua versiune "Malicious Software Removal Tool"

Microsoft® Windows® Malicious Software Removal Tool

Detalii: http://support.micro.....Ben-us;890830
"Guided Help" disponibil + "Malicious software" pe care le elimina.

#197
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Yahoo! Messenger Unspecified ActiveX Control Buffer Overflow

Highly critical

Yahoo! ActiveX Update

Secunia: Yahoo! Messenger Unspecified ActiveX Control Buffer Overflow

Versiuni afectate:
Yahoo! Messenger 5.x
Yahoo! Messenger 6.x
Yahoo! Messenger 7.x
Yahoo! Messenger 8.x

Update: http://www.softpedia...Messenger.shtml

#198
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Mozilla - multiple vulnerabilitati

Mozilla Firefox Multiple Vulnerabilities
Mozilla SeaMonkey Multiple Vulnerabilities
Mozilla Thunderbird Multiple Vulnerabilities

Highly critical

Solutii: Update, update, update

Anunturi

Second Opinion Second Opinion

Folosind serviciul second opinion ne puteți trimite RMN-uri, CT -uri, angiografii, fișiere .pdf, documente medicale.

Astfel vă vom putea da o opinie neurochirurgicală, fără ca aceasta să poată înlocui un consult de specialitate. Răspunsurile vor fi date prin e-mail în cel mai scurt timp posibil (de obicei în mai putin de 24 de ore, dar nu mai mult de 48 de ore). Second opinion – Neurohope este un serviciu gratuit.

www.neurohope.ro

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate