Jump to content

SUBIECTE NOI
« 1 / 5 »
RSS
Rezultat RMN

Numar circuite IPAT si prindere t...

Pareri brgimportchina.ro - teapa ...

Lucruri inaintea vremurilor lor
 Discuții despre TVR Sport HD

Cost abonament clinica privata

Tremura toata, dar nu de la ro...

Renault Android
 Recomandare bicicleta e-bike 20&#...

Bing-Content removal tool

Nu pot accesa monitorulsv.ro de l...

Cum sa elimini urmele de acnee?
 Wc Geberit

Routere detinute in trecut si in ...

Teii din fața casei

E-Mail in serie prin Excel si Out...
 

Breaking news

- - - - -
  • This topic is locked This topic is locked
207 replies to this topic

#181
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Raspunsul Microsoft Security Response Center la vulnerabilitatea in MSIE 7

Information on Reports of IE 7 Vulnerability

Asa cum am citit la bink.nu e vorba de o componenta a Outlook Express.

Quote

We’ve gotten some questions here today about public reports claiming there’s a new vulnerability in Internet Explorer 7.  This is an issue that we have under investigation and so we have some technical information we can share about the issue.

These reports are technically inaccurate: the issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all. Rather, it is in a different Windows component, specifically a component in Outlook Express. While these reports use Internet Explorer as a vector the vulnerability itself is in Outlook Express.


#182
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Windows Defender final, inca un tool gratuit

Download: http://www.microsoft...;displaylang=en

Despre Windows Defender: http://www.microsoft...re/default.mspx

#183
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Vulnerabilitate in WinAmp

Highly Critical (Secunia): http://secunia.com/advisories/22580/

Solutie: download Winamp 5.31 http://www.softpedia.../Winamp-5.shtml

#184
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Internet Explorer 7 Popup Address Bar Spoofing Weakness

Less critical (Secunia): http://secunia.com/advisories/22542/

Test aici: http://secunia.com/i..._spoofing_test/

Solutie (pana la aparitia unui patch): Tools --> Internet Options --> Settings (Tabs ) --> When a pop-up is encountered --> Always open pop-ups in a new tab --> OK

IE Address Bar Issue

#185
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Lavasoft Ad-Aware false positives

Lavasoft ne ofera din nou false positives:

Using definitions file:SE1R129 26.10.2006

Quote

ErrorSafe Object Recognized!
    Type               : Regkey
    Data               :
    TAC Rating         : 10
    Category           : Misc
    Comment            :
    Rootkey            : HKEY_USERS
    Object             : [user]\software\microsoft\windows\currentversion\ext\stats\{6bf52a52-394a-11d3-b153-00c04f79faa6}

6bf52a52-394a-11d3-b153-00c04f79faa6 este ID-ul Windows Media Player.

Edited by Daisuke, 26 October 2006 - 20:57.


#186
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
0 day Remote DoS Exploit pentru Windows Firewall/Internet Connection Sharing

Tinta: ipnathlp.dll, fisier folosit de Windows Firewall/Internet Connection Sharing

Exploitul afecteaza XP SP2 cu patch-urile la zi daca serviciul Internet Connection Sharing este pornit.

Internet Connection Sharing poate fi pornit chiar daca Windows Firewall este oprit.

Detalii: Remote DoS released targets Windows Firewall/Internet Connection Sharing (ICS) service component

DoS = denial-of-service attack: http://www.webopedia...DoS_attack.html

#187
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Update - 0 day Remote DoS Exploit pentru Windows Firewall/Internet Connection Sharing

nCircle: Microsoft ICS DoS FAQ

Secunia: http://secunia.com/advisories/22592/ (Less critical)

Produse afectate:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

===============================================

Multiple Browsers Window Injection Vulnerability Test ?

Secunia: http://secunia.com/m...erability_test/

Testul nu a mers la mine in nici un browser (IExplorer 7, Firefox 2.0, Opera 9.02)

#188
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Nou 0-day exploit

Microsoft XML Core Services XMLHTTP ActiveX Control Code Execution Vulnerability

FrSIRT: Critical: http://www.frsirt.co...ories/2006/4334

Produse afectate:
Microsoft XML Core Services 4.0
instalat pe Windows 2000 Service Pack 4, Microsoft Windows XP Service Pack 2, Microsoft Windows Server 2003 si Microsoft Windows Server 2003 Service Pack 1

Microsoft Security Advisory (927892): Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution

Workaround pana la aparitia unui patch: setati Internet Explorer Security la HIGH
Tools --> Internet Options --> tab-ul Security --> HIGH in cele 4 zone.

#189
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Microsoft Security Bulletin Summary for November, 2006

Critical: 5
Important: 1

#190
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
SANS Top-20 Internet Security Attack Targets (2006 Annual Update)

... si cum sa te protejezi.

Comunicat de presa: SANS Institute Press Update

6 vectori importanti:

1. Vulnerabilitati 0-day
2. Atacuri care exploateaza diverse produse Microsoft
3. Atacuri tintite.
4. Spear-phishing attacks - email venit aparent de la o persoana de incredere din organizatie destinat unei persoane sau unui departament
5. Atacuri VOIP (Voice over Internet Protocol)
6. Exploatarea vulnerabilitatilor din aplicatii web

#191
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Malware Evolution: July - September 2006


Kaspersky Lab said:

All the events of the third quarter of 2006 lead me to conclude that both the Internet and the field of information security are on the verge of something totally new. I would say that the second stage of both virus and antivirus evolution is now complete.

The first stage was during the 1990s, which simple signature detection was enough to combat simple viruses. At this stage, malicious code was not highly technical and did not use complex infection methods.

The start of the new millennium brought email and network worms to the fore. These malicious programs exploited vulnerabilities and the human factor in order to spread. The ability of worms to infect a large number of machines in a short space of time led to the rise of cyber criminality, and technologies used by viruses became more complex, as did the range of malicious programs. Spam, phishing, mobile malware, vulnerabilities in browsers and networking equipment, and blended threats, which spread not only via email, but also via the Internet and instant messaging clients all played their roles. Reaction time became critical, with antivirus companies starting to used code emulation, Anti-Rootkit technologies, and techniques to protect users' confidential data.


#192
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Adobe Reader - Vulnerabil

Pana la aparitia unui patch:
Stergeti AcroPDF.dll din C:\Program Files\Adobe\Acrobat 7.0\ActiveX.

Adobe: Potential vulnerabilities in Adobe Reader and Acrobat

FrSIRT (Critical): Adobe Reader and Acrobat ActiveX Control Remote Code Execution Vulnerabilities

Versiuni vulnerabile: Adobe Standard, Reader & Professional 7.0.0 - 7.0.8

Edited by Daisuke, 29 November 2006 - 22:35.


#193
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Stirile de azi:

Adobe Security Update
Adobe Reader 8 : http://www.adobe.com.../readstep2.html


Vulnerability in Microsoft Word Could Allow Remote Code Execution

Limited “zero-day” attacks folosind o vulnerabilitate in MS Word: Microsoft Security Advisory (929433)

#194
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Noua vulnerabilitate 0 day si nou exploit pentru MS Word

Microsoft Word 0-Day Vulnerability II

#195
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Patch day

Vulnerabilitati peticite:
Critical: 3
Important: 4

Microsoft Security Bulletin Summary for December, 2006


Microsoft Security Bulletin MS06-072 Cumulative Security Update for Internet Explorer

Microsoft Security Bulletin MS06-073 Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution

Microsoft Security Bulletin MS06-074 Vulnerability in SNMP Could Allow Remote Code Execution

Microsoft Security Bulletin MS06-075 Vulnerability in Windows Could Allow Elevation of Privilege

Microsoft Security Bulletin MS06-076 Cumulative Security Update for Outlook Express

Microsoft Security Bulletin MS06-077 Vulnerability in Remote Installation Service Could Allow Remote Code Execution

Microsoft Security Bulletin MS06-078 Vulnerability in Windows Media Format Could Allow Remote Code Execution


Detalii de la SANS Internet Storm Center: Microsoft Black Tuesday - December 2006 overview

Edited by Daisuke, 12 December 2006 - 22:16.


#196
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
O noua versiune "Malicious Software Removal Tool"

Microsoft® Windows® Malicious Software Removal Tool

Detalii: http://support.micro.....Ben-us;890830
"Guided Help" disponibil + "Malicious software" pe care le elimina.

#197
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Yahoo! Messenger Unspecified ActiveX Control Buffer Overflow

Highly critical

Yahoo! ActiveX Update

Secunia: Yahoo! Messenger Unspecified ActiveX Control Buffer Overflow

Versiuni afectate:
Yahoo! Messenger 5.x
Yahoo! Messenger 6.x
Yahoo! Messenger 7.x
Yahoo! Messenger 8.x

Update: http://www.softpedia...Messenger.shtml

#198
Daisuke

Daisuke

    Moderator

  • Grup: Senior Members
  • Posts: 2,173
  • Înscris: 19.01.2004
Mozilla - multiple vulnerabilitati

Mozilla Firefox Multiple Vulnerabilities
Mozilla SeaMonkey Multiple Vulnerabilities
Mozilla Thunderbird Multiple Vulnerabilities

Highly critical

Solutii: Update, update, update

Anunturi

Neurochirurgie minim invazivă Neurochirurgie minim invazivă

"Primum non nocere" este ideea ce a deschis drumul medicinei spre minim invaziv.

Avansul tehnologic extraordinar din ultimele decenii a permis dezvoltarea tuturor domeniilor medicinei. Microscopul operator, neuronavigația, tehnicile anestezice avansate permit intervenții chirurgicale tot mai precise, tot mai sigure. Neurochirurgia minim invazivă, sau prin "gaura cheii", oferă pacienților posibilitatea de a se opera cu riscuri minime, fie ele neurologice, infecțioase, medicale sau estetice.

www.neurohope.ro

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Forumul Softpedia foloseste "cookies" pentru a imbunatati experienta utilizatorilor Accept
Pentru detalii si optiuni legate de cookies si datele personale, consultati Politica de utilizare cookies si Politica de confidentialitate