This is in continuation of advanced notification released by Microsoft few days back. It has now released MS09-34 and MS09-35 out-of-band patches yesterday. Well we would recommend having MS09-34 (Internet Explorer related bulletin) on your top list.
MS09-35 (Visual Studio active template library) is basically intended for developers of components and controls. Developers who build and redistribute components and controls using ATL should install the update provided in this bulletin. Developers who have built components and controls using ATL should download this update and recompile their components and controls following the guidance provided in the following MSDN article.
Read more »
Information Security, Network Security, Penetration Testing, Vulnerability Assessment | w0lf | July 30, 2009 | 
Comments (0)
active X, black hat USA 2009, inter, internet explorer, killbit bypass, MS09-032, ms09-034, ms09-035
This is an advance notification of two out-of-band security bulletins that Microsoft is intending to release on July 28, 2009. One bulletin will be for the Microsoft Visual Studio product line; application developers should be aware of updates available affecting certain types of applications. The second bulletin contains defense-in-depth changes to Internet Explorer to address attack vectors related to the Visual Studio bulletin, as well as fixes for unrelated vulnerabilities that are rated Critical.
The severity for Internet Explorer patch has been rated as CRITICAL whereas for Visual Studio has been rated as MODERATE.
Read more »
Here’s an extract from their site
July 16, 2009 — Insecure.Org is pleased to announce the immediate, free availability of the Nmap Security Scanner version 5.00 from http://nmap.org/. This is the first stable release since 4.76 (last September), and the first major release since the 4.50 release in 2007. Dozens of development releases led up to this.
Considering all the changes, we consider this the most important Nmap release since 1997, and we recommend that all current users upgrade.
Read more »
Milw0rm web site which is one of the best exploit / POC resource is no longer accepting any submission
the last post was made on july 3 2009
The admin of milw0rm str0ke has posted a message on the top of the web site saying tht:
“Well, this is my goodbye header for milw0rm. I wish I had the time I did in the past to post exploits, I just don’t 
. For the past 3 months I have actually done a pretty crappy job of getting peoples work out fast enough to be proud of, 0 to 72 hours (taking off weekends) isn’t fair to the authors on this site. I appreciate and thank everyone for their support in the past.
Be safe, /str0ke ”
Read more »
Hi
I came across this funny post @ Schneier’s Blog. It displays two images as shown below where the pin numbers on the keypads have mysteriously disappeared… : P
Read more »
