This is in continuation of advanced notification released by Microsoft few days back. It has now released MS09-34 and MS09-35 out-of-band patches yesterday. Well we would recommend having MS09-34 (Internet Explorer related bulletin) on your top list.
MS09-35 (Visual Studio active template library) is basically intended for developers of components and controls. Developers who build and redistribute components and controls using ATL should install the update provided in this bulletin. Developers who have built components and controls using ATL should download this update and recompile their components and controls following the guidance provided in the following MSDN article.
Read more »
Information Security, Network Security, Penetration Testing, Vulnerability Assessment | w0lf | July 30, 2009 | 
Comments (0)
active X, black hat USA 2009, inter, internet explorer, killbit bypass, MS09-032, ms09-034, ms09-035
This is an advance notification of two out-of-band security bulletins that Microsoft is intending to release on July 28, 2009. One bulletin will be for the Microsoft Visual Studio product line; application developers should be aware of updates available affecting certain types of applications. The second bulletin contains defense-in-depth changes to Internet Explorer to address attack vectors related to the Visual Studio bulletin, as well as fixes for unrelated vulnerabilities that are rated Critical.
The severity for Internet Explorer patch has been rated as CRITICAL whereas for Visual Studio has been rated as MODERATE.
Read more »
Here’s an extract from their site
July 16, 2009 — Insecure.Org is pleased to announce the immediate, free availability of the Nmap Security Scanner version 5.00 from http://nmap.org/. This is the first stable release since 4.76 (last September), and the first major release since the 4.50 release in 2007. Dozens of development releases led up to this.
Considering all the changes, we consider this the most important Nmap release since 1997, and we recommend that all current users upgrade.
Read more »
Well, as always, Microsoft has vowed to keep as busy by releasing critical patches. The list this tuesday is as follows:
MS09-018
Read more »
Information Security, Information Technology, Network Security, Vulnerability Assessment | w0lf | June 10, 2009 | Comments (0)
Active Directory, IIS, internet explorer, Kernel, microsoft, Microsoft Office, Microsoft print spooler, MS09-018, MS09-019, MS09-020, MS09-021, MS09-022, MS09-023, MS09-024, MS09-025, MS09-026, MS09-027, patch tuesday, RPC, Windows Search
Hula All!
Back to blogging after a long time. Well, as the saying goes “Be late then never”
Back to Security world there are quite an important news around.
1. Gumblar.cn : This trojan is reported to be spreading rapidly using mainly the adobe vulnerability and other techniques. It captures your key logs, web traffic etc for any sensitive login credentials. Reportedly it mainly targets for FTP credentials. Then it infects the hosted site by injecting the malware download link into its html content. Scansafe has suggested a way of checking if your system is infected?? Good Read.
2. HPP: A subcategory of variable manipulation attack vector. Well, this is technique is not a new face to most of the security testers. Two researchers presented the details at OWASP, Poland. As per the presentation, HPP can be used to
Read more »
Application Security, Evil particles, Information Security, Network Security, Vulnerability Assessment | w0lf | May 28, 2009 | Comments (3)
adobe, gumblar.cn, HPP, http parameter pollution, IIS webdav, microsoft
Hi folks!!!
Its patch tuesday again. This time MS has released 1 critical and 2 important patches.
Details:
1. Microsoft Security Bulletin MS09-006 – Critical
Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690)
This security update resolves several privately reported vulnerabilities in the Windows kernel. The most serious vulnerability could allow remote code execution if a user viewed a specially crafted EMF or WMF image file from an affected system.
Read more »
Network Security, Vulnerability Assessment | w0lf | March 11, 2009 | Comments (0)
DNS WINS, EMF, Kernel, microsoft, ms09-006, ms09-007, ms09-008, patch tuesday, patches, Schannel, WMF
Ahaa!! Microsoft seems to be really pissed off by the impact of conficker worm that it has announced an award of $250000 for the arrest of its author. Conficker is the real latest worm that has badly hit millions of users using Microsoft Windows. Well good luck for catching the author but here I will mention some tips which can help in conficker arrest.
1. Admin access. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Also a study also found that eliminating Admin rights would have stopped or mitigated: Read more »
Hi All
Win32/Conficker.B is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. It may also spread via removable drives and weak administrator passwords. It disables several important system services and security products.Remember even one unpatched machine is enough to have this worm spread through the entire network.Ms08-67 worm is spreading infection over millions of computers.
http://www.f-secure.com/weblog/archives/00001579.html
Read more »
Are you a regular Metasploit user? Tired of scanning a host and tryout different vulnerabilities? Can’t get autopwn to work? It’s not enough? Well guess what?
Use MetaScanner!!!
What is it? It’s a script in ruby script that uses nmap’s output to compare to available exploits in metasploit. This little scanner is still young and need help and suggestions to make it a good one.
Please note that this is not a VULNERABILITY scanner but an EXPLOIT scanner limited to Metasploit exploits.
Feel free to download it and a user guide from :
http://kalgecin.110mb.com
Read more »
