Over 1 million tech questions and answers.

MS14-046: Vulnerability in .NET Framework Could Allow Security Feature Bypass (2984625)

Q: MS14-046: Vulnerability in .NET Framework Could Allow Security Feature Bypass (2984625)

InsighVM(Rapid7) is reporting vulnerability "MS14-046: Vulnerability in .NET Framework Could Allow Security Feature Bypass (2984625)" on Microsoft .NET Framework 2.0 SP2, but recommended patch "KB2937608" was already installed. this
issue for all Windows 2008 sp2 servers. In the report, vulnerability proof mentioned as shown below. could you please help me with this issue.

vulnerable software installed: Microsoft .NET Framework 2.0 SP2

* Found an applicable package: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-WindowsFoundation-LanguagePack-Package~31bf3856ad364e35~x86~en-US~6.0.6001.18000.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide\Winners\msil_RegAsm.Resources_b03f5f7f11d50a3a_en-us_1b2f5d0d8917c959 - key exists

* The above CBS component is currently version 6.0.6001.18000, expected version 6.0.6002.19134 or higher

* Fix for KB2937608 is applicable for this CBS component

Read other answers
RELEVANCY SCORE 200
Preferred Solution: MS14-046: Vulnerability in .NET Framework Could Allow Security Feature Bypass (2984625)

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 112

 

 
Executive Summary

Microsoft is aware of a security feature bypass vulnerability in Secure Channel (Schannel) that affects all supported releases of Microsoft Windows. Our investigation has verified that the vulnerability could allow an attacker to force the downgrading of the cipher suites used in an SSL/TLS connection on a Windows client system. The vulnerability facilitates exploitation of the publicly disclosed FREAK technique, which is an industry-wide issue that is not specific to Windows operating systems. When this security advisory was originally released, Microsoft had not received any information to indicate that this issue had been publicly used to attack customers.
We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.
Upon completion of this investigation, Microsoft will take the appropriate action to help protect customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.

Mitigating Factors
A server needs to support RSA key exchange export ciphers for an attack to be successful.

Recommendation 
Please see the Suggested Actions section of this advisory for workarounds to disable the RSA export ciphers. Microsoft recommends that customers use these workarounds to mitigate this vulnerability.
 
Read more here.... Read more

A:Vulnerability in Schannel Could Allow Security Feature Bypass

https://technet.microsoft.com/en-us/library/security/3046015#_Apply_Workarounds

 

Suggested Actions
 
Apply Workarounds
Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available.
Disable RSA key exchange ciphers using the Group Policy Object Editor 

 
 
so, what can I do if my version of windows lacks the requisite group policy editor?

Read other 5 answers
RELEVANCY SCORE 78

Good to know about this Microsoft update. I find it strange that it wasn't installed automatically by Microsoft (Windows). I guess they know what they're doing. Sometimes i ask myself, do they really know??? Good news for XP users.....
GET THE SECURITY PATCH HERE >>>>> https://technet.microsoft.com/library/security/ms14-021
 

A:Microsoft releases MS14-021 update to address 0-day vulnerability

On my computer it has been offered for 8.1 and 7
It appears that whether it is offered depends on this

For systems running Internet Explorer 11 on Windows 7 or Windows Server 2008 R2:
The 2964358 update is for systems that have the 2929437 update installed.
The 2964444 update is for systems without the 2929437 update installed.
As if you install it without 2929437 IE11 will crash
Customers running Internet Explorer 11 on Windows 7 or Windows Server 2008 R2, must first install the 2929437 update released in April, 2014 before installing the 2964358 update.
Thanks for the post and welcome to Tech Support Guy
 

Read other 2 answers
RELEVANCY SCORE 78

Good to know about this Microsoft update. I find it strange that it wasn't installed automatically by Microsoft (Windows). I guess they know what they're doing. Sometimes i ask myself, do they really know??? Good news for XP users.....
 
 
You can get the security patch HERE >>>>>    https://technet.microsoft.com/library/security/ms14-021

A:Microsoft releases MS14-021 update to address 0-day vulnerability

Thank You
I went to Windows Update and there it was, It is installing now.
Roger

Read other 2 answers
RELEVANCY SCORE 64

Out-of-band release for Security Bulletin MS14-068On Tuesday, November 18, 2014, at approximately 10 a.m. PST, we will release an out-of-band security update to address a vulnerability in Windows.We strongly encourage customers to apply this update as soon as possible, following the directions in the security bulletin.More information about this bulletin can be found at Microsofts Advance Notification Service page.Microsoft Security Bulletin Advance Notification for November 2014

A:Out-of-band release for Security Bulletin MS14-068 (11/18/14)

We will wait with baited breath to see what it does. This is one of the updates that was postponed from Last Tuesday’s ( 11November2014) big patch Tuesday because it wasn’t up to the required standardLets hope that it does fix what ever vulnerability it is supposed to fix and doesn’t break anything.After reading the advanced notice more deeply, I find it does not affect Vista, Windows 7 or Windows 8/8.1 which are the main desktop and consumer versions of windows in common useNotes for MS14-068Windows Technical Preview and Windows Server Technical Preview are affected. Customers running these operating systems are encouraged to apply the update, which will be available via Windows Update.[1]Severity ratings do not apply for this operating system because the vulnerability addressed in this bulletin is not present. This update provides additional defense-in-depth hardening that does not fix any known vulnerability.My considered opinion is to hold off installing this on Vista, Windows 7 or Windows 8/8.1 for a day or 2, until we see what adverse affects are discovered.

Read other 12 answers
RELEVANCY SCORE 63.6

Hiya

ISS X-Force is aware of a vulnerability in most modern Cisco devices
that may allow remote attackers to bypass HTTP user authentication on
the Cisco Web management interface. This vulnerability may allow
attackers to take control of the device and execute any administrative
function.
http://xforce.iss.net/alerts/advise86.php

Regards

eddie
 

Read other answers
RELEVANCY SCORE 63.6

Hiya

SSH Communications Security, Inc. has reported a serious vulnerability
in the SSH Secure Shell application that may allow remote attackers to
gain access to affected systems without a valid password. SSH is
typically used as a secure alternative to "telnet" for terminal
communications. This vulnerability may allow remote attackers to
compromise even the most heavily "hardened" systems

http://xforce.iss.net/alerts/advise88.php

Regards

eddie
 

Read other answers
RELEVANCY SCORE 61.2

For the new platform of security update, I would like to know if there is any vulnerabilities regarding .NET framework 4.0. I can find .NET 3.5.1 and .NET 4.5.2, but I cannot find .NET 4.0. Can anyone answer me how to check vulnerability for .NET framework
4.0. Thanks a lot

Read other answers
RELEVANCY SCORE 57.6

I need to run my .net aaplication Win8.But when tried to run, a pop up comes and ask to turn on the .net feature.
I tried turning on this feature from control panel but it fail everytime.

Is this a known issue with Win8? Any thought on how can i run my .net application in Win8.

A:.Net framework feature is not getting tuned on in Win8.

Same issue. Installing 3.5 on build 8102

Read other 9 answers
RELEVANCY SCORE 57.2

I have recently ran the net cleanup tool trying to fix an issue (making a clean reinstall), but what I didn't expect would happen, did. I am now stuck where my windows 7 64 bit system does not have net framework 3.5 but thinks it has withing the "Turn off windows features" dialogue. I have attached a DISM log if it helps.

Things I've tried already:
- DLL Purgatory: Unable to Turn On .NET Framework 3.5.1 {PEN001}
- Installing .net framework 3.5 sp1 - received error message that I should remove it in turn off windows features.
- Running cleanups & all automated fixing methods I've found.
- SFC /Scannow - Did not help, returned error. Log attached.
- Installing .net framework 4 - It installs successfully, but does not fix any of my problems as the program im trying to run seems to need net framework 3.5 - The program is Catalyst Control Center, which I am trying to fix. The problem is that it won't, no matter what I do, display any dialogues. It is running in the system tray and all, but won't display. I did manage to get one (yes just one) .Net framework crash with it, so I started fixing it, and instead, ruined it and made my case even worse.

Now I am asking for professional help because no matter what I do I seem to ruin it.

Thanks in advance.

Catalyst info:

Tried every single guide I found on google for fixing any issues related to this. Has been tons of restarts and even more reinstalls, nothing seems to work. For anyone wanting to mention the "Remov... Read more

A:Unable to turn off windows feature .net framework 3.5

Is it allowed to bump here?

Read other 9 answers
RELEVANCY SCORE 52

A while ago, I noticed that attachments had begun arriving via Outlook Express already opened, but didn't give it much thought. Then the other day, I realised that this could lead to the kind of exposure that I didn't want. I tried remedying this by going to View, then Layout in order to uncheck the Preview Pane box, but it was aleady unchecked. This was odd! Then I came across Microsoft Security Bulletin MS03-014 which suggested that my problem was caused by a virus, or could result in a virus. The remedy for this was to download the Cumulative Patch 330994 for Outlook Express. I felt heartened but when I try to install the patch, I keep getting an error message telling me that I need Internet Explorer 6 to do so. I have Windows XP Professional, and IE 6 comes with the package, so what is going on? It looks like my efforts are being blocked. Do I have a virus? My Norton Internet Security 2005 and System Works programs inform me that I do not, so how can I solve this problem? I am using Incredimail now for incoming mail, because it is unaffected.
I really hope that you can help. Thanks!
 

A:Security vulnerability in OE

Read other 8 answers
RELEVANCY SCORE 52

http://www.internetweek.com/security02/showArticle.jhtml?articleID=15600402


Attackers Gearing Up To Exploit Windows Messenger Security Hole

By Gregg Keizer, TechWeb News

Exploit code that takes advantage of a recent Microsoft vulnerability is out in the wild and could prove as dangerous as this summer's MSBlaster worm if attackers decide to focus their efforts, security analysts said Friday.

Released earlier this week, the exploit code--which has been crafted to run not only on attackers' Windows machines, but also on Linux and Unix boxes --crashes Windows systems not patched against a vulnerability released last week.

The vulnerability, which Microsoft rated as 'Critical' when it released several bulletins in its first-ever monthly patch roundup, is in the Windows Messenger Service. Not to be confused with Windows Messenger, Microsoft's instant messaging platform, Windows Messenger Service is used by applications to communicate with each other, and often by enterprise network administrators to alert users of such things as impending server shutdowns or the unavailability of print servers.

Most users will have had at least some experience with Windows Messenger Service, which is used by some spammers to pop up text message spam onto their desktops.

"The Windows Messenger Service vulnerability is clearly the most significant of those released last week by Microsoft," said Vincent Weafer, senior director of Symantec's secu... Read more

Read other answers
RELEVANCY SCORE 52

My Symantec picked up something about 2 hours after the computer would not get out of a security vulnerability?

Running very slow...
OS Name Microsoft Windows XP Home Edition
Version 5.1.2600 Service Pack 3 Build 2600
OS Manufacturer Microsoft Corporation
System Manufacturer TOSHIBA
System Model Satellite M35X
System Type X86-based PC
Processor x86 Family 6 Model 13 Stepping 6 GenuineIntel ~1598 Mhz
BIOS Version/Date TOSHIBA V1.60, 11/30/2004
SMBIOS Version 2.31
Windows Directory C:\WINDOWS
System Directory C:\WINDOWS\system32
Boot Device \Device\HarddiskVolume1
Locale United States
Hardware Abstraction Layer Version = "5.1.2600.5512 (xpsp.080413-2111)"
Time Zone Eastern Standard Time
Total Physical Memory 1,536.00 MB
Available Physical Memory 799.69 MB
Total Virtual Memory 2.00 GB
Available Virtual Memory 1.95 GB
Page File Space 2.03 GB
Page File C:\pagefile.sys

Hijack Log as follows:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:02:29 PM, on 12/22/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\W... Read more

Read other answers
RELEVANCY SCORE 51.6

Security vulnerability in WinZip

http://www.eweek.com/article2/0,4149,1540329,00.asp

Security analysts on Friday reported that versions of the popular ZIP file management program WinZip have a serious security flaw.

According to security intelligence firm iDefense Inc., an error in the parameter parsing code in these versions "allows remote attackers to execute arbitrary code."

The attacker would have to construct a specially designed MIME archive (with one of .mim, .uue, .uu, .b64, .bhx, .hqx and .xxe extensions) and distribute the file users, the company explained.

Once opened, the attack would trick WinZip into executing code contained in the attacking file. iDefense said it had a functioning proof-of-concept attack demonstrating the problem.

The malicious file could be distributed by e-mail, on a Web page, or through peer-to-peer networks.

Files handled by WinZip are not normally executable, so many users are less-hesitant to launch them, even when they come from unknown sources. This problem makes those files much more inherently dangerous.

According to iDefense, versions 7 and 8, as well as the latest beta of WinZip 9 are vulnerable to this attack. However, the released Version 9 of WinZip is not vulnerable.

In addition to upgrading, users can prevent an attack by turning off automatic handling of these file types by WinZip in Windows Explorer. In Windows XP, choose Tools-Folder Options, select the File Types tab, scroll down to the appropriate file t... Read more

Read other answers
RELEVANCY SCORE 51.6

In full, on what appears to be a genuine MSIE warning (yellow ! mark) window, I get this:

"There is a security vulnerability from the TrojanSPM/LX. We recommend you DOWNLOAD one of the security software programs to prevent malware infections"

Does this mean I have TrojanSPM/LX? Or is it some scam to induce me to click the "OK" button on that popup?

Hijack This:

Logfile of HijackThis v1.99.1
Scan saved at 5:26:41 AM, on 9/22/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchost.exe
c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
C... Read more

A:... security vulnerability ... TrojanSPM/LX ...

Read other 8 answers
RELEVANCY SCORE 51.6

There's a serious Windoze security issue that's come up, what they call a 'zero day' exploit. It effects all machines running the Windows OS and effects up-to- date patched machines as well. Steve Gibson has a workaround posted on his site. Go here to check it out.
 

A:Serious Windows Security Vulnerability (what's new)

bump
 

Read other 1 answers
RELEVANCY SCORE 51.2

Here's the scenario:
Our server admins are distributing the month "Security Only" updates for .NET Framework via WSUS yet our vulnerability scanner triggered with these two alerts:
-  Security and Quality Rollup for .NET Framework (April 2017) [KB 4014559]
\Windows\Microsoft.NET\Framework\v4.0.30319\Wminet_utils.dll has not been patched.
    Remote version : 4.0.30319.36387
    Should be      : 4.0.30319.36388

- Security and Quality Rollup for .NET Framework (May 2017) [KB 4019112]
\Windows\Microsoft.NET\Framework\v4.0.30319\system.dll has not been patched.
    Remote version : 4.0.30319.36391
    Should be      : 4.0.30319.36392

We have since patched the servers using the "Security and Quality Rollup" patch verus the "Security Only" patch.  My question is - why are updates to these files not include in the "Security Only" patches?  My server
team is reluctant to distribute the "Security and Quality Rollup" patches as it is against MSFT's best practices as stated in the following link:
https://blogs.msdn.microsoft.com/dotnet/2016/10/11/net-framework-monthly-rollups-explained/

"The Security Only Update is recommended for production machines."
"The Security and Quality Rollup is recommended for consumer and developer machines."
Is anybody else seeing this?  If so, can you provide me with some i... Read more

Read other answers
RELEVANCY SCORE 50.8

Microsoft has confirmed officially a zero-day security vulnerability affecting Internet Information Services (IIS). The security hole was initially reported just ahead of Christmas on December 23rd, and the Redmond company provided the first response at the end of the past week. So far, the issue in question affects version 6 of IIS on a fully patched Windows Server 2003 R2 SP2; however, additional IIS
releases might also be impacted. A Microsoft security program manager notes that

Microsoft is aware of the problem and that investigation into the matter has already been kicked off. At the same time, the program manager assured customers running IIS that it hasn?t detected any active attacks in the wild targeting the new 0-day flaw.

The vulnerability identified in Microsoft Internet Information Services (IIS) involves the incorrect manner in which the server deals with files with multiple extensions. As long as the multiple extensions are divided by the ?;? character, the IIS server handles them as ASP files.

A possible attacks scenario could be based on an exploit constructed out of malformed executables. Any malicious files uploaded to a vulnerable web server would circumvent any file extension protections and restrictions in place.

More/.........Microsoft Confirms 0-Day IIS Security Vulnerability - IIS 6.0 Security Best Practices can help mitigate the threat - Softpedia

A:Microsoft confirms 0-Day IIS security vulnerability

Update:





Quote:
We’ve completed our investigation into the claims that came up over the holiday of a possible vulnerability in IIS and found that there is no vulnerability in IIS.

What we have seen is that there is an inconsistency in IIS 6 only in how it handles semicolons in URLs. It’s this inconsistency that the claims have focused on, saying this enables an attacker to bypass content filtering software to upload and execute code on an IIS server.

The key in this is the last point: for the scenario to work, the IIS server must already be configured to allow both “write” and “execute” privileges on the same directory. This is not the default configuration for IIS and is contrary to all of our published best practices. Quite simply, an IIS server configured in this manner is inherently vulnerable to attack.


See the complete report at The Microsoft Security Response Center (MSRC) : Results of Investigation into Holiday IIS Claim

Read other 2 answers
RELEVANCY SCORE 50.8

Advisory ID : FrSIRT/ADV-2006-3180Rated as : Low Risk Remotely Exploitable : YesLocally Exploitable : YesRelease Date : 2006-08-07Technical Description: A vulnerability has been identified in Microsoft Windows, which could be exploited by attackers to cause a denial of service. This flaw is due to a signedness error in the GDI library (gdi32.dll) when processing malformed WMF images, which could be exploited by attackers to crash an application linked against the vulnerable library (e.g. Internet Explorer) by tricking a user into visiting a malicious web page or opening a specially crafted image.A new unpatched vulnerability has been published, that can result in a Denial-of-Service (DoS) attack. Links from Secunia and FrSIRT are noted below. Microsoft Windows GDI Library WMF Image Handling Remote Denial of Service Vulnerabilityhttp://secunia.com/advisories/21377/http://www.frsirt.com/english/advisories/2006/3180

Read other answers
RELEVANCY SCORE 50.8

Where I live, the internet provided uses WPA2 security. The PS3 does not support this security and hence I am not able to play internet multiplayer games when using the ethernet port or provided wifi.

Is it possible to plug my own router into the ethernet port, emit wifi with a different security and then connect to the wifi of that router with the PS3? If so, which routers allow this function? I really hope this is possible, but if not, do you know of an alternative bypass of this unsupported security?

Many thanks in advance.
 

Read other answers
RELEVANCY SCORE 50.8

I am using ESET AV now a days. I like it, except it won't let me visit the same sites I visited when I used AVG. I have tried altering the personal firewall.. but apparently I don't know what to change. It shows me a this message below. I tried going to task manager and killing ESET, and it still won't let me visit the site. Can someone help me out with some settings?
Details:

Web page:
..........

Description:
Access to the web page was blocked by ESET Smart Security.
The web page is on the list of websites with potentially dangerous content.

A:Using ESET, how do I bypass my own security?

Hi, if even disabling ESET will not let you load a webpage, it could be a HOSTS file setting.
Go to C:\Windows\System32\Drivers\etc
And open your HOSTS file with notepad. Do a find (ctrl+F) and search for the webpage you are trying to visit.

Read other 4 answers
RELEVANCY SCORE 50.4

We have a bunch of Toshiba laptops, e.g. Satellite P70-A

Intel just announced a critical security vulnerability: https://security-center.intel.com/ad...nguageid=en-fr

Reports are already coming out that the vulnerability affects far more computers than the scope of the disclosure: https://semiaccurate.com/2017/05/01/...tel-platforms/

Will Toshiba be as pro-active as the other main brands and push out BIOS fixes?

Read other answers
RELEVANCY SCORE 50.4

Attackers have found another hole in Microsoft's Office products. Yesterday, Symantec reported that it has discovered a targeted attack that takes advantage of an unpatched vulnerability in Microsoft's PowerPoint software. This PowerPoint attack was discovered late Wednesday by a Symantec customer, who received a Chinese-character e-mail from a Gmail account. The e-mail contained a PowerPoint attachment that installed two pieces of malicious code when opened: a Trojan horse program, called Trojan.PPDDropper.B, and a backdoor program called Backdoor.Bifrose.E. The backdoor program tries to cover its tracks, by writing over the original PowerPoint document. It then awaits instructions from the attackers, who can use it to control the infected system Here is another link to the information about the Vulberabilityhttp://www2.csoonline.com/blog_view.html?CID=22959

A:Microsoft Office Powerpoint Security Vulnerability

Yep another bug to contend with. More here about it.

Read other 1 answers
RELEVANCY SCORE 50.4

My AV program (Trend-Micro PC-cillin Internet Security 2006) found a security vulnerability on my computer, but I feel that perhaps I should not install the update since it appears not to apply to my situation. Here are the details of the security vulnerability:

Risk Level - Very High

Target - Office

Related Bulletin - MS06-027

I am given options to run updates both for Windows and for Office.

Windows is already up-to-date, but whenever I clicked on Run Office Update, I get the following notice:

The previous site might require the following ActiveX control: 'Office Update Installatiion Engine' from 'Microsoft Corporation'. Click here to install....

I have been told that installing ActiveX controls can cause serious problems, so I'm a bit leery about installing them. Also, the MS06-027 bulletin indicates that the affected software are several versions of both MS Works Suite and MS Word, and one version of MS Word Viewer. I have none of these programs on my computer. While I do have a version of Open Office on my PC, Open Office is not listed as affected software.

I would greatly appreciate hearing from anyone who is able to tell me what action, if any, I should take.

Thank you.
 

Read other answers
RELEVANCY SCORE 50.4

Hi, all.
 
I've now gotten the Internet Security 2013 virus twice.  It was MrSEC.com both times, by the way, and even if I try to avoid the site, a lot of reputable sports sites link there.  The last one was on a link off the USA Today sports home page!
 
I have my home computer locked down with Spyware Blaster and scan with Malware Bytes and I know I've been to MrSEC.com accidently since they've been infected without any problem.  So something that I have configured at home (probably by Spyware Blaster) blocks it.
 
The problem I have is that my company doesn't give me admin rights or let me install software so I can't run Spyware Blaster on my work computer.  Yes, coming in through a basic user account, the Trojan rogue can break things, but the internet settings are locked such that I can't get in to block it.
 
I was wondering if anyone knew what setting Spyware Blaster changes to block it because I could temporarily request an "admin login" that would let me change them but not install a SW package.
 
Thanks,
 
---------------
Now, before you lock the thread because you misread it thinking that I'm asking for help getting around my company's security, I'm not.  The company WILL let me have temporary admin rights to make settings changes.  They will NOT let me install an unvalidated application.  So what I'm asking is" What is the setting that Spyware Blaster is using to block Internet Securit... Read more

A:What vulnerability does the Internet Security 2013 rogue use?

What is the setting that Spyware Blaster is using to block Internet Security 2013These settings are developed by the program makers and as such are not usually allowed for us to access - Look it as "Will your Company / Manager share all of the personal company records and dealings with ME" ?? Same thing exactly. Do you wish for help to try and remove this infection, or are you just asking for information on Spyware Blaster program ?? We do not have specific inside information on most Antimalware programs, and it is your and your company's responsibility to install a Decent Antivirus and Decent matching Antimalware programs.Will your Manager / Company allow you to use this program fully on this computer ? If not we can not help you ! If you are asking for the company, then why are you asking and not installing the program ?? First you must NEVER access MrSEC.com if you know the site is infected - Any program will not stop you from using a keyboard --Adding the site to your Hosts file may prevent you from accessing the site, but nothing is 100%. Please fully read Antivirus, Antimalware, And Antispyware Resources and also post back with ALL of the security programs that are installed on the problem computerNow read How Malware Spreads - How did I get infected and this may help.I was wondering if anyone knew what setting Spyware Blaster changes to block it because I could temporarily request an "admin login" th... Read more

Read other 5 answers
RELEVANCY SCORE 50.4

There are some blogs on LSC being compromised and need to remove it. https://www.laptopmag.com/articles/lenovo-solution-center-vulnerability https://support.lenovo.com/us/en/product_security/PS500268 I have done so. But the functionality in LSC is very useful.  Is there a fix/replacement coming soon?

Read other answers
RELEVANCY SCORE 50.4

Was prompted to update Java and so I did. After updating Java, I find the Java plugins in Firefox 24 deactivated. The Java Deployment Toolkit plugin and Java Platform SE 7 U45 plugins in Firefox 24 are unsafe to use. See screenshot below:

The two Firefox plugins that are deactivated due to security vulnerabilities are as follows:
1. Java Deployment Toolkit 7.0.450.18 10.45.218
2. Java (TM) Platform SE 7 U45 10.45.218

The "more information" link that you see in the above screenshot are:

https://addons.mozilla.org/en-US/firefox/blocked/p428
https://addons.mozilla.org/en-US/firefox/blocked/p463

"JAR file manifest does not contain the Permissions attribute"

My system is:
OS: Windows 7 Home Premium
Firefox: 24
Java: SE 7

Anyone who knows how to fix the Java plugin security vulnerability or have further info?
 

A:Firefox 24 - Java Plugin Security Vulnerability

Read other 11 answers
RELEVANCY SCORE 50.4

Hi, all.
 
I've now gotten the Internet Security 2013 virus twice.  It was MrSEC.com both times, by the way, and even if I try to avoid the site, a lot of reputable sports sites link there.  The last one was on a link off the USA Today sports home page!
 
I have my home computer locked down with Spyware Blaster and scan with Malware Bytes and I know I've been to MrSEC.com accidently since they've been infected without any problem.  So something that I have configured at home (probably by Spyware Blaster) blocks it.
 
The problem I have is that my company doesn't give me admin rights or let me install software so I can't run Spyware Blaster on my work computer.  Yes, coming in through a basic user account, the Trojan rogue can break things, but the internet settings are locked such that I can't get in to block it.
 
I was wondering if anyone knew what setting Spyware Blaster changes to block it because I could temporarily request an "admin login" that would let me change them but not install a SW package.
 
Thanks,
 

A:What vulnerability does the Internet Security 2013 rogue use?

mea culpa. I misread/misinterpreted what the OP of the thread stated. Since the reply I made was so off base I am deleting it and have admitted my mistake to the OP in another topic he started & apologized to him.

Read other 1 answers
RELEVANCY SCORE 50.4

A new network admin came to our office and he restricted all the users in Local Security Policy. I can not install or remove a program, and can not access many other tools of windows that i use on daily basis. Even USB is not working. Is there any solution or way to bypass this security policy. I,m using windows 7 and i,m a user. He has the admin account.

A:How to bypass local security policy?

Hello to BC
Due to our forum rules we really cannot help you do what you want to do. Your admin probably implemented it as a security feature to prevent bad software from being installed on the machines, I would go ask him if you need to install something.
Per this forum rules:"No subject matter will be allowed whose purpose is to defeat existing copyright or security measures. If a user persists and/or the activity is obviously illegal the staff reserves the right to remove such content and/or ban the user. This would also mean encouraging the use or continued use of pirated software is not permitted, and subject to the same consequences. "

Read other 2 answers
RELEVANCY SCORE 50.4

A new network admin came to our office and he restricted all the users in Local Security Policy. I can not install or remove a program, and can not access many other tools of windows that i use on daily basis. Even USB is not working. Is there any solution or way to bypass this security policy. I,m using windows 7 and i,m a user. He has the admin account.
 

A:How to bypass local security policy?

You take it up with them. This is a work environment, and they put those policies in place for a reason, and we will not assist in bypassing them. May want to re-read the rules page at techguy.org/rules.html

As a result, I'm going to have to close this thread. Thanks for understanding,

v
 

Read other 1 answers
RELEVANCY SCORE 49.6

recently i have a vundo/virtumonde infection which i eventually got rid of and has sunsequently re-formatted my pc(as it needed it had'nt been done in awhile)but now everytime i run the security inspector it keeps detecting the weakness in my IP address,it never used to do it!!is there anychance it is being redirected somewhere else due to the virus i had!!though i thought re-formatting usually wipes anything remnants of a virus away!!

not sure how much of a worry this is so any advice would be greatfully appreciated.

cheers

A:Why Does Norton Security Inspector Keep Detecting Vulnerability In My Ip Address?

with respect you have an active HJT log on here so all advise needs to be on there and NOT on this threadHJT thread ............ http://www.bleepingcomputer.com/forums/t/145057/hjt-log-poss-delf-ux-trojan/

Read other 3 answers
RELEVANCY SCORE 49.6

Any chance to expect a fix from Lenovo/Intel for this HUGE problem for older Lenovo products affected T4xx... ?Intel AMT CVE-2017-5689 mjg59theregister Red alert!

Read other answers
RELEVANCY SCORE 49.6

A Trend-Micro PC-cillin Internet Security Check gave this result:

The following security vulnerabilities were found on this computer:

High MS05-004
Very High MS07-016

I clicked on Windows Update and found that I apparently needed a Security Update for MS.NET Framework 1.1 Service Pack 1 (KB928366), which I downloaded and installed. Then I rebooted my computer, ran another Trend-Micro Security Check and discovered that these two "vulnerability checks" were still there! (In fact, I may have downloaded and installed this twice.)

At this point I don't recall what I did after that, but I Googled around and tried a thing or two to clear up my problem. Well, whatever I did, now whenever I run a T-M Security Check I see that the only "vulnerability" found is: Very High MS07-016. Somehow I must've done something that cleared up the High MS05-004 vulnerability.

Could someone please tell how to clear up the one remaining vulnerability? I would greatly appreciate whatever help I can get. By the way, how dangerous is it for me to continue to have this one "Very High" vulnerability? Thank you.
 

A:Solved: How do I clear up security vulnerability (Very High -- MS07-016)?

Well, I guess I got smart.

As Trend-Micro's website recommended, I went to the Microsoft Security Bulletins website and followed the steps given. After applying the related security patch, I ran yet another T-M Security Check. This time it showed that there are no longer any MS vulnerabilities on my computer.
 

Read other 1 answers
RELEVANCY SCORE 49.6

Hi,
Is  there any way to bypass the Internet Explorer Security dialog which says -

"A website wants to open web content using this program on the computer.
This program will Open outside Protected Mode. Internet's explorer Protected Mode helps protect your computer. If you do not trust this website, do not open this program.
Name - Adobe Acrobat
Publisher - Adobe Systems, Incorporated"



This dialog comes on opening a PDF in IE if IE EPM is enabled.
One way to achieve this is to check the 'Do not show me the warning for this program again' and click on 'Allow'.

But I don't want to see this dialog for even once.
Thanks.

Read other answers
RELEVANCY SCORE 49.6

So the standard method of bypassing the "Access is Denied" message has just failed on me. During Ownership Inheritance I get an error saying
"An error occurred while applying security information to:
Path
Access is Denied"

I have checked the sharing settings on the folder every time I remove the share it comes back.
This is beyond annoying because I have just copied this data over to my ICE box but now I can now delete it of the computer HDD.
No one else is using the set of data, in question It is mostly music, I sometimes listen to it on my PS3 when I have time

This is the 4th time I have tried to get an answer for this and all I am getting is responses such as "how do we know your not trying to access data you do not have the rights to" well you don't know that !!

This was the response I posted on Toms Hardware after they declined to help me out over there, and it is the truth.

"sure sure but answer me this, how can I be accessing data I do not have the rights to, when I am the only person who uses my network, simply because it does not have internet on it. I am typing a separate computer to the one in question so. My network was setup as a private home network for research, that was 7 years ago, since then I have made some improvements on the security to stop people accessing my network. But this is a windows security problem, and as I am the only Administrator and the only User I would think that someone would be able to help m... Read more

A:Solved: Folder Security Bypass not working as it normally does ?

Which version of Windows are you using ? And what is the path ?

The easiest way to disable folder sharing is to set your network type to public temporarily. Failing that, you can uncheck file and printer sharing in the network properties.
 

Read other 8 answers
RELEVANCY SCORE 49.2

Microsoft is investigating public reports of a vulnerability in all supported versions of Internet Explorer. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability in Internet Explorer 8 and Internet Explorer 9. Applying the Microsoft Fix it solution, "CVE-2013-3893 MSHTML Shim Workaround," prevents the exploitation of this issue. See the Suggested Actions section of this advisory for more information.Microsoft Security Advisory (2887505)Security Advisory 2887505 and Microsoft Fix it solutionOfficial Microsoft Fix it

A:Microsoft Security Advisory (2887505): Vulnerability in Internet Explorer

The attack using this vulnerability depends on a MS Office / MSDN DLL (hxds.dll). It is used to display help in MS Office and MSDN Library. Typically, in all products that show help using ms-help:// protocol.
 
Using hxds.dll for attacking was known for many months in the underground world. So its nothing new. If you use IE and also MS Office, then be careful.
 
My personal suggestion is to just use Chrome.

Read other 5 answers
RELEVANCY SCORE 49.2

I own 2 Lenovo laptops. An ideapad y700 (still under warranty) and a flex 3 (just out of warranty). Both are in need of bios patches to address the Intel ME vulnerability, and yet nothing posted with respect to these models. Any Lenovo computer over a year old has been ignored so far. This is unacceptable Lenovo, would you please do what is right and provide us some answers?

Read other answers
RELEVANCY SCORE 49.2

"It’s been several months since the new generation of fake security software called Anti-spyware Master hit the Web by storm. Its creators seem to have had worked hard to make as appealing to PC users as possible. They designed a professional-looking salespage, thought of slogans, wrote scary messages for ads - all to entice the innocent surfers into buying the “full version” of their scam.
That’s why there’s no surprise the number of victims is growing steadily. The professional looking software behaves like a cheap-written piece of code, stubborn and resilient. Usually computer owners ask for help when the PC is taken over by anti-spyware master modules. It mostly invades personal computers with the help of Trojans - which fly under the radar, easily bypassing standard PC security shields consisting of anti-virus and (in rarer cases) anti-spyware programs. It seems to me that those programmers who created the code of this malware anticipated their dubious success. They, admittedly, had examined the traditional approaches of popular anti-virus products, studied the implemented algorithms of scanning engines, and found the Achilles heel of desktop security solutions, which later put at tough exploit by creating anti-spyware master.
The reasons that make me think like this are the following:

Anti-spyware master is detected on machines constantly protected by at least two or more security products, often in addition to anti-virus with resi... Read more

Read other answers
RELEVANCY SCORE 49.2

Here at America Online, we know that our members are the best source of good
ideas for a better Internet. And you have told us that one of your biggest
concerns is the threat of online viruses that can crash your computer, steal
your personal information, or damage or delete important files.

So I am pleased to tell you that our newest version of the AOL software, called
AOL® 9.0 Security Edition, now includes one of the leading virus-protection
programs at no additional charge. I encourage you to <A
HREF="aol://1223:135031/aol://1391:47-64928">upgrade</A> today.

McAfee® VirusScan® Online protects your entire computer from tens of thousands
of known viruses and is automatically updated to protect against the hundreds of
new virus threats that emerge each month -- helping keep you and your family
safe at all times.

No other Internet service provider offers this premium service to all of its
users for free.

And that's only the beginning. Because of your interest in safety and security,
we've built numerous enhancements into 9.0 Security Edition to better protect
your PC from other online threats. Among them:

* Better defense against spyware: AOL Spyware Protection helps protect your
computer from unwanted spyware and adware, and the new SpyZapper(TM) feature
automatically targets the most disruptive forms of malicious software for
removal.

* Improved spam and pop-up controls: Simplified spam control tools make it even
easier to keep you... Read more

Read other answers
RELEVANCY SCORE 48.8

Password-cracking chip causes security concerns.

A technique for cracking computer passwords using inexpensive off-the-shelf computer graphics hardware is causing a stir in the computer security community.

Using the "massively parallel processing" capabilities of a graphics processing unit (GPU) - the processor normally used to produce realistic graphics for video games, the speed of password cracking was increased by a factor of 25 - and a Russian company has filed for a U.S. patent on the technique.

How vulnerable is your computer's GPU?

-- Tom
 

A:Nvidia GeForce 8800 Ultra and lesser GPUs security vulnerability

Time to start making really really long pass phrases.
 

Read other 1 answers
RELEVANCY SCORE 48.8

Hiya

An identified security vulnerability in Microsoft® Windows 2000® could allow an attacker to take control of the computer. This issue is most likely to affect computers used as Web servers. You can help protect your computer from this and other identified issues by installing this update from Microsoft.
System Requirements
Supported Operating Systems: Windows 2000

Windows 2000 Professional
Windows 2000 Server
Windows 2000 Advanced Server
Internet Information Server 5.0
http://www.microsoft.com/downloads/...45-5145-4844-b62e-c69d32ac929b&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 48.4

I had to reinstall windows Vista Business on 2 computers (different specs) this weekend, the install disk already contained SP2 and i just installed dotnet 4.5.1 after the clean install followed by all the patches from winupdate. Everything great, no error, no issues, no nada.

Problem is i cant run any .exe or merge any .reg files from external disks or usb jump drives, is it a security feature or a bug caused by windows updates, since I dont remember this happening when I used Vista like 6 years ago, and I really used Vista a lot.

Thanks a lot guys!

A:Vista security feature?

Do you have the same problem when you right click the .exe and select run as administrator?

Read other 12 answers
RELEVANCY SCORE 48.4

As we known, MS Internet Explorer has a special feature called “AutoComplete”, it can remember certain details entered on web forms, such as username and password. Let’s talk about how to do this feature first.
----------------------------------------------------------------------------------------
Referring from: http://www.mediacollege.com
Title: How to Remember Names & Passwords in IE (AutoComplete)

Go to the Tools menu on IE and select Internet Options.

A window will open like the one below. Click the Content tab, then click the AutoComplete button.
In the AutoComplete Settings window, check (or uncheck) the options you would like to use.

--------------------------------------------------------------------------------
Although this feature will help you saving a lot of time on surfing the Internet, here we talk about the security. Do you think it is security? At this time, I’ll say no, because some unauthorized users can also login any forms with these information you saved on your computer. So my opinion is that you should uncheck the AutoComplete feature or use some third-party tools, such as JJSoft IntelliLogin, IE Login, and Smart Login etc.

You can find these tools on:
JJSoft IntelliLogin --------http://www.jjsoft-studio.com
IE Login -------- http://www.IELogin.com
Smart Login -------- http://www.IELogin.com
 

Read other answers
RELEVANCY SCORE 48.4

I like this feature in Panda Security but have to wait to test until get infected

A:A feature in Panda Security

Bite your tongue, hope you never get a chance to test it!!!
Looks good though.

Read other 3 answers
RELEVANCY SCORE 48

why when i set the user password at BIOS it can't be erased or changed (it says "view only item")? what do i have to do to reset the password?
 

A:help me 'bout BIOS security feature

It very much depends on the motherboard you are using. The reset cmos jumper will erase it along with all other settings changes you may have made to the bios.

For better help we really need to know what motherboard, system, and bios you are using.
 

Read other 2 answers