Over 1 million tech questions and answers.

New Zero-Day Flaw Bypasses UAC

Q: New Zero-Day Flaw Bypasses UAC

Found this today.

"New Windows zero-day flaw bypasses UAC"
http://www.informationweek.com/shar...ZW0ACXQE1GHPCKHWATMY32JVN?articleID=228400132

RELEVANCY SCORE 200
Preferred Solution: New Zero-Day Flaw Bypasses UAC

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: New Zero-Day Flaw Bypasses UAC

good read

Read other 1 answers
RELEVANCY SCORE 80

Latest SP2 Flaw Bypasses IE Security Zone
By Larry Seltzer
August 21, 2004

Security researchers have discovered another vulnerability in Windows XP Service Pack 2, but it doesn't appear to be an immediate threat.
The researcher who uncovered the drag-and-drop flaw in Windows XP SP2 earlier in the week has reported that a new vulnerability exposes a hole in the lockdown of Internet Explorer's My Computer security zone.

The lockdown of the My Computer zone is one of the major security enhancements in SP2. Web pages in Internet Explorer run in one of several security "zones," each of which has different security rules. Prior to SP2, the My Computer zone—designed for Web pages stored on the computer itself—had extremely permissive rules. In order to take advantage of them, malware attacks frequently exploited vulnerabilities to get their Web-based pages to execute. Microsoft tightened the rules in SP2 to make it a less inviting target.

In the new attack, the use of an unconventional value in the "Content-Location:" field of an MHTML (MIME HTML) file causes the browser to execute the file in the Local Intranet zone, even though it is run from the local computer. This allows scripting operations that are not permitted in the local zone. MHTML files are a variant HTML format in which accessory files, such as images, can be stored as part of the file itself.

While this example does demonstrate a weakness in the local computer lockdown by ... Read more

Read other answers
RELEVANCY SCORE 46

Here is the logfile. I have not been able to remove by clean installing on the main partition of my HD. Next option is wiping the 'lenovo' partition as well and clean installing. Any help to get rid of infection appreciated.
- Tim

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Tim Mayhew at 12:17:57 on 2012-08-18
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4091.1962 [GMT -7:00]
.
AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
SP: PC Tools Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
FW: ZoneAlarm Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe ... Read more

A:trojan bypasses security

You need to do what is asked for here but post in the Malware forum where the pros can help you as none but Security Specialists are allowed to answer you according to forum rules.
NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help

Read other 1 answers
RELEVANCY SCORE 45.6

.

New attack bypasses virtually all AV protection ? The Register






Quote:
Researchers say they've devised a way to bypass protections built in to dozens of the most popular desktop anti-virus products, including those offered by McAfee, Trend Micro, AVG, and BitDefender.

The method, developed by software security researchers at matousec.com, works by exploiting the driver hooks the anti-virus programs bury deep inside the Windows operating system. In essence, it works by sending them a sample of benign code that passes their security checks and then, before it's executed, swaps it out with a malicious payload.


The exploit has to be timed just right so the benign code isn't switched too soon or too late. But for systems running on multicore processors, matousec's "argument-switch" attack is fairly reliable because one thread is often unable to keep track of other simultaneously running threads. As a result, the vast majority of malware protection offered for Windows PCs can be tricked into allowing malicious code that under normal conditions would be blocked.


.

A:New attack bypasses virtually all AV protection

Very interesting. Thanks for the post

Read other 9 answers
RELEVANCY SCORE 45.6

New Firefox iFrame Bug Bypasses URL Protections.

There is a newly discovered vulnerability in Mozilla's flagship Firefox browser that could enable an attacker to trick a user into providing his login credentials for a given site by using an obfuscated URL. In most cases, Firefox will display an alert when a URL has been obfuscated, but by using an iFrame, an attacker can evade this layer of protection, possibly leading to a compromise of the user's sensitive information.Click to expand...

As seen In comments at above link:
This is not limited to Firefox I have seen it in ie8 and it causes the browsers to freeze. The conections are mail and facebook. It has been going on for 2 weeks to my knowledge.Click to expand...

-- Tom
 

Read other answers
RELEVANCY SCORE 45.6

.

http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/

Researchers say they've devised a way to bypass protections built in to dozens of the most popular desktop anti-virus products, including those offered by McAfee, Trend Micro, AVG, and BitDefender.

The method, developed by software security researchers at matousec.com, works by exploiting the driver hooks the anti-virus programs bury deep inside the Windows operating system. In essence, it works by sending them a sample of benign code that passes their security checks and then, before it's executed, swaps it out with a malicious payload.

The exploit has to be timed just right so the benign code isn't switched too soon or too late. But for systems running on multicore processors, matousec's "argument-switch" attack is fairly reliable because one thread is often unable to keep track of other simultaneously running threads. As a result, the vast majority of malware protection offered for Windows PCs can be tricked into allowing malicious code that under normal conditions would be blocked.

The technique works even when Windows is running under an account with limited privileges.Click to expand...

.
 

A:New attack bypasses virtually all AV protection

Read other 16 answers
RELEVANCY SCORE 45.6

hey everyone. i have got Xfire off their website and now when i open it, it will download the update,

when the installer comes up i agree to the terms etc, i hit next, next, then install.

it will install BUT when it gets half way it dissappers and dosent come back saying finished or anything. so thinking that its updated i click on Xfire and log in and it re downloads the update.

i suspect something is killing the process. does anyone have any idea how to fix this

harley

A:XFIRE Bypasses update install

There may be a firewall or some other application preventing you from completing the installation of the update.

Try doing the following:

1. Open System Configuration by typing this into the search bar:



Code:
msconfig
2. Go to the Services tab

3. Check the box entitled, "Hide all Microsoft services"

4. Now click Disable all


You will be prompted to restart your computer.

Try installing the update after you have restarted your computer and let me know the outcome.

Read other 1 answers
RELEVANCY SCORE 45.6

I have 4 user accounts plus the administrative account. All user accounts have limited access. The system logs in to one of the accounts without asking for the password though a password has been assigned. Guest account has been disabled. What can cause this and how do I stop it?

Thanks,

Christi
 

A:Log in Issue, windows bypasses password

Read other 7 answers
RELEVANCY SCORE 45.6

Researchers say they've devised a way to bypass protections built in to dozens of the most popular desktop anti-virus products...The method, developed by software security researchers at matousec.com, works by exploiting the driver hooks the anti-virus programs bury deep inside the Windows operating system. In essence, it works by sending them a sample of benign code that passes their security checks and then, before it's executed, swaps it out with a malicious payload...theregister.co.uk

A:New attack bypasses virtually all AV protection

My first thought was will Malwarebytes let it through too? (full paid for version) Anyone know?

Read other 7 answers
RELEVANCY SCORE 45.2

Can anyone confirm this? If so any ideas how to fix it?

A:Deleting favorites using "ctrl+b" in IE8/IE9 bypasses recyle bin

I have found something that may be of interest. If I run IE as admin, it sends to recyle bin but if not, it just perminently deletes it.

Read other 4 answers
RELEVANCY SCORE 44.8

So I have pretty terrible satellite internet. During peak hours I get single digit KB/s speeds. But then to my surprise I found that by downloading a file off of mega.nz I get the absolute full throughput of my bandwidth of 128 KB/s at all times.

I found some documentation of what protocol mega uses and the encryption that they use https://mega.nz/#doc (navigate to the Under the Hood section)

Here is some more information on what mega.nz uses https://www.quora.com/How-do-Mega-downloads-work

My question is, is it possible to use a VPN to get all of my traffic the same type as whatever mega.nz uses? Bandwidth is unlimited at no extra charge so it would be nice to get the advertised speed for my connection. There are many kinds of protocol and many kinds of encryption for VPN services so I'm hoping for a reply from a person very knowledgeable with the ins and outs of VPNs. It might not even be a VPN issue, it could be something very abnormal with how Mega downloads. As you can see by the above quara link, mega doesn't work on any browser but chrome due to all of the features it requires.

A:Site bypasses ISP throttling, wondering if I could use a VPN for similar result

Encryption doesn't make connections and data throughput faster. Infact it makes it worse. VPN encryption is more overhead than a non-encrypted connection. The mega.nz just has a nice connection and better upload speed to you. Distance to their server can also be a factor resulting in better connections.

Read other 1 answers
RELEVANCY SCORE 44

I use Time Sheriff by Imonitor (there's a similar program of the same name by Refog, but it is completely different) which is a program that limits the times per day that users can run programs on the computer (such as games). However if Time Sheriff is not set to "run as administrator" but the program (ex. Steam) is set to "run as administrator, then it simply bypasses the restrictions set by Time Sheriff and runs like normal. Any workaround for this?

A:Running program as admin bypasses parental control software

This behavior is by design.

You can't really impose any limits on someone logged in as an administrator (or running an application as one). Not unless they have very limited knowledge, in which case they shouldn't have an admin account anyway.

Read other 2 answers
RELEVANCY SCORE 44

New Argument Switch Attack Bypasses Windows Security Software.

-- Tom
 

A:New Argument Switch Attack Bypasses Windows Security Software

This was covered in this post.
http://forums.techguy.org/general-security/922057-new-attack-bypasses-virtually-all.html
 

Read other 2 answers
RELEVANCY SCORE 43.2

Custom patch bypasses update block for Windows 7, 8.1 PCs with newest-generation processors

A few days ago, Microsoft has officially blocked updates for PCs running Windows 7 and 8.1 on the newest generation processors. This means that these systems will no longer get feature updates, hotfixes, or security patches. While this indeed is an inconvenience for those opting to run the older operating systems, a GitHub user has found a way around the hurdle, thus activating updates again.

The user, who goes by the name "zeffy", has tested four batch scripts after this month's Patch Tuesday. The files will patch Windows DLL files, which will then fool the system into thinking that the processors are still supported. The end result is that now delivery of updates to the formerly blocked PCs will continue unhindered.

According to the README file he has provided, Zeffy was able to create the patch by reverse engineering the KB4012218 update Microsoft has recently provided, and compared it to the ones that are already in his computer.

In his analysis, he found two culprits, "IsCPUSupported(void)" and "IsDeviceServiceable(void)". He found that these functions were responsible for triggering the block of updates in new processors. Zeffy's scripts modify these, by changing the functions' outputs to "1", meaning "supported CPU". Once done, he states that updates will be delivered again to older operating systems with moder... Read more

Read other answers
RELEVANCY SCORE 40

Based on CERT, ISC, and other warnings below, the capability for security software to interrogate embedded Unicode characters in HTTP requests could be a serious exposure that needs to be patched by several vendors? So far, there are no known in-the-wild attacks: Full-Width/Half-Width Unicode Bypasses HTTP Scanninghttp://www.kb.cert.org/vuls/id/739224 http://isc.sans.org/diary.html?storyid=2807http://www.gamasec.net/english/gs07-01.htmlhttp://www.cisco.com/warp/public/707/cisco...4-unicode.shtmlhttp://www.frsirt.com/english/advisories/2007/1803http://secunia.com/advisories/25285/What is Unicode?http://www.unicode.org/standard/WhatIsUnicode.htmlThe US-Cert has a vulnerability note out that describes how Full-Width and Half-Width Unicode encoding manages to bypass many HTTP content scanning engines (739224). This would allow remote attackers to hide malicious HTTP traffic by encoding it and have it slip happily past your IDS/IPS. This isn't an exploit itself, but allows exploits that would normally be detected (or blocked) to get through your IDS/IPS undetected.

Read other answers
RELEVANCY SCORE 36.4

Zero day IE7 security flaw:

http://threatpost.com/en_us/blogs/new-zero-day-flaw-discovered-ie7-112209
 

Read other answers
RELEVANCY SCORE 36.4

A German mathematician called Martin von Gagern found a bug in GnuTLS , an open-source library that implements TLS...http://www.malwarecity.com/blog/devil-in-t...etails-287.html

Read other answers
RELEVANCY SCORE 36.4

I found it in my startup through msconfig. I have no idea what it is.
Loads from the c:\docume~1\admini~1\applic~1\find01~1\dvd flaw.exe

A:Dvd Flaw.exe What Is It?

to BC easye35Googling on this name came up empty. The single flaw.exe was reckognized as malware. If you do CTRL ALT DEL do you see it running under processes?Please downloadProcessExplorer and see where it is refering to by selecting the process and post it here

Read other 4 answers
RELEVANCY SCORE 36.4

Microsoft Corp., a worldwide leader in operating systems and Internet technologies, announced that it has found a major flaw in Windows XP operating system that is related to the JPEG image format.

An attacker could infiltrate the user's computer by tricking the user into opening a specially coded JPEG file. Microsoft has released a patch and a specialized tool that will scan for the aforementioned vulnerability. The software giant stated that this flaw does not affect users with Windows XP Service Pack 2.

The flaw affects Windows XP, Windows 2003 Server Edition, and later versions of Microsoft Office. Some users with older Microsoft operating systems may also be affected only if they are running specialized image editing software such as Digital Image Pro and Visio 2002.

Here is a link to a plethora of information on this flaw.
 

A:Another Flaw With MS?

Deke said:

The software giant stated that this flaw does not affect users with Windows XP Service Pack 2. Click to expand...

So the moral is - get SP2 !
 

Read other 1 answers
RELEVANCY SCORE 36

Microsoft is investigating a new flaw in the Windows operating system but didn't provide details on their Security Response Center Blog....we?re looking into new public proof of concept code around a possible vulnerability in Microsoft Windows. So far we?re not aware of any attacks attempting to use vulnerability or any customer impact, but we wanted to let everyone know we?re investigating.What we know at the moment is that the vulnerability can be attacked through Internet Explorer and requires user interaction on the page before the attack can occur...blogs.technet.com

A:Another Windows Flaw

Astronaut: Houston we have a problem...

Houston: What is it?

Astronaut: We can't tell you.

Houston: Why not?

Astronaut: Because it hasn't occured yet...

Houston: Then how do you know it will happen?

Astronaut: We saw some code laying around...

Houston: So.. we always have sloppy work

Astronaut: Correct, however, this is leading to an "unknown" problem...

laymans terms of what Microsoft is doing.

Read other 1 answers
RELEVANCY SCORE 36

MyNetscape

Sunday, Sept. 1, 2002
Security Flaw Found in Microsoft Web Browser
SAN FRANCISCO (Reuters) - Security researchers on Monday
said they have found serious flaws in Microsoft Corp.'s
Internet Explorer browser and in PGP, a widely used data
scrambling program, that could expose credit card and other
sensitive information of Internet users.
The Internet Explorer (IE) problem has been around for at
least five years and could allow an attacker to intercept
personal data when a user is making a purchase or providing
information for e-commerce purposes, said Mike Benham, an
independent security researcher based in San Francisco.
"If you ever typed in credit card information to an SSL
site there's a chance that somebody intercepted it," he added.
Internet Explorer fails to check the validity of digital
certificates used to prove the identity of Web sites, allowing
for an "undetected, man in the middle attack," he said.
Digital certificates are typically issued by trusted
certificate authorities, such as VeriSign Inc., and used by Web
sites in conjunction with the Secure Sockets Layer (SSL)
protocol for encryption and authentication.
Anyone with a valid digital certificate for any Web site
can generate a valid certificate for any other Web site,
according to Benham.
"I would consider this to be incredibly severe," he added.
Cryptography expert Bruce Schneier agreed.
"This is one of the worst cryptographic vulnerabilities
... Read more

Read other answers
RELEVANCY SCORE 36

Lately ...
Many things I try to do, I get a popup notice that this contains a security flaw .. Do I want to continue ???

Is this because I've installed XP SP3 ??
 

A:Security Flaw

Read other 8 answers
RELEVANCY SCORE 36

I think I've found a major flaw in the audio systems for Windows 7. I'm not sure if it could just be my computer, but it's quite annoying, since I change audio ports a lot for recording.

What happens is if I change my Sound out -> Headphones/Speakers port to the other one like lets say from Headphone port (front) to the Speakers port (back) all my sounds will completely cut out, and Windows will begin to lag until I restart my computer. In iTunes, if I try to play a song at this point, iTunes will either lock up or refuse to play the song.

I am running Windows 7 Home Premium 64-bit.
My sound card is a Realtek HD Integrated Audio Chipset.

A:Major Flaw? (Win 7)

Do you have the latest drivers for your sound card?

Read other 5 answers
RELEVANCY SCORE 36

Alright, let the rant begin:
 
A month back, Comcast backstabbed us and gave us <1 Mbps, when we were paying for 40+ Mbps. After three different routers and three different tech support guys came over, we "solved" the problem. Only not really.
It seems everywhere else the internet is fine. On this computer though (HP Pavilion p7-1534 PC, running Windows 8) it's anything but fine. The problem is that the connection randomly drops and says "Limited" in the Networks panel. I can reconnect immediately, but I play Wizard101 and once you lose connection for the slightest second, you have to restart the entire program (Which takes close to a minute). It has also been bothering other users of this computer.
 
Another odd thing is that, when I try to check the "Connect Automatically" box, and we lose connection again, the box NEVER stays checked. Even weirder, ALL of the other networks in my area have the "Connect Automatically" box checked. I think this may be part of the problem.
 
I am an avid hater of Windows 8 because nothing seems to work, including this. The internet was working fine until Comcast backstabbed us, but now I think it is just the computer.
 
Any ideas how to solve this? I am getting REALLY tired of it.
Thanks in advance for any help.
 
One more thing: We have no bandwidth problems, it just randomly dorps. My parents are considering buying a booster, would that solve the problem?

A:Internet Flaw

 
 
It seems everywhere else the internet is fine. On this computer though (HP Pavilion p7-1534 PC, running Windows 8) it's anything but fine. The problem is that the connection randomly drops and says "Limited" in the Networks panel. I can reconnect immediately, but I play Wizard101 and once you lose connection for the slightest second, you have to restart the entire program (Which takes close to a minute). It has also been bothering other users of this computer.
 
Any ideas how to solve this? I am getting REALLY tired of it.
Thanks in advance for any help.
 
One more thing: We have no bandwidth problems, it just randomly dorps. My parents are considering buying a booster, would that solve the problem?
 

Try replacing the network cable for that computer if that doesn't resolve the issue. Then next thing you can do is to try to do a system restore/ or update your Ethernet adapter drivers.

Read other 4 answers
RELEVANCY SCORE 36

Here's another beauty - JavaVM is at it again
Flaw in Microsoft VM JDBC Classes Could Allow Code Execution (Q329077)
http://www.microsoft.com/technet/security/bulletin/MS02-052.asp

------
Just noticed it's been rolled into the security post at the top - mod should delete this one.
 

A:JavaVM flaw

That's ok, the additional heads-up can't hurt. They really should provide another download link for the patch other than the update site, as not everyone can get there; it's not on any of their other download sites yet that I can see.
 

Read other 1 answers
RELEVANCY SCORE 36

See: http://www.eweek.com/article2/0,1895,1850357,00.asp
'Killbit' Workaround for Zero-Day IE Flaw Available <-- DO NOT USE!!!!!!!!!

Note: Use Microsoft pre-patch workaround instead!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

The utility sets the "killbit" for Msddds.dll (Microsoft DDS Library Shape Control), the COM object that can cause browser crashes—and remote code execution—via specially crafted Web pages.

Once the "killbit" is set to prevent the use of Msdds.dll as an ActiveX, all applications that use the COM object utility will break.

Microsoft has already issued an advisory confirming the severity of the flaw and providing pre-patch workaround to help block known attack vectors. See advisory here:
http://www.microsoft.com/technet/security/advisory/906267.mspx

-- Tom
 

Read other answers
RELEVANCY SCORE 35.6

This might be worth keeping an eye open
http://news.bbc.co.uk/2/hi/technology/7784908.stm
 

A:Serious security flaw found in IE

The same article has already been noted in another section: "Web & Email"

But thanks anyway.
 

Read other 3 answers
RELEVANCY SCORE 35.6

Foxit Fix for &#8220;Jailbreak&#8221; PDF Flaw.

According to an advisory Foxit issued last week, Foxit Reader version 4.1.1.0805 &#8220;fixes the crash issue caused by the new iPhone/iPad jailbreak program which can be exploited to inject arbitrary code into a system and execute it there.&#8221; If you use Foxit, you grab the update from within the application (&#8220;Help,&#8221; then &#8220;Check for Updates Now&#8221 or from this link.

-- Tom
 

Read other answers
RELEVANCY SCORE 35.6

Computer industry heavyweights are hustling to fix a flaw in the foundation of the Internet that would let hackers control traffic on the World Wide Web..."It's a very fundamental issue with how the entire addressing scheme of the Internet works," Securosis analyst Rich Mogul said in a media conference call."You'd have the Internet, but it wouldn't be the Internet you expect. (Hackers) would control everything."breitbart.com

Read other answers
RELEVANCY SCORE 35.6

About this flaw mentioned in the following articles:

New Web Attack Exploits Unpatched IE Flaw
Robert McMillan, IDG News Service
Dec 9, 2008 8:20 am
http://www.pcworld.com/article/155190/new_web_attack_exploits_unpatched_ie_flaw.html

Microsoft Security Advisory (961051)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Published: December 10, 2008 | Updated: December 13, 2008
http://www.microsoft.com/technet/security/advisory/961051.mspx

Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer. Our investigation so far has shown that these attacks are only against Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008.Click to expand...

Question:
I am using IE7 and Windows Vista, does the security update KB958215 fix the above IE7 zero day flaw on Windows Vista?

Cumulative Security Update for Internet Explorer 7 in Windows Vista (KB958215)
http://go.microsoft.com/fwlink/?LinkId=133437

Thanks.
 

A:Internet Explorer 7 zero-day flaw

Read other 13 answers
RELEVANCY SCORE 35.6

On my old XP laptop I was able to come back from "sleep/stand by" and had to re-enter my log in information. I set up my new laptop, an HP X16-1044nr 64 bit Vista to do the same. What I found was that if I left an internet website page open and it went into stand-by, hitting any key; the system doesn’t produce the security log in window. Thus leaving my system vulnerable for anyone to use should I forget and leave a page open. I now make sure I close every window but that’s disturbing. Thanks in advance.
 

Read other answers
RELEVANCY SCORE 35.6

http://blogs.pcmag.com/securitywatch/2009/07/new_critical_zero-day_vulnerab.php
 

A:FireFox 3.5 Zero day security flaw

Nobody's perfect...
IE7 user
 

Read other 2 answers
RELEVANCY SCORE 35.6

Read more about it here http://www.eweek.com/category2/0,1874,1252525,00.asp
 

A:sticky:WMF Security Flaw

This is already a sticky thread on the forum:

http://forums.techguy.org/security/431419-m-wmf-patch.html
 

Read other 1 answers
RELEVANCY SCORE 35.6

Secure USB Flaw Exposed.

USBs go under the microscope as vulnerability discovered in Sandisk secure USB leads to recall of other vendor's products

-- Tom
 

Read other answers
RELEVANCY SCORE 35.6

Adobe patches flaw in graphics tools
CNET News.com

A security flaw in Adobe Systems' popular graphics design software could allow an unauthorized user to change certain program files, the software maker said Thursday. The problem affects Adobe Creative Suite 2, Adobe Photoshop CS2 and Adobe Illustrator CS2 and occurs when the applications are run in shared, multiuser installations, according to an Adobe security advisory.

"If exploited, this vulnerability could allow a hostile user to replace these program files with malicious or harmful code that could read, write, or destroy sensitive data if subsequently run by a privileged user," Adobe said. The company rates the issue "important" and has updates http://www.adobe.com/support/techdocs/332644.html available to correct the security problem. It recommends that customers using CS2 products on shared systems, running either Microsoft Windows or Mac OS, apply these updates.
 

Read other answers
RELEVANCY SCORE 35.6

Microsoft Admits Flaw in Windows Software
By TED BRIDIS
AP Technology Writer
WASHINGTON

Microsoft Corp. acknowledged a critical vulnerability Wednesday in nearly all versions of its flagship Windows operating system software, the first such design flaw to affect its latest Windows Server 2003 software.

Microsoft said the vulnerability could allow hackers to seize control of a victim's Windows computer over the Internet, stealing data, deleting files or eavesdropping on e-mails. The company urged customers to immediately apply a free software repairing patch available from Microsoft's Web site.

The disclosure was unusually embarrassing for Microsoft because it demonstrated the first such serious flaw in the company's powerful new computer server software, billed as its safest ever.

The software is aimed at large corporate customers and was the first product sold under a high-profile "Trustworthy Computing" initiative organized last year by Microsoft founder Bill Gates.

At the product's launch in late April, Microsoft Chief Executive Steve Ballmer declared the new version of Windows to be a "breakthrough in terms of what it means, in terms of its built-in security and reliability."

The flaw, discovered by researchers in western Poland, also affected Windows versions popular among home users.

"This is one of the worst Windows vulnerabilities ever," said Marc Maiffret, an executive at eEye Digital Security Inc. of Aliso ... Read more

A:Widows Security Flaw

Go to Windows Update and get the fix.
 

Read other 2 answers
RELEVANCY SCORE 35.6

9 March 2007A serious flaw was found in opensource encryption software GNU Privacy Guard (GPG).It allows a cybercriminal to launch a phishing attack. The flaw allows to insert text in trusted e-mail. Ivan Arce from Core Security, who discovered the vulnerability says attacker can insert malware or lead user to malicious website. Arce decided to inform of the flaw because it was patched two weeks ago.It affects email clients like Kmail, Evolution, Sylpheed, Mutt and GNUMail, so its users should install patches as soon as possible.Source:http://www.arcabit.com/infobase.html?show=...ion&id=1154

Read other answers
RELEVANCY SCORE 35.6

...Called XSS fragmentation, the vulnerability consists of multiple chunks, or fragments, of JavaScript malware that can slip by a filter or firewall because individually they don't constitute a security risk. But when they are combined after hitting the site, they can then be dangerous.XSS fragmentation is rare, but a potentially powerful vulnerability that could be used against community-based sites such as MySpace or Web-based mail systems...MySpace in particular is vulnerable because it takes user-supplied content and stores it without adequate filtering...darkreading.com

Read other answers
RELEVANCY SCORE 35.6

A critical flaw that can be easily dealt with. >f
---------------------------------------------------------------------------------------------

Firefox has a password flaw
The Internet browser Firefox 2 has a problem with its "password manager" that could allow a hacker to obtain usernames and passwords from Firefox users, Newsfactor.com reports.

The Mozilla Foundation, which maintains Firefox's code, has acknowledged the problem. It has an extensive discussion going on here about what it calls "bug #360 493."

According to Newsfactor, the same problem could affect Internet Explorer as well.

Newsfactor also reports that "neither Mozilla nor Microsoft has released a patch for the problem, but users can avoid (the) attacks simply by disabling their browsers' autosave features for usernames and passwords. In Firefox, the feature is found in the 'Options' window under the 'Tools' menu.

"Mozilla has indicated that it plans a fix in Firefox version 2.0.0.1 or 2.0.0.2."

http://blogs.usatoday.com/ondeadline/2006/11/firefox_has_a_p.html
 

A:Firefox password flaw

Read other 10 answers
RELEVANCY SCORE 35.6

Adobe Scrambling To Fix Another Serious PDF Flaw dated August 9, 2010.

This issue effects Adobe Reader client for Windows, Mac and UNIX based systems.
...
Adobe is rushing to develop a patch for a vulnerability in Acrobat Reader revealed at the Black Hat security conference. The update–expected the week of August 16–will be the third time this year that Adobe has been forced to fix flaws outside of its regularly scheduled quarterly update pattern.

-- Tom
 

A:Adobe Scrambling To Fix Another Serious PDF Flaw

You know, I just don't get these kinds of issues in software developed my major software vendors. I mean there are tools available to help detect programming issues at compile time and run-time memory issues. Insure++ is one example of this kind of tool.

When I read things like this:
A Secunia advisory related to the Adobe flaw explains &#8220;The vulnerability is caused due to an integer overflow error in CoolType.dll when parsing the &#8220;maxCompositePoints&#8221; field value in the &#8220;maxp&#8221; (Maximum Profile) table of a TrueType font. This can be exploited to corrupt memory via a PDF file containing a specially crafted TrueType font.&#8221;Click to expand...

things like doing bounds checking on data coming into the product from an external source are things that should be second nature, at this point. I mean it's not like the Adobe Reader hasn't had security related issues in the past.

Or maybe tools, like Insure++ and others, ARE being used and we're just hearing about code that hasn't been touched or looked at for a while suddenly being exploited.

When will it ever end!!!!!! LOL

Peace...
 

Read other 1 answers
RELEVANCY SCORE 35.6

Intel chip flaw--but what of it?.

...
"This is the scariest, stealthiest, and most dangerous exploit I've seen come around since the legendary Blue Pill!," writes Jamey Heary in a Network World blog. He is a consulting systems engineer for Cisco Systems.
Click to expand...

-- Tom
 

Read other answers
RELEVANCY SCORE 35.6

Serious security flaw found in IE [bbc]

As many as 10,000 websites have been compromised since last week to take advantage of the security flaw, said antivirus software maker Trend Micro. Click to expand...

I don't want to go on a rant here but the IE team at Microsoft has caused so many problems for so many people, from users to web developers.

Anybody who is currently a user of IE really should take a look at alternate browsers (Firefox, Opera, Safari).
 

A:Serious security flaw found in IE

Read other 16 answers
RELEVANCY SCORE 35.6

Came across this article while searching for something totally unrelated.

For password manager users, have a read.

Part of article:




it is revealed that this password manager is at risk of a nasty phishing vulnerability. The author, Sean Cassidy, has published details about what he has dubbed 'LostPass'.
"I have discovered a phishing attack against LastPass that allows an attacker to steal a LastPass user's email, password, and even two-factor auth code, giving full access to all passwords and documents stored in LastPass. I call this attack LostPass. The code is available via Github. LostPass works because LastPass displays messages in the browser that attackers can fake. Users can't tell the difference between a fake LostPass message and the real thing because there is no difference. It's pixel-for-pixel the same notification and login screen", says Sean Cassidy, CTO, Praesidio.

Cassidy further explains, "a few months ago, LastPass displayed a message on my browser that my session had expired and I needed to log in again. I hadn't used LastPass in a few hours, and hadn't done anything that would have caused me to be logged out. When I went to click the notification, I realized something: it was displaying this in the browser viewport. An attacker could have drawn this notification".Click to expand...

Full article:
LastPass has serious flaw called 'LostPass' -- your passwords and more are at ri... Read more

A:LastPass flaw article

Never been fond of LastPass, however such exploits are actually... rather expected, for web-based applications.
As I said, never being intrigued by LastPass, I have been using KeePass. It sure also must have its weaknesses, but the fact that it's offline is a plus and it adds to the overall security for storing passwords.

Anyway, if this is security flaw is as serious as the author suggests, then I'm pretty sure the LastPass developers are bound to prepare and push out patches to address it sooner or later, if they haven't done it already. They were pretty frantic about a "breach" in their servers in their past, even though it didn't result in the compromise of any users' credentials.
This case however, seems to be of much more critical nature, since, as described in the author, it is quite possible for the phishing attack to be carried out successfully.
 

Read other 15 answers
RELEVANCY SCORE 35.6

This is a minor quirk I've lived with for years on my XO PC but it's become worse in Win 10.

My Ilyama Prolite E2403WS 24" monitor is set to its recommended resolution of 1920 x 1200, and naturally that's supposed to be located at (0,0). But in XP it was always at (-4,-4) and its size was 1928 x 1208. In Win 10 it's at (-8,-8) and size is 1936 x 1216.

Any thoughts on the undelying cause please? And - although I'm very doubtful after my research - a possible cure?

--
Terry, East Grinstead, UK

Read other answers
RELEVANCY SCORE 35.6

A lot of members in here seem to be praising 360 IS and TS. But 360 suffers from a huge flaw. This flaw has been around for over 6 months and 360 seems to be refusing to address it. With every new version this huge problem is not corrected. I have about 6 emails with 360 support and they are aware of this issue. What is the issue you may ask? 360 products do not work in a standard user account. You can install and run 360 IS or TS in an Admin account perfectly fine. Log out and login in under a standard account and the account is unprotected. You can try all day long to force it to start and it will not work. So think again before recommending and praising 360. Never mind that TS comes with features that are completely and totally unnecessary to any security product. Avast is a far superior free security solution and Eset is a top notch paid product. No reason to start an argument either. I can copy and paste the emails from 360 support. Anyone can duplicate this flaw also.

Another thing. 360 China version and this new 360 TS version are completely different. AVC and AV Test.org are testing 360 China. Not 360 TS Free.
 

A:Huge Flaw (Qihoo 360 )

Interesting post, would be great if you could post those emails to and from support (obviously blanking any personal info). Obviously this is a pretty serious claim. If anybody on the forums can verify this, please give me a PM
 

Read other 54 answers
RELEVANCY SCORE 35.6

Latest update on Adobe Reader Flaw

Users are being advised to update their systems after the emergence of a new rash of attacks targeting a previously-patched flaw in Adobe Acrobat.
The attacks use specially-crafted PDF files to exploit a vulnerability in the Java component of Adobe Acrobat Reader to perform malware installations on targeted systems.
Users can protect against the attacks by updating Adobe Acrobat and Reader to the latest versions. Users running version 9 of either product are not vulnerable to the attack.
Full info Here ...
Attackers gun for Adobe flaw - vnunet.com

Read other answers