Tag: Microsoft
-
Windows 7 SP1 due in July
Microsoft anounced a public beta of SP1 for Windows 7 and Server 2008 R2 at TechEd in New Orleans this week. Yes that’s right – the same package is used to update both platforms due to them using the same kernel. While Windows 7 doesn’t gain any new functionlity from this update, Server 2008 R2…
-
Anti-virus – is there really any point?
Last weeks epic FAIL by Mcafee brings the entire Microsoft platform into perspective. It’s all broken: Symantec says that it has detected botnet infections on more than 1,100 separate computers spread across multiple subnets within the UK National Health Service (NHS) network Criminals are increasingly attempting to conceal malware embedded in hacked websites from search…
-
Microsoft’s April Patch Tuesday
As part of its regular update cycle, Microsoft has released five critical, five important and one moderate risk update to fix security holes in Windows, MS Office and Exchange. The most prominent among them is the “F1 hole” in the VBScript engine for which exploits are already available on-line. Microsoft Security Bulletin Summary for April…
-
Microsoft, patches and Blue Screens
Microsoft had a large Patch Tuesday in February – with an unintended side effect: large amounts of blue screens. This turned out to be due to an interaction between the Alureon rootkit and the patch for KB977165 which updates the Windows kernel. This month’s patches also contain kernel updates, and so have the same incompatibility…
-
64% of Microsoft Vulnerabilities down to the use of admin rights
While non-Microsoft users have grown up understanding the simple concept of access controls and rights within our environments for many years, the single biggest factor for bug propagation on Windows platforms is still the use of administrative rights. The truth of the matter is that prior to Vista, there was little way for a regular…
-
A flurry of app security updates
Today has been a very busy day from a security update p.o.v. Microsoft as released an update for the critical hole in IE which as been out for about 3 weeks ( iepeers.dll ) and 9 other updates which apply to various IE/Windows combinations ) the F1 attack discovered a month ago unfortunately still remains…
-
Microsoft virtualisation changes
Microsoft has announced Dynamic Memory and RemoteFX which directly affects their desktop virt platform. Dynamic memory allows users to adjust the memory of a guest virtual machine on demand. IT administrators will thus be able to pool all the memory available on a physical host and dynamically distribute it to virtual machines running on that…
-
Windows 7 XP mode no longer requires hardware virt
Microsoft will be removing the hardware virtualisation extensions requirement with the next update of XP mode. The updates are available here: win 7 32-bit win 7 64-bit Intel’s mechanism is know as VT-x while AMD’s is called AMD-V. There are pros and cons with this change: con – hardware virt extensions allow a CPU to…
-
The Microsoft Tax
The headline phrase typically refers to the buying of computers with Windows pre-installed by the OEM vendor when you don’t need or want it. I.e. you’ve paid more for the machine ( because it includes Windows ) when you aren’t going to use it. Unfortunately this time it refers to you, a citizen, paying extra…
-
Remember that 17-year old bug in Windows …
… I spoke about in late January? Well Microsoft has finally come out and acknowledged it. Over a month later. Well actually 9 months later. The hole, which originated with the release of Windows NT back in 1993 and is present in every 32-bit version of Windows since, including Windows 7, was discovered by Tavis…
-
Another IE hole
Another flaw has been found in versions 7 and 8 of Internet Explorer running on Windows XP. There’s an unpatched bug in VBScript that hackers can use to drop malware on 32-bit Windows XP machines. Microsoft says an exploit “was posted publicly that could allow an attacker to host a maliciously crafted web page and…
-
Another Windows hole
A new critical flaw has been found in all versions of Windows since Windows 2000 and affects even current releases like Windows 7 and Server 2008 R2. The vulnerability was found by 2X Software which says that the flaw can be used to create a DoS attack against any Windows systems from the last 10…
-
New Windows 7 update phones home
Apologies for the late notice on this but I only just learned of it myself: Microsoft will be releasing “Update for Microsoft Windows (KB971033)” today. This however is not an ordinary update. This one will change the current activation and anti-piracy behaviour of Windows 7 by phoning home every 90 days ( for now ).…
-
New research paints grim picture for AntiVirus software
While I’ve never assumed AV software will protect you from all ills on the Internet, new research from SurfRight shows just how bad things are. A sample of just under 110k users ( a very good sample I think ) shows that 32% ( yes 1/3rd ) of all machines running AV software were infected…
-
Patch Tuesday
This coming Tuesday, Microsoft is releasing a slew of patch fixes, 5 of which are rated critical, 7 important and 1 moderate. All of the critical flaws result in remote code execution and 10 of these patches require a system restart. The list of operating systems affected includes everything from Win2k through to Win2k8 R2.…