Tag: Windows
-
IE in trouble again
Only a day after the last patch was released for IE that fixed problems relating to the Google ( and other ) attacks from December, a number of new vulnerabilities have been found in IE ( no version details yet ) which when combined, can lead to remote execution on a Windows PC. Core Security…
-
Widespread Attacks on IE bug start
The first widespread attack to leverage a recently patched flaw in Microsoft’s Internet Explorer browser has surfaced. Starting late Wednesday, researchers began spotting dozens of Web sites that contain the Internet Explorer attack, which works reliably on the IE 6 browser, running on Windows XP. The attack installs a Trojan horse program that is able…
-
Windows and on-line banking
The 2 concepts above should never be spoken ( let alone used ) together considering the poor security track record of all Windows operating systems but somehow people still ‘trust’ the venerable OS to do their daily banking, paying of accounts and transferring of monies. So the question is why? I can only think of…
-
The new Browser Ballot Screen for EU Windows
This is the latest iteration of the browser for any Windows PCs sold into the EU in the next 5 years.
-
Windows and critical systems
I’ve blogged previously about using Windows in critical systems ( Win2k in French air-force fighters and British attack submarines ) and my disregard for this platform in these kinds of applications. Honestly, would you really want a Windows machine running your life-support system when in hospital? or the device that decides whether or not a…
-
Panda threats of the last 20 years
Panda has just released a study of the most severe threats over the last 20 years. This makes for interesting reading and brings back some memories; however, the most interesting thing about this article ( and other articles on the same topic ) is that nowhere is it mentioned that these are all Microsoft-platform viruses.…
-
Windows botnets take down most of the major social web services
Twitter, Facebook, Livejournal and some other social web services were completely taken off the air this Thursday past by a massive DDoS attack aimed, wait for it, at one person – a pro-Georgian blogger called Cyxymu. This user is an activist blogger and someone doesn’t like him! So hoards of virus-infested Windows machines ( about…
-
Internet Explorer patch
This past Tuesday saw Microsoft release a patch targeting a number of vulnerabilities in its browser on Windows 2000 and XP platforms ( possible IE 5, 6 and 7 ). The bugs relate to how IE handles objects in memory and table operations, more specifically it could allow remote code execution. The vulnerabilities can be…
-
Conficker still around?
The hype surrounding Conficker just seems to be increasing and the latest variant ( C ) apparently has some interesting capabilities such as disabling security software ( AV, firewalls, etc. ), killing processes for running security apps and p2p networking to spread infection. The worm exploits a vulnerability in the Windows Server service that is…
-
Windows security redux
A number of people responded to my previous article on the BBC’s botnet indicating that I was being overly harsh. I have 2 comments on that: 1. if you’re happy fighting fires, then maybe you should be a fireman 2. most of these respondents ran standalone machines; they had no experience maintaining corporate networks And…
-
The BBC’s botnet
It appears that the BBC has decided to become a hacking company – they recently obtained a botnet of around 22000 machines from an underground forum and demonstrated ( as part of a special investigation ) how to use these machines to send spam to some predefined email addresses they had created. UK law (…
-
Windows for War – scary stuff
A number of military organisations around the world have started using Windows 2000 as a platform for operational systems within navies, the army, air services and other war branches. But recently there has been quite a bit of consternation concerning the use Windows in UK naval vessels as well as French fighter planes. I’m the…
-
IE fix
Microsoft yesterday release updates for a no. of zero-day vulnerabilities in Internet Explorer versions excluding IE8Beta2 – this one is still forthcoming. Considering this is only the 2nd out of sequence update in 18 months, you’ll have some idea of how serious it is. Please make sure you have auto updates switched on and have…
-
More on the IE exploit
Microsoft says Internet Explorer 5.01, 6 and 8 (beta) are also potentially susceptible to the zero-day exploit, published recently. Until now it had been assumed that only Internet Explorer 7 contained the vulnerability. Microsoft recommends that Data Execution Prevention (DEP) and memory protection be enabled in Internet Explorer 7 (Tools/Internet Options/Advanced/Enable memory protection…), but this…
-
BOSD’s rule
Lenovo, IT providers to the Chinese Olympic Games, decided on XP as their choice of computing platform due to the apparent instability of Vista. It appears they forgot about XP’s instabilities as well – here is a nice BlueScreenOfDeath courtesy of Gizmodo.