PCTips Box

When it comes down to the 32-bit Windows Vista vs. 64-bit Windows Vista, the comparison generally focuses on the added benefits synonymous with handling system memory. Because the address space of 64-bit Vista is not limited to 4GB, users are able to use a maximum of 128 GB of RAM with the Ultimate, Business and Enterprise SKUS. But at the same time, there are added benefits, and one of them is in terms of security. The 64-bit editions of Vista come to the table with PatchGuard (Kernel Patch Protection), Address Space Layout Randomization (ASLR), Heap and Stack randomization, and even heap corruption detection.

As far as Heap Based Buffer Overruns are concerned, both 32-bit and 64-bit Vista offer protection, but only in the x64 versions of the operating system is the even heap corruption detection enabled by default. Michael Howard, Senior Security Program Manager in the Security Engineering group at Microsoft, explained that, in x86 Vista, software developers have to call the HeapSetInformation API in order to enable heal corruption detection. (more…)

Microsoft’s Internet Explorer is without a doubt the main vector of attacks, when it comes down to web-based threats. Its ubiquity, as well as its intimate integration into the Windows platform, makes it an excellent avenue for attacks. With IE6, Microsoft has gained an ill reputation for failing dramatically to protect end users. From IE6, which undoubtedly is an apex of insecurity compared to alternative browsers, the Redmond company moved to Windows Vista and Internet Explorer 7 under User Account Control, virtually cutting the browser from the critical areas of the operating system. Web-based attacks coming via IE7 in Protect Mode will not be able to write themselves to disk without specific user permission, because the browser runs with the very least possible privileges. (more…)

Although it seem unlikely virus writers and hackers are going to give up looking for and attempting to exploit loopholes in Microsoft products, it seems some of them may be turning their attention to other popular applications. According to security experts at Symantec the defences on one of its PC’s, used as bait to attract and trap virus writers, was breached through known vulnerabilities in Apple QuickTime and WinZip. (more…)

Microsoft said Sunday night that it is planning to make available this week a patch for a Windows flaw that has already been used in an attack.

Microsoft issued an advisory on the animated cursor flaw on Thursday. By Friday, malicious code was circulating that took advantage of the hole.

In an e-mail, Microsoft said it had originally planned to patch the flaw on April 10 as part of its regular (more…)

If you haven’t applied the “critical” patch in Microsoft’s MS07-009 bulletin, now might be a good time to hit that download-and-install button. Detailed exploit code for the vulnerability — discovered during HD Moore’s MOBB (month of browser bugs) project and fixed on Patch Tuesday in February — has surfaced on the Internet, offering malware authors step-by-step instructions on how to launch PC takeover attacks.

The exploit code takes aim at a remote code execution flaw in the ADODB.Connection ActiveX control that is provided as part of the ActiveX Data Objects. This is distributed in MDAC (Microsoft Data Access Components). (more…)