Tag: Security
November 14, 2009 by
Jason
Microsoft has reacted rapidly to public reports of a zero-day denial-of-service vulnerability in its latest iterations of the Windows client and server operating systems, and is providing customers with guidance on how to block potential attempts to take advantage of the security flaw. In this regard, the Redmond company has underlined that no exploits or attacks have been detected for the denial-of-service (DoS) hole in the Microsoft Server Message Block (SMB) Protocol impacting both SMBv1 and SMBv2 in Windows 7 and Windows Server 2008 R2. However, Proof of Concept (PoC) code was irresponsibly published in the wild, making it extremely easy for attackers to build exploits putting at risk users of Windows 7.
“Microsoft is aware of public, detailed exploit code that would cause a system to stop functioning or become unreliable. If exploited, this DoS vulnerability would not allow an attacker to take control of, or install malware on, the customer’s system but could cause the affected system to stop responding until manually restarted. It is important to note that the default firewall settings on Windows 7 will help block attempts to exploit this issue,” Dave Forstrom, group manager, public relations, Microsoft Trustworthy Computing, revealed. “The company is not aware of attacks to exploit the reported vulnerability at this time.” Read More»
Posted in Windows 7 | No Comments »
November 14, 2009 by
Jason A DVD5 ISO image file containing all the security bulletins made available on November 10th, 2009 for all supported Windows platforms, is now up for grabs via the Microsoft Download Center. As is the case every month, the Redmond company is accompanying the security patched it offers through Windows Update, Automatic Updates, and Microsoft Update with standalone downloads as well as with a package of updates. In this regard, the November 2009 Security Release ISO Image has become available for download earlier this week.
There are no less than six security updates packaged into the ISO image, four of which are now served through WU, AU, and MU to Windows users around the world. MS09-063, MS09-064, MS09-065, MS09-066 are all designed to patch security vulnerabilities in Windows server and client platforms, including versions such as Windows Vista SP2 and Windows XP SP3.
“This DVD5 ISO image file contains the security updates for Windows released on Windows Update on November 10th, 2009. The image does not contain security updates for other Microsoft products. This DVD5 ISO image is intended for administrators that need to download multiple individual language versions of each security update and that do not use an automated solution such as Windows Server Update Services (WSUS). You can use this ISO image to download multiple updates in all languages at the same time,” Microsoft explained. Read More»
Posted in Windows Vista, Windows XP | No Comments »
October 15, 2009 by
Jason It has by no means been a slow month as far as Microsoft security bulletins go, with no less than 13 patch packages being released by the company for a range of products. In total, the Redmond company patched no less than 34 security holes across Windows, Internet Explorer, Silverlight, Microsoft Office, Developer Tools, Forefront and SQL Server, revealed Christopher Budd, security response communications lead, Microsoft. October 2009 is also the first month in the software giant’s security patch cycle when updates were made available for the gold version of Windows 7. October 2009 marks yet another first, namely the first time that patches for Windows 7 RTM have been included into a company Security Release ISO Image.
At the bottom of this article you’ll be able to find a download link for the October 2009 Security Release ISO Image. The ISO package brings to the table all of the security updates made available for supported Windows operating systems, including Windows 7, Vista, Windows XP, Windows Server 2008 R2, etc. Read More»
Posted in Windows 7 | 1 Comment »
October 15, 2009 by
Jason On October 13th, 2009, Microsoft started serving to Windows users patches for no less than 34 vulnerabilities, releasing the most security bulletins in the company’s history. The 13 security bulletins made available are designed to offer fixes for a range of security issues affecting Windows, Internet Explorer, Silverlight, Microsoft Office, Developer Tools, Forefront and SQL Server. Microsoft underlined that, despite the large number of patches, all security updates had been thoroughly tested, and only received the green light for broad release once they met specific quality standards.
Out of the total 13 security bulletins released, eight have received Microsoft’s maximum severity rating, namely Critical, indicating that they are designed to patch severe vulnerabilities that could allow for remote code execution in the eventuality of a successful attack. The remaining six patch packages have all been deemed Important, a less severe rating. However, customers should apply the patches offered by the Redmond company immediately. The simplest way to access the security updates is through Windows Update. Users with Automatic Updates enabled will have all patches automatically downloaded to their machines.
Microsoft revealed that no less than seven security bulletins with a maximum severity rating of Critical out of the total eight also had an exploitability index of 1. The highest possible exploitability index: 1 is indicative of the fact that Microsoft considers the possibility of exploit code becoming available in the wild for the seven flaws extremely likely, perhaps even within the first 30 days since the patches were released. This just in case you needed additional incentive to deploy the security updates. Read More»
Posted in Computer | 1 Comment »
October 12, 2009 by
Jason
Before that the first and second part we continue to publish series of articles.
41. Go Live. Many applications installed on past versions of Windows have been removed. Starting with Windows 7, these applications (and a few others not typically installed with Windows) have been moved into the Live Essentials downloadable applications, at download.live.com. These applications include Messenger, Mail, Writer, Photo Gallery, Movie Maker, Family Safety and a few others.
42. Remove Apps. Although some applications have been moved off of Windows to become an optional download, other apps, such as IE8, Media Player, Media Center and DVD Maker are still included. In times past, especially when it came to IE, the applications were tied into the OS. However, in Windows 7 you can easily remove them if desired. Head to the Program and Features applet in Control Panel and select the “Turn Windows features on or off” link in the top left-hand corner. Then you can select the checkbox of the features you want to lose or add for your system. Read More»
Posted in Windows 7 | 3 Comments »
October 07, 2009 by
Jason Confronted with increasingly bulletproofed Windows operating systems, the threat environment shifted toward targeting vulnerabilities in the code designed to run on top of the platform. With security enhancements such as User Account Control, Address Space Layout Randomization, Kernel Patch Protection and driver signing, but also with the new development methodology set in place via the Microsoft Security Development Lifecycle, vulnerabilities in Windows Vista and its successor Windows 7 have become harder to exploit, in the eventuality that attackers do come across critical security holes.
The biggest advantage in terms of security Vista and Windows 7 have over precursor Windows clients is the Security Development Lifecycle. And with the threat environment changing focus onto third-party Windows applications, Microsoft is ready to share the SDL secrets with third-party developers. An illustrative example in this regard is the Microsoft Security Development Lifecycle (SDL): Developer Starter Kit.
“The Microsoft SDL – Developer Starter Kit offers content, labs, and training to help you establish a standardized approach to rolling out the Microsoft Security Development Lifecycle (SDL) in your organization—or enrich your existing development practices,” Microsoft revealed.
Read More»
Posted in Windows 7 | No Comments »
September 27, 2009 by
Jason The final version of Microsoft’s Security Essentials (codename Morro), the basic security solution the Redmond company is working on delivering for Windows, is expected to become available in a matter of weeks, at least this is what the software giant announced on Sunday in a note sent to beta testers. The MSE solution should come to the company’s client as the replacement for Windows Live OneCare, which will end its life cycle as soon as the new security software arrives.
“The final version of Microsoft Security Essentials will be released to the public in the coming weeks. If you are running the older version of the beta (1.0.1407.0), we encourage you to upgrade to a newer version of the beta (1.0.1500.0),” is what Microsoft reportedly said to the participants to its beta testing program. Microsoft Security Essentials 1.0 beta went live officially on June 23 this year, and we’ve already seen a series of updates leaked on the web and made available for download.
According to some estimations there are more than 400,000 beta testers for Morro out there, with 75,000 people downloading the Security Essentials during the first day of public availability, thus allowing Microsoft to reach its aimed number of testers in only a day. The final version of Microsoft’s new security solutions is expected to come to Windows users for free, offering them an alternative to paid antivirus software in case they are unable to purchase such a solution. Read More»
Posted in Computer | No Comments »
September 01, 2009 by
Jason I don’t want to make you any more paranoid about PC security than you already are (and yes, they are out to get you), but a report in Engadget suggests that a pair of Japanese students can hack WPA encryption, used on most Wi-Fi enabled devices, in around a minute. They have come up with a fancy new algorithm that, for the moment at least they’re keeping to themselves. It beats the previous record by some 10 – 15 minutes, making it a potential threat to Wi-Fi users. Details of the crack are due to be announced next month at a conference in Hiroshima, so it’s not in the wild yet, and even if it does escape, most users can protect their files by switching their WEP to AES (Advanced Encryption System) mode, or using the (so far) still secure WPA 2 system.
Posted in Internet | No Comments »
If you want to share information stored on your computer with other people nearby and everyone’s computer has a wireless network adapter, a simple method of sharing is to set up an ad hoc wireless network. In spite of the fact that members must be within 30 feet of each other, this type of network presents a lot of possibilities. For example, you might consider establishing an ad hoc network at a meeting of mobile computer users so that you can share information with other attendees on their own screens rather than an overhead projector. (After establishing the network, you can do this by using Windows Meeting, for instance.)
Ad hoc networks are by definition temporary; they cease to exist when members disconnect from them, or when the computer from which the network was established moves beyond the 30-foot effective range of the others. You can share an Internet connection through an ad hoc network, but keep in mind that the Internet connection is then available to anyone logging on to a computer that is connected to the network, and thus is likely not very secure.
To set up an ad hoc network:
Read More»
Posted in Computer, Internet | No Comments »
Microsoft’s Solution Accelerator designed to streamline the deployment of Windows operating system has evolved to the Release Candidate stage. Testers are now free to download and test drive the RC development milestone of Microsoft Deployment Toolkit 2010, a product which has already been tailored to the gold releases of the company’s latest iteration of Windows client and server operating systems. As was the case for the Beta Build, Microsoft Deployment Toolkit 2010 RC is available for download via Microsoft Connect.
“We are pleased to announce the immediate availability of the release candidate of MDT 2010. This release contains numerous bug fixes since MDT 2010 Beta 2. MDT 2010 RC has been tested and will work with Windows 7 RTM and Windows Server 2008 R2 RTM as well as all previously supported operating systems,” revealed Microsoft Evangelist Keith Combs.
In addition to the RTM Builds of Windows 7 and Windows Server 2008 R2, Microsoft Deployment Toolkit 2010 RC also delivers support for technologies including: Hyper-V for Windows Server 2008 R2, Windows Vista, Windows Server 2008, Hyper-V for Windows Server 2008, SQL Server 2008, 2007 Microsoft Office, Microsoft Application Virtualization, Microsoft Online Services (e.g. Exchange Online) and Forefront Client Security, etc. Read More»
Posted in Windows 7 | No Comments »
Loading ...
