The big computer security news of the day is the release of exploit code publicly for MS06-040. The patch of course was released Tuesday and it is fairly critical to get the update installed. This is “wormable” It CURRENTLY affects all Windows 2000 systems and XP (with no service pack) as well as SP1. It currently doesn’t seem to work with SP2 of Win XP, or with Windows 2003 or NT4. A bit more information is at the incidents.org link above.
Tag: Windows
-
Vista’s fatal flaw?
Backwards compatibility. It’s something that many vendors strive for and Microsoft is certainly one that has placed a value on making things backwards compatible for third party software. According to this story at Sci-Tech Today, Symantec thinks this eagerness to be backwards compatible may be a big issue for Vista’s security. They expect several “privilige escalation” vulnerabilities to be found and say that if those such vulnerabilities are discovered in the prompt for user consent…. well essentially all of the systems security precautions could be undermined. The whitepaper on the details talks about several issues that have been patched at this stage in the Vista development process, but the main question is how many are out there?
-
Windows update advance notice for August 2006
August’s advance bulletin of Microsoft updates is already up. Tuesday of course is the monthly Microsoft patch day. It appears as though there will be 12 updates this time around. As usual, it could be that individual updates fix multiple problems. 10 updates will affect Windows at least 1 critical, will require a restart. 2 updates will affect Office, at least 1 critical, MAY require a restart. Also the malicious software removal tool will see an update.
-
Possible Windows Scheduler local privilige escalation
Sans has a writeup on Windows local privilige escalation using the Windows scheduler and among other things it might be worth starting out by saying that typically, only Administrative group users in Windows XP are allowed to access the Windows Scheduler. However, I have read reference of some installs that even give guests that capability. If that’s a default setting under some install profile – this is a big problem, if it’s just because the administrator chose to make the scheduler accessible to everyone it’s LESS of a problem, but still worth KNOWING about.
-
Sysinternals/Wininternals acquired by Microsoft
Sysinternals.com is a GREAT source of free Windows utilities (rootkit detector, process list, list of files being used by a process, etc….) Today the news started to spread that they’ve been acquired by Microsoft. Am I the ONLY person that has had an urge to download their entire free utility library?
-
Open Source NTFS driver for linux with Read and Write support
Linux has full support for so many file systems. Fat32, which is the filesystem of the Win98 and ME systems has had full read-write support as long as I can remember, but NTFS has not. In fact, NTFS has had read-only support in the main open source driver, but NO write support. (Or at least VERY limited and risky write support.) There was the captive ntfs project which used Windows own NTFS driver, but…. it looks like we’re getting very close to a true open source, read write NTFS driver for linux (and really, for any other OS that wants to implement it.)
-
Adobe Acrobat reader update
On the heels of yesterdays massive update day from Microsoft, Adobe has released an update for the free Adobe Reader. The Adobe reader is one of those ALMOST essential applications that MOST everyone has installed. So, this will be of particular interest to MOST computer users. A SERIOUS security flaw (They’re tagging it CRITICAL) could be exploited with a specially crafted PDF file in version 6.0.4 (or earlier – back to 6) of the Reader for Mac or Windows.
Version 6.0.5 has been released to address this. It should be noted that the current newest version available is 7.0.8….
-
Microsoft updates are out for July
and they affect no fewer than 18 issues in Office and Windows. 13 issues are tagged as critical, others as important. They are all bundled into 7 update downloads. 8 vulnerabilities within Excel have been addressed in all of this. Office 2000 users will have to manually update (Office XP/2003 updates can be brought in through Microsoft Update.) It looks like the flaw I found most interesting was a remote code execution vulnerability in the DHCP client… .(Affects 2000/xp and 2003).
-
The end for Windows 98 may be a boost to linux?
There are articles out about the demise of official Windows 98 and ME support would be a boost to linux uptake. Realistically, I suppose it may, but I personally am not holding my breath. Here’s why. 1) The people still running Windows 98/ME are likely doing so because that’s what came with their PC. There is a common perception that ~6 is a point where they might replace it anyway with a new pc. 2) IF you’re running Windows98 on original equipment (as opposed to someone that opted for 98 instead of xp on a slightly newer system, or has upgraded from the original equipment.) You might be frustrated with the performance of MOST linux distributions on your equipment. Let’s face it, linux can run on most anything, but most of the distributions that people HEAR about focus on newer hardware….
-
UPS Worldship changing report printer
I really couldn’t find a quick answer to this on this in a quick search. Maybe it’s just me. But, one of the computers that I support has UPS Worldship installed on it. (Version 8.0.16 I think.) They had a printer problem and switched printers. Of course, Windows handled the printer just fine. Worldship printed out labels (this all happened before I got there, but Worldship gives you an opportunity to change the label printer.) Unfortunately reports wouldn’t print. When looking through the setup and attempting to test it simply gave a message that the printer couldn’t be found (the printer could not be found) and nowhere was an option to CHANGE the report printer. In retrospect, I wonder if I should have looked in the “Change label printer” choice, but at the time I didn’t want to run the risk of tinkering with THAT working part. So… here’s what I did.