November 16th, 2009

Microsoft confirms 'detailed' Windows 7 exploit

Posted by Ryan Naraine @ 10:25 am

Categories: Arbitrary Code Execution, Browsers, Denial of Service (DoS), Exploit code, Microsoft, Passwords, Patch Watch, Punditocracy, Vulnerability research, Windows Vista

Tags: Denial Of Service, Web, Attacker, Vulnerability, Microsoft Corp., Web Site, Small And Medium Business, Microsoft Windows 7, Microsoft Windows, Smb/Sme

Microsoft has issued a security advisory to acknowledge a crippling denial-of-service flaw affecting its newest operating systems — Windows 7 and Windows Server 2008 R2.

Exploit code for the vulnerability was released by researcher Laurent Gaffié after failed attempts to get Microsoft’s security response center to acknowledge that this was an issue that needs to be patched (SEE UPDATE BELOW). Read the rest of this entry »

October 1st, 2009

MS Security Essentials test shows 98% detection rate for 545k malware samples

Posted by Dancho Danchev @ 10:20 am

Categories: Anti Virus, Botnets, Browsers, Hackers, Malware, Microsoft, Passwords, Rootkits, Spyware and Adware, Viruses and Worms, Windows Vista

Tags: Freeware, Antivirus, Malware, Microsoft Corp., Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Dancho Danchev

According to recent tests conducted by AV-Test.org aiming to measure the performance of Microsoft’s Security Essentials, the freeware application achieved 98% detection rate for 545k malware samples including viruses, bots, trojan horses, backdoors and Internet worms, also achieving 90.95% detection rate for 14,222 adware/spyware samples it was tested against.

However, AV-Test.org didn’t find any effective “dynamic detection” features (HIPS/behavior blocking) in place, and therefore samples with malicious behavior were not detected due to the application’s reliance on malware signatures only.

Read the rest of this entry »

September 29th, 2009

Windows SMB2 exploit now public; Expect in-the-wild attacks soon

Posted by Ryan Naraine @ 3:09 am

Categories: Anti Virus, Arbitrary Code Execution, Botnets, Browsers, Complex Attacks, Data theft, Denial of Service (DoS), Malware, Metasploit, Microsoft, Passwords, Spam and Phishing, Spyware and Adware, Vulnerability research, Windows Vista

Tags: Vulnerability, Microsoft Windows Vista, Microsoft Corp., Exploit, Attack, Microsoft Windows, Operating Systems, Security, Software, Ryan Naraine

Fully functional exploit code for the (still unpatched) Windows SMB v2 vulnerability has been released to the public domain via the freely available Metasploit point-and-click attack tool, raising the likelihood for remote in-the-wild code execution attacks.

Read the rest of this entry »

September 18th, 2009

Microsoft ships one-click 'workaround' for critical SMB2 flaw

Posted by Ryan Naraine @ 1:56 pm

Categories: Arbitrary Code Execution, Botnets, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Locally Running Web Servers, Malware, Microsoft, Passwords, Patch Watch, Pen testing, Responsible disclosure, Viruses and Worms, Vulnerability research, Windows Vista, Zero-day attacks

Tags: Ryan Naraine

With exploit code in circulation and facing a race against time to fix the SMB v2 vulnerability haunting Windows Vista and Windows Server 2008, Microsoft today shipped a one-click “fix-it” workaround to help users avoid malicious hacker attacks.

The fix-it package, which was added to Redmond’s pre-patch advisory, effectively disables SMBv2 and then stops and starts the Server service. It provides temporary mitigation from remote code execution attacks targeting the known — and still unpatched — vulnerability.

Read the rest of this entry »

September 9th, 2009

Microsoft confirms SMB2 vulnerability, warns of code execution risk

Posted by Ryan Naraine @ 9:10 am

Categories: Arbitrary Code Execution, Browsers, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Hackers, Locally Running Web Servers, Microsoft, Patch Watch, Pen testing, Responsible disclosure, Vulnerability research, Windows Vista, Zero-day attacks

Tags: Vulnerability, Microsoft Corp., Server Message Block, Microsoft Windows 7, Microsoft Windows, Security, Operating Systems, Software, Ryan Naraine

Microsoft has issued a formal security advisory to confirm the remote reboot flaw in its implementation of the SMB2 protocol, going a step further to warn that a successful attack could lead to remote code execution and full system takeover.

The vulnerability, which was originally released as a denial-of-service issue, does not affect the RTM version of Windows 7, Microsoft said.    It appears Microsoft fixed the flaw in Windows 7 build ~7130, just after RC1.  Windows Vista and Windows Server 2008 users remain at risk.

Read the rest of this entry »

September 8th, 2009

Windows 7, Vista exposed to 'teardrop attack'

Posted by Ryan Naraine @ 1:26 pm

Categories: Arbitrary Code Execution, Botnets, Complex Attacks, Data theft, Denial of Service (DoS), Exploit code, Locally Running Web Servers, Metasploit, Microsoft, Responsible disclosure, Viruses and Worms, Vulnerability research, Web Applications, Windows Vista, Zero-day attacks

Tags: Microsoft Windows Vista, Small And Medium Business, Attack, NEGOTIATE PROTOCOL REQUEST, Metasploit, Microsoft Windows, Smb/Sme, Microsoft Windows 7, Microsoft Windows Vista (Longhorn), Operating Systems

[ UPDATE: Microsoft has now confirmed this vulnerability and warns of code execution risk ]

Exploit code for a remote reboot flaw in Microsoft’s implementation of the SMB2 protocol has been posted on the internet, exposing users of Windows 7 and Windows Vista to the teardrop attacks that used to be popular on Windows 3.1 and Windows 95.

The demo code, published on the Full Disclosure mailing list, allows an attacker to remotely crash any Windows 7 or Windows Vista machine with SMB enabled.  No user action is required.

Read the rest of this entry »

September 4th, 2009

Microsoft FTP in IIS vulnerability now under attack

Posted by Ryan Naraine @ 9:49 am

Categories: Arbitrary Code Execution, Browsers, Complex Attacks, Denial of Service (DoS), Exploit code, Hackers, Locally Running Web Servers, Microsoft, Patch Watch, Pen testing, Responsible disclosure, Vulnerability research, Windows Vista, Zero-day attacks

Tags: Microsoft Windows Server, Vulnerability, Microsoft Corp., FTP, Microsoft IIS Server, Attack, File Transfer Protocol 7.5, Microsoft Windows, Operating Systems, Servers

Less than a week after the publication of exploit code for a critical vulnerability in the FTP Service in Microsoft Internet Information Services (IIS), attackers are now launching in-the-wild attacks against Windows users.

The attacks, described as “limited,” target businesses running IIS 5.0, 5.1, and 6.0.   Microsoft has updated its security advisory to warn of the new attacks and availability of proof-of-concept code targeting Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.

Read the rest of this entry »

September 1st, 2009

Microsoft confirms IIS zero-day flaw; Exploit code published

Posted by Ryan Naraine @ 7:48 pm

Categories: Arbitrary Code Execution, Browsers, Complex Attacks, Data theft, Exploit code, Hackers, Locally Running Web Servers, Microsoft, Passwords, Patch Watch, Pen testing, Responsible disclosure, Viruses and Worms, Vulnerability research, Windows Vista

Tags: Vulnerability, Exploit Code, Microsoft Corp., Zero-day Bug, Microsoft IIS Server, Security, Ryan Naraine

Microsoft late Tuesday confirmed the publication of exploit code for a serious code execution vulnerability in the File Transfer Protocol (FTP) Service in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0.

A security advisory from Redmond warned that the vulnerability could allow remote code execution on affected systems running the FTP service and connected to the Internet.

Read the rest of this entry »

September 1st, 2009

Microsoft to push 'mandatory' Live Messenger security patch

Posted by Ryan Naraine @ 10:23 am

Categories: Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Hackers, Locally Running Web Servers, Microsoft, Passwords, Patch Watch, Responsible disclosure, Spam and Phishing, Spyware and Adware, Vulnerability research, Windows Vista

Tags: Microsoft Windows Live Messenger, Microsoft Windows Live, Microsoft Corp., Microsoft Windows, Operating Systems, Security, Software, Ryan Naraine

Microsoft plans to force a mandatory Windows Live Messenger upgrade later this month to fix a security problem that exposes Windows users to remote code execution attacks.

The security issue, caused by an extra character in the Microsoft Active Template Library (ATL), affects users of Windows Live Messenger 8.1 and 8.5 on Windows XP, Windows Vista and Windows Server 2008.

Read the rest of this entry »

August 12th, 2009

Apple plugs code execution, phishing holes in Safari browser

Posted by Ryan Naraine @ 6:39 am

Categories: Anti Virus, Apple, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Open source, Passwords, Patch Watch, Pen testing, Phishing, Privacy, Responsible disclosure, Vulnerability research, Windows Vista

Tags: Apple Macintosh, Apple Safari, Microsoft Windows Vista, Apple Inc., Web Site, Web Browser, Arbitrary Code Execution, Application Termination, Browser Version, Phishing

Apple has released Safari 4.0.3 to fix at least six security vulnerabilities that put Mac and Windows users at risk of hacker attacks.

The update is considered highly-critical and should be immediately applied on both Windows and Mac systems because of the risk of information disclosure, phishing and remote code execution attacks.

Here’s a snapshot of the vulnerabilities being fixed:

Read the rest of this entry »