Microsoft and Independent Software Vendors (ISVs) offer a wide selection of free tools, some come with a specific purpose and with no commercial aspects while, others are offered as a teaser to a paid version. However, a good tool whether it’s free or not can save the day of an IT Professional and it is my goal to share with you valuable tools as I am accustomed to do in the section titled Utilities on this blog. A free security-related tool designed by Microsoft to help IT professionals audit the security of applications is called BinScope Binary Analyzer.
If you need to read through large log files and search for specific keywords, there’s no need to write complex scripts but a simple three liner inside PowerShell can do all the work for you! The sample PowerShell code below, allows you to search through text files such as, log files in Windows 7 systems and outputs every line where a match of the given keyword is found.
A Black Hat presentation on June 26 by Mickey Shkatov and Toby Kohlenberg will reveal a number of interesting attack vectors using the Windows Gadget platform. According to the authors of ‘We have you by the Gadgets’ , legitimate gadgets have flaws and can be compromised while, it is possible to create a malicious Gadget and distribute it to end users! Microsoft has already released a fix that disables the windows Sidebar and Gadgets for Vista and Windows 7 users. Disabling the Windows Sidebar and Gadgets can help protect customers from vulnerabilities that involve the execution of arbitrary code by the Windows Sidebar when running insecure Gadgets.
The Gadget vulnerability could allow an attacker to gain administrative privileges on a system where the current user is logged on as an administrator. This will give an attacker full control of the system and could steal, modify and delete any data or programs!
Read more here – http://technet.microsoft.com/en-us/security/advisory/2719662
Run the fix from here – http://support.microsoft.com/kb/2719662