Security Settings in Windows 7
A must-have guide published by Microsoft provides a reference to security settings that provide countermeasures for specific threats against current versions of the Windows operating systems. The guide which is available in both word and pdf formats is called, Threats and Countermeasures Guide: Security Settings in Windows 7 and Windows Server 2008 R2.
Categories: Security Tags: configuration, Group Policy, impact, threats, vulnerability, Windows Server 2008 R2
Microsoft to patch Flash vulnerability before shipping Windows 8
Microsoft will be patching Windows 8 Internet Explorer 10 (IE 10) vulnerability before releasing the final product this October. The security hole in Adobe’s Flash Player which will be bundled directly into IE 10 has triggered Microsoft to fix the exploit before shipping the product to consumers. Definitely, a wise move by Microsoft to fix a known exploit before releasing the new operating system which would portray Windows 8 as a more secure solution than its competition! Microsoft is working with Adobe to make sure that the Flash Player is always secure.
Read more here – http://www.informationweek.com/windows/microsoft-news/microsoft-to-patch-ie-10-ahead-of-window/240007384
Categories: Security Tags: Adobe, Exploit, Flash, IE 10, Internet Explorer, vulnerability, Windows 8
What is a Botnet?
A bot is an automated software program that performs specific tasks on a network with some degree of autonomy. Bots can perform many beneficial and even vital functions. For example, the web crawling software programs used by popular search engines to index web pages but unfortunately, bots can also be developed for malicious purposes, such as assembling networks of compromised computers—botnets—that are controlled remotely by one or more individuals, called bot-herders.
Categories: Security Tags: attacker, bot, bot herder, Botnet, malware, vulnerability, zombie
Toolkit for deploying and configuring security mitigation technologies
Cybercrime is hitting all Internet users, it’s not anymore a concern for just online businesses or governments but home users’ computers like yours and mine are under constant threat and maybe, they are already infected and we don’t know it! Software vulnerabilities and exploits have become an everyday part of life. Software updates play an important role in keeping your system less prone to attacks, however, attacks can also happen before we update all installed applications with the latest secuirty updates.
Categories: Security Tags: attack, Bluehat, Cybercrime, EMET, Enhanced Mitigation Experience Toolkit, Microsoft Security Response Center, Mike Reavey, mitigate, Return Oriented Programming, risk, ROP, Tech Preview, vulnerability
Microsoft releases fix for Gadgets vulnerability
A Black Hat presentation on June 26 by Mickey Shkatov and Toby Kohlenberg will reveal a number of interesting attack vectors using the Windows Gadget platform. According to the authors of ‘We have you by the Gadgets’ , legitimate gadgets have flaws and can be compromised while, it is possible to create a malicious Gadget and distribute it to end users! Microsoft has already released a fix that disables the windows Sidebar and Gadgets for Vista and Windows 7 users. Disabling the Windows Sidebar and Gadgets can help protect customers from vulnerabilities that involve the execution of arbitrary code by the Windows Sidebar when running insecure Gadgets.
The Gadget vulnerability could allow an attacker to gain administrative privileges on a system where the current user is logged on as an administrator. This will give an attacker full control of the system and could steal, modify and delete any data or programs!
Read more here – http://technet.microsoft.com/en-us/security/advisory/2719662
Run the fix from here – http://support.microsoft.com/kb/2719662
