Coming next month in Playboy Magazine: Chasing Mitnick. According to the magazine, “For two years hacker
par excellence Kevin Mitnick eluded the FBI. Now that he has served his sentence, Playboy lands the exclusive story of the man The New York Times called cyberspace’s most wanted.”
Now anyone that reads any article about Kevin knows that this piece will either be greatly exaggerated in his favor or greatly exaggerated not in his favor, but either way greatly exaggerated. And if there’s an opportunity to comment on the article, there will be hundreds of trolls eager to do their usual Kevin-bashing or Kevin-is-so-boring-now or I-hacked-Kevin-Mitnick comments. Continue Reading »
In response to much attention on the ANI vulnerability in IE, Microsoft has decided to release security bulletin MS07-017 this Tuesday, a week earlier than scheduled. “Microsoft is aware of the existence of a public attack utilizing the vulnerability,” a Microsoft spokesperson said, “Since testing has been completed earlier than anticipated, Microsoft has released the update ahead of schedule to help protect customers.”
The impact of this particular vulnerability should be minimal if you follow security best practices and use some common sense, but it is always best to apply the patch as soon as it is available. The patch modifies a number of IE binaries so it should be tested in your environment, especially with any line-of-business applications, before any widespread deployment.
Note that Microsoft will deploy the patch via Automatic Updates so users with that enabled will not need to take any additional action to install this patch once it becomes available.
“Windows Vista has been in the news a lot lately – in particular, Vista’s security. The new security features have been the target of both praise and ridicule. Even Apple took a jab at Vista’s security with its latest TV ad mocking Vista’s security prompts. Say what you will, but I personally like the prompts. And get used to them; they are likely a sign of things to come…”
Read the original article here: http://itmanagement.earthweb.com/netsys/article.php/3667416
Tags: Windows Vista, Vista Security, UAC
Here are some articles I have recently written for Security Pro VIP. Note that these articles are for subscribers only. Security Pro VIP is a new online publication that used to be Penton’s Windows IT Security newsletter.
Bounce Unwanted Files Out of Your Folders
A new file screening tool in the Windows 2003 R2 File Server Resource Manager toolset lets you block certain files or file types from entering a folder or notify an administrator about the files and take some action.
Windows Firewall Auditing
Regularly auditing the firewall configuration settings for the systems you manage keeps accumulated misconfigurations from compromising your protection. A useful script lets you easily audit your systems’ firewall configurations.
DNS Annoyances
Get a handle on DNS annoyances–small but irritating problems that can affect the performance of your network–and use DNS to its full potential.
More DNS Tips
Besides just plain DNS annoyances, we have some great tips for working with DNS.
Other articles I have written for this publication are here.
Windows Vista introduces a new concept called IE Protected Mode. It essentially works by controlling access to files based on how much you trust the source. The technology should make it more difficult for web sites to exploit IE vulnerabilities in IE to automatically install malware. Continue Reading »
Apparently because currently planned releases did not meet testing standards, Microsoft decided to postpone all patches for this month, so you can all let next Tuesday roll by like any other Tuesday.
Microsoft will, however, be releasing several non-security updates through Windows Update.
According to a Microsoft spokesperson, the last time Microsoft did not have any security updates was September of 2005.
I got so tired of visiting all the various security blogs out there that I made myself an aggregated and filtered feed-driven blog of nothing but other Windows security-related blog posts.
The feed pulls from about 40 blogs that focus on Windows security. It also performs various searches on blog search engines to pull posts from other blogs that might be relevant.
This feed has been my daily reading list for about a month now and it is quite good.
I thought others might enjoy it so I converted it to an auto-updating blog. The blog is located at http://winblogs.security-feed.com
Microsoft just posted an article on MSDN that explains many of the new features. Of particular interest are the security features:
http://msdn.microsoft.com/msdnmag/issues/07/03/IIS7/#S7
This should be pretty obvious, but a lot of people don’t seem to be aware of this old trick. Normally, if you try to guess another user’s password and it fails, the attempt will show up in the event viewer of the domain controller. However, there is a way you can try to guess an account’s password without the attempts ever being logged.
It’s actually pretty simple: just unplug your network cable. Continue Reading »
Today Symantec released two new whitepapers about security protections in Vista: Analysis of GS Protection in Windows Vista and Analysis of Address Space Layout Randomization on Windows Vista.
Although my last blog post criticized Symantec for its hyped FUD, these two papers, by the same author, definitely provide some good information and demonstrate the thorough research that Ollie Whitehouse has done on this matter. Furthermore, the author clearly states the true issues here and provides detailed research notes. Continue Reading »
Ok, this issue started with an article by Symantec titled “An Example of Why UAC Prompts in Vista Can’t Always Be Trusted.”
After that, Thor (Hammer of God) posted his opinion on Bugtraq, which prompted a few other responses.
So I decided to look at the issue closer and add my own opinion. The result is that this really is a hyped issue. What really makes this issue FUD is that the Symantec posting implies this is a serious issue and never really clarifies the actual risk. Then, so many news sources picked it up without really understanding the issue at hand. What further hurts the credibility of this post is that the Symantec post is probably not completely objective on this issue due to their own future competitive products. Continue Reading »
Recently a friend was complaining to me about the “screen flickering” that occurs whenever a User Account Control (UAC) prompt comes up in Vista and he wanted to know how to turn it off—not UAC, just the dimming and flickering effects. He said he already looked in the display settings and didn’t see anything there. Continue Reading »
When I was a teenager in California there was private oil pier near Rincon that we liked to jump off. It was great—you’d throw your surf board off first so there was no backing out, because it was scary looking down at the dark green ocean so far below you. Once your board was in the water you had no choice but to follow it out into the emptiness below. Continue Reading »
I thought I would add a bit more to my original post to clarify the problem. Half of the problem is the way Windows searches paths, and the other half is software developers who don’t quote their paths in the Registry or when calling CreateProcess. There are no built-in Windows services that have this problem and this issue has been documented for over a decade. Continue Reading »
A couple years ago I mentioned in a SecurityFocus column that Windows has a problem when you put a file named “program.exe” in the system root directory. The problem is basically in how it deals with spaces in paths that don’t have quotes around them. Anyone with the permissions to create a file in the root directory could create a malicious program that could escalate their privileges. Here’s an excerpt from that article: Continue Reading »
