Posts Tagged Microsoft
Microsoft to Fix 34 Vulnerabilities on Next Tuesday
Posted by Mourad Ben Lakhoua in Software Security, Vulnerabilities on August 6, 2010
Microsoft Security Response Center released an advance notification regarding new patches that are intended to fix 34 vulnerabilities, there will be about 14 security bulletins the severity rating for eight of them are critical and the other six are important .
Impact of the critical vulnerabilities is under the status of allowing an attacker to perform a remote code execution on the targeted system, as a result a hacker can gain a complete control over victim machine. For all patches a restart is required or maybe required.
List of products affected are all windows operating systems, all Microsoft office versions and Silverlight 2 and 3 while last version 4 are not affected by this vulnerability.
For detecting and deploying these updates Microsoft advice to use Windows Update (WU) and Windows Server Update Services (WSUS), Microsoft Windows Malicious Software Removal Tool and the Microsoft Download Center.
Microsoft Security Bulletin Advance Notification for August 2010 is available over here.
make sure you subscribe to my RSS feed!
7 Month Vulnerability in Windows Virtual PC
Posted by Mourad Ben Lakhoua in News, Vulnerabilities, Vulnerabilities & attacks on March 17, 2010
Core Security Technologies (CST) has discovered a critical vulnerability in windows virtual PC allows an attacker to bypass security measures and run a malicious code on the guest machine. the concerned platform for this vulnerability is Virtual PC 2007, Virtual PC 2007 SP1, Windows Virtual PC, Virtual Server 2005 and Virtual Server 2005 R2 SP1.
The flaw lies in the management memory level (Virtual Machine Monitor). By leveraging this vulnerability it is possible to bypass security mechanisms of the operating system such as Data Execution Prevention (DEP), Safe Structured Error Handling (SafeSEH) and Address Space Layout Randomization (ASLR) designed to prevent exploitation of security bugs in applications running on Windows operation systems.
Microsoft has been notified about this gap 7 months ago, but it has refused to fix it till the release of next service pack, that made CST to issue the security advisory publically.
Today Microsoft answered on a Blog post that this advisory does not affect the security of Windows 7 systems directly. The security safeguards (DEP, ASLR, SafeSEH, etc.) that are in place remain effective at helping protect users from malware on that system. In addition,Windows Server virtualization technology, Hyper-V, is also not affected by this advisory. Applications running inside a Hyper-V guest continue to benefit from these same security safeguards.
You can read Microsoft complete post here.
make sure you subscribe to my RSS feed!
First Tool to Crack Microsoft BitLocker Encryption
Posted by Mourad Ben Lakhoua in Pentesting on December 3, 2009
Passware Company has introduced the first commercial software solution that offer a way to Crack files encrypted by BitLocker system. Microsoft released this advanced tool for a full hard drive encryption system and it has integrated it in windows Vista and made it also available on Windows 7 and Windows Server2008.
We already listed on a previous post the enhancement in Microsoft Windows7 ( Windows 7 overall security improvement )and you can find among the improvement the BitLocker tool that is provided by Microsoft.
Passware Kit Forensic 9.5 recovers encryption keys for hard disks, secure Technology and BitLocker. the way that this software work is by scanning HD image searching for cryptographic keys and decrypt the image to make it in a clear file.
Now the Software is available in several versions and there is a mobile version that gives user the ability to have it on a USB stick and use it directly on the desired machine without leaving any trace on it. This is not all because this tool also offers 8 different password recovery attacks (Dictionary , Brute-force, Xieva , Known Password/Part , Previous Passwords, Decryptum, SureZip , Join Attacks, and Append Attacks) these 8 types gives the user a way to customize the desired attack according to the type of file and available information so it reduces the Time of operation.

Currently the tool supports 180 types of file and allows users to restore PGP-archives and virtual disks passwords. The program compatible with Windows 7/VISTA/2003/XP and 2008 server.
you can find more details on the official webstie.
make sure you subscribe to my RSS feed!
Malware Scam on Microsoft Outlook Web Access
Posted by Mourad Ben Lakhoua in Internet, News on October 16, 2009
Websense has warned recently of a serious attack concerning Microsoft Outlook Web Access network service.
Security experts have reported that they had founded emails that contain links to download malicious software, they already detected about 30,000 of these mails daily.
Here is a screen shot of the malicious message:

This is very frequent attack and provides hacker a high level of customization, because the page looks very credible with Microsoft logo and other details, here you can find the screen shot for the website:

Hackers can at this webpage insert any malicious file that can contains Trojan for building botnet and enable them to control the system remotely.
Screen shot sources from Websense security lab website.
make sure you subscribe to my RSS feed!
Microsoft AV will be out soon!
Posted by Mourad Ben Lakhoua in Anti-Viruses, News on September 23, 2009
Microsoft has released an announcement that the free anti-virus package Security Essentials is now reached the final phase.
Microsoft Security Essentials will have the basic requirements for competition among some major security software companies like Symantec and McAfee with a low price AV solution. The new product is designed to protect computers with Windows XP, Windows Vista and Windows 7 operating system from viruses, Trojans, spyware, rootkits, etc.
Security Essentials Beta Testing version has been issued last summer: the package was downloaded by 75 thousand users from all over the globe. Reviewer’s opinion generally was positive. In particular, there has been user-friendly interface and a fairly wide range of settings.
As described in the announcement Microsoft Security Essentials (MSE) final version will be presented in the coming few weeks. It sounds like the package will be released on the Windows 7 presentation , which will be held on October 22.
Minimum requirements to run the Security Essentials are: 500 MHz CPU and 256 MB RAM with Windows XP and processor at 1 GHz and 1 GB of RAM for Windows Vista or Windows 7.
This appears very attractive especially that Microsoft is trying to integrate all the protective measures in the whole infrastructure but what about non windows platform.
make sure you subscribe to my RSS feed!
Microsoft provides a free secure development tools
Posted by Mourad Ben Lakhoua in News, Software Security, Vulnerabilities on September 17, 2009
A New utility has been released by Microsoft designed to enhance the application security.
Microsoft Minifuzz is a fuzzing tool that allows users to identify software vulnerability by injecting a random data in the tested application. According to the secure development Lifecycle (SDL), MiniFuzz is a simple file fuzzer that helps to assist developers to find any possible buffer overflow or other common errors in the application.
This tool is one of two security application that Microsoft released this Wednesday, the second is BinScope Binary Analyzer, this aims to ensure that Binaries have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations.
Here you can find the collection of tools made by Microsoft Security Development Lifecycle (SDL) in which you can find SDL Threat Modeling Tool while here you can find the recent! Exploitable Crash Analyzer – MSEC Debugger Extensions (Windbg) that provides automated crash analysis and security risk assessment.
make sure you subscribe to my RSS feed!


A new 
Latest Comments