Posts Tagged Operating Systems
Microsoft to Fix 12 Vulnerabilities On Tuesday, While Sophos Alerts of fake Microsoft updates coming through email
Posted by Mourad Ben Lakhoua in News, Software Security, Vulnerabilities, Vulnerabilities & attacks on December 5, 2009
On this Tuesday we are going to have the regular monthly update by Microsoft the release will include a set of patches to fix 12 problem, we can find among the patches a fix to Internet Explorer 8 vulnerability.
These releases are issued for windows 2000, XP, Vista, Windows 7, Windows Server 2003, 2008 as well as IE 8, Office XP and Office 2003. Three patches status are critical, this means that the impact allows a hacker to use these bugs to run an arbitrary command remotely.
Internet Explorer 8 vulnerability will also be among the patches this bug can allow attacker to run malicious software on the system like Trojan or rootkit to steal credential and data authentication, Microsoft already warned of an existing exploit for this bug and recommends all customers to prevent this attack by keeping antivirus up to date, using a good Pc Firewall and installing all previous patches.
On the other hand Sophos security lab alerted of a fake email message that includes a link to an executable file Windows-KBxxxxx-ENU.exe which contains malware Mal/EncPK-LL here you can find the email image:
The source of the message appears coming directly from Steve Lipner, Microsoft’s Director of Security Assurance, it is here important to be careful and not follow direct links to executable files and make sure that you are updating your system from a trusted sources.
make sure you subscribe to my RSS feed!
Apple releases 45 patches for iPhone, iPod
Posted by Mourad Ben Lakhoua in Vulnerabilities & attacks on June 18, 2009
Big number of fixes surprising, but no known malicious software for devices
Apple Inc released 45 software patches on Wednesday to address rare security vulnerabilities in its popular iPhone and iPod Touch mobile devices.
The company released them as part of its widely anticipated iPhone 3.0 operating system.
“This is a large cluster of patches for the iPhone,” said Dino Dai Zovi, a security expert who is writing a book on cracking the iPhone.
[Source: msnbc]
make sure you subscribe to my RSS feed!
L0phtcrack 6: the old guard is back!
Posted by Mourad Ben Lakhoua in Best Practices, Password Security, Pentesting on June 1, 2009
After more than three years since Symantec stopped the support and development of L0phtcrack the tool that provided a titanic opportunity for passwords auditing and recovery.
Here comes yesterday the same team with the new version L0phtcrack 6.
As the project rights being reacquired by the original authors from Symantec it was possible for them to continue developing this utility. In the last five years many things have been changed in the operating system security so they improved some features like the Support for x64 processors and the latest releases from Microsoft (Vista, XP and windows 7),Ubuntu and others.
I used the LC4 and LC5 and they worked perfectly to recover lost password that are less than 14 characters so update your corporate password policy and make sure that you meet password security best practices.
subscribe to my RSS feed!
Windows Vista and Win2K8 SP2 available
Posted by Mourad Ben Lakhoua in Software Security on May 27, 2009
Microsoft has made the Windows Vista and 2008 Service Pack 2 available for download (32 bit and 64 bit). It is always recommended to download directly from the Microsoft’s official website to avoid any modified or an infected copies of software.
If you do not download those update now they will be automatically applied later in the next few weeks.
From our side applying new update and patching our operating system (OS) which contains millions of code lines is a way to protect against viruses, worms and Trojans.
So make sure that your computers are safe and Keep working!
OpenBSD 4.5 is out!
Posted by Mourad Ben Lakhoua in Operating System on May 5, 2009
The new version of OpenBSD 4.5 has been released just in time at the traditional day as we used to 1st May.
The OpenBSD 4.5 includes new version of OpenSSH – 5.2 and two new tools ypldap-YP-server for Ldap and xcompmgr for xenocara and among the software packages you can find (GNOME 2.24.3, GNUstep 1.18.0, KDE 3.5.10, Xfce 4.4.3, Firefox 3.0.6, Thunderbird 2.0.0.19, MySQL 5.0.77, PostgreSQL 8.3.6, OpenOffice. org 2.4.2 and 3.0.1).
OpenBSD’s minimal defaults fit in with the standard computer security practice of enabling as few services as possible on production machines. The project also uses open source and code auditing practices argued to be important elements of a security system.
So go ahead and download OpenBSD 4.5.
make sure you subscribe to my RSS feed!
Computing in the Cloud Models- Right Now
Posted by Mourad Ben Lakhoua in Cloud Computing Security on February 1, 2009
In the last months there has been a rapid increase in investment in the Cloud Computing and related areas. This growth is due to the demand for virtual “cloud” resources, the Idea of Cloud Computing is near another approach called utility computing, where computing resources are treated as a service and takes into account the amount consumption like the usual public services (electricity or water).
Cloud Computing provides a numerous benefits from cutting coast, saving time ,held to high standards, must offer a proof of security certifications, and are subject to examinations by auditors, Making them under much higher analysis than typical in-house security teams.
So by looking to all these points it is clear that the Solution is in the Clouds.
SUBSCRIBE
Latest Comments