An unpatched Windows vulnerability considered a critical threat by security experts is being exploited by cybercriminals.
Microsoft disclosed the flaw in XML Core Services (MSXML) 3.0, 4.0 and 6.0 June 12 during its monthly release of patches. The security advisory, which was separate from the patch release, offered a workaround for vulnerability CVE-2012-1889, but no fix.
Vulnerability CVE-2012-1889 is simple to exploit in all known versions of Internet Explorer. An attacker can make a CLSID-identification request by calling MSXML library methods and create an object identifier in order to try to access a non-existent object. Proof of Concept code for causing a crash looks like this:
This code looks simple, but generates memory corruption and crashes Internet Explorer. The exploitation code tries to request a non-initialized object, but reference to memory region already exists. Memory corruption takes place in the helper function _dispatchImpl :: InvokeHelper() in the MSXML library.
Currently, this vulnerability has no patch available but Microsoft has released a Fix it solution. We strongly suggest that you consider this workaround – for now.
A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to potentially compromise a user’s system.
The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. a specially crafted web page containing an IFRAME with an overly large “height” attribute viewed using the Apple Safari browser.
Successful exploitation may allow execution of arbitrary code with kernel-mode privileges.
The vulnerability is confirmed on a fully patched Windows 7 Professional 64-bit.
Other versions may also be affected.
No effective solution is currently available.
<iframe height=’18082563′></iframe> causes a BSoD on win 7 x64 via Safari. Lol!
The first virus capable of infecting DOS-based PCs celebrates its silver jubilee this month.
The Brain Virus, written by Pakistani brothers Basit and Amjad Alvi, was relatively harmless. The Alvis claimed the malware was there as a copyright protection measure to protect their medical software from piracy, an article by CIO magazine on the anniversary recalls.
Brain replaced the boot sector of an infected floppy disk with malicious code, moving the real boot sector to another part of the disc. The malware had the effect of slowing down disk access and, more rarely, making some disks unusable.
Any other floppies used on a machine while the virus was in memory would get infected, but the malware did not copy itself to hard disk drives, as explained in a write-up here.
The Lahore-based Alvi brothers were fairly upfront about their questionable actions, going as far as embedding their names and business address in the malware code. Although intended only to target copyright violators, the malware infected machines in the US and UK among other places.
It’s hard to believe now, but the very few computer viruses prior to Brain infected early Apple or Unix machines.
It is highly unlikely any of today’s generation of VXers would do the same. Instead of curios such as the Brain virus, security threats these days take the more ominous form of Zombie botnet clients.
The Alvi brothers could never have imagined we’d get here, even though they arguably helped pave a small part of the way towards a world of Windows malware.
inSSIDer is an award-winning free Wi-Fi network scanner for Windows Vista and Windows XP. Because NetStumbler doesn’t work well with Vista and 64-bit XP, an open-source Wi-Fi network scanner designed for the current generation of Windows operating systems.
What’s Unique about inSSIDer?
- Use Windows Vista and Windows XP 64-bit.
- Uses the Native Wi-Fi API.
- Group by Mac Address, SSID, Channel, RSSI and “Time Last Seen”.
- Compatible with most GPS devices (NMEA v2.3 and higher).
How can inSSIDer help me?
- Inspect your WLAN and surrounding networks to troubleshoot competing access points.
- Track the strength of received signal in dBm over time.
- Filter access points in an easy to use format.
- Highlight access points for areas with high Wi-Fi concentration.
- Export Wi-Fi and GPS data to a KML file to view in Google Earth.
More Info: inSSIDer Wi-Fi Scanner | Metageek
Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003.
General features of this product:
* Accounts information import:
o import from local computer;
o import from remote computer;
o import from SAM file;
o import from .LC file;
o import from .LCS file;
o import from PwDump file;
o import from Sniff file;
* Passwords recovery:
o dictionary attack;
o hybrid of dictionary and brute force attacks;
o brute force attack;
* Brute force session distribution:
o sessions distribution;
o sessions combining;
* Hashes computing:
o LM and NT hashes computing by password;
o LM and NT response computing by password and server challenge.
SID&User program is SID and user names getting tool for Windows NT/2000/XP/2003.
General features of this product:
* SID getting for a given account name;
* Getting of an account name for single SID or account names for SID range.