Archive for the ‘Alerts’ Category
Critical: Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution
Those of you who are my PC security (Introduction to PC Security) students don’t have to worry about this because in the first few lessons of the course you’ve disabled this!
However, many of you have not taken the course so I thought it was wise to post this.
Oh, and by the MAC users, this affects you too if you are using the Microsoft Remote Desktop Connection Client to connect a MAC to a windows PC.
According to Microsoft’s Security Bulletin: MS09-044:
This security update resolves two privately reported vulnerabilities in Microsoft Remote Desktop Connection. The vulnerabilities could allow remote code execution if an attacker successfully convinced a user of Terminal Services to connect to a malicious RDP server or if a user visits a specially crafted Web site that exploits this vulnerability. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
There is also known issues after installing this update, so you may want to check the bulletin for a list of those.
I’ve been teaching the Introduction to PC Security course for over 5 years and from day 1 I’ve had the students disable this service! I wonder what else you’re missing?
No Comments »
10 Video Games to Cross Off Your Child’s Gift List – Well Blog – NYTimes.com
New York Times Health (Well) blogger, TARA PARKER-POPE published an interesting article about video games you should not buy your children or any child on your list. I know a lot of us are not “gaming” savvy, but we have to buy games for our nieces, nephews, grandchildren, and such.
So, I thought this was worth mentioning. The link to the full article is below – as always. But the short list is here.
Here are 10 of the most popular games not to give to children, based on advice from Common Sense Media:
Assassin’s Creed II: Realistic action and historical accuracy, but the player takes on the role of an assassin who relies on an arsenal of weapons.
Borderlands: Strong language, human enemies used as target practice, mature humor and lots of blood and gore.
Brutal Legend: A violent cartoon fantasy action game that includes the use of a double-sided axe to hack at demonic armies.
Call of Duty: Modern Warfare 2: Contains an optional level where the player can go undercover as an enemy terrorist.
Dead Space: Extraction: Blood spurting out of victims’ bodies, human carcasses littering the floor, blood-stained walls and floors, and copious screams of torture put it over the top.
The remaining five games on the list are:
- Dragon Age: Origins
- Grand Theft Auto IV: The Ballad of Gay Tony
- Demon’s Souls
- Left 4 Dead 2
- Grand Theft Auto: Chinatown Wars
10 Video Games to Cross Off Your Child’s Gift List – Well Blog – NYTimes.com.
Drive-by attacks against IE users will come soon, experts say
I know. It’s been awhile since I’ve posted. My bad! Just finished trying to serve Jury Duty. (Don’t ask!) On with the story……
There’s been several conversations on this blog about Drive-by download malware. Has there not? (Or is it, have there not?)
Let me refresh your memory on just two of them: How To Stop The New Malware & Mal-ads Still Being Pushed Through Ad Servers.
And I first reported the discovery of this nasty bugger on my YouTube channel. Since such time, I’ve seen some wonderful and more professional videos on the subject as well as taken criticism from alleged hackers about my lame presentation. But hey, it comes with the territory, right?
But, as our students know, I’ve been “preachin and teachin” on the ills of using Internet Explorer, as well as the dangers of using Microsoft products for years! And if you’ve been a subscriber to our newsletters since 1996 (print first, then digital in 2000), you’ve heard about it too! I haven’t changed in all these years.
Well, a recent article in InfoWorld has once again, reiterated what I’ve been saying!
First, the article states:
The bug, which Microsoft patched as part of a record-tying security update for the month of November, is in the Windows kernel, the heart of the operating system. The kernel improperly parses EOT (Embedded OpenType) fonts, a compact form of fonts designed for use on Web pages that can also be used in Microsoft Word and PowerPoint documents.
Did you read that part about PowerPoint documents? HELLO? Have I not been telling you to STOP opening PPS and other PowerPoint attachments you get in an email from you email buddies and family members?
You know the ones I’m talking about. The pretty picture presentations that make you go, “oooh!” and “ahhh!” Yea, those! Or the religious ones with pictures of Jesus walking with you in the sand that even has music playing in the background. Yes, those too!
How do you know if these are infected? Yes, they may have come from a reliable source, but did they get it from a reliable source? Did their reliable source get it from a reliable source?
Half the time you can see the trail of forwards in these emails (email addresses included) and you have no idea who the heck those other people are! But you open them anyway!
Now, moving on past those goofy PowerPoint attachments, the article goes on to say:
The bug will be extremely attractive to hackers, Moore maintained, and not simply because it can be exploited in a classic “drive-by” attack that can silently hijack an unpatched Windows 2000 or Windows XP system when users visit a compromised or malicious Web site. On Vista, a successful exploit would give the attacker additional access to the machine, but could not be used to inject malware, Microsoft said.
Once again, the drive-by attack is mentioned. I’m not going to preach again. You’ve heard it from me before.
But let’s look at how this exploit (possible drive-by) could work (my own emphasis in red added):
“An EOT file can use both compression and encryption,” noted Moore, referring to the font format that hackers will use to exploit the bug. Because the file can be compressed and encoded, most antivirus software will have a difficult, if not impossible, time detecting whether a Web page’s fonts are being used to launch attacks. “They will blow past any line of user protection,” he said.
And since the EOT file is rendered at the kernel level, not by IE itself, browser-based defenses won’t help. “There’s no JavaScript required for an exploit,” Moore said, talking about the scripting language that’s a popular tool for hackers who target browsers. Those kinds of attacks can be deflected by restricting JavaScript, or disabling it entirely.
On Vista PCs, IE7’s and IE8’s “sandbox,” which is designed to prevent attack code from escaping the browser and worming its way into, say, the operating system, also will be useless, Moore said.
You don’t have to understand the entire amount of jargon to realize what’s being said. YOU ARE UNPROTECTED IF YOU ARE USING MICROSOFT BROWSERS!
Here’s something else that is said in the article that gets my blood boiling – again, emphasis added in red by me:
Top-notch hackers may also be able to leverage a treasure trove of bug fixes that Microsoft silently added to the MS09-065 update, Moore said. “There’s a massive number of function fixes in the update,” he said, adding that the practice isn’t unusual for Microsoft. Even though the company called out only three Windows kernel vulnerabilities in that bulletin, Moore said he had been able to find at least eight altogether.
How can anyone understand the updates without spending time researching their assets off if Microsoft doesn’t fully explain what the heck is going on?
Do they somehow think that by hiding the update information they are protecting consumers from amateur hackers that might figure out a flaw if they provided more information? I mean, what’s the rationale Microsoft?
This is yet another pathetic example of how well Microsoft knows security. And you expect me to trust them? You want me to jump on board the Windows 7 bandwagon because it’s such an outstanding (and allegedly secure) operating system? Give me a break and give me a Mac or Ubuntu!
As the saying goes, “Poke me with a fork, I’m done!”
Full Article: Hackers will exploit Windows kernel bug | Security Central – InfoWorld.
 |
 |
 |
|
||
 |
|
 |
|
||
