microsoft.exe

November 3, 2009 10:43:59 AM CET

Elite Loader Goes Public – A few days ago, I got access to the source code of the well-known Elite Loader for free. Yes. It was published on one of the Russian underground forums. It even had a detailed description and screenshots showing how to use the application’s command and control (C&C) server. Apart from dropping malicious files on infected machines, [...]Post from: TrendLabs | Malware Blog - by Trend MicroElite Loader Goes Public

July 10, 2007 2:00:00 AM CEST

Microsoft .NET Framework PE Loader Remote Buffer Overflow Vulnerability – Type: Vulnerability. Microsoft .NET Framework is prone to a remote buffer-overflow vulnerability; fixes are available.

December 29, 2009 8:42:00 PM CET

Results of Investigation into Holiday IIS Claim – We’ve completed our investigation into the claims that came up over the holiday of a possible vulnerability in IIS and found that there is no vulnerability in IIS. What we have seen is that there is an inconsistency in IIS 6 only in how it handles semicolons in URLs. It’s this inconsistency that the claims have focused on, saying this enables an attacker to bypass content filtering software to upload and execute code on an IIS server. The key in this is the last point: for the scenario to work, the IIS server must already be configured to allow both “write” and “execute” privileges on the same directory. This is not the default configuration for IIS and is contrary to all of our published best practices. Quite simply, an IIS server configured in this manner is inherently vulnerable to attack. However, customers who are using IIS 6.0 in the default configuration or following our recommended best practices don’t need to worry about this issue. If, however, you are running IIS in a configuration that allows both “write” and “execute” privileges on the same directory like this scenario requires, you should review our best practices and make changes to better secure your system from the threats that configuration can enable. Once again, here’s a list of best practices resources: ·         IIS 6.0 Security Best Practices ·         Securing Sites with Web Site Permissions ·         IIS 6.0 Operations Guide ·         Improving Web Application Security: Threats and Countermeasures The IIS folks are evaluating a change to bring the behavior of IIS 6.0 in line with the other versions.  In the meantime, they’ve put more information up about this on their weblog. I hope this helps answer any questions. Happy Holidays and Happy New Year. Christopher *This posting is provided "AS IS" with no warranties, and confers no rights*

February 3, 2010 10:02:21 PM CET

Security Advisory 980088 Released – Hi everyone, Today we released Security Advisory 980088 to address a publicly disclosed vulnerability in Internet Explorer that may allow Information Disclosure for customers running on Windows XP or who have disabled Internet Explorer Protected Mode.  At this time we are not aware of any attacks seeking to use the vulnerability. Customers running Internet Explorer 7 or Internet Explorer 8 in their default configuration on Windows Vista or later operating systems are not vulnerable to this issue as they benefit from Internet Explorer Protected Mode, which protects from this issue. Windows XP users, or users who have disabled Protected Mode, can help protect themselves by implementing Network Protocol Lockdown. We have created a Microsoft Fix It to automate this. The Fix It can be run on individual systems or enterprises can deploy it through their automated systems.  We are working to produce an update for this vulnerability and when that is complete, we will take appropriate action to protect customers, which may include releasing an update out-of-band.   As with any update, we have to balance overall quality and ensure application compatibility before we release it. Microsoft is also working with our Microsoft Active Protections Program (MAPP)  partners to help provide broader protections for customers. Together with our partners, we will continue to monitor the threat landscape and will take action against any web sites that seek to exploit this vulnerability. We continue to encourage customers to upgrade to Internet Explorer 8 to benefit from the increased protections provided in the newer version. In addition, customers should continue to follow our “Protect Your Computer” guidance at http://www.microsoft.com/protect. Thanks! Jerry Bryant Sr. Security Communications Manager – Lead *This posting is provided "AS IS" with no warranties, and confers no rights.*

January 28, 2010 2:08:12 PM CET

Cisco Releases Security Advisory for Unified MeetingPlace

» The Latest Computer Security News