Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] [Rival] Windows Vista to Become Part of the Binary Security Mess

  • Subject: [News] [Rival] Windows Vista to Become Part of the Binary Security Mess
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Tue, 20 Nov 2007 11:49:37 +0000
  • Newsgroups: comp.os.linux.advocacy
  • Organization: Netscape / schestowitz.com
  • User-agent: KNode/0.10.4
Vista security threats to rise in 2008: McAfee

,----[ Quote ]
| Microsoft’s Windows Vista operating system will face increasing security 
| threats, according to McAfee Avert Labs predictions for top 10 security 
| threats in 2008.  
`----

http://www.business-standard.com/common/storypage.php?autono=304706&leftnm=8&subLeft=0&chkFlg=

Email security: Where are we @?

,----[ Quote ]
| Of course, email enables a great many things, but equally it needs to be 
| handled with care. It's not just that it can act as a carrier for viruses, 
| Trojans, and other malicious content (malware), there are the issues of 
| unsolicited messages (that can be connected to phishing attacks), 
| unacceptable use (think: sending dodgy images to one's mates), and fraudulent 
| communications, as it is all too easy to set up an email account in someone 
| else's name.      
`----

http://www.theregister.co.uk/2007/11/20/email_security/

Vista has already had critical vulnerabilities (highest rating of severity).
Many examples below.


Related:

Microsoft issues 6 'critical' patches

,----[ Quote ]
| The updates affect many versions of Windows, Server and Office software -- 
| including Windows XP and Windows Vista -- and are meant to prevent hackers 
| from breaking into Web surfers' computers using specially crafted Web pages.  
`----

http://news.yahoo.com/s/ap/20070814/ap_on_hi_te/microsoft_security


Buffer the Overflow Slayer v. the ActiveX Files

,----[ Quote ]
| The vulnerability was discovered by Krystian Kloskowski and is rated "highly 
| critical" in this posting on Secunia. It's also discussed here on the US-Cert 
| website. Proof-of-concept code can be found on MilW0rm here.  
`----

http://www.theregister.co.uk/2007/08/14/sdk_spreads_vuln_love/


Microsoft plans six critical patches

,----[ Quote
| At least one of the critical vulnerabilities involves Internet Explorer 7 and 
| Windows Vista, both of which were conceived under new and highly vaunted 
| ^^^^^^^^^^^^^
| development rigors designed to produce more secure products.  
`----

http://www.theregister.co.uk/2007/08/09/microsoft_august_patch_tuesday/


Patch Tuesday: Critical IE, Vista patches on deck

,----[ Quote ]
| Of the four criticals, two will include high-severity patches for 
| Windows Vista. The bulletin rated ?moderate? only affects Vista.
`----

http://blogs.zdnet.com/security/?p=273


June Patch Tuesday to deliver Vista fixes and more

,----[ Quote ]
| Four of this month's bulletins are labelled 'critical' and 
| relate to vulnerabilities that may allow remote code execution.
`----

http://www.itwire.com.au/content/view/12751/


Microsoft Plugs Critical Vista Hole

,----[ Quote ]
| Microsoft has just patched another critical hole in Vista that it
| knew about as long ago as last Christmas. The delay was similar
| to its lag in patching the serious (and heavily targeted)
| animated-cursor flaw I told you about last month.
`----

http://www.pcworld.com/article/id,132082/article.html


Microsoft Patches Not One, But Three Vista Holes

,----[ Quote ]
| Microsoft today released an update for the recently popular 'animated
| cursor' vulnerability. The update was originally scheduled for April
| 10th, but due to recent exploits, was rushed out today. The update
| wasn't just for this one vulnerability though, in Vista, it addressed two 
| others, and in all covered seven vulnerabilities in Vista, XP and
| 2000.
`----

http://itsvista.com/2007/04/microsoft-patches-not-one-but-three-vista-holes/


Windows Vista's Built-in Rootkit

,----[ Quote ]
| This poor implementation of the permissions structure can be exploited
| by malware to make files that are undetectable to Anti-Virus products.
`----

http://www.jmcardle.com/blog/?p=361


More Windows cursor patch trouble

,----[ Quote 
| A new issue with the fix has also come up. Some customers have
| experienced trouble when printing from SQL Reporting Services to
| a Printer Command Language (PCL) printer, Microsoft said.
`----

http://news.com.com/8301-10784_3-9710649-7.html?part=rss&subj=news&tag=2547-1_3-0-20
http://tinyurl.com/3xrm4k


Windows cursor patch causing trouble

,----[ Quote ]
| Installing Microsoft's Tuesday patch for a "critical" Windows
| vulnerability is causing trouble for some users.
`----

http://news.com.com/Windows+cursor+patch+causing+trouble/2100-1002_3-6173413.html


MS Patch Tuesday: Vista dinged again

,----[ Quote ]
| For the second time this month, Microsoft has shipped a security
| bulletin with patches for a "critical" Vista vulnerability that
| puts millions of users at risk of code execution attacks.
`----

http://blogs.zdnet.com/security/?p=161


Security Researchers Say Windows .ANI Problem Surfaced Two Years Ago

,----[ Quote ]
| Security researchers say the Windows .ANI bug that has been plaguing
| users for the past week first surfaced -- and was patched --
| in early 2005.
`---- 

http://www.informationweek.com/news/showArticle.jhtml?articleID=198800828


Week in review: Cursing Windows' cursor flaw

,----[ Quote ]
| The software giant broke with its monthly patch cycle to fix a bug
| that cybercrooks had been using since last week to attack Windows
| PCs, including those running Vista.
`----

http://news.com.com/2100-1083_3-6173895.html?part=rss&tag=2547-1_3-0-20&subj=news


ANI takers for Asus website virus?

,----[ Quote ]
| Asus.com.tw, the website of Taiwanese motherboard maker Asustek,
| has been spraying visitors with the .ANI virus, security software
| makers confirmed today.
`----

http://www.theregister.co.uk/2007/04/06/asus_website_viruses/


Cursor hackers target WoW players

,----[ Quote ]
| World of Warcraft players are being targeted by hackers exploiting
| flaws in how Windows handles animated cursors.
`----

http://news.bbc.co.uk/1/hi/technology/6526851.stm


Will Next Tuesday's 3 Updates Effect Vista?

,----[ Quote ]
| I would suspect that one will be a patch for the Windows MessageBox
| exploit, so Vista should get it. Might another be for the Vista
| 'Timer/2099 Crack'? I wouldn't consider it critical, but
| Microsoft probably does. 
`----

http://itsvista.com/2007/01/will-next-tuesdays-3-updates-effect-vista/


Windows Vista now has its first exploit spotted in the public

,----[ Quote ]
| Security experts have confirmed that a proof of concept code for an
| unpatched vulnerability in Windows Vista has been released on
| the internet.
`----

http://www.it-networks.org/?news=172


Windows Vista: It's More Secure, We Promise

,----[ Quote ]
| Well, allow me to take a moment to remind everyone of something that
| you might not remember - XP was also touted as being ultra secure.
| Seriously, can anyone honestly look themselves in the mirror and say 
| this is the gospel truth? You have got to be kidding me. Similar to
| XP, Microsoft promises to have the most secure Windows version to date
| yet again.
`----

http://www.osweekly.com/index.php?option=com_content&task=view&id=2357&Itemid=449


Old:

Cisco exec: Windows Vista is scary

,----[ Quote ]
| "Parts of Vista scare me," Gleichauf said at the Gartner Security Summit
| here on Monday. "Anything with that level of systems complexity will have
| new threats, as well as bringing new solutions. It's always a struggle
| in security, trying to build for what you don't know."
`----

http://news.zdnet.com/2100-1009_22-6116823.html


Symantec Finds Flaws In Vista's Network Stack

,----[ Quote ]
| Researchers with Symantec's advanced threat team poked through
| Vista's new network stack in several recent builds of the
| still-under-construction operating system, and found several bugs
| -- some of which have been fixed, including a few in  Monday's
| release -- as well as broader evidence that the rewrite of the
| networking code could easily lead to problems.
|
| [...]
|
| Among Newsham's and Hoagland's conclusions: "The amount of new
| code present in Windows Vista provides many opportunities for
| new defects."
|
| "It's true that some of the things we found were 'low-hanging
| fruit,' and that some are getting fixed in later builds,"
| said Friedrichs. "But that begs the question of what else
| is in there?"
`----

http://www.techweb.com/wire/security/190700049;jsessionid=MWLALDT21M1

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index