Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] [Rival] Latest Security Failures in Windows and Office, No Patch for Victims

  • Subject: [News] [Rival] Latest Security Failures in Windows and Office, No Patch for Victims
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Sun, 18 Apr 2010 15:57:55 +0100
  • Followup-to: comp.os.linux.advocacy
  • Newsgroups: comp.os.linux.advocacy
  • User-agent: KNode/4.3.1
Hash: SHA1

Tool for cracking Office encryption in minutes 

,----[ Quote ]
| An implementation flaw allows attackers to 
| bypass the encryption mechanism used for 
| Microsoft Office documents. Although this 
| isn't news, having been made public in 2005, 
| no (officially acknowledged) attack or tool 
| for exploiting the vulnerability has existed 
| until now. Which probably explains why 
| Microsoft has never fixed the problem with an 
| update for older versions of Office.
| French crypto expert Eric Filiol in his 
| presentation at the recent Black Hat 
| security conference emphasised that the 
| situation has now changed. He says his tool 
| can decrypt a document within a few minutes. 
| Filiol said he began working on the 
| statistical analysis of the RC4 algorithm 
| used in Office back in 1994. Talking to heise 
| Security, the expert explained why he has 
| only now published his results: "I was 
| employed by the French military at the time. 
| Everything I did was classified. Now I am 
| free speak about it."


Infected XP owners left unpatched


Microsoft refuses to patch infected Windows XP machines

,----[ Quote ]
| Microsoft has revealed that its latest round 
| of patches won't install on XP machines if 
| they're infected with a rootkit.
| Back in February, a security patch left some 
| XP users complaining of endless reboots and 
| Blue Screens of Death. An investigation 
| followed and Microsoft discovered the 
| problems occurred on machines infected with 
| the Alureon rootkit, which interacted badly 
| with patch KB977165 for the Windows kernel.


Microsoft Refuses To Patch Rootkit-Compromised XP Machines

Version: GnuPG v1.4.9 (GNU/Linux)


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index