How to Prepare for Microsoft Certifications Earning a Microsoft Certification could be the beginning or continuation of an enduring career that will include the strengthening of their technical skills, collaboration with other professionals ...

Readmore

Prometric offers vouchers of up to 25% off ... Hello people, I just received an email from Prometric informing a discount of up to 25% on Microsoft Certifications. The promotion is valid until December 31, 2009 or even last for the ...

Readmore

50% discount on Microsoft Certifications to ... Hello guys, Prometric is providing for students a 50% discount on Microsoft certifications. The promotion is valid until June 30, 2010. For more details visit the ...

Readmore

Book - Administration and Maintenance Environment ... Hello people, For those who are preparing for the exam 70-290 book Administration and Maintenance Environment Microsoft Windows Server 2003 is a great material. I recommend.

Readmore

Prometric offers vouchers of up to 25% off ... Hello people, I just received an email from Prometric informing a discount of up to 25% on Microsoft Certifications. The promotion is valid until December 31, 2009 or even last for the ...

Readmore

twitter

Twitter Facebook

Microsoft warns of critical flaw affecting applications in ASP.Net

Posted by Luciano Lima | Comments: (0)

Category: Security

Tags: , , , , , ,

Hackers who discovered the vulnerability estimate that 25% of all sites are subject to attacks due to the problem.

Microsoft warned on Friday (20/09) that a critical flaw in ASP.Net - programming environment on Windows Servers - could be used by hackers to break into encrypted web pages and steal data such as user names and passwords.

The vulnerability was made public that same day, shortly before the announcement of the company, when two researchers who discovered the problem, show how to exploit it at a security conference held in Buenos Aires, Argentina.

According to the statement of the Redmond company, the flaw affects all versions of ASP.Net. Therefore, a correction must be provided for all operating systems still supported, the Windows XP Service Pack 3 (SP3) and Server 2003 to Windows 7 and Server 2008 R2. Other products such as IIS and SharePoint will also be updated.

The hackers responsible for the establishment, Rizzo and Duong, said the attacks that exploit the flaw can access Web applications with administrative priority, resulting from "loss of sensitive data to the complete destruction of the system." They estimate that 25% of all sites use the ASP.Net.

While the correction is not
Although Microsoft has said that a fix is ​​on the way, she did not disclose a timeline. Meanwhile, developers suggests a stopgap measure:

"You can prevent this problem by enabling the use of customError ASP.Net, and set it to always return the same error page - regardless of fault found on the server," wrote Scott Guthrie, some teams responsible for business development, including that runs the ASP.Net. "By directing all error pages to one place, you prevent a hacker to distinguish between the different errors that occurred."

The director of security operations at nCircle Security company confirmed that the vulnerability is "troubling."

"As for public services, people will be afraid to attacks that can access any document. For example, file 'web.config', which are contained in the traditional username / password ".

To help developers, Microsoft has published a script in Visual Basic can detect vulnerability in ASP.Net applications, and provide a unique forum for questions related to the problem.

Extra Security Bulletin August 2010 (Out-of-Band)

Posted by Luciano Lima | Comments: (0)

Category: Security Bulletin , Safety

Tags: , , , , , , ,

Hello people,

Microsoft has released in its Portal Security Bulletin an Extra (Out-of-Band) to fix a vulnerability found in Windows Shell, which could allow remote code execution.

For details see Bulletin MS10-046 .

Continue Reading

Apple applications are more vulnerable than Microsoft's, says study

Posted by Luciano Lima | Comments: (0)

Category: Security

Tags: , , , , , , ,

A study released by the Danish security company Secunia found that Apple's applications are more vulnerable than Microsoft. In addition, the company Steve Jobs still holds - the first time - first place in the ranking of companies that have more security bugs. Second place gets aOracle, followed by Microsoft, HP and Adobe.

Secunia says the survey findings do not point to the security provided by each company, but those that have more holes in their products.

According to the report, Apple programs such as the Safari browser, the player Quicktime and Quicktime media manager not only are not the safest but are also those with the largest number of vulnerability s. The iPhone maker has also remained consistently ahead of Microsoft in this regard. "People should rethink when they think Microsoft's products represent the greatest threat on the Internet," says the report.

The document also points out that despite the investments, none of the companies that occupy the seven first places in the ranking could reduce security bugs in their products. Rather, the number of vulnerabilities for each increased between 136% and 440% since 2005.

The analysis also confirms the general perception that a high market share in a given application is correlated with a high number of vulnerabilities. That is, the more popular is an application, more security bugs it will have. Secunia also recommends that companies adopt new technologies that allow the automatic installation of security updates in the programs.

To view the study of Secunia, click here (PDF in English).

Fixing a single click, protecting the global attack against Windows XP

Posted by Luciano Lima | Comments: (0)

Category: Security , Windows XP

Tags: , , , , , , , ,

Microsoft offered a way around the flaw in Windows XP that has led in recent days, the invasion of thousands of PCs worldwide.

Since the release of the fault, made ​​by the engineer Tavis Ormandy of Google, cybercriminals have begun a wave of attacks exploiting the vulnerability . Microsoft itself has stated that more than 10,000 PCs have been compromised . According to the company, Brazil was one of the hardest hit countries.

"Earlier, we saw only activities of researchers that tested evidence-of-concept. But from June 15 the first explorations of the fault appeared real, "said Microsoft in a blog .

The failed component is the software of the Windows Help and Support Center (Windows Help and Support), which comes with Windows XP.

Ormandy was criticized for security professionals working for Microsoft has not given more time to fix the flaw. He warned the owner of Windows on June 5, and five days later, released details of the failure, allegedly after failing to convince the company to correct the problem within 60 days.

In a security advisory, Microsoft said it has studied the problem, and may release a fix out calendar to correct the fault.

"Microsoft is aware of active attacks, localized and limited exploiting that flaw. Based on the samples analyzed, the Windows Server 2003 systems are not currently at risk of such attacks. Microsoft is actively monitoring this situation to keep customers informed and to provide guidance when necessary, "says the notice.

However, until now Microsoft has advised anyone who has a PC at risk to use a tool to fix a single click to turn off the protocols of the Help Center.

Another option is to manually turn off the HCP by clicking the Start menu, Run command. Type Regedit and click OK. After expanding the HKEY_CLASSES_ROOT folder, select the HCP key. Then, right-click on the HCP key right and choose Delete.

Correction Patch Vulnerability in Internet Explorer - MS10-002 - Critical

Posted by Luciano Lima | Comments: (0)

Category: Security

Tags: , , , ,

Hello people,

Microsoft has just made ​​available a patch to fix the vulnerability in Internet Explorer, as I mentioned in previous post.

For more details see the website below:

http://www.microsoft.com/technet/security/bulletin/ms10-002.mspx

Vulnerability in Internet Explorer - Microsoft Security Advisory (979352)

Posted by Luciano Lima | Comments: (0)

Category: Security

Tags: , , , , , ,

Hello people,

14/01/2010 Microsoft blogged The Microsoft Security Response Center (MSRC) the post Released Security Advisory 979352 regarding vulnerability discovered in Internet Explorer, which allows remote code execution. The patch to fix this vulnerability is being developed by Microsoft and according to the MSRC blog post published in Advance Notification for Out-of-Band Release Bulletin is now available to fix the patch.

So far the vulnerability has been exploited only in Internet Explorer 6, but Microsoft recommends that all customers upgrade to Internet Explorer version 8.

When Microsoft made available a patch will be publishing here on the Blog.

A hug.

Vulnerability Alert - Internet Explorer (Updated)

Posted by Luciano Lima | Comments: (0)

Category: Security

Tags: , , , , , ,

Microsoft announced on 14 January the Security Advisory 979352 regarding a vulnerability in Internet Explorer 6.0 Service Pack 1, Internet Explorer 7 and Internet Explorer 8. This vulnerability can be exploited by a malicious Web page and allows to run the same code with user privileges.

This vulnerability was used in targeted attacks against Google Inc. and other companies in the People's Republic of China. Microsoft is not aware yet of wider use of this vulnerability in the Internet.

Microsoft is working on developing a fix for the problem to be available as soon as possible, including possibly disclose it outside the normal date (the second Tuesday of each month). So far the following protective actions can be taken:

Protected Mode - In Windows Vista and Windows 7 Internet Explorer by default works in Protected Mode (Protected Mode) to Internet sites, which mitigates the risk of exploitation of this vulnerability. Microsoft recommends that you always can use Protected Mode for Internet browsing.

IE%20PM thumb Alerta de Vulnerabilidade – Internet Explorer (Atualizado)

If the Protected Mode is not activated for Internet sites, you can activate it by opening the Tools menu and then selecting the Internet Options menu. Protected Mode can be enabled on the Security tab, in the image below:

IE%20PM2 thumb Alerta de Vulnerabilidade – Internet Explorer (Atualizado)

Data Execution Prevention - In addition to always use the Protected Mode for Internet browsing, Internet Explorer 7 users are encouraged to enable the Data Execution Prevention (DEP), which makes more difficult the execution of an attack against this vulnerability. The DEP is already enabled by default in Internet Explorer 8.

To enable DEP in Internet Explorer 7, click the Fix It button below. Fix It for the work you must be running Internet Explorer as an administrator (in Vista, right click and select Run as Administrator), and then restart Internet Explorer for the DEP is effectively enabled.

Alerta de Vulnerabilidade – Internet Explorer (Atualizado)

Non-Admin User - To limit the impact of the vulnerability, surf the Internet with a user account other than the administrator of the system.

This blog post will be updated as new information becomes available.

Update (1/15/2009) - The SANS reports that the source code of an exploit for the vulnerability was disclosed on the Internet. This exploit only affects Internet Explorer 6. Newer versions of Internet Explorer have protection mechanisms such as Protected Mode and DEP that make exploitation of the vulnerability more difficult.

Microsoft confirms existence of the first vulnerability in Windows 7

Posted by Luciano Lima | Comments: (0)

Category: Security , Windows 7

Tags: , , , , , , , , , , , , , , , ,

Microsoft confirmed on Friday (13/11) the existence of a vulnerability in Windows 7 , but said that most users can protect themselves from attacks by blocking two ports on the firewall.

In a security bulletin , Microsoft said that a flaw in Server Message Block (SMB), a protocol made ​​by the company, can be used by hackers to attack machines running Windows 7 and Windows Server 2008 R2.

The vulnerability was disclosed by Canadian researcher Laurent Gaffie on Wednesday (11/11). According to Gaffie, exploiting the flaw could reach the point where the system only method of recovery is a manual shutdown of the computer .

Initially, Microsoft said it would investigate the case, but on Friday confirmed the problem. "Microsoft is aware of a code that can be exploited to undermine the functioning of the system," said the representative of the company's security group Dave Forstrom. "The company is not afraid of attacks exploiting the vulnerability at this time."

Forstrom, as Graffie, said the error can be exploited to disable a computer, but the vulnerability does not allow the installation of malicious code on Windows 7.

Both SMBv1 SMBv2 as containing the error. "Windows Vista, Server 2008, XP, Server 2003 and 2000 are not affected," says Forstrom.

Attacks may be directed to any browser, not just Internet Explorer, Microsoft warned. After taking the user to access malicious websites, attackers could crash the victim's computer problem with SMB packets.

Microsoft should release a fix the problem, but did not include in the package is scheduled for December 8 or throws an isolated correction. The company suggests that users block TCP ports 139 and 445 at the firewall. However, this may disable browsers as well as cause other critical issues.

Vulnerability Analysis

Posted by Luciano Lima | Comments: (0)

Category: Articles , Security

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Hello people,

I just posted the article Vulnerability Analysis , which aims to demonstrate how to make a Vulnerability Analysis in computing environment quickly and easily.

To read the complete article visit the link below:

http://www.guiacissp.com.br/index.php/analise-de-vulnerabilidade/

Continue Reading

Vulnerability Alert - FTP Server in Windows 2000, XP and 2003

Posted by Luciano Lima | Comments: (0)

Category: Security , Windows 7 , Windows Server 2008 , Windows Vista

Tags: , , , , , , , , , , , ,

Microsoft announced yesterday (1st September) the Security Advisory 975191 on a vulnerability in the service FTP (File Transfer Protocol) Internet Information Server 5.0, 5.1 and 6.0. This vulnerability allows an attacker to execute remote code with administrator permission on systems that are running these versions of the FTP service and where the attacker has write access.

The vulnerable versions of the FTP service are found in Windows 2000 Server, Windows XP and Windows Server 2003, and in the last two this service is not installed by default. In no case the FTP service is installed with anonymous users with write permission. Newer versions of Windows (Vista, Server 2008 and Windows 7 ) are not affected.

Microsoft is actively working on a fix for this vulnerability. While a fix is ​​not available if you use the FTP service in the versions mentioned you can protect yourself by adopting one of the following measures:

Disable the creation of new directories for the FTP service - The vulnerability is exploited by the attacker listing a folder name specially crafted FTP service, you can protect yourself and prevent the creation of new directories in the area used for this service using the NTFS permissions :

1. Go to the root folder of your FTP service (by default% systemroot% \ inetpub \ ftproot).
2. Right-click on the folder and select Properties.
3. Select the Security tab and click Advanced.
4. Click Change permissions.
5. Select each user group and click Edit.
6. Uncheck Create Folders / Append Data.

Note that ordinary users will no longer have permissions to create new folders using the FTP service, but still be able to write files in folders.

■ Do not allow writing files via FTP service - No writable FTP vulnerability can not be exploited. Anonymous users by default no longer have write permission, and you can remove permission for all users by editing the service properties as shown below:

image thumb Alerta de Vulnerabilidade – Servidor FTP no Windows 2000, XP e 2003

Disable the FTP service - The FTP service is installed by default in Windows 2000 Server. If you do not need this service, you can disable it by following the steps in article 321141 .

Microsoft also recommends that all users keep their software antivirus active and updated, and if they use system for detecting and preventing network attacks that they update their software. For software snort rules to detect this attack are already available in http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2009-09-01.html .

More information about this vulnerability are available (in English) on the blogs of the Microsoft Security Response Center and the Microsoft Security Research and Defense .

pixel Alerta de Vulnerabilidade – Servidor FTP no Windows 2000, XP e 2003
Previous