Saturday, August 19, 2017
  • Home
  •             

And so the SQL attacks continue…

May 15th, 2008 by Patrick S

Yep…It’s still going-and its worse than ever it seems. Hundreds of thousands of unsuspecting people are stillstumbling across perfectly legitimate websites that have been compromised by an SQL injection, and as a result are infected with a nastyTrojan.
These types of Trojans are known for changing an affected system’s local DNS and Internet browser settings, thus making the system vulnerable for even more potential threats. (Trend Micro have written a very good post explaining what happens once infected)

Therefore I thought I would take some time to mention a dew domains (courtesy of f-secure) admins should block to avoid any possible chance of infection:

  • yl18.net
  • www.bluell.cn
  • www.kisswow.com.cn
  • www.ririwow.cn
  • winzipices.cn
  • www.wowgm1.cn
  • www.killwow1.cn
  • www.wowyeye.cn
  • vb008.cn
  • 9i5t.cn
  • computershello.cn

This is a good time to again mention that this not a vulnerability in Microsoft IIS or Microsoft SQL that is used to make this happen. If you are an administrator of a website that is using ASP/ASP.NET, you should make sure that you sanitize all inputs before you allow it to access the database.

There are many articles on how to do this such as this one. You could also have a look at URLScanwhich provides an easy way to filter this particular attack based on the length of the QueryString.

Posted in MS SQL, Security, Windows Server System, Windows XP | Comments Off on And so the SQL attacks continue…

Microsoft discloses vulnerability affecting multiple Windows Versions

April 22nd, 2008 by Patrick S

After investigating public reports, Microsoft has published Microsoft Security Advisory 951306, which describes a vulnerability that affects multiple versions of Windows (including Windows XP Professional Service Pack 2, all supported versions and editions of Windows Server 2003, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008.)

The newly found security flaw could potentially allow a malicious local user (who has authentication) to execute specially crafted code to raise his privilege level to LocalSystem. IIS and SQL Server are the main attack vectors. But other vectors are possible, such as Microsoft Distributed Transaction Coordinator (MSDTC) on Windows Server 2003.

The vulnerability looks like it basically allows for any process that has the SeImpersonatePrivilege to execute some code and be able to impersonate LocalSystem (which has the NT AUTHORITY\SYSTEM SID and a wealth of privileges in its token). For Windows 2003 and beyond the users awarded that privilege are in the Network Services, Local Services, Local System, and Administrators groups. On Vista/Server 2008 you additionally won’t have the privilege unless you’ve elevated. That fortunately reduces the scope of this otherwise highly serious vulnerability, though it still isn’t pretty.

It must be noted however  Microsoft stated in its advisory that- “Hosting providers may be at increased risk from this elevation of privilege vulnerability.” However, no exploitation has been observed at this time.
Microsoft Security Advisory 951306

Posted in MS News, Security, Windows Server System, Windows Vista, Windows XP | 1 Comment »

Windows XP SP3 RTM’ed

April 22nd, 2008 by Patrick S

Well it seems as though its finally happened-Service Pack 3 for every-ones favourite OS, Windows XP has been released to manufacturing (however not available to the public just yet-expect to see it on April 29th).

Service Pack 3 updates all 32-bit versions of Windows XP from Starter to XP Professional (the x64 edition of XP is based on Server 2003 and requires the Service Packs for that product). The complete package from the Download Center will reportedly be some 320 MB. Downloads via the Update function will be around 70 MB according to Microsoft’s current plans; this update can be so much smaller because only the data required for a specific XP version are downloaded, not the entire package.

Support for Windows XP without any service packs expired long ago and officially SP2 has to already be installed before SP3 can be installed, despite the fact there is no technical reason for this requirement. However Microsoft is inconsistent and SP3 can in practice be installed on XP with only SP1. Strangely, the complete SP3 contains all of the patches you need to update even a fresh base version of XP. Microsoft says that a slipstream installation CD can be created so that the operating system with SP3 can be installed at once without any other service pack.

SP3 not only contains patches and updates, but also a number of add-onsthat have been sold separately, such as Background Intelligent Transfer Service (Bits) 2.5, Windows Installer 3.1, Management Console (MMC) 3.0 and Core XML Services 6.0. SP3 does not, however, contain any fundamentally new functions, and no new versions of Internet Explorer or Media Player are included.

This is set to be the very last Service pack for XP however patches and updates for the OS are set to continue until Service Pack 3 expires in 2014.
A time line of SP3:

  • April 14, 2008: Support is available for the release version of Windows XP SP3
  • April 21, 2008: RTM, OEMs
  • April 29, 2008: RTW, Windows Update and Microsoft Download Center
  • May 2, 2008: MSDN and TechNet subscriber downloads
  • May 19, 2008: Windows XP SP3 Fulfillment Media
  • June 1, 2008: Microsoft Volume Licensing customer downloads
  • June 10, 2008: Automatic Updates
  • An overview for SP3 is available here (MSFT), however expect new documentation to arise pretty soon.

     

     

    Posted in Beta News, MS News, Products, Windows XP | 1 Comment »

    Get the new face of Windows XP, Before it eXPires!!!

    January 6th, 2008 by Patrick S

     

    2008 Is here, its now time to face the truth… The clock is ticking on Microsoft’s Windows XP. And whilst Microsoft may view this as a natural stage in the evolution of a product that was RTM’ed (released to manufacturing) all the way back in 2001, a healthy proportion of people will fail to see eye to eye with the company on this one. In this context… Windows Vista.xptarget

    Vista In 2007

    Even with Vista hot off the presses, XP did not give one inkling that it was going to give up the fight, with Microsoft focusing on winding XP up for good-Ending support for SP1 and soon to be SP2.

    -Microsoft’s Windows Product Management vice president Mike Nash on September 27th: “with more than 60 million licenses sold as of this summer, Windows Vista is on track to be the fastest-selling operating system in Microsoft’s history.”
    They had done it-sold over 20 million licences in the first month since RTM, passing 40million within the first 100days and 60 million by mid 2007. The last statistics made available to the public, dating back to the end of October, pointed to over 88 million Vista copies sold worldwide.

    At the end of 2007, according to statistics provided by Net Applications, Vista enjoyed a market share of 10.48% – a percentage roughly synonymous with 100+ million sold copies. And while in just a single year Vista’s install base has passed the combined audience of Mac OS X and all the Linux distributions, its performance is still perceived with nuances of failure. And at fault is Windows XP with its roots firmly dug in for the past six years.

    Vista’s Problem

    Currently Vista (in general) leaves a lot to be desired-to be honest it’s just how I feel. Sure SP1 comes out this year, and there is still hope that Microsoft will boost Vista up to the OS that it has the potential to be, but lets face it-there are A LOT of users who wont go with the flow. Admittedly Vista HAS grown on me since I first tested it a couple of years ago-I have the upmost confidence SP1 will change my mind for the better.

    Let’s explore what’s gone down with Vista last year:

    • Dell, HP and Acer have all asked Microsoft to extend XP’s availability for an additional 6 months due to the concerns of customers.
    • Many Businesses have been slow to adopt Vista due to poor performance and compatibility issues.
    • Complaints have arisen regarding performance issues and the fact that Vista is so damn hungry.

    XP’s Future

    2008 Marks another milestone for Microsoft Windows-No it’s not Service Pack 1. It’s the real upgrade to Vista (SP0)… XP’s Service Pack 3. This final major update to XP has been dubbed by some as the Vista without the crap.

    Although XP was faster than Vista before, SP3 ups the ante. Microsoft has said that SP3 features about 1073 fixes and adds some cool features from Vista to make your experience far better. Using Vista after XP seems weird-no device incompatibility warnings, pop-ups asking for permission and poor performance.

    Sure this may not seem like big improvements and most of the fixes included in SP3 can already be found on Vista, but isn’t that the issue here? Now that XP is more secure and already sports any and all drivers you are currently using without costing hundreds of dollars to implement, couldn’t it be said that XP is simply the better choice? … It just works!!!

    Sadly the end of June (30th )2008 marks the day where Windows XP will no longer be available pre-loaded on computers from original equipment manufactures or from retail outlets. Starting with the summer of this year (4th Quarter) and ending sometime in 2010, when windows 7 is planned, end users will only have access to Windows Vista. XP will survive a little longer with System Builders until early 2009, and until mid 2010 with the Starter edition, but sales of the Windows operating system connected with white-box PC’s are only a fraction of the Windows client businesses.

    What about the Big Picture?

    In the end, it’s not all about the support life-cycles and marketing, not by a long shot. With SP1, Vista will enter its first stage of evolution and with that a massively increased user-base. This will lead better support and compatibility, to increased reliability and boosted performance-XP will fade to the background and Vista will take centre stage.

    So…While Office 07 and Vista get their first Service Packs-Windows XP will get its last.

    I Say “Viva La XP” but Bring on Vista SP1 😀

    Stats and info sourced from cnet and softpedia

    Posted in Beta News, MS News, Products, Windows Vista, Windows XP | 2 Comments »

    Windows Virtual Desktops

    January 5th, 2008 by Patrick S

    I love Windows as much as the next guy however there are certain features on Linux that I really wish were in Windows. E.g. The Power of Bash or Multiple (Virtual) Desktops.

    Thanks to Microsoft’s Code Plex program I stumbled across a program that allows users to run multiple desktops within Windows XP & Vista. Its a completely open-source program (yay) and even supports Vista’s DWM based aero interface (They seem to have found a way around the slowness of the SDK however).
    This virtual desktop program takes advantage of this new API and uses some tricks of its own to provide a powerful virtual desktop manager with a full screen thumbnail based preview. You can have as many desktops as you want and can seamlessly switch between them.

    Some of the programs key features include:

    • Multiple-monitor support
    • Per-desktop backgrounds
    • Sticky windows to exclude windows from the virtual desktop manager
    • Live Vista thumbnails of all of your windows (Will only work in Vista-XP does not support WDM)
    • An infinite number of desktops only limited by the amount of memory in your computer

    Download and toy around Virtual Desktop Manager here http://www.codeplex.com/vdm

    VDM

    Pretty cool huh?

    Posted in Computing, Reviews, Windows Vista, Windows XP | 2 Comments »

    Delayed Startup of Windows startup applications

    January 4th, 2008 by Jabez Gan [MVP]

    Are you experiencing a loooooooooooooong startup of Windows due to the startup of not-so-important applications, like OneNote or Adobe Gamma Loader? Or maybe you want Microsoft Office Outlook to run automatically after Windows loads? Fear no more, there’s a quick app by Clint Rutkas called “Delayed Startup” which will help you!

    From his blog,

    “Why did I create a delayed startup program?  After I saw all the stuff my manager had booting up on his computer, I thought this may be useful.  His computer really wasn’t terribly usable for a good 10 minutes after a reboot so I decided to spend a few minutes and create him a nice program while I’m at a .Net User Group meeting (they had free food and it was 1 floor up in my building).  My theory is most of the programs in your startup folder aren’t actually needed asap.  I don’t need OneNote open right away, I don’t need a bunch of other stuff right away.  The nice thing is now I can have Visual Studio, Outlook, IE, and a few other programs I run everyday not impact me restarting my computer’s bootup time since they’ll do a gradual loading sequence.”

    More information of Delayed Startup can be found at http://betterthaneveryone.com/archive/2007/10/29/delayed-startup.aspx ,  which includes the Setup program.

    What do you think of this application? Leave a comment!

    Posted in Windows Vista, Windows XP | Comments Off on Delayed Startup of Windows startup applications

    Vista pirated half as much as XP, Microsoft Happy

    January 4th, 2008 by Patrick S

    While it admits it’s not possible to pin down an exact number, Microsoft has let out word today that it estimates the counterfeit rate of Vista to be about half that of XP, a figure that it seems to be more than pleased with. Of course, one could interpret those numbers in slightly less positive ways, but Microsoft claims the sharp dip in piracy is due to Vista’s amped up authentication system, which it says is a “proven and effective way to combat piracy.” To come up with the numbers, Microsoft apparently relied statistics based on Windows Genuine Advantage validation failures, as well as other unspecified internal data. As TG Daily notes, all this follows Microsoft’s announcement of revised anti-piracy measures in Vista SP1 and, specifically, some big changes to the aforementioned WGA feature.

    Microsoft’s statistics are based on Windows Genuine Advantage validation failures, along with other internal data.

    Microsoft’s statement on counterfeit data comes as it reveals new piracy prevention plans for Vista’s first service pack. “What is changing with SP1 is the nature of the experience for those systems that are never activated or that fail validation,” said Sievert. The service pack will also help prevent users with legitimate installs from being affected by Vista pirates.

    Posted in Anti-Piracy, Windows Vista, Windows XP | 4 Comments »

    Windows SteadyState 2.5 beta is up!

    December 7th, 2007 by Jabez Gan [MVP]

    Windows SteadyState 2.5 beta is up on Microsoft Connect.

    What is Windows SteadyState?

    What state is your shared computer in at the end of the day?

    • Hard disk filled with downloaded files?
    • Strange options configured?
    • Programs installed that you don’t want?
    • System infected with viruses and spyware?
    • Computer bogged down for unknown reasons?

    Windows SteadyState, successor to the Shared Computer Toolkit, is designed to make life easier for people who set up and maintain shared computers.

    An easy way to manage multiple users
    An easy way to manage multiple users

    You can manage whole groups of users as single user accounts. The new Windows SteadyState console makes it easier than ever to create and modify user profiles.

    A locked-down platform for stable shared computing

    Not every computer user should have access to every software capability. Your system can be more stable and consistent when you limit user access to control panel functions, network resources, and other sensitive areas.

    Set it and forget it
    Set it and forget it

    Once you have everything set up the way you want it, you can share the computer and rest easy. Any changes a user might make to the configuration or hard disk can be undone by simply restarting the machine.

    Find more about Windows SteadyState at http://www.microsoft.com/windows/products/winfamily/sharedaccess/whatis/default.mspx

    To join the beta, go here: https://connect.microsoft.com/site/sitehome.aspx?SiteID=286

    Posted in Windows XP | Comments Off on Windows SteadyState 2.5 beta is up!

    Submit your Windows feedback NOW!

    November 3rd, 2007 by Jabez Gan [MVP]

    Would you like to help Microsoft and shape Windows? Do you have a cool idea that you want to see in the next version of Windows? Is there something which is bugging you in the current version of Windows? Or does Windows not work for you?

    Now it is the time for you to submit your feedback about what you want to see in the next version of Windows, through the Windows Feedback Program!

    Register and join and Submit your feedback now at http://wfp.microsoft.com/

    Posted in Windows Server System, Windows Vista, Windows XP | Comments Off on Submit your Windows feedback NOW!

    Microsoft Windows XP Professional SP2c is released

    August 10th, 2007 by Jabez Gan [MVP]

    But only for system builders.

    SP2c Features and Requirements
    There are no other features or fixes included in this service pack; it will only allow for the inclusion of additional product keys. When using SP2c product keys, system builders must:

    • Use the product keys with SP2c media.
    • Create new images from SP2c to accommodate the new product keys. A hotfix will not be provided.

    Source: http://blogs.technet.com/backroom/archive/2007/08/09/microsoft-windows-xp-professional-service-pack-2c-release.aspx

    Posted in Windows XP | 3 Comments »

    Tip: How to use “ReadyBoost” on Windows XP

    August 9th, 2007 by Jabez Gan [MVP]

    Many XP users are desperate to use a feature like Vista Readyboost on XP. It seems in some cases that people hate to wait for a program to be released; which is a shame considering how the best things in life comes with patience. However, for those of you who can’t wait for programmers to release a simple application, you can use Windows XP unspoken Readyboost Feature.

    NOTE: Before reading the info below, be aware that even though it may appear simple, most people don’t know how to activate this feature properly. As a result to the aforementioned, many don’t achieve the expected results -> [For these users, I advice you to be patient and to wait for programmers to do their jobs]-> ALSO, BE SURE YOU HAVE A READYBOOST COMPATIBLE FLASK DRIVE, otherwise, you won’t see any difference in Window performance (even though you can use this feature on any flask drive).

    Right click on My Computer, go to Properties, and then navigate to the Advanced or Performance tab.
    After you have reached this point, follow the images below.



    Once you have reached the screen above, select your flask drive, and add it to your virtual memory (paging size is up to you).

    *It is recommend making a partition just for file swaping (if using a hard drive instead of a flask drive), so that system fragmentation won’t force the swap file to fragment as well.

    *As investigated by Morara*: The max amount of swap per drive is 4GB, but you can put more by spreading it out across multiple drives. As far as size, a general rule of thumb is to use twice your RAM until you break 2GB on a desktop (CAD workstations and servers might require more), then use an amount equal to your RAM.

    Source: http://www.windowsxlive.net/?p=1337#more-1337

    UPDATE: Use the above information at your own risk. It is not a supported configuration and it could cause system instability. But do post back here if any of you who are trying this and let us know if it works for you.

    Posted in Windows XP | 5 Comments »

    Error Message: System Cannot Log You on Because Domain Is Not Available (On Windows XP)

    July 17th, 2007 by Jabez Gan [MVP]

    Just documenting an error:

    Error Message: System Cannot Log You on Because Domain <Computername> Is Not Available

    SUMMARY

    An error “System Cannot Log You on Because Domain <Computername> Is Not Available” appears when you try to log on to Windows.

    SYMPTOMS

    When the user tries to log on to the computer in the Log On dialog, it will fail with the error “System Cannot Log You on Because Domain <Computername> Is Not Available”. Log on using safe mode will not work either.

    For instructions on resolving this issue, please see: http://support.microsoft.com/kb/555939

    Posted in Windows Server System, Windows XP | 1 Comment »

    Vista Recovery Command Prompt

    June 16th, 2007 by Patrick S

    As good as the recovery console in is Windows-it really aint that secure at all. Did you know that the Command Prompt tool found in Vista’s System Recovery Options doesn’t require a User Name or Password? And that the Command Prompt provides Administrator level access to the hard drive? For multiple versions of Windows? All you need is a Vista Install DVD and you’re all set to go.

    Just boot from the DVD and select the Repair option:

    Then select the Command Prompt:

    Here you have full access to this computer, not only as an administrator but also as a system account user. After this you can insert usb-memory and copy any non-encrypted file from this computer to usb-memory and steal information without leaving any marks to the system or event viewer logs.
    Also, you could for example copy SAM-file (contains names and passwords of local users) from c:\windows\system32\config to usb-memory and start cracking computer’s user password at  remote computer.

    A cracker can:
    1. … copy files from hard disk to USB, floppy or network server
    2. … create / modify / delete files and folders
    3. … use most of the MS-DOS like commands
    4. … use this method in Vista, XP, 200x

    To protect you computer or workstation, try to:

    setup bios boot order so that booting from other media than hard disk is not possible

  • setup startup password from your bios (mainly in home computers)

  • use hard disk encryption software, if possible (such as bit locker)

  • encrypt files and folders using EFS, if mechanisms above are not possible

  • This kind of reminds you of a Windows XP Home feature. The Administrator account password for XP Home is blank by default and is hidden in Normal Mode. But if you select F8 during boot for Safe Mode, you can access the Administrator account and have complete access to the computer.

    For more proof of the concept check out find more details from Mr. Kimmo Rousku and F-Secure

    Posted in MS News, Products, Security, Windows Vista, Windows XP | 5 Comments »

    Vista + IE7’s default security: Blocked site from stealing info

    May 15th, 2007 by Jabez Gan [MVP]

    At the ToorCon Seattle (beta) conference, Web application security specialist Robert Hansen (RSnake) demoed Mr-T (Master Recon-Tool), a new utility that combines information disclosure flaws in Internet Explorer and Firefox to collect information on a target’s computer system.

    Basically, it will attempt to use Javascript to cough up information about ones’ browser details, eg: version of browser, what plugins are running/enabled, location of the machine, internal IP of the machine etc.

    However on a Vista with IE7 running, “Access denied” error will be shown. This is because Vista + IE7 has Javascript disabled by default.

    Please test your browser here:
    http://ha.ckers.org/mr-t/

    Through the above website it can also show you what gmail address you are using.

    More information: http://blogs.zdnet.com/security/?p=197&tag=nl.e622

    Does it work on IE7 on Windows XP?

    Posted in Internet Explorer, Windows Vista, Windows XP | 1 Comment »

    Power management of Windows Vista Vs Windows XP

    May 11th, 2007 by Jabez Gan [MVP]

    Windows Vista, the latest and currently the greatest OS by Microsoft, comes with numerous improvements, which includes better Power Management.

    Power Management is claimed to be better with the introduction of the Sleep mode, and ther tweaks which includes timing to turn off the hard disk, show the screensaver etc. But what does HP says about it?

    “It’s a little scary,” said John Wozniak, a distinguished technologist in HP’s notebook engineering department, referring to the work HP needed to do on making Windows Vista more suitable for notebooks.

    It is all caused by the introduction of Aero glass, which takes more GPU thus more electricity to run it. Due to the high power that Vista needs, HP and other OEMs have started to modify and optimize the power management that comes with Vista to provide users with a longer lasting battery time for laptop users.

    However according to Microsoft’s own whitepaper on the study of power consumption of Vista Vs XP,

    “Aero graphics have a negligible impact on overall power consumption.

    Vista also addresses many of the arguments that have blocked companies from adopting a powermanagement strategy. The Sleep state is now much more reliable, and the user experience is not harmed – the fact computers resume from Sleep in under two seconds is almost the same amount of time that a screen takes to reactivate from Idle mode in Windows XP. Vista also has built-in management tools via Group Policy.”

    What? Aero graphics have a negligible impact on overall power consumption? I do agree that the fact that Vista is more superior than XP in Power Management, but due to other reasons like the introduction of Aero, laptop battery life is actually much shorter!

    What do you all think? Is your battery life shorter in Vista? If yes, how much shorter compared to XP?

    Source:

    http://news.zdnet.co.uk/hardware/0,1000000091,39286975,00.htm

    http://download.microsoft.com/documents/uk/business/PC%20Pro%20Labs%20White%20Paper%20Mar%202007.pdf

    Posted in Windows Vista, Windows XP | 4 Comments »

    « Previous Entries