Security – Page 27 – Paul's Tech Talk

Microsoft Windows Server Service Vulnerability (MS08-067)

PaulOctober 23, 2008

A vulnerability has been identified in Microsoft Windows, which could be exploited by attackers to take complete control of an affected system. This issue is caused by an error in the Server service that does not properly handle specially crafted RPC requests, which could be exploited by attackers to crash an affected system or execute arbitrary code via a specially crafted request.

On Windows Vista and Windows Server 2008, the vulnerability is only exploitable by authenticated users.

Note: This vulnerability is being exploited in targeted attacks.

[via FrSirt]

[ad]

This was just discovered and needs to let people know. I will do more research on it and maybe come up with a way to fix the problem. According to my sources there is a patch that will fix the problem!!

*UPDATE*
According to Microsoft:

This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.
[Via Microsoft Security Bulletin]

Silverlight 2.0.31005.0 Is release today.

PaulOctober 21, 2008

I woke up this morning and found there was an update. I thought to myself this isn’t the second Tuesday, that was last week. So I click on my update tab to see what it was all about? Wouldn’t you know it, an update to Silverlight 2.

[ad]

I will be looking into the new Microsoft Silverlight. I have heard on the wind, that this might be due to the PDC coming Oct 27-30. This has something to do with Windows 7, I’m almost sure of it. I am sure as you can see this is most interesting. I’m also sure this has to do with some security fix but why push it out now when there is no need too. This update effects Windows Xp/Vista/and 2000 so we will see what they have in mind the coming weeks.

AVG detected trojan ; Generic11.BEOG

PaulOctober 17, 2008

I had a Friend tell me his system detected this Trojan GENERIC11.BEOG. I did my research and right now. It looking like Adobe added something to there recent updates *see updates below*. I’ll Have to check with some other sources but it looking like AVG over did it again and found something that might just be an AVG issue. (correction)

[ad]

I usually wait before updating something like adobe. It is sure to be some minor change to adobe but if your are worried here’s the link to watch and see what people are asking or talking about this false positive:

Malwarebytes Security Forums

It seems that AVG is calling this possible virus but yet it looks like it is a false positive. So don’t you worry. If it was a true virus you’d probably would never know!! 😉

[ad]

*UPDATE*

I installed Adobe 9.0 and updated the virus scan database for AVG. It hasn’t found any thing yet but I am still scanning my system. I’ll let you know if it finds this false positive on my Vista machine!! I’m doing this to test it out!!! Come back later to find out the results of the test. (if you like this website by all means google this website so it too can be on google trends. I want to see it be up on google trends for a day or two.)

*UPDATE #2*

Just did a whole system scan. It did not find anything. So I will be doing a reboot and scanning again. It might be something that is attached to a PDF, if you went to a malicious website. So I will do another scan.

*Update #3*

I just rebooted and almost finished scanning with AVG. I still haven’t found anything wrong. I have did some more digging into what might cause it. I just did a look registry look up on {AC76BA86-7AD7-1033-7B44-A90000000001} and I found out something really interesting. It’s a PDFFile_8.ico File. This is tells me this is an Icon for the desktop. I’m using one of the examples from Malwarebytes Security Forums to try to figure out what might be infected.

Here’s what AVG said after it finished scanning my system:

So I must assume that it is neither Adobe or AVG who have anything to do with this. I will have to say that it must be a real infection as to not having any viruses after an install of Adobe. How do you get this type of virus. Check out my article on : Some Important programs to prevent yourself from having viruses and Malware!!

There you will find some useful tips on how not to get infected and other useful tools to help restore you system to it’s glory days.

So I will tell my friend to do a full virus scan and double check the results. I can’t replicate the so called virus but I am sure there is something going on with the HASH files of the AVG Database and something might be coming back from the adobe install that has the same HASH files. That also might be making AVG flag it as an Virus or Trojan. I might never know though.

Are you asking to be scammed?

PaulOctober 15, 2008

As we go further into the economic death, we are faced with the most undesirable aspect of the human culture. That is to say, scammers are going to use the chance to find people to scam. I don’t say this lightly because scammers have become more cunning and dubious through the years. They are actually using the internet as well as most companies. They are going to sites like Monster.com, Careerbuilder.com, and other hiring sites to get people to apply for jobs.

<<See Previous Post — Nationwide Marketing Scam

Having said that, I recently had a problem with being tried to be scammed. I applied to a job posted on Careerbuilder and that is how they got a hold of my home address. I did not think about the security problems associated with applying for jobs on line, until recently.

As you can see that is how they got a hold of my information and have made myself vulnerable to scams and also, other potential problems. I am talking about Theft ID and also spam. Although spam is to be expected with anything we do online. I’ve come to the conclusion that we will always have to deal with spam. I wanted to talk about how to be careful when you apply for online jobs and put your information out on the internet. I’ve started taking some steps to prevent this from happening again.

[ad]

No Longer am I going to apply for any more private companies — if I can’t see who they are then they have something to hide.

To prevent spam — I am going to make an email address just for my resume. That way I don’t have to worry about spam on my main account.

If it’s too good to be true, it is probably not — I am going to start using that philosophy when I’m about to apply for a job. See picture above, advertising way to much money for a Customer Service rep.

Don’t ever put your Social on your Resume — That is the most crucial part, if you want your identity stolen that is one sure way to get it stolen. Even though that should be painfully obvious it is sometimes overlooked.

I am sure there are more but that is the basic idea of the whole thing. I will probably come up with even more ideas later on but this was one thing that I have been thinking about all day. I also think we have to starting asking the questions before the seriousness of the scammers come to bear. They will never go away but until we get serious, they will always be there to taunt us and laugh us. I am not sure how to do it, Do you? Are we just supposed to sit here and take it or do we fight back and how? These are importantquestions for anyone to consider when you are faced with the possiblity of fraud or being scammed? How do we deal with it in the future? Should scammers be punished serverely or moderately?

Is Spore Worth 49.99?

PaulSeptember 10, 2008

So I been doing a little digging and trying to find out what the heck people are complaining about and I found some great reviews telling me exactly why people hate EA. They don’t necessarily hate Spore or Will Wright, but the Security around The Spore game.

So In a couple of these comments. These reviews talk about Creating the creatures and All. I’ll submit some of the reviews that I thought was relevant and let you decide for yourself. I would however wonder the one big question? Is Spore Worth the Money? Here’s the details that I know of right now:

[ad]

You can only install it 3 times before you have to call EA to get an override code. (Although I heard rumors that if you unistall it, you will get a credit for an Install)

You can not Install new hardware or upgrade your hardware because if you do, it’ll count as an install, According to this one person.

The game only allows 1 login per Install. So you can’t have more than one character and one universe according to this person.

Part of the Copy Protection prevents you from taking your saved games off your computer and taking it over to your friends house, according to this Person.

On the Mac Version, it tends to breaks subsequent versions of the system services according to this one person.

According to Amazon the reviews aren’t pleasant. I tend to agree does this mean there are going to be even more people pirating it because they don’t want the DRM or Is EA going to send out a patch to fix this. I am curious as to see how EA responds to all this NONE TOLERANCE to DRM.

After seeing all these reviews of Spore, I tend to agree with everyone. I’ll probably wait and see before I buy my copy. All the reviews however don’t look promising or even makes the games look like it wouldn’t be fun.