Use – Page 7 – Paul's Tech Talk

Some program Vulnebilities Detected!!

PaulNovember 25, 2008

Just got done looking at some of my security sites and according to SecuriTeam there are are several programs that have vulnerabilities. here are the Ones that I’ve found:

Google chrome is vulnerable to URI Obfuscation vulnerability.
An attacker can easily perform malicious redirection by manipulating the browser functionality. The link can not be traversed properly in status address bar.This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. The URI specified with @ character with or without NULL character causes the vulnerability.

[ad#ad2-right]iPhone Configuration Web Utility for Windows Directory Traversal
iPhone Configuration Web Utility lets “you easily create, sign and distribute configuration profiles using a web browser”. A vulnerability in iPhone Configuration Web Utility allows remote attackers to access files that reside outside the bounding root directory of the program’s files folder.

Streamripper Multiple Buffer Overflows
Streamripper “records Shoutcast and Live365 MP3 streams to a hard disk, creating separate files for each track. Runs under Unix and Windows.” Secunia Research has discovered some vulnerabilities in Streamripper, which can be exploited by malicious people to compromise a user’s system.

Amaya URL Bar Stack Overflow Vulnerability
A vulnerability in Amaya browser allows remote attackers to cause it to overflow an internal buffer which in turn can be leveraged to execute arbitrary code.

These are the ones that I found and wanted to let you know about these so you can make your system even more secure. if I find any others I’ll let you know!!!

Microsoft kills a fake antivirus tool from 994,061 computers!

PaulNovember 25, 2008

According to Arstechnica and I’ll quote:

[ad#ad2-left]Win32/FakeSecSen has gone by various names, including Micro Antivirus 2009, MS Antivirus, Spyware Preventer, Vista Antivirus 2008, Advanced Antivirus, System Antivirus 2008, Ultimate Antivirus 2008, Windows Antivirus, XPert Antivirus, Power Antivirus, and Ultra Antivirus 2009. Furthermore, it is skinnable, so each of these variants has a different GUI, although the basic functionality is the same: bother users with warnings of malware until they pay up.

The Microsoft Malware Protection Center recently released some data on how the removal tool performed this month: FakeSecSen was removed from 994,061 machines. That number isn’t the highest Microsoft has recorded before, and the number of removals depends on which malware Microsoft adds each month and how widespread it is.

[via Arstechnica]

This seemed to of happened this month with the usual Windows update. If you haven’t updated your system just yet you should. This troublesome fake virus seems to have been killed from several systems. This could effectively make it harder for these guys who ever designed this program to make money. I hope microsoft does even more virus removals in next month. If you still want to try to get rid of these viruses don’t forget to check out my tips on Virus removal.

Google SearchWiki dies after two days!!

PaulNovember 22, 2008

According to Techcrunch Google Pulls the Google SearchWiki. Unsure as to way but here’s what they said:

Users are reporting that the recent changes to Google’s search engine, called SearchWiki, have simply disappeared from the site. It’s certainly gone from my account.

[ad#ad2-right]User reactions were mixed but weighted heavily towards “this is lame,” and there was no way to turn off the features other than to conduct Google searches without being logged in. Another way to turn it off was to switch search engines.

[via TechCrunch]

I’ve got my theory on this, and it’s quite a good theory. I think it was a making search results come up wrong or not at all. The last two days they’ve had that going my page views have drop BIG time. According to my Stats I’ve had 236 Unique Visits for Thursday, and 232 Wednesday. My Friday stats show that I only got 185 Unique Visits, dropping 40 to 50 people. My stats for today which is incomplete shows that I’ve only gotten 136 unique visits. Although that is complete you can see where I dropped drastically. I think Google was getting yelled at by websites due to the stats dropping. I am guessing people could tell if they wanted to go to a site just by reading the comments. This will hurt every site, including TechCrunch. I will say this is only a theory and this might or might not be the case.

This however is the best possible explanation that I could come up with. Do you know why they did that? I don’t know?

How to disable autorun the easy way!!!

PaulNovember 21, 2008

I read a report from Cnet about USB devices spreading Virus and I will quote:

The bad guys are intentionally developing new flavors of malware designed to propagate through USB devices,” said Gunter Ollmann, chief security strategist for IBM’s ISS security division. “They are today’s floppy drives.”

[ad#ad2-right]An infected computer can spread a virus to a clean USB thumb drive that is inserted. That USB drive will then be spreading the virus onto other computers if the operating system on those machines has an AutoRun-type feature enabled. The AutoRun function in Windows launches installers and other programs automatically when a flash drive or CD is inserted. The Mac has an equivalent function, according to Ollmann.

[Via Cnet]

In order to disable “autorun“, which in Vista is called Autoplay. In order to disable Autoplay from starting when you insert media into your computer here is how you do it:

You will need to be Logged in as Administrator before this can be done:

Next click start and type “Autoplay” without quotes. It will bring up a screen but all you have to worry about is this:

You will need to make sure there is no check mark for “Use AutoPlay for all media and Devices”. Click save and close.

[ad#ad2-left]Once that is done, you will have no more Autoruns from USB devices. If you want to disable Autorun in XP, I’d suggest reading some of these articles for XP.

Wikipedia – AutoRun

How to Disable Autorun

These are just a few and are really nice to articles but there are others out there that might be more to your liking. I suggest searching Google for them. I hope this helps you out!!!

Vista has a new Vulnebility!

PaulNovember 20, 2008

According to Techworld.com, Vista has a new Vulnerability that could let a hacker infect a Vista machine with a rootkit. The talk from them is quite intriguing. I will quote it to better let you know what the Vulnerability is:

The vulnerability could allow a hacker to install a rootkit, a small piece of malicious software that is very difficult to detect and remove from a computer, Unterleitner said.

[ad#ad2-left]Phion notified Microsoft about the problem on 22 October. Microsoft indicated to Phion that it would issue a patch with Vista’s next service pack. Microsoft released a beta version of Vista’s second service pack to testers last month. Vista’s Service Pack 2 is due for release by June 2009.
[via Techworld.com]

The way they could do this is through the Device IO Control which in turn could corrupt the Kernel of Windows Vista. Now we all know that Microsoft will release a patch quicker than 6 months away. According to this article, people are already looking for the exploit and want to know more about it. I would be willing to bet they will have a patch out sooner than later. Probably January or Febuary, which will be a big deal because no one will expect it. I would also imagine hackers will start trying to figure out how they could install software as quick as possible before Microsoft pushes out the patch. So what can you do to protect yourself, Get a firewall, a Antivirus and learn how to protect yourself to prevent yourself from getting a computer virus.