NLH

Posts tagged with "windows"

Trojan impersonates Windows activation to snatch data

Monday, 7. May 2007, 12:03:45

Fradulent Windows activation program phishes for credit card information
Gregg Keizer 07/05/2007 08:54:07

Symantec researchers Friday warned of an in-the-wild Trojan horse that poses as a Windows activation program to dupe users into entering credit card information in an attempt to reanimate their machines.

Dubbed Kardphisher, the Trojan is nothing much technically, reported Takashi Katsuki, a Symantec researcher. But its author has "obviously taken great pains to make it appear legitimate."

Once the Trojan's installed, it throws up an official-looking screen that claims the user's copy of Windows was activated by someone else. "To help reduce software piracy, please re-activate your copy of Windows now," the screen reads. "We will ask you for your billing details, but your credit card will NOT be charged."

Selecting "No," said Katsuki, shuts down the PC. "Yes," meanwhile, takes the user to a second screen where he or she is asked to enter her name and credit card information, which is then transmitted to the hacker's server. "This Trojan teaches us all a good lesson," added Katsuki. "Trust no one."

Details on the Trojan's bogus re-activation screens look legit, and it plays off real-world behaviour by Windows. The Web site referenced on the first screen, for instance, is actually Microsoft's own anti-piracy site. And in some situations, such as after a user makes substantial hardware changes, Windows XP will demand reactivation. Microsoft, however, never demands any personal information, such as a credit card, during activation.

The newer Windows Vista, which is not targeted by Kardphisher, is even more likely to require reactivation. In fact, Microsoft patched Vista in January to quash a bug in the OS's anti-piracy technology that was erroneously telling users they needed to reactivate.

No comments

Microsoft: Sẽ chưa có bản vá lỗi cho DNS Server

Monday, 23. April 2007, 22:25:32

patch, windows

Microsoft: No patch yet for DNS Server bug
Microsoft claims the vulnerability will not be patched until the next regularly scheduled security update, though some experts think the fix will come sooner

(InfoWorld) - Microsoft's security team Sunday said it is still working on a patch for a critical bug in the company's server software.

The vulnerability in the Domain Name System Server Service of Windows 2000 Server SP4, Windows Server 2003 SP1, and Windows Server 2003 SP2 has been exploited since at least April 13, Microsoft acknowledged earlier -- although the company has continued to characterize those attacks as "limited."

"Our teams are continuing to work on developing and testing updates ...[but] we don't have any new estimates on release timelines," said Christopher Budd, program manager for the Microsoft Security Response Center. (MSRC) on the group's blog. "I can say that our ongoing testing so far has not raised any issues that would make us believe we might be looking at a longer timeline."
Previously, Budd has said that MSRC was shooting for releasing a patch May 8, the date of the next regularly scheduled update. Security researchers, however, had earlier predicted that Microsoft would release an out-of-cycle fix, as it did on April 3 for the Windows animated cursor vulnerability.

Also over the weekend, Microsoft posted a new document on its Knowledge Base support site that spells out how IT administrators can deploy a workaround for the DNS Server bug to all domain controllers in the enterprise. Earlier guidance from Microsoft -- as laid out in the security advisory it first published April 13 -- only gave instructions on how to disable remote administration of the DNS service one machine at a time.

Microsoft's how-to relies on techniques taken from a blog posting by Jesper Johansson, a former Microsoft senior security strategist. "Our PSS (product support services) team took (Johansson's) idea, added some error handling to it, and built it into a KB," said Budd.

Last week, several botworms tried to exploit the vulnerability to hijack servers.

No comments

Microsoft bán Windows XP và Office giá 3 USD

Friday, 20. April 2007, 04:27:38

windows

(VnExpress)
Gói sản phẩm Student Innovation Suite bao gồm Windows XP Starter Edition, Microsoft Office Home và Student 2007 dành cho chính phủ các nước có chế độ hỗ trợ sinh viên.

Kế hoạch sẽ bắt đầu vào nửa cuối năm nay. Ngoài ra, hãng phần mềm số một thế giới còn xây dựng trang web để hỗ trợ sinh viên ngành kỹ thuật trong học tập và tìm kiếm việc làm, trước hết ở Ấn Độ vào cuối năm nay, sau đó triển khai ở các nước khác nếu hoạt động này thành công.

Microsoft đã mở được 110 trung tâm ở nhiều nước để cung cấp các bài giảng và giới thiệu công nghệ cho nhiều học viện, công ty phần mềm mới thành lập và các tổ chức khác. Hiện tài liệu trực tuyến dạy về các ứng dụng như Access, Excel... bằng tiếng Việt đang được xây dựng. Tham khảo thêm tại đây.

T.H. (theo AP)

No comments

Mã Longhorn cũng bị lỗi DNS Server nghiêm trọng

Saturday, 14. April 2007, 01:47:21

SECURITY, windows

Dangerous DNS server bug in Longhorn code, too

Microsoft Corp.'s troubles with its newest operating systems continued today as it confirmed that an unpatched vulnerability in its current server software also exists in the still-beta code for Longhorn Server. "Yes, Longhorn Server is affected," a Microsoft spokeswoman said today in an e-mail.

According to a security advisory released late yesterday, a zero-day vulnerability in the Domain Name System (DNS) Server Service in Windows 2000 Server (SP4) and Windows Server 2003 (SP1 and SP2) is being exploited by attackers, who send malformed RPC packets to the server.

At Computerworld.

No comments

Microsoft warns of security holes

Wednesday, 11. April 2007, 09:11:55

SECURITY, windows

The software giant labels flaws as 'critical,' which can allow attackers control without the user doing anything to the computer.
April 10 2007: 6:35 PM EDT

SAN FRANCISCO (Reuters) -- Microsoft Corp. warned of four security flaws in its software that it categorized as "critical" Tuesday that could allow attackers to gain control of a user's computer.

Microsoft (Charts), whose Windows operating system runs some 95 percent of the world's computers, issued the patches as part of its monthly security bulletin.

The world's biggest software maker defines a flaw as "critical" when it could allow a damaging Internet worm to replicate without the user's doing anything to the machine.

The company said the "critical" patches fixed three holes in its Windows operating system and another in its Content Management Server product. Microsoft also issued another security update for Windows it rated at the lower threat level of "important."

The fixes come a little more than a week after it released a patch outside of the regular monthly update to plug a security hole related to an animated cursor that hackers had used to launch attacks after users clicked on links to malicious Web sites.

The company has been working to improve the security and reliability of its software as more and more malicious software target weaknesses in Windows and other Microsoft software.

The latest patches can be downloaded at www.microsoft.com/security.

No comments

1 2 3 4 Next »

Showing posts 1 - 5 of 20.