[ad] Many users are expecting a patch for the Microsoft IIS Semicolon Bug, but from the recently published bulletin by Microsoft it seems that is highly unlikely during this patch cycle. Microsoft Security Bulletin Advance Notification for January 2010 It seems they will only be pushing out a fairly low priority fix which is rated […]
hacking-windows
Microsoft IIS Semicolon Bug Leaves Servers Vulnerable
[ad] The latest news breaking over the Christmas period is that of a fairly serious bug in IIS that allows local file inclusion (LFI) of any filetype due a bug in the way IIS filters handle semicolons (;). Secunia has confirmed the vulnerability “on a fully patched Windows Server 2003 R2 SP2 running Microsoft IIS […]
Microsoft Confirms First Windows 7 0-Day Vulnerability
[ad] So a pretty serious remote vulnerability has been discovered in Windows 7, as usual Microsoft is downplaying the problem asking you to block the ports on your firewall rather than fixing the issue. I’d imagine the problem would only really be a big issue inside networks as who exposes SMB ports to the outside […]
No Emergency Patch For Latest Windows Exploit
[ad] Another reason for Windows users to hate the Microsoft Patch Tuesday policy, The exploit isn’t 100% reliable but it’s still fairly significant in my eyes as it is a critical vulnerability and can be used for code execution. Vista isn’t the most popular OS still so perhaps Microsoft don’t the threat being that wide […]
Stoned Bootkit – Windows XP, 2003, Vista, 7 MBR Rootkit
[ad] What is Stoned Bootkit? A bootkit is a boot virus that is able to hook and patch Windows to get load into the Windows kernel, and thus getting unrestricted access to the entire computer. It is even able to bypass full volume encryption, because the master boot record (where Stoned is stored) is not […]