[ad] Well how many does that leave unpatched? 30+ if I remember correctly from the PivX page that got taken down mysteriously. Microsoft on Tuesday released a “critical” Internet Explorer update that fixes 10 vulnerabilities in the Web browser, including a high-profile bug that is already being used in cyberattacks. The Redmond, Wash., software giant […]
Windows Hacking
Information about the Internet Explorer Exploit createTextRange Code Execution
[ad] Internet Storm Center’s always informative Diary has some good information. At the urging of Handler Extraordinaire Kyle Haugsness, I tested the sploit on a box with software-based DEP and DropMyRights… here are the results: Software-based DEP protecting core Windows programs: sploit worked Software-based DEP protecting all programs: sploit worked DropMyRights, config’ed to allow IE […]
Why Windows Vista ‘might’ Actually be Good
[ad] The main thing is the massive kernel overhaul, it’s actually adding some decent functionality and refining the architecture to become more like Linux! While the kernel in Vista is still primarily the same one as in Windows 2000 and XP, there have been some significant changes to tighten up security. Fewer parts of the […]
pwdump6 version 1.2 BETA Released
Version 1.2 (Beta) of the pwdump6 software has been released. There are three major changes from the previous version: Uses “random” named pipes (GUIDs) to allow concurrent copies of the client to run. This is predominately for the next version of fgdump, which will be multithreaded. Will turn off password histories if the requisite APIs […]
Security Cloak – Mask Against TCP/IP Fingerprinting for Windows
[ad] I’ve seen quite a lot of discussion lately on how to ‘defend against nmap’ or how to change the properties of your TCP/IP Stack so your Windows OS appears to be something else (As in you can guess the OS from the TTL value passed back in a TCP/IP packet). One way you can […]