» Bug

‘Nightmare’ kernel bug lets attackers evade Windows UAC security

carrumba — Mon, 29 Nov 2010 23:11:02 +0000

Microsoft is investigating reports of an unpatched vulnerability in the Windows kernel that could be used by attackers to sidestep an important operating system security measure.

One security firm dubbed the bug a potential “nightmare,” but Microsoft downplayed the threat by reminding users that hackers would need a second exploit to launch remote attacks.

The exploit was disclosed Wednesday — the same day proof-of-concept code went public — and lets attackers bypass the User Account Control (UAC) feature in Windows Vista and Windows 7. UAC, which was frequently panned when Vista debuted in 2007, displays prompts that users must read and react to. It was designed to make silent malware installation impossible, or at least more difficult.

The next two weeks …

carrumba — Fri, 26 Mar 2010 17:11:32 +0000

Holidays finally arrived and I have a two week break. It was a stressful time and school kept me quite busy. There was not much time for computer stuff. Sorry about that :/ So the plan for the next two weeks is to finish and publish (with code) the digital bug thing. It’s an old code dating back to 2005 while I was doing some tests with audio streaming but it is still useful if you want to record your microphone input and have no working example at hand.

Holidays are over …

carrumba — Mon, 08 Feb 2010 12:54:05 +0000

So I am back again after one week away from the keyboard. I was not completely off-line but I reduced the efforts to a minimum. Recreation and preparation work for the exams had the main priority.

What I am going to release next is some kind of a digital bug. It’s a small piece of software you can install permanently on a remote computer and start and stop the microphone recording and listen what the person on the other side of the connection is telling. It was considered once as a bug for room surveillance but was never used that way. So there’s no reason why to keep it any longer in the archive. The release date is not fixed yet but I think it will happen before the approaching begin spring.

The code will be published toghether with a GUI app to customize it and do realistic tests.

BTW … I just stumbled upon this one. Enjoy.

Y2.01K bug trips up Symantec

carrumba — Wed, 06 Jan 2010 05:44:28 +0000

Symantec’s Endpoint Protection Manager has been hit by a classic date bug and fell over at the end of the year, accepting no definition updates dated since then.

Symantec have issued a statement, which states that: “An issue has been identified in the Symantec Endpoint Protection Manager (SEPM) server whereby all types of SEP definition content [AV/AS, IPS] with a date greater than December 31, 2009 11:59pm are considered to be ‘out of date’.”

Until the bug is fixed, Symantec has a bandaid strategy: “Symantec Response will continue to publish Symantec Endpoint Protection antivirus and other definitions with the date 12/31/2009, and will only increase the revision number of the definition. More specifically the last certified definitions that was published on December 31, 2009 was “12/31/2009 rev. 041” version. The next certified definitions to be published will have a revision number greater than 041.”

Symantec assures customers that: “there are no changes that a customer administrator needs to apply in order for the above mitigation to be successful.”

Bugs in Minipanzer

carrumba — Wed, 30 Sep 2009 16:38:21 +0000

I started a thread in the forum where you can report all bugs you’ve found in minipanzer. Describe in some sentences whats going wrong or tell what kind of error messages are popping up.
I have some time spare at the moment and will fix the bugs as soon as poosible (as promissed already so many times).

The thread is here.