Tag Archives | Microsoft

MS Patch Tuesday: 10 patches, 3 critical, all important

SANS Internet Storm Center, InfoCON: green does a far more thorough job than I can of summarizing Microsoft patch tuesday – October 2006 STATUS, (Tue, Oct 10th). “Overview of the October 2006 Microsoft patches and their status.”

A really quick summary: exploits in asp.net, in an IE “safe” ActiveX control, PowerPoint, Excel, Word, MSXML, Office, Publisher, the Server service, IPv6 and the Object Packager (wow! Haven't used that since OLE 1.0!). MS06-056-065. Get Patching! Try OpenOffice.org. Try FireFox. Think Differently. Good luck.

Baystar exec says MSFT behind high-burn-rate funding of SCO

OSNews is pointing to the story that Microsoft's SCO Involvement Revealed. “A declaration by SCO's backer, BayStar has revealed that the software Giant Microsoft had more links to the anti-Linux bad-boy. The declaration made by from BayStar general partner Larry Goldfarb has turned up as part of IBM's evidence to the court. Goldfarb says that Baystar had been chucking USD 50 million at SCO despite concerns that it had a high cash burn rate. He also claims that former Microsoft senior VP for corporate development and strategy Richard Emerson discussed “a variety of investment structures wherein Microsoft would 'backstop', or guarantee in some way, BayStar's investment”.

I don't think it's really a surprise that MSFT and SUN are behind the funding of SCO to take a poke at IBM and slow the adoption of Linux through FUD. If you'd like to learn more about this incredibly complex case, GrokLaw is the place to visit. But be warned: it's easy to be dragged into all the fascinating nooks and crannies of the case.

The real question for me is whether MSFT and SUN succeeded in their ventures. SUN has done a turn-around and is re-inventing themselves as the green company with better price/power/performance for the internet. MSFT has… almost shipped Vista. Linux, meanwhile, has moved, up, out and around, scaling to greater multi-CPU architectures, developing a better virtualization story, making huge progress in hardware compatibility, and fielding several worthy desktop competitors. LAMP is not a risky choice for IT; it's a question of which commercially-supported distributions and stacks to choose and ensuring the eager technicians in house get the training they need. If the SCO case cooled enthusiasm and take-up any, it gave FOSS advocates time to get their act together and pay a little closer attention to governance and provenance and licensing terms, cleaning up their houses and getting their story straight. Meanwhile, Microsoft… almost shipped Vista.

If SCO/Baystar/Microsoft/SUN thought that IBM would roll over and settle out of court, they badly miscalculated.

MS6-053 an Internet Explorer Cross-Site Scripting exploit?

Swa Frantzen is manning the SANS Internet Storm Center, InfoCON: green desk today, and struggles to work out the exploit Microsoft documents without admitting in MS06-053 revisited ?, (Thu, Oct 5th). “When we first read MS06-053 we ended up discussing and not fully understanding what Microsoft was…” (more)… The article explores what appears to be an IE cross-site scripting exploit but with the character set UTF-7 (yes, seven! – who knew!) and some advice to webmasters to help avoid spreading the problem by echoing a bad URL back to the user.

Exploits, exploits and exploits!

I don't intend this blog to be a security blog; that's a full time job better served by others. However, you ought to be alert to what's going on out there:

MS “re-released” MS06-049 as version 2.0 (new and improved!) to patch NTFS file compression on Windows 2000 SP4.

The Internet Storm Center is reporting yet another Internet Explorer exploit, taking advantage of a bug in an ActiveX control.

The ISC is also pointing to reports of an exploit packaged in a PowerPoint file. I may have mentioned it before: Do not open attachments from untrusted sources and… there are no trusted sources. I wouldn't advise anyone to open a PowerPoint until they are sure their anti-virus scanners have been updated and clear the file. Better yet, open it in OpenOffice.org. Better yet… imagine a day with no PowerPoint. Wow.

Microsoft issues patch for Zero-Day VML exploit on Day Eight

Slashdot is noting that Microsoft Patches VML Vulnerability. “Microsoft has quietly released an official patch for the zero-day VML vulnerability. The patch was publicly available yesterday, But Microsoft has just added it to the Security Bulletin Index.” Eight days from time of first report to patch is pretty fast for Microsoft, and is almost two weeks ahead of their normal patch schedule. This security flaw was being aggressively exploited out in the wild.”

For Microsoft to break their usual once-a-month patch cycle is pretty unusual, so I'd consider this patch sooner rather than later. Get patching!

MerriLUG September 2006: File Carving at Home or Office

On the GNHLUG-Announce list, Jim Kuzdrall announces the Septempber MerriLUG meeting, “File Carving at Home or Office”

  • Who : Andy Bair, Winning Team, 2006 File Carving Challenge
  • What : Unscramble randomized data sectors or packets back to files
  • Where: Martha's Exchange
  • Day : Thur 21 September **Next Week**
  • Time : 6:00 PM for grub, 7:30 PM for discussion

    :: Overview

    Want to undelete some Linux disk files? Piece together fragments of a deleted file? Recover a Windows disk where both FATS are destroyed or missing? Extract files from a network capture? MerriLUG presents Andy Bair with a new and effective approach to file carving that could be used to accomplish these tasks.

    Andy Bair (and teammates Klayton Monroe and Jay Smith) won the 2006 File Carving Challenge. The winners developed new tools and techniques which accurately extracted files from a 50MB disk image of containing JPEG, ZIP, HTML, Text, and Microsoft Office files.

    Andy's talk will explain the contest, contest data sample, methodology, and tools. There will be examples and a question-answer
    session. You might want to build a script to automate his method for your purposes (or entice him to do so). Get contest information at http://www.dfrws.org/2006/challenge/. Get a preview of the team's methodology, updated results and additional information at
    http://www.korelogic.com/Resources/Projects/dfrws_challenge_2006/.

    >>> RSVP to Jim Kuzdrall for dinner to assure adequate seating. Driving directions

MythTV links

SlashDot misses the mark completely with in inaccurately-titled and summarized pointer to a great Tom’s Hardware story on MythTV. There’s nearly nothing in the story about the Microsoft media device, nor does there have to be. The MM is a plug-in-and-work device that locks you into their choices, their protocols and few extensions. MythTV is for the do-it-yourself tinkerer who wants to do lots more. This one’s been on my to-do list for way too long.

The comments on the Slashdot article are much more worthwhile than the post. Set your threshhold high and you’ll see the moderated posts. A pointer to Jarod Wilson’s installation guide was worth the browsing. Jarod integrates the great documentation on the MythTV site with his own experiences.

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.