http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2009-07-04 20:44:55 - PenTestIT : New security tools are being developed now a days Them being opensource is another good thing Rautor is an open source professionalgrade terminal session monitoring and saver for Windows desktops Thislittle program can take regular image screendumps of your users’sessions, scrape each screenshot of its textual context and a grabkeyboard log http://www.secuobs.com/revue/news/116945.shtmlhttp://www.secuobs.com/revue/news/116945.shtml 2009-07-04 20:20:00 - Crash Dump Analysis : Got it in the post yesterday shipped via courier from Amazon: Windows®Internals: Including Windows Server 2008 and Windows Vista, FifthEdition PRO-Developer I originally expected it to be a paperbackbook but as a publisher myself I welcome the final MS Press decisionto make it a hardcover It is more solid I plan to read http://www.secuobs.com/revue/news/116944.shtmlhttp://www.secuobs.com/revue/news/116944.shtml 2009-07-04 05:55:34 - myf00 : In Windows there are many thread safety mechanisms The one I use themost is the critical section mechanism The sectionh contains thecritical section wrapper classes I have implemented a while back whenI had the need for a thread safe circular queue /* * Copyright c2009 Duarte Silva * All Rights Reserved * http://www.secuobs.com/revue/news/116884.shtmlhttp://www.secuobs.com/revue/news/116884.shtml 2009-07-04 01:56:36 - Rootsecure.net : Computer World: London Stock Exchange to abandon failed Windows platform"Anyone who was ever fool enough to believe that Microsoft softwarewas good enough to be used for a mission-critical operation had theirface slapped this September"http://www.secuobs.com/revue/news/116871.shtmlhttp://www.secuobs.com/revue/news/116871.shtml 2009-07-03 20:27:13 - gHacks technology news : The Windows operating system offers quite a few option to find out whatits users have been doing recently It starts with all those temporaryfolders, time stamps of files, history and log files, the indexdatfile and ends with settings that are deeply hidden in the WindowsRegistry Average users are usually unaware of http://www.secuobs.com/revue/news/116804.shtmlhttp://www.secuobs.com/revue/news/116804.shtml 2009-07-03 12:04:46 - Metasploit : add an old opera vuln this module works against unix, windows supportcoming laterhttp://www.secuobs.com/revue/news/116687.shtmlhttp://www.secuobs.com/revue/news/116687.shtml 2009-07-03 11:24:15 - gHacks technology news : iPhone sells 1,000,000 devices in its opening weekend, Palm sells 300,000Pre’s in 3 weeks, T-Mobile has 1,000,000 G1’s in circulation You’dthink with these numbers Microsoft and RIM would be pacing theirrespective offices But instead both companies are business as usualI’m almost sure that if you take a visit to Redmond or http://www.secuobs.com/revue/news/116677.shtmlhttp://www.secuobs.com/revue/news/116677.shtml 2009-07-03 07:31:28 - Browse Privacy Security Addons for Firefox : Billeo is a safe and handy Shopping and Bill Pay Assistant featuring aPassword Manager, eWallet with 1-click Form Fill, and the ability toSave and Search online receipts and web pages Use it for zippiershopping, and paying bills on time Freehttp://www.secuobs.com/revue/news/116645.shtmlhttp://www.secuobs.com/revue/news/116645.shtml 2009-07-03 06:51:50 - News : Consumers running Windows Vista Ultimate, who have blasted Microsoftfor breaking promises to deliver a host of extras, are now knockingthe company's upgrade plans and discount pricing for Windows 7read moreIMAGEhttp://www.secuobs.com/revue/news/116603.shtmlhttp://www.secuobs.com/revue/news/116603.shtml 2009-07-03 06:51:50 - News : Microsoft will offer a multi-license "family pack" for Windows 7,according to a pair of bloggers who cite details in the end-userlicensing agreement EULA of a recently-leaked buildread moreIMAGEhttp://www.secuobs.com/revue/news/116601.shtmlhttp://www.secuobs.com/revue/news/116601.shtml 2009-07-03 03:15:32 - Hack In The Box : Anyone who was ever fool enough to believe that Microsoft software wasgood enough to be used for a mission-critical operation had their faceslapped this September when the LSE London Stock Exchange'sWindows-based TradElect system brought the market to a standstill foralmost an entire day While the LSE denied that the collapse wasTradElect's fault, they also refused to explain what the problemreally wa Sources at the LSE tell me to this day that the problem waswith TradElect Since then, the CEO that brought TradElect to the LSE,Clara Furse, has left without saying why she was leaving Sources inthe City-London's equivalent of New York City's Wall Street--tell methat TradElect's failure was the final straw for her tenure The newCEO, Xavier Rolet, is reported to have immediately decided to put anend to TradElecthttp://www.secuobs.com/revue/news/116562.shtmlhttp://www.secuobs.com/revue/news/116562.shtml 2009-07-03 02:07:50 - 4sysops : Gartner blog: Will VMware become the next Novell Microsoft StartsOfficially Tweeting Springboard Series Virtual Roundtable: Windows 7Application Compatibility Current list of the top 5 most notoriousbotnets To which botnet belong your PCs Copyright © 2006-2009,4sysops, Digital fingerprint: 3db371642e7c3f4fe3ee9d5cf7666eb0http://www.secuobs.com/revue/news/116527.shtmlhttp://www.secuobs.com/revue/news/116527.shtml 2009-07-02 21:57:53 - News : read moreIMAGEhttp://www.secuobs.com/revue/news/116427.shtmlhttp://www.secuobs.com/revue/news/116427.shtml 2009-07-02 18:26:31 - Les Tips du Laboratoire Microsoft : L'uptime est un terme informatique désignant le temps depuis lequel unemachine, ou un logiciel informatique, tourne sans interruption En casde redémarrage, l'uptime est remis http://www.secuobs.com/revue/news/116371.shtmlhttp://www.secuobs.com/revue/news/116371.shtml 2009-07-02 18:18:01 - Alerts : Troj/Dropr-BG is a Windows Trojanhttp://www.secuobs.com/revue/news/116360.shtmlhttp://www.secuobs.com/revue/news/116360.shtml 2009-07-02 12:54:32 - Raymond.CC Blog : Whenever all these giant companies comes out with something new, you canfind it written all over the Internet Remember Bing, the new searchengine by Microsoft Well me and many others still think Google searchresults are way better Then few days ago I heard about the upcomingfree antivirus software called Microsoft http://www.secuobs.com/revue/news/116237.shtmlhttp://www.secuobs.com/revue/news/116237.shtml 2009-07-02 09:07:32 - Volatility : Windows Memory Forensics with Volatility: Andreas Schuster recentlyposted his slides from the training he gave at FIRST 2009 If you wantto learn more about Windows memory forensics, especially the internalsof Volatility, you should definitely check them out These slides willeven teach you how to write your first plugin Shouts to Andreas forhis continued contributions to the Volatility community Thanks tomoyix for sending me the linkhttp://www.secuobs.com/revue/news/116202.shtmlhttp://www.secuobs.com/revue/news/116202.shtml 2009-07-02 05:57:37 - Hack In The Box : Microsoft seems to be pushing much closer to the RTM of Windows 7 withthe latest build that has been leaked on the web Windows 7 build 7264it the first version that no longer uses beta/RC keys If everythinggoes well then Microsoft should be right on track for the July 13threlease of the RTM This should be something that hackers everywhereare jumping on As is no longer accepts the beta and RC keys, itshould also feature the retail activation and hackers everywhere willbe dying to claim to be the first to crack ithttp://www.secuobs.com/revue/news/116161.shtmlhttp://www.secuobs.com/revue/news/116161.shtml 2009-07-02 04:45:36 - Toutes les actualités : Microsoft limitera à 76000 le nombre d'exemplaires de Windows 7 proposécet été en France avec une offre de promotion Ces exemplaires serontdisponibles IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/116098.shtmlhttp://www.secuobs.com/revue/news/116098.shtml 2009-07-02 04:11:56 - Sysinternals Site Discussion : Windows Internals 5th Edition Released The 5th Edition of WindowsInternals, the official book on the architecture and internals of theWindows operating system, is now available This release is 25% largerthan the 4th Edition and is updated to cover Windows Vista and WindowsServer 2008 Visit the official book page and watch Mark and David’sChannel 9 interview on the bookNew Webcast: Case of the Unexplained 2009: Watch Mark’s top-10 ratedTechEd session and third installment of the Case of the Unexplained,where he shows how to use the Sysinternals tools like ProcessExplorer, Process Monitor and Autoruns to solve problems withreal-world cases as examplesAutoruns v951: This fixes a bug with the Run As Administratorfunctionality on 64-bit Windows 7, a copy-to-clipboard bug where partof a line’s content was truncated, and is updated to show Windows 7Sidebar Gadget configurationVMMap v21: VMMap now shows process private byte and working set usagein the process picker, shows the size of the displayed strings in thestrings dialog, and fixes a bug with automatic vmp file associationand running the 32-bit version on 64-bit systemsPsExec v196: This release fixes a bug where remote command-lineoutput was not displayed when the target system was 64-bit Windows XPProcDump v10: This new command-line utility is aimed at capturingprocess dumps of otherwise difficult to isolate and reproduce CPUspikes It also serves as a general process dump creation utility andcan also monitor and generate process dumps when a process has a hungwindow or unhandled exceptionIMAGEhttp://www.secuobs.com/revue/news/116087.shtmlhttp://www.secuobs.com/revue/news/116087.shtml 2009-07-02 00:09:23 - 4sysops : Microsoft: We’re not gouging Europe on Windows 7 pricing Microsoft studyshows ’secret question’ password recovery is weak Get ready to deployWindows 7 and Windows Server 2008 R2 with Microsoft Deployment Toolkit2010 Beta 2 Event IDs for Windows Server 2008 and Vista RevealedCopyright © 2006-2009, 4sysops, Digital fingerprint:3db371642e7c3f4fe3ee9d5cf7666eb0http://www.secuobs.com/revue/news/116031.shtmlhttp://www.secuobs.com/revue/news/116031.shtml 2009-07-01 20:36:01 - WindowSecurity.com : How to track every event that is logged on a Windows Server 2008 andWindows Vista computerhttp://www.secuobs.com/revue/news/115978.shtmlhttp://www.secuobs.com/revue/news/115978.shtml 2009-07-01 19:15:18 - Bill Mullins' Weblog Tech Thoughts : Guest writer Rick Robinette, one of my favorite Blogging buddies,explains why “Clock” is the perfect clock for your desktop Here is aneat little application called “Clock”… It is what it is This app isan analog clock that you install on your PC that has a vast array offeatures and options Once installed an http://www.secuobs.com/revue/news/115885.shtmlhttp://www.secuobs.com/revue/news/115885.shtml 2009-07-01 15:53:42 - gHacks technology news : Working with services in Windows regularly can be quite the challengeThe official way to manage Windows services is to open Servicesmanager Once the Services manager has been opened it can be used tostart and stop services or to change their startup type The servicesmanager is fine if the process is done http://www.secuobs.com/revue/news/115841.shtmlhttp://www.secuobs.com/revue/news/115841.shtml 2009-07-01 14:55:08 - Global Security Mag Online : Devoteam, partenaire du Technical Adoption Program de Windows 7Le groupe Devoteam est l'un des deux partenaires choisis par Microsoftafin de participer au « Technical Adoption Program » TAP de Windows7 Cette collaboration témoigne d'une relation privilégiée entrel'éditeur de logiciels et la société française de conseil IT avant lasortie officielle du nouveau système d'exploitation prévue pour le 22octobre 2009L'objectif principal de ce programme qui touche à sa fin, étaitd'accompagner les - Businesshttp://www.secuobs.com/revue/news/115803.shtmlhttp://www.secuobs.com/revue/news/115803.shtml 2009-07-01 12:16:13 - Latest Security Products entries at ESecurity Planet Product Guide : PC security tweaking software you can use to tweak Windows-basedcomputers Jun 30, 2009http://www.secuobs.com/revue/news/115779.shtmlhttp://www.secuobs.com/revue/news/115779.shtml 2009-07-01 05:02:11 - News : A top Microsoft executive today denied reports that European userswill pay more for Windows 7 because of the company's wrangling withantitrust regulatorsread moreIMAGEhttp://www.secuobs.com/revue/news/115646.shtmlhttp://www.secuobs.com/revue/news/115646.shtml 2009-06-30 18:09:15 - PenTestIT : Windows Registry forms an important part when performing a forensicsanalysis of a Windows machine So, when you have a hive which has beenextracted from a machine using EnCase or like software, RegRipper isTHE software you need to perform your forensics RegRipper is aWindows Registry data extraction tool It also co-relates all theinformation it http://www.secuobs.com/revue/news/115332.shtmlhttp://www.secuobs.com/revue/news/115332.shtml 2009-06-30 16:37:06 - Toutes les actualités : 10 Fonctionnalités pour le bureau Depuis la sortie de sa Beta, Windows 7est sous les projecteurs, et les retours sont plutôt bons, que l'onparle IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/115274.shtmlhttp://www.secuobs.com/revue/news/115274.shtml 2009-06-30 16:12:21 - Bruno Kerouanton : Si vous êtes à la recherche d’un pare-feu personnel correct pourWindows, je vous invite à vous intéresser à Outpost Firewall Il y aune promo jusqu’au 1er juillet je sais, c’est court pour unelicence perpétuelle de leur produit pour 3 PC à la fois Et commec’est un pare-feu que j’aime bien, http://www.secuobs.com/revue/news/115258.shtmlhttp://www.secuobs.com/revue/news/115258.shtml 2009-06-30 12:33:44 - Raymond.CC Blog : Another thing that I didn’t like in Windows Vista is it doesn’t have abuilt-in way to activate webcam to test if it is working or not Totest a webcam in Vista, I had to use the “Audio and video setup”feature from Windows Live Messenger Like in Windows XP, when you havehttp://www.secuobs.com/revue/news/115217.shtmlhttp://www.secuobs.com/revue/news/115217.shtml 2009-06-30 12:27:13 - Darknet The Darkside : http://www.secuobs.com/revue/news/115211.shtmlhttp://www.secuobs.com/revue/news/115211.shtml 2009-06-30 05:53:34 - spamcleaner.org articles divers antispam, sécurité... : spamMonitor est un programme qui vous permet de détecter si votreordinateur envoie des spams, notamment dans le cas où celui-ci seraitinfecté par un virus/rootkit Il vous alerte lorsqu'un logiciel tented'envoyer un email ou d'établir une connexion SMTP sortante depuisvotre PC et vous donne toutes les informations relatives à ceprogramme Entièrement écrit en langage machine/assembleur, il estrapide, compact seulement 20 Ko et très peu gourmand en ressourcessystème Il est gratuit, distribué sous licence GPL et son code sourceest aussi disponible en téléchargementhttp://www.secuobs.com/revue/news/115165.shtmlhttp://www.secuobs.com/revue/news/115165.shtml 2009-06-30 05:27:41 - Hack In The Box : A key Microsoft analyst criticized the company's free upgrade program forWindows 7 for limiting free copies to only the first 25 PCs apurchaser buys Meanwhile, early "pre-order" sales of Windows 7 seemto have taken off like a rocket on Friday, at least according toe-tailer Amazon In a report, Friday, Gartner analyst Michael Silverpointed out the problem regarding what Microsoft NASDAQ: MSFT callsits Upgrade Option Program UOP This is not the first time Microsofthas offered similar promotions, also called "tech guarantees," whichare aimed at keeping sales of PCs from falling off precipitously ascustomers wait for the new version of Windows to come out Notsurprisingly, the company defended the limitshttp://www.secuobs.com/revue/news/115128.shtmlhttp://www.secuobs.com/revue/news/115128.shtml 2009-06-29 23:48:15 - News : Resist 25-PC maximum, expert urges, don't pay twice for the new OSread moreIMAGEhttp://www.secuobs.com/revue/news/114995.shtmlhttp://www.secuobs.com/revue/news/114995.shtml 2009-06-29 23:44:44 - 4sysops : Microsoft to charge Europeans double for Windows 7 Enterprises say no tocloud computing – 85 percent of corporate customers will not implementcloud computing in 2009 Microsoft Deployment Toolkit – buildinginstall media for Windows 7 This video gives a quick overview of MDT2010 beta Acer to surpass Dell as the second http://www.secuobs.com/revue/news/114990.shtmlhttp://www.secuobs.com/revue/news/114990.shtml 2009-06-29 18:56:58 - Channel 9 : IMAGE$0Windows 7 introduces some new UI enhancements, as well as a fewadditional features that developers should be looking at encorporatinginto their applications Yochay Kiriaty joins us to talk about he andhis team have been working on creating the Windows 7 Training Kit forDevelopers This special training kit not only explains what many ofthese new features of Windows 7 are, but also includes coding labs tohelp you figure out how to use them$0 $0 And here are some additionallinks that you may find useful as you get your applications ready forWindows 7$0 $0 $0Windows 7 RC Training for Developers $0 $0Windows 7Blog for Developers $0 $0Windows content on Channel 9 $0 $0Windows 7Developer Center on MSDN $0 $0Windows Application CompatibilityRoadmap $0 $0http://www.secuobs.com/revue/news/114864.shtmlhttp://www.secuobs.com/revue/news/114864.shtml 2009-06-29 15:10:27 - gHacks technology news : Jumplists are a new feature of the upcoming Windows 7 operating systemThey provide quick application specific access by linking to functionsand folders that are often used This could for example be used toopen the write email window in Microsoft Outlook or the most recentdocuments in Microsoft Word or Excel Jumplists are http://www.secuobs.com/revue/news/114818.shtmlhttp://www.secuobs.com/revue/news/114818.shtml 2009-06-29 12:11:40 - PenTestIT : IOCTL Fuzzer is for security testers testing windows beta versionssearch and explore windows vulnerabilities This tool also can be usedfor Reverse Engineering windows kernal IOCTL Fuzzer a tool designedto automate the task of searching vulnerabilities in Windows kerneldrivers by performing fuzz tests on them While processing IRPs, thefuzzer will spoof those IRPs conforming http://www.secuobs.com/revue/news/114776.shtmlhttp://www.secuobs.com/revue/news/114776.shtml 2009-06-29 10:53:44 - gHacks technology news : It has been known for some time that hardly any innovation goes into thetechnology world these days While many will debate as to whether thisis true or not, a quick look at some of the biggest tech crazes of ourtime will show that the idea has been around for longer then we http://www.secuobs.com/revue/news/114759.shtmlhttp://www.secuobs.com/revue/news/114759.shtml 2009-06-29 02:47:02 - Metasploit : Add detection of Windows Storage Server 2008http://www.secuobs.com/revue/news/114690.shtmlhttp://www.secuobs.com/revue/news/114690.shtml 2009-06-29 02:08:07 - News : Prices new OS at 41% to 100% more than in the US, but leaves outbrowserread moreIMAGEhttp://www.secuobs.com/revue/news/114682.shtmlhttp://www.secuobs.com/revue/news/114682.shtml 2009-06-28 22:56:30 - Les Tips du Laboratoire Microsoft : Voici les raccourcis clavier pour Windows Media Player sous Vista : Pourle mode Lecture en cours : Ctrl + B : Revient au chapitre précédent ouau morceau préceteacuthttp://www.secuobs.com/revue/news/114668.shtmlhttp://www.secuobs.com/revue/news/114668.shtml 2009-06-28 21:05:42 - Bill Mullins' Weblog Tech Thoughts : WordWeb is a one-click English Thesaurus and Dictionary for Windows thatcan be used to instantly find definitions, synonyms, andpronunciations for words in virtually any Windows program It worksoff-line, but it can connect to the Internet enabling you to look upwords in any web reference encyclopedia The data base in WordWebincludes over http://www.secuobs.com/revue/news/114647.shtmlhttp://www.secuobs.com/revue/news/114647.shtml 2009-06-28 18:14:43 - Metasploit : Add signature for Windows 7http://www.secuobs.com/revue/news/114630.shtmlhttp://www.secuobs.com/revue/news/114630.shtml 2009-06-28 14:28:25 - Steve on Security : http://www.secuobs.com/revue/news/114618.shtmlhttp://www.secuobs.com/revue/news/114618.shtml 2009-06-28 14:27:26 - Harmony Security Blog : http://www.secuobs.com/revue/news/114580.shtmlhttp://www.secuobs.com/revue/news/114580.shtml 2009-06-27 19:19:08 - gHacks technology news : One of the biggest problem of multi-user Windows XP computer systems isthe lacking feature of setting a default mail client for every userWindows XP only supports one default email client by default whichmakes things a tad complicated if the users who work with theoperating system use different clients The default email http://www.secuobs.com/revue/news/114459.shtmlhttp://www.secuobs.com/revue/news/114459.shtml 2009-06-27 01:55:08 - 4sysops : If you pre-order Win 7 now, then you can save 50% This offer is onlyavailable for a few days limited number of copies Windows 7pre-orders grab Amazon’s top sales spots Microsoft plans Windows 7upgrade version for Europe Microsoft offering $100 Technet discounttill July 3 Is Microsoft silently building a better VDI http://www.secuobs.com/revue/news/114316.shtmlhttp://www.secuobs.com/revue/news/114316.shtml 2009-06-26 22:41:36 - News : Microsoft and online retailers today kicked off Windows 7 sales in theUS, Canada and Japan, taking pre-orders at prices discounted by asmuch as 58%read moreIMAGEhttp://www.secuobs.com/revue/news/114234.shtmlhttp://www.secuobs.com/revue/news/114234.shtml 2009-06-26 18:30:04 - Toutes les actualités : En prenant la décision de supprimer Internet Explorer de Windows Seven,son prochain système d'exploitation, eu Europe, Microsoft se metcertes en conformité IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/114132.shtmlhttp://www.secuobs.com/revue/news/114132.shtml 2009-06-26 18:17:13 - SecurityTube.Net : Leighton Meester sex video lure spreads Mac and Windows malware toTwitter users Video TutorialIMAGEhttp://www.secuobs.com/revue/news/114120.shtmlhttp://www.secuobs.com/revue/news/114120.shtml 2009-06-26 14:38:31 - News : If you're planning on upgrading to Windows 7 Home or Professional thisfall, now is the time to pre-order the upgrade You can save a bundleif you act nowread moreIMAGEhttp://www.secuobs.com/revue/news/114050.shtmlhttp://www.secuobs.com/revue/news/114050.shtml 2009-06-26 06:28:11 - News : Enterprises ready to restock with new PCs and take advantage ofMicrosoft's Windows 7 Upgrade Option Program might find the costsavings to be less than originally thoughtread moreIMAGEhttp://www.secuobs.com/revue/news/113925.shtmlhttp://www.secuobs.com/revue/news/113925.shtml 2009-06-26 06:28:11 - News : Retail expert applauds Windows 7 pre-order discount, slams upgradeprice in light of Apple's low-cost moveread moreIMAGEhttp://www.secuobs.com/revue/news/113923.shtmlhttp://www.secuobs.com/revue/news/113923.shtml 2009-06-26 03:09:33 - Hack In The Box : Microsoft recently announced retail pricing for Windows 7 that was at orbelow comparable Windows Vista prices, while also offering a chancefor people to preorder the software at a substantial discount FromFriday through July 11, consumers in the US will be able to buy anupgrade copy of Windows 7 Home premium for $49 or Windows 7Professional for $99 That offer is good for both XP and Windows VistaPCs, regardless of whether someone has been trying out the pre-releaseversion of the operating system That matches the details in a memofrom Best Buy that leaked earlier this monthhttp://www.secuobs.com/revue/news/113906.shtmlhttp://www.secuobs.com/revue/news/113906.shtml 2009-06-26 02:02:27 - News : Called "Windows 7 Upgrade Option Program," the deal provides free ornearly-free upgrades to Windows 7 for people who purchase a new VistaPC between June 26, 2009 and Jan 31, 2010read moreIMAGEhttp://www.secuobs.com/revue/news/113862.shtmlhttp://www.secuobs.com/revue/news/113862.shtml 2009-06-26 01:56:28 - 4sysops : Microsoft to Europe: No Windows 7 upgrades for you Michael to EuropeanCommission: Thanks for making us less competitive Windows 7 UpgradeTest Matrix – Outlines supported and unsupported upgrade paths forWindows 7 SKUs Microsoft: Outlook’s not broken and we aren’t ‘fixing’it I agree HTML in E-Mails often causes problems Copyright ©2006-2009, http://www.secuobs.com/revue/news/113852.shtmlhttp://www.secuobs.com/revue/news/113852.shtml 2009-06-25 23:13:34 - Rootsecure.net : BBC News: Windows 7 pricing gets unveiled "Microsoft will not be offeringan upgrade version of Windows 7 in Europe"http://www.secuobs.com/revue/news/113823.shtmlhttp://www.secuobs.com/revue/news/113823.shtml 2009-06-25 22:09:47 - gHacks technology news : Microsoft has finally revealed information about the pricing scheme andupgrade options for their upcoming operating system Windows 7 Manywebsites have already reported about the prices and how they compareto Windows Vista In short, most editions of Windows 7 will be cheaperthan comparable Windows Vista editions Most notably are the Windows 7http://www.secuobs.com/revue/news/113787.shtmlhttp://www.secuobs.com/revue/news/113787.shtml 2009-06-25 22:01:58 - MetaGeek Makers of the WiSpy Spectrum Analyzer : Hi,I'm trying to test Chanalyzer lite on Windows 7 RC1 x64 with a Wi-SpyDBxIt doesn't even start I do have an error box without any relevantinformationI can't press the "Send Error Report" button it's grayed and if Ipress "Copy to Clipboard" it doesn't copy anythingOn the other hand, Chanalyzer 32 is working fineSo what can I doRegards,PappyIMAGE IMAGE IMAGEIMAGEhttp://www.secuobs.com/revue/news/113774.shtmlhttp://www.secuobs.com/revue/news/113774.shtml 2009-06-25 22:01:17 - News : Microsoft today told European consumers that they won't be able to doan "in-place" upgrade from Vista to Windows 7 when the latter shipsthis fall, but the company is lowering prices for 'full' editions tomake amendsread moreIMAGEhttp://www.secuobs.com/revue/news/113772.shtmlhttp://www.secuobs.com/revue/news/113772.shtml 2009-06-25 22:01:17 - News : HP and Lenovo will offer free upgrades to the Microsoft Windows 7 OSfor customers who buy PCs pre-installed with the Windows Vista OS, thecompanies said Thursdayread moreIMAGEhttp://www.secuobs.com/revue/news/113771.shtmlhttp://www.secuobs.com/revue/news/113771.shtml 2009-06-25 22:00:45 - Toutes les actualités : Windows 7 sera officiellement commercialisé en France à partir du 22octobre prochain, en deux versions : Edition Familiale Premium, etEdition Professionnelle IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/113768.shtmlhttp://www.secuobs.com/revue/news/113768.shtml 2009-06-25 21:55:55 - 4sysops : Microsoft announced Windows 7 prices This post summarizes the mostimportant facts I also share my opinion at the end of the articleThe video at the end of the article shows the interview about theannouncement with Brad Brooks, Corporate VP for Windows ConsumerMarketing Upgrade prices Windows 7 Home Premium Upgrade: $11999Windows 7 Professional Upgrade: http://www.secuobs.com/revue/news/113764.shtmlhttp://www.secuobs.com/revue/news/113764.shtml 2009-06-25 21:24:37 - Channel 9 : IMAGEPreviously Posted on Channel 10Setting up and connecting to wireless networks will be a much simplertask in Windows 7 And for those of you with shiny new wirelessrouters with WPS - Wi-Fi Protected Setup - the process will be eveneasierGabe Frost and Yatharth Gupta from the Windows 7 team join me in thestudio to talk about Wi-Fi Protected Setup WPS in Windows 7 and whatto look for when buying your next Wi-Fi deviceMore info:http://wwwwi-fiorg/wifi-protected-setuphttp://enwikipediaorg/wiki/Wi-Fi_Protected_Setuphttp://wwwmicrosoftcom/rallyhttp://www.secuobs.com/revue/news/113756.shtmlhttp://www.secuobs.com/revue/news/113756.shtml 2009-06-25 18:21:14 - WindowSecurity.com : Kaspersky Security for Mail Server was selected the winner in the EmailAnti Virus category of the WindowSecuritycom Readers' Choice AwardsSymantec AntiVirus for Messaging and BitDefender Security were firstrunner-up and second runner-up respectivelyhttp://www.secuobs.com/revue/news/113719.shtmlhttp://www.secuobs.com/revue/news/113719.shtml 2009-06-25 17:43:09 - News : For two weeks starting Friday, Microsoft will pre-sell Windows 7upgrades for as little as $50read moreIMAGEhttp://www.secuobs.com/revue/news/113699.shtmlhttp://www.secuobs.com/revue/news/113699.shtml 2009-06-25 14:45:59 - Network World on Security : Windows is installing "surprise updates" against the wishes of someusers, who have expressly set up the operating system not to deploypatches without permission, researchers charged todayhttp://www.secuobs.com/revue/news/113618.shtmlhttp://www.secuobs.com/revue/news/113618.shtml 2009-06-25 14:37:25 - Les Tips du Laboratoire Microsoft : Windows Defender est actif par default sous Windows Vista Ce logicielest en fait principalement un anti-spyware qui se met automatiquementà jour à travers Windows Udapte, mahttp://www.secuobs.com/revue/news/113617.shtmlhttp://www.secuobs.com/revue/news/113617.shtml 2009-06-25 14:37:25 - Les Tips du Laboratoire Microsoft : Ver Conficker* 1 Présentation Depuis courant Octobre 2008, un verdénommé Conficker ou Downadup, Kido * se propage massivement sur leweb en exploitant une vulnérahttp://www.secuobs.com/revue/news/113616.shtmlhttp://www.secuobs.com/revue/news/113616.shtml 2009-06-25 14:37:25 - Les Tips du Laboratoire Microsoft : Sur Windows XP vous avez la possibilité de définir un nombre detentative d'accès dans votre système Pour ce faire rendez-vous dansle panneau de configurathttp://www.secuobs.com/revue/news/113615.shtmlhttp://www.secuobs.com/revue/news/113615.shtml 2009-06-25 14:37:25 - Les Tips du Laboratoire Microsoft : En désactivant l'écran de démarrage de Windows vous gagnerai quelquessecondes sur le temps d'amorçage de votre machine Voila commentfaire Clique droit http://www.secuobs.com/revue/news/113614.shtmlhttp://www.secuobs.com/revue/news/113614.shtml 2009-06-25 14:37:25 - Les Tips du Laboratoire Microsoft : Il existe une petite manipulation dans le registre pour arrêter lesystème un peu plus rapidement Exécuter regedit Recherchez la chaîne: HKEY_LOCAL_MACHINE SYhttp://www.secuobs.com/revue/news/113613.shtmlhttp://www.secuobs.com/revue/news/113613.shtml 2009-06-25 10:38:10 - Rootsecure.net : ZDNet Blog: Guy Kawasaki's Twitter account hijacked, pushes Windows andMac malwarehttp://www.secuobs.com/revue/news/113560.shtmlhttp://www.secuobs.com/revue/news/113560.shtml 2009-06-25 10:30:08 - Les Tips du Laboratoire Microsoft : Sous Windows Vista, lorsqu'on clique sur l'heure en bas à droite de labarre des tâches, on remarque qu'il n'y a qu'une seule horloge quis'affiche Il est possiblhttp://www.secuobs.com/revue/news/113547.shtmlhttp://www.secuobs.com/revue/news/113547.shtml 2009-06-25 10:30:08 - Les Tips du Laboratoire Microsoft : Sous Windows, quand vous positionnez votre curseur de souris sur un menu,il faut attendre un certain délai avant que l'arborescence suivante sedéroule Il est possible de modifier http://www.secuobs.com/revue/news/113546.shtmlhttp://www.secuobs.com/revue/news/113546.shtml 2009-06-25 10:30:08 - Les Tips du Laboratoire Microsoft : Si vous utilisez Windows Vista ainsi que l'application Windows Mailintégrée, voici une liste de raccourcis clavier qui vont vouspermettre d'accélérer vos opeteacuthttp://www.secuobs.com/revue/news/113545.shtmlhttp://www.secuobs.com/revue/news/113545.shtml 2009-06-25 10:30:08 - Les Tips du Laboratoire Microsoft : Si vous souhaitez accélérer le démarrage de votre système d'exploitationMicrosoft Windows Vista: Cliquer sur "Démarrer", tapez "regeditethttp://www.secuobs.com/revue/news/113543.shtmlhttp://www.secuobs.com/revue/news/113543.shtml 2009-06-25 01:57:26 - Systm Large Quicktime : Security, safety, ease of repair, USB Flash Drives are more than juststorage, they're a great way to run your safe copy Linux or Windows on-any- machine that can boot from USBhttp://www.secuobs.com/revue/news/113416.shtmlhttp://www.secuobs.com/revue/news/113416.shtml 2009-06-25 01:57:26 - Systm Large Quicktime : Save yourself the hassle of rebuilding your system in the event of acatastrophic disk failure, by creating a custom recovery disc andlearn about Rescue CDs and Slipstreaming while you dohttp://www.secuobs.com/revue/news/113407.shtmlhttp://www.secuobs.com/revue/news/113407.shtml 2009-06-25 00:42:33 - Zero Day : The Twitter account belonging to venture capitalist and Mac evangelistGuy Kawasaki was hijacked yesterday and used to push malware to some140,000 Twitter users The attack screenshot above included a linkto what purported to be a “sex tape video free download” linked toGossip Girls star Leighton Meester but, after a series of IMAGEhttp://www.secuobs.com/revue/news/113361.shtmlhttp://www.secuobs.com/revue/news/113361.shtml 2009-06-25 00:31:36 - 4sysops : A few days ago, I blogged about BartPE, a well known tool for creating aWindows PE based rescue boot CD Some readers recommended checking outUBCD4Win, which is an offspring of BartPE The main difference betweenthe two is that the UBCD4Win project is still alive while BartPE seemsto have been discontinued http://www.secuobs.com/revue/news/113352.shtmlhttp://www.secuobs.com/revue/news/113352.shtml 2009-06-25 00:31:36 - 4sysops : Check out the New Windows 7 Packaging Why do people still want softwareis plastic boxes Download of Microsoft Security Essentials Beta hasbeen closed But you can still get it here: RSAT and ADUC for Vista –Update to add tabs for Terminal Services Profile, Environment,Sessions, and Remote Control Aero Glass Remoting in http://www.secuobs.com/revue/news/113351.shtmlhttp://www.secuobs.com/revue/news/113351.shtml 2009-06-24 22:12:23 - Les Tips du Laboratoire Microsoft : Si vous désirez briser la monotomie d'un démarrage de Windows Vista, ilexiste une petite modification à faire dans un utilitaire fourni avecle système Pour celahttp://www.secuobs.com/revue/news/113318.shtmlhttp://www.secuobs.com/revue/news/113318.shtml 2009-06-24 22:01:56 - Threatpost Feed : From IDG News Service Robert McMillanFormer Apple Macintosh evangelist Guy Kawasaki posts Twitter messagesabout a lot of different thing, but the message he put up Tuesday wasreally out of character: "Leighton Meester sex tape video freedownload"His message included a link that, after some further clicking, landedKawasaki's followers on a fake porn site where online criminals try toinstall a nasty Trojan horse program on victim's computers And in aninteresting twist, the program attacks both Mac and Windows usersRead the full story computerworldcomhttp://www.secuobs.com/revue/news/113310.shtmlhttp://www.secuobs.com/revue/news/113310.shtml 2009-06-24 21:25:57 - News : Rivals ding Microsoft's free antivirus software, but AV-Testorg saysit's 'very good'read moreIMAGEhttp://www.secuobs.com/revue/news/113264.shtmlhttp://www.secuobs.com/revue/news/113264.shtml 2009-06-24 21:25:57 - News : Microsoft will launch its Windows 7 free upgrade program for buyers ofVista PCs on Friday, according to a message on a new company Web siteread moreIMAGEhttp://www.secuobs.com/revue/news/113257.shtmlhttp://www.secuobs.com/revue/news/113257.shtml 2009-06-24 17:04:22 - Mubix's Links : After a bunch of googling to find out what PEB was I happened uponthis old milw0rm paper, which answered that question and the one I wasgoing to ask next: How is it used in exploitation:http://milw0rmorg/papers/66IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/113157.shtmlhttp://www.secuobs.com/revue/news/113157.shtml 2009-06-24 17:03:19 - News : The alpha of Boxee for Windows launches, and with it comes newfeatures for all Boxee usersread moreIMAGEhttp://www.secuobs.com/revue/news/113156.shtmlhttp://www.secuobs.com/revue/news/113156.shtml 2009-06-24 13:17:17 - gHacks technology news : You might want to consider switching to the Windows 7 Release Candidatebefore July 1 if you are still running the excellent Windows 7 Betarelease The beta will go into crazy mode – please bear with me, thoseare my words for what will be happening from that day on – whichsimply means http://www.secuobs.com/revue/news/113079.shtmlhttp://www.secuobs.com/revue/news/113079.shtml 2009-06-24 08:24:12 - insanesecurity : Saw the video only today unfortunately It made me realize all theuseless things, or so called ‘innovations’ that Windows Vista broughtus I think that we were doing just fine, and they were doing a finejob with Windows XP The first moment Vista appeared bad thingshappened DRM Digital Rights Management or Digital RestrictionManagemenet http://www.secuobs.com/revue/news/113009.shtmlhttp://www.secuobs.com/revue/news/113009.shtml 2009-06-24 04:42:50 - News : Microsoft will turn off the Windows 7 Release Candidate RC tap onAug 15, the company said todayread moreIMAGEhttp://www.secuobs.com/revue/news/112928.shtmlhttp://www.secuobs.com/revue/news/112928.shtml 2009-06-24 00:12:05 - 4sysops : Microsoft Security Essentials beta to be capped at 75,000, kicks offtoday Microsoft Security Essentials Beta Microsoft’s new anti-malwaretool is now available for download Microsoft Enterprise DesktopVirtualization MED-V version 1 Planning, Deployment and OperationsGuide Rumor: Windows 7 RTM sign off on July 13 No upgrade installationof Windows 7 in Europe http://www.secuobs.com/revue/news/112881.shtmlhttp://www.secuobs.com/revue/news/112881.shtml 2009-06-23 23:35:54 - BadwareBusters.org Most recent topics : We’re a small company and we were hacked sometime last year We havesuccessfully prevented further similar hacks we think, but we stillneed to make 100% that nothing has been left lingering from thesuccessful hack We also want as clean a system as possible, forobvious reasons :I’m unfortunately a bit of a newb, but it’s fallen to me to get up tospeed as quickly as possibleI was hoping somebody here might be prepared to take a look at aHijackThis or RunScanner log file Not sure if this is a good placeto come to ask for such helpThanks a lot,- Johnnyhttp://www.secuobs.com/revue/news/112863.shtmlhttp://www.secuobs.com/revue/news/112863.shtml 2009-06-23 20:48:57 - SecurityShell : With modern script libraries, which were written by the author, the NmapScriptingEngine NSE has the ability to establish a null or authenticatedsession with all modern versions of Windows By leveraging thesesessions, scripts have the ability to probe and explore Windowssystems in great depth, providing an attacker with invaluableinformation about the server This paper will look at how SMB andMicrosoft RPC services work, how the Nmap scripts take advantage ofthe services, what checks the scripts are able to do, and what can bedone to prevent themDownload PDFIMAGEhttp://www.secuobs.com/revue/news/112824.shtmlhttp://www.secuobs.com/revue/news/112824.shtml 2009-06-23 17:04:52 - CNET France Spécial : Windows Security Essentials arrive ce mardi en version bêta Mais leremplaçant de Live OneCare sera limité aux 75 000 premiers personnesl'ayant téléchargéLire l'articlehttp://www.secuobs.com/revue/news/112712.shtmlhttp://www.secuobs.com/revue/news/112712.shtml 2009-06-23 16:25:41 - Geo's blog : 0vercl0k-where = flc - holiday : dit :mets-les sur ton blogs, ces articles 0vercl0k-where = flc - holiday : dit :certains seraient contents de lire de tels articlesD'accord Je veux bienAujourd'hui, je vous diffuse un tutoriel amateur qui traite de laconception de shellcodes sous windows Je n'ai rien de plus à dire,puisque tout est expliqué dedansLe lien C'est ici :http://venom630freefr/geo/tutz/programmation/asm/shellcoding_windoz/J'en profite pour souhaiter bonne chance à ceux qui ont encore desépreuves à passer pour le baccalauréatBonne lecture GeoIMAGEhttp://www.secuobs.com/revue/news/112693.shtmlhttp://www.secuobs.com/revue/news/112693.shtml 2009-06-23 16:14:46 - Toutes les actualités : La durée de vie de Windows XP n'en finit plus d'être étendue Alors queGartner faisait part, en début de semaine, de son insatisfaction àpropos de la IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/112678.shtmlhttp://www.secuobs.com/revue/news/112678.shtml 2009-06-23 12:56:54 - Threatpost Feed : Scott Charney of Microsoft's Trustworthy Computing group explains thesecurity features in Windows 7 in this ZDNet video from this year'sRSA Conference in San Franciscohttp://www.secuobs.com/revue/news/112640.shtmlhttp://www.secuobs.com/revue/news/112640.shtml 2009-06-23 12:10:21 - Raymond.CC Blog : The web browser and instant messenger that I use “full time” is Firefoxand Windows Live Messenger I still do use Internet Explorer forcertain websites such as Hotmail, online banking and etc All is goodexcept that after installing Firefox and making it as my default webbrowser, whenever I click on the http://www.secuobs.com/revue/news/112619.shtmlhttp://www.secuobs.com/revue/news/112619.shtml 2009-06-23 04:58:26 - Hack In The Box : An exploit of a still-unpatched vulnerability in Microsoft Windows XP andServer 2003 has been added to a multi-strike attack toolkit, Symantecsaid late last week, a move that may mean attacks will increase soonAccording to Symantec, an in-the-wild exploit of the DirectShow bug,which Microsoft acknowledged a month ago, has been added to at leastone web-based attack kit "This will likely lead to wide-spread use ina short time," said Liam Murchu, a researcher with Symantec's securityresponse group, in an entry posted to the company's blog on SaturdayMicrosoft has not yet issued a fix for the DirectShow bug, whichaffects Windows 2000, XP and Server 2003, but not the newer WindowsVista or Server 2008 The flaw also doesn't affect thenot-yet-released Windows 7http://www.secuobs.com/revue/news/112533.shtmlhttp://www.secuobs.com/revue/news/112533.shtml 2009-06-22 23:38:25 - News : An exploit of a still-unpatched vulnerability in Microsoft Windows XPand Server 2003 has been added to a multi-strike attack toolkit,Symantec said late last week, a move that may mean attacks willincrease soonread moreIMAGEhttp://www.secuobs.com/revue/news/112402.shtmlhttp://www.secuobs.com/revue/news/112402.shtml 2009-06-22 20:40:35 - Alerts : Troj/Agent-KGG is Windows Trojanhttp://www.secuobs.com/revue/news/112352.shtmlhttp://www.secuobs.com/revue/news/112352.shtml 2009-06-22 19:44:47 - gHacks technology news : File associations are written to the Windows Registry by default Thisusually happens during the installation of the operating system andcomputer software programs Installing Microsoft Word will make it thedefault word processor on the computer system with file types likedocx or doc opened by it by default The same is true for http://www.secuobs.com/revue/news/112321.shtmlhttp://www.secuobs.com/revue/news/112321.shtml 2009-06-22 19:38:20 - News : Fujitsu will charge for Windows 7 upgrade vouchers when it beginsoffering them shortly to people that buy a PC ahead of the operatingsystem's Oct 22 launchread moreIMAGEhttp://www.secuobs.com/revue/news/112299.shtmlhttp://www.secuobs.com/revue/news/112299.shtml 2009-06-22 15:30:44 - MS Digest IIS Exchange : Couldn’t resist anymore, I’ve bought myself a Fujitsu Scaleo Home Serverbased on Windows Home Server The server is the 2 generation WHS fromFujitsu and it was just to cheap approx 360$ to resist anymore,apparently Fujitsu has dumped their prices this spring with like 50%I like the idea of having the IMAGEhttp://www.secuobs.com/revue/news/112219.shtmlhttp://www.secuobs.com/revue/news/112219.shtml 2009-06-22 12:59:41 - PenTestIT : Kernel Detective is built to detect, analyze, manually modify and fixsome Windows NT kernel modifications manually or by any malwareKernel Detective gives you the access to the kernel directly so it’snot oriented for newbies Changing essential kernel-mode objectswithout enough knowledge will lead you to only one result NewFeatures + Support for Vista SP2 + http://www.secuobs.com/revue/news/112183.shtmlhttp://www.secuobs.com/revue/news/112183.shtml 2009-06-20 23:43:51 - Reverse Engineering : submitted by cloudburstlink 0 commentshttp://www.secuobs.com/revue/news/111972.shtmlhttp://www.secuobs.com/revue/news/111972.shtml 2009-06-20 19:40:39 - Rootsecure.net : H Security: UAC in Windows 7 still poroushttp://www.secuobs.com/revue/news/111885.shtmlhttp://www.secuobs.com/revue/news/111885.shtml 2009-06-20 18:37:26 - gHacks technology news : Snowbird is a lightweight Windows Explorer alternative that offers itsusers some extended functionality The portable software program iscompatible with Windows XP and above and comes with a tiny size of 468Kilobytes unpacked The interface of the computer program has beendivided into three areas The header area containing menus and thebreadcrumb navigation, http://www.secuobs.com/revue/news/111877.shtmlhttp://www.secuobs.com/revue/news/111877.shtml 2009-06-20 08:04:33 - Metasploit : Adds Windows 7 support for the primary stagers:http://wwwharmonysecuritycom/blog/2009/06/retrieving-kernel32s-base-addresshtmlhttp://www.secuobs.com/revue/news/111826.shtmlhttp://www.secuobs.com/revue/news/111826.shtml 2009-06-20 00:59:38 - Metasploit : Enforce maximum thread count on windows platformshttp://www.secuobs.com/revue/news/111763.shtmlhttp://www.secuobs.com/revue/news/111763.shtml 2009-06-20 00:17:39 - 4sysops : System Center Configuration Manager Service Pack 2 Public Beta WindowsClient Feature Comparison: Windows XP SP3 | Wndows Vista SP1 | Windows7 Windows Server 2008 Hyper-V Resource Kit is now available MarkRussinovich and David Solomon: Windows Internals 5 Released Copyright© 2006-2009, 4sysops, Digital fingerprint:3db371642e7c3f4fe3ee9d5cf7666eb0http://www.secuobs.com/revue/news/111736.shtmlhttp://www.secuobs.com/revue/news/111736.shtml 2009-06-19 20:40:51 - Channel 9 : IMAGEWindows kernel expert and kernel "professor" David Solomon andWindows Kernel Technical Fellow Mark Russinovich have written anothergreat book covering, in great detail, the internal composition ofWindows Vista and Windows Server 2008 A third author,Alex Ionescu,joined the fray this time around Together, they've just releasedWindows Internals Fifth Edition My order has been submitted If youwant to really understand the mechanics of Windows' latest generationgeneral purpose kernel, then go get this bookDavid was in Redmond recently conducting deep training on the Windows7 kernel, which contains 95% of the same ingredients as the WindowsVista kernel So, of course we had to get the dynamic duo together totalk about their book, the Windows kernel, their history they've beenworking together for a long time and their futureEnjoy Happy readinghttp://www.secuobs.com/revue/news/111640.shtmlhttp://www.secuobs.com/revue/news/111640.shtml 2009-06-18 05:47:03 - Hack In The Box : F-Secure has announced a new version of its security software for WindowsMobile, which includes the anti-theft feature with remote locking andwiping of confidential data if the phone is lost or stolen F-SecureMobile Security and its new anti-theft feature is available on June 24for Windows Mobile phone users The anti-theft feature includes remotelock, remote wipe and theft control functionalities The remote lockcan be used to lock the device to protect confidential informationquickly and easily with a single SMS message The theft controlfeature activates when the SIM card is changed by locking the deviceAs an ultimate safety measure to prevent misuse, it is possible toerase all the data on the phone with the remote wipe by sending an SMSmessagehttp://www.secuobs.com/revue/news/111082.shtmlhttp://www.secuobs.com/revue/news/111082.shtml 2009-06-18 04:45:55 - News : The Microsoft blogger who first called attention to a securityvulnerability in Windows 7's User Account Control UAC feature claimsit still exists and that Microsoft won't fix it, even as the companynears final code completion on the OSread moreIMAGEhttp://www.secuobs.com/revue/news/111051.shtmlhttp://www.secuobs.com/revue/news/111051.shtml 2009-06-18 01:16:43 - 4sysops : Free Microsoft Press e-Book: Microsoft Office Communications Server 2007R2 Resource Kit Microsoft To Allow Windows 7-To-XP Downgrades UntilApril 2011 ‘Nine Ball’ attack hits 40,000 websites Citrix XenServer55, Essentials 55 ship Wireshark 120 released What’s new in theWindows 7 Firewall Hands on with the Windows 7 Touch Pack Copyright ©2006-2009, http://www.secuobs.com/revue/news/110966.shtmlhttp://www.secuobs.com/revue/news/110966.shtml 2009-06-17 16:19:06 - WindowSecurity.com : Taking a look at the Windows Firewall in Windows 7, showing you how toconfigure it with multiple active firewall policieshttp://www.secuobs.com/revue/news/110740.shtmlhttp://www.secuobs.com/revue/news/110740.shtml 2009-06-17 15:55:00 - gHacks technology news : FBackup is a Windows backup software that adds another interesting aspectto the backup process by offering plugins for backing up specificprograms and data in Windows At its core FBackup is just anotherbackup software that comes with all of the features and functionalitythat one would expect from a backup software Users can http://www.secuobs.com/revue/news/110733.shtmlhttp://www.secuobs.com/revue/news/110733.shtml 2009-06-17 15:44:00 - Help Net Security News : Tens of millions of mobile phones were lost or stolen in 2008, with theUK alone reporting 10,000 stolen every month At the same time, moreand more people and businesses are using sophisticated smarhttp://www.secuobs.com/revue/news/110713.shtmlhttp://www.secuobs.com/revue/news/110713.shtml 2009-06-17 13:10:18 - Vigil@nce vulnérabilités publiques : Un attaquant peut employer quatre vulnérabilités du noyau afin d'exécuterdu code avec les privilèges du systèmehttp://www.secuobs.com/revue/news/110638.shtmlhttp://www.secuobs.com/revue/news/110638.shtml 2009-06-17 13:10:18 - Vigil@nce vulnérabilités publiques : Un attaquant peut employer une vulnérabilité de la RPC Marshalling Engineafin d'exécuter du code sur le serveurhttp://www.secuobs.com/revue/news/110637.shtmlhttp://www.secuobs.com/revue/news/110637.shtml 2009-06-17 11:31:56 - Global Security Mag Online : Un attaquant peut employer quatre vulnérabilités du noyau afin d'exécuterdu code avec les privilèges du systèmeGravité : 2/4Conséquences : accès/droits administrateurProvenance : shell utilisateurMoyen d'attaque : aucun démonstrateur, aucune attaqueCompétence de l'attaquant : expert 4/4Confiance : confirmé par l'éditeur 5/5Diffusion de la configuration vulnérable : élevée 3/3Nombre de vulnérabilités dans ce bulletin : 4Date création : 10/06/2009 - Vulnérabilitéshttp://www.secuobs.com/revue/news/110621.shtmlhttp://www.secuobs.com/revue/news/110621.shtml 2009-06-17 11:31:56 - Global Security Mag Online : Un attaquant peut employer une vulnérabilité de la RPC Marshalling Engineafin d'exécuter du code sur le serveurGravité : 2/4Conséquences : accès/droits privilégiéProvenance : client intranetMoyen d'attaque : aucun démonstrateur, aucune attaqueCompétence de l'attaquant : expert 4/4Confiance : confirmé par l'éditeur 5/5Diffusion de la configuration vulnérable : faible 1/3Date création : 10/06/2009PRODUITS CONCERNÉSMicrosoft Windows 2000Microsoft Windows - Vulnérabilitéshttp://www.secuobs.com/revue/news/110620.shtmlhttp://www.secuobs.com/revue/news/110620.shtml 2009-06-17 08:45:35 - Hak5 Large Xvid : Darren's Hacking WPA-PSK keys using the recently updated Cowpatty andsome damn fine lookup tables Connecting ESXi to iSCSI targets -- Mattbreaks it down with FreeNAS And Shannon completely bypasses localWindows logins with a Kernel modifyin' boot cd w00thttp://www.secuobs.com/revue/news/110599.shtmlhttp://www.secuobs.com/revue/news/110599.shtml 2009-06-17 03:28:10 - News : As expected, Microsoft will let computer makers sell PCs with the agedWindows XP for six months after it releases Windows 7, a move thatwill confuse companies and make it tougher for them to manage theirlicensing, an analyst said todayread moreIMAGEhttp://www.secuobs.com/revue/news/110502.shtmlhttp://www.secuobs.com/revue/news/110502.shtml 2009-06-16 23:22:16 - Mubix's Links : I hope to be using these links to use as part of you know what… Iforgot, but I know it will come back to me and I’ll need these links,so I am storing them here Muhahahahhttp://msdnmicrosoftcom/en-us/library/ms738545VS85aspxhttp://wwwntkernelcom/wetpphpid=7IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/110435.shtmlhttp://www.secuobs.com/revue/news/110435.shtml 2009-06-16 23:17:07 - 4sysops : My article about GFI MailArchiver 61 has been published in the Germanmagazine Computerwoche Windows 7 Upgrade Programs Will Start Soon,Vary by Vendor Dell offers range of Microsoft software for downloadMicrosoft to offer IE8 at retail for EU Windows 7 buyers Is thisWindows in the Cloud Windows4allcom is a Silverlight-based CodePlexhttp://www.secuobs.com/revue/news/110418.shtmlhttp://www.secuobs.com/revue/news/110418.shtml 2009-06-16 20:23:27 - Alerts : TrojanAmoevae is a Trojan horse that exploits the Microsoft DirectXDirectShow QuickTime Video Remote Code Execution Vulnerability BID35139 to execute arbitrary code and download files on to thecompromised computerhttp://www.secuobs.com/revue/news/110382.shtmlhttp://www.secuobs.com/revue/news/110382.shtml 2009-06-16 08:59:00 - Reverse Engineering : submitted by anonsubmilink 1 commenthttp://www.secuobs.com/revue/news/110144.shtmlhttp://www.secuobs.com/revue/news/110144.shtml 2009-06-15 23:48:46 - gHacks technology news : In my last article Installing and configuring VirtualBox for virtualOSes I walked you through the installation of the VirtualBox virtualmachine tool In this article I am going to show you how to actuallyinstall an operating system with this tool You will be surprised atnot only how simple the installation is, but http://www.secuobs.com/revue/news/109990.shtmlhttp://www.secuobs.com/revue/news/109990.shtml 2009-06-15 23:46:28 - Security Bloggers Network : Active Directory UserAccountControl – Common values related to accessrightsWindows File System Permissions – As labelled in the WindowsSecurity dialog with descriptions for both folders and fileshttp://www.secuobs.com/revue/news/109984.shtmlhttp://www.secuobs.com/revue/news/109984.shtml 2009-06-15 23:44:14 - News : Google's Android mobile phone software worked well on mini-laptops atthe Computex Taipei 2009 electronics show and, backed by the strongGoogle brand, may be headed for prime time, two Gartner analysts saidMondayread moreIMAGEhttp://www.secuobs.com/revue/news/109978.shtmlhttp://www.secuobs.com/revue/news/109978.shtml 2009-06-15 21:31:31 - Network World on Security : Microsoft last week issued 10 security updates that patched a record 31vulnerabilities -- 18 marked "critical" -- in Windows, InternetExplorer, Excel, Word, Windows Search and other programshttp://www.secuobs.com/revue/news/109945.shtmlhttp://www.secuobs.com/revue/news/109945.shtml 2009-06-15 21:28:42 - Microsoft Security Bulletins : Bulletin Severity Rating:Critical - This security update resolves threeprivately reported vulnerabilities in Windows Print Spooler The mostsevere vulnerability could allow remote code execution if an affectedserver received a specially crafted RPC request Firewall bestpractices and standard default firewall configurations can helpprotect networks from attacks that originate outside the enterpriseperimeter Best practices recommend that systems that are connected tothe Internet have a minimal number of ports exposedhttp://www.secuobs.com/revue/news/109940.shtmlhttp://www.secuobs.com/revue/news/109940.shtml 2009-06-15 21:28:42 - Microsoft Security Bulletins : Bulletin Severity Rating:Moderate - This security update resolves aprivately reported vulnerability in Windows Search The vulnerabilitycould allow information disclosure if a user performs a search thatreturns a specially crafted file as the first result or if the userpreviews a specially crafted file from the search results By default,the Windows Search component is not installed on Microsoft Windows XPand Windows Server 2003 It is an optional component available fordownload Windows Search installed on supported editions of WindowsVista and Windows Server 2008 is not affected by this vulnerabilityhttp://www.secuobs.com/revue/news/109939.shtmlhttp://www.secuobs.com/revue/news/109939.shtml 2009-06-15 21:28:42 - Microsoft Security Bulletins : Bulletin Severity Rating:Important - This security update resolves twopublicly disclosed and two privately reported vulnerabilities in theWindows kernel that could allow elevation of privilege An attackerwho successfully exploited any of these vulnerabilities could executearbitrary code and take complete control of an affected system Anattacker could then install programs; view, change, or delete data; orcreate new accounts with full user rights An attacker must have validlogon credentials and be able to log on locally to exploit thesevulnerabilities The vulnerabilities could not be exploited remotelyor by anonymous usershttp://www.secuobs.com/revue/news/109937.shtmlhttp://www.secuobs.com/revue/news/109937.shtml 2009-06-15 20:22:33 - Wired Danger Room : The Tweets are coming in furious and fast from Iran’s growingpro-democracy movement And it’s hard not to get caught up in thesense that all of Iran is getting swept up in internet-poweredprotests Andrew Exum wonders whether our enthusiasm for social mediacan color our coverage of events “Are we simply finding common causehttp://www.secuobs.com/revue/news/109869.shtmlhttp://www.secuobs.com/revue/news/109869.shtml 2009-06-15 19:31:18 - Blog d'Emilien Girault : Mon stage m’a donné l’occasion d’analyser en détails comment un appelsystème est réalisé sous Windows Si vous vous demandez comment unprogramme utilisateur ring 3 fait pour appeler une fonctions’exécutant en mode noyau ring 0, alors cet article est pour vousJ’y explique toutes les étapes de la chaîne en partant du début http://www.secuobs.com/revue/news/109822.shtmlhttp://www.secuobs.com/revue/news/109822.shtml 2009-06-15 12:29:01 - Vigil@nce vulnérabilités publiques : Trois vulnérabilités affectent Windows HTTP Services, dont la plus gravepermet de faire exécuter du codehttp://www.secuobs.com/revue/news/109723.shtmlhttp://www.secuobs.com/revue/news/109723.shtml 2009-06-15 12:02:17 - Geo's blog : Hoy Ca faisait longtemps que je n'avais pas posté d'article Pourdire, y'a rien eu en mai, c'est navrant Mais, comme diraitIvanlef0u, au lieu de poster pour rien dire, "j'ai préféré fermer magueule"Avant de commencer, je lui dois un grand merci Sans lui, ma lanternene serait pas éclairée Petit big up également à Lord 0vercl0k, qui asu se montrer très patient Ils forment une belle paire, si vousvoulez mon avisBon, bon, bon Entrons dans le vif du sujet : l'instruction sysenteren assembleur On rencontre souvent cette instruction lorsqu'on tracedans les appels aux APIs pendant une session de debuging Etantcurieux, je m'étais posé la question suivante : Mais c'est quelleinstruction qui affiche du flux à l'écran à l'intérieur de WriteFile Eh bien, j'ai été surpris de tomber sur l'instruction Sysenter quifaisait tout basculer Mais à quoi correspond-elle L'instruction sysenter correspond au passage du mode "userland"appelé "ring 3" au kerneland "ring 0" Les rings, ou anneaux sontreprésentés par un numéro codé sur 2 bits donc de 0 à 3 Plus lechiffre est bas, plus les privilèges sont élevés Les APIs secontentent donc de faire exécuter tel ou tel code en ring0, et nous,on a juste à faire de simples appels sur les APIs Ca facilite la vie,disonsMon objectif premier était de déclencher ma propre apparition de fluxà l'écran à l'aide d'une interruption noyau En me référant à laWindows System Call Table, j'avais essayé avec la fameuseNtWriteFile, sans succèsC'est là que je viens voir Ivanlef0u, et il me conseille de tenteravec NtQuerySystemInformation Cette fonction, très bas niveau, sertvisiblement à obtenir des informations sur le système Enfin, au lieud'utiliser les fonctions de type Nt, il m'a plutôt fallu utiliser lesfonctions en Zw ; c'est-à-dire ZwQuerySystemInformationSa documentation dans la MSDN :http://msdnmicrosoftcom/en-us/library/ms725506VS85aspxSa description est on ne peut plus claire : "Retrieves the specifiedsystem information", ou "réquisitionne les informations systèmesspécifiées"Sa signature n'étant pas disponible dans un h, il faut allerrécupérer son adresse dans ntdlldll et sauter dessus, dont la plupartdes fonctions ne sont nullement documentées Pour cela, on va utiliserdeux fonctions de l'API Win32 :* LoadLibrary : elle prend exactement un paramètre : le nom de laDLL Elle retourne un "handle" ou poignée sur cette DLL Un"handle", en informatique, permet de manipuler un bloc de donnéeImaginez par exemple une simple raquette de tennis : il vous fautune poignée pour manipuler la grande surface Ici, c'est pareil ;* GetProcAddress : elle prend respectivement en argument le handleretourné par LoadLibrary, et le nom de la fonction dont on veutl'adresse : ici, ça sera ZwQuerySystemInformation GetProcAdressretourne aussi un handle, et cette fois, sur la fonctionVous verrez qu'en API WIN32, beaucoup de chose sont une histoire d'"handle"Liens MSDN : LoadLibrary et GetProcAddressVoici une solution de code C que j'ai pu pondre :#include #include typedef enum _SYSTEM_INFORMATION_CLASS {SystemBasicInformation,SystemProcessorInformation,SystemPerformanceInformation,SystemTimeOfDayInformation,SystemPathInformation,SystemProcessInformation,SystemCallCountInformation,SystemDeviceInformation,SystemProcessorPerformanceInformation,SystemFlagsInformation,SystemCallTimeInformation,SystemModuleInformation,SystemLocksInformation,SystemStackTraceInformation,SystemPagedPoolInformation,SystemNonPagedPoolInformation,SystemHandleInformation,SystemObjectInformation,SystemPageFileInformation,SystemVdmInstemulInformation,SystemVdmBopInformation,SystemFileCacheInformation,SystemPoolTagInformation,SystemInterruptInformation,SystemDpcBehaviorInformation,SystemFullMemoryInformation,SystemLoadGdiDriverInformation,SystemUnloadGdiDriverInformation,SystemTimeAdjustmentInformation,SystemSummaryMemoryInformation,SystemNextEventIdInformation,SystemEventIdsInformation,SystemCrashDumpInformation,SystemExceptionInformation,SystemCrashDumpStateInformation,SystemKernelDebuggerInformation,SystemContextSwitchInformation,SystemRegistryQuotaInformation,SystemExtendServiceTableInformation,SystemPrioritySeperation,SystemPlugPlayBusInformation,SystemDockInformation,SystemPowerInformation2,SystemProcessorSpeedInformation,SystemCurrentTimeZoneInformation,SystemLookasideInformation} SYSTEM_INFORMATION_CLASS, *PSYSTEM_INFORMATION_CLASS;typedef struct _SYSTEM_BASIC_INFORMATION {BYTE Reserved124;PVOID Reserved24;CCHAR NumberOfProcessors;} SYSTEM_BASIC_INFORMATION;typedef int *MYPROCSYSTEM_INFORMATION_CLASS, PVOID, ULONG, PULONG;int mainint argc, char **argv {HINSTANCE hinstLib;MYPROC ProcAdd;BOOL fFreeResult, fRunTimeLinkSuccess = FALSE;SYSTEM_BASIC_INFORMATION arg1;hinstLib = LoadLibraryTEXT"ntdlldll";if hinstLib = NULL {ProcAdd = MYPROCGetProcAddresshinstLib,"ZwQuerySystemInformation";if NULL = ProcAdd {fRunTimeLinkSuccess = TRUE;ProcAddSystemBasicInformation, PVOIDetarg1, sizeofarg1, NULL ;printf"Processeur : %d",arg1NumberOfProcessors;system"pause nul";}fFreeResult = FreeLibraryhinstLib;}return 0;}La source est disponible ici dans son intégralité :http://venom630freefr/geo/blog/sysenter/ZwQuerySystemInformation_ctxtJe n'ai pas commenté le code et c'est très mal, mais je vais vousexpliquer concrètement ce que j'ai fait D'abord, j'ai récupéré lagrosse "enum" sur un site qui regroupe un tas destructures/enums/fonctions non documentées par Microsoft merci à0vercl0k, d'ailleurs :http://undocumentedntinternalsnet/UserMode/Undocumented%20Functions/System%20Information/SYSTEM_INFORMATION_CLASShtml,et la structure SYSTEM_BASIC_INFORMATION sur la MSDNPetite parenthèse, pour ceux que ça intéresse : la signification despréfixes Nt et Zw : Nt signifie "New technologie", et Zw n'a aucunesignification Pourquoi Pour éviter les collisions entre les noms defonctionEnfin, j'ai fourni l'exécutable en plus du code Tout esttéléchargeable iciMaintenant, on va debugger notre programme et tracer à l'intérieur ducall à notre fonction chargée dynamiquement On pose donc un break àl'adresse 00401320 comme ceci :IMAGEEt on lance le programme F9 pour ensuite tracer dans le call pas àpas F7 On tombe sur ça :7C91D92E B8 AD000000 MOV EAX,0AD7C91D933 BA 0003FE7F MOV EDX,7FFE03007C91D938 FF12 CALL DWORD PTR DS:EDX7C91D93A C2 1000 RETN 10La première instruction met le numéro du syscall dans EAX Si l'onregarde la Windows System Call Table fournie par MetaSploit, on voitbien qu'il s'agit de NtQuerySystemInformation Ensuite, on met dansEdx une adresse qui correspond à celle de la fonctionKiFastSystemCallRet, et on l'appelle via le call On trace dedans :7C91E510 8BD4 MOV EDX,ESP7C91E512 0F34 SYSENTER7C91E514 C3 RETNLa première instruction charge dans EDX la valeur d'ESP, ou le sommetde la pile Probablement pour permettre, lors du passage dans ring0,de pouvoir revenir en Ring3 Apparement, les arguments de la fonctionse situent aussi en-dessous dans la pile On trace dans Sysenter, eton s'aperçoit que notre espace mémoire correspondant à arg1 en C a étémodifié A l'adresse 0022FF58, on a le nombre de processeurs dansnotre ordinateur Pour ma part, j'ai "1" car j'ai un monocore qui dateun peu Mais pour les processeurs double coeur, vous devriez voir "2"merci à Ornlu pour avoir testéVoici ce que j'ai en mode console, en tout cas :Processeur : 1Quant aux fonctions qui affichent du flux à l'écran, elles appellentZwRequestWaitReplyPort Ivanlef0u m'a expliqué que "la console estgérée bizarrement" Ca à donc l'air compliqué d'afficher du fluxsoi-même avec un sysenter Si y'a un commentaire pour me dépanner, ilest le bienvenue Mes connaissances sur le sujet ne sont que peuconséquentes, je suis débutant---------------------------------------------------------------------Conclusion Même windows utilise les syscalls, mais ceux-ci sont moins facilesd'implémentation qu'avec linux ou, pour certaines fonctions, on peutse contenter de mettre les arguments dans les registres et d'appelerle service 80h en interruption noyau Pour Windows, ça reste compliquémais vachement intéressantOn va se quitter avec quelques articles qui parlent de l'instructionsysenter, notamment avec des concepts mieux détaillés voire avancés :Ivanlef0u's Blog SYSENTER, stepping into da ring0Plongeon dans les appels sytème windows, par Emilien Girault big up àtoi aussi, d'ailleursFirst Steps Into Ring0, par 0vercl0kA la prochaine GeoIMAGEhttp://www.secuobs.com/revue/news/109716.shtmlhttp://www.secuobs.com/revue/news/109716.shtml 2009-06-15 09:57:08 - Vigil@nce vulnérabilités publiques : Un attaquant peut créer un fichier MJPEG illicite afin de faire exécuterdu code sur la machine des victimes ouvrant le fichierhttp://www.secuobs.com/revue/news/109699.shtmlhttp://www.secuobs.com/revue/news/109699.shtml 2009-06-13 07:57:23 - Channel 9 : IMAGEThe Windows Sensor and Location platform, new for Windows 7, enablesyour computer and applications to adapt to their current environmentWith location sensors -- including GPS devices, WWAN radios, and eventriangulation technology -- your applications and gadgets can knowexactly where they are, enabling them to provide more locally relevantcontent and functionality Join Dan Gavin Geer, product team PM, andYochay Kiriaty, Technical Evangelist, as we jump deep into thePlatform, reviewing the APIs and explain how to write application thattakes advantage of Windows 7 Sensor platformAdditional videos in this series:* Windows 7 Sensor and Location Platform Overview* Windows 7 Location OverviewYou can find additional information about the Windows 7 Sensor andLocation Platform in the:* Windows 7 Sensor and Location Platform Developer Center on MSDN* Windows 7 Sensor and Location Platform series of postsPDC session recording - Windows 7: The Sensor and LocationPlatform: Building Context-Aware Applicationshttp://www.secuobs.com/revue/news/109322.shtmlhttp://www.secuobs.com/revue/news/109322.shtml 2009-06-13 05:50:20 - Security Bloggers Network : It's easiest than ever to pit Windows 7 and OS X 106 Snow Leopardhead-to-head: They're launching soon, both within a month of eachother—and both are basically glorified service packs of the currentOSIMAGEhttp://www.secuobs.com/revue/news/109290.shtmlhttp://www.secuobs.com/revue/news/109290.shtml 2009-06-13 00:03:37 - 4sysops : Europe’s fight against the IE: Microsoft’s response: The EuropeanCommission’s behavior is embarrassing for every European What is theDeployment Image Servicing and Management Tool 8 pages What’s New inthe Windows User State Migration Tool 40 7 pages Windows 7 DesktopDeployment Overview White paper from Microsoft 9 pages Copyright ©2006-2009, http://www.secuobs.com/revue/news/109217.shtmlhttp://www.secuobs.com/revue/news/109217.shtml 2009-06-12 20:06:28 - Security, et al : A couple months ago I did a real training for free tm session on Top11 Dos and Don’ts of Managing Access Control in the Windows/ADEnvironment and many of you were impressed like me with how QuestAccess Manager simplified or eliminated many of my recommendationsAt the time of the webinar, Alex Binotto from Quest indicated a numberof your questions about Access Manager would be addressed in theupcoming release of 11 which is now here New features include:* Remote Windows Scanning - reduces the number of agents to beinstalled* Support Windows Clusters* Support for storage devices – NAS NetApp/EMC/etc* Delegation/Segregation of Duties - now you can limit users ofAccess Manager to what I would call "look but don't touch" Thatmeans they can assess and report on access permissions across thenetwork without the ability to modify access controlNice job, Alex and company If you'd like to watch my webinarreferenced above click here To learn more about Access Manager clickherehttp://www.secuobs.com/revue/news/109150.shtmlhttp://www.secuobs.com/revue/news/109150.shtml 2009-06-12 16:51:06 - News : Some PC vendors and sellers will begin a coupon program on June 26 toentitle people who buy premium versions of Microsoft Windows Vista toupgrade to the new Windows 7 operating system when it arrives laterthis year, but the upgrade offers may not be free Offers will vary byvendor and retailerread moreIMAGEhttp://www.secuobs.com/revue/news/109029.shtmlhttp://www.secuobs.com/revue/news/109029.shtml 2009-06-12 14:25:11 - gHacks technology news : We all have heard the news that the European Union made the “suggestion”that Microsoft should bundle additional web browsers with theirupcoming operating system Windows 7 to make up for failings in thepast and to embrace competition Many users felt that this move wasentirely unnecessary as users who wanted a new web http://www.secuobs.com/revue/news/108993.shtmlhttp://www.secuobs.com/revue/news/108993.shtml 2009-06-12 10:19:43 - Rootsecure.net : Gizmodo: OS X Snow Leopard vs Windows 7 - The Final Countdownhttp://www.secuobs.com/revue/news/108944.shtmlhttp://www.secuobs.com/revue/news/108944.shtml 2009-06-12 07:43:21 - Matthieu Suiche's blog ! : Honolulu, HW - Here is a quick post to provide ressources presentedthis afternoon at Shakacon 2009 This talks aims to show to win32ddusers forensics engineers, investigators, incident responseengineers, why physical memory analysis is important, and mainlycovers how to rethink memory acquisition and exploitation in a moreefficient way Slides are available here http://www.secuobs.com/revue/news/108932.shtmlhttp://www.secuobs.com/revue/news/108932.shtml 2009-06-12 04:53:26 - Hack In The Box : With Snow Leopard finally been given a release date and a price, thecomparisons with Windows 7 are starting to pop up all over the place,especially focussing on the price aspect of things While Apple's moveto price Snow Leopard at 29 USD for Leopard owners is a very welcomeone, the move doesn't mean that Microsoft is getting a price beatingfrom Apple There are a few very important aspects to this wholepricing issue that many seem to overlook The most important one isthat the 29 USD will get you an upgrade copy Not a full version IfApple's past behaviour with its Up-to-Date program is anything to goby, this means that you will need Leopard installed before you caninstall your copy of Snow Leopard, and that if you want to perform aclean install, you'll need to install Leopard first, and Snow Leopardsecondhttp://www.secuobs.com/revue/news/108902.shtmlhttp://www.secuobs.com/revue/news/108902.shtml 2009-06-12 04:20:53 - News : The European Windows 7 E editions will function just like the regularWindows 7 offerings sold in America -- only without Internet Explorerautomatically included With that said, new computer users may stillfind IE on their systems, given the options Microsoft is providing formanufacturers to preinstall the program before shipping their PCsread moreIMAGEhttp://www.secuobs.com/revue/news/108860.shtmlhttp://www.secuobs.com/revue/news/108860.shtml 2009-06-12 02:17:05 - Hack In The Box : Microsoft on Thursday said regulatory wrangling has prompted it to stripInternet Explorer web browsers from copies of its Windows 7 operatingsystem to be sold in Europe The US software giant said it still plansto release its next-generation operating system worldwide on October22, but that customers in Europe will have to install Web browsers oftheir choice "We're committed to making Windows 7 available in Europeat the same time that it launches in the rest of the world, but wealso must comply with European competition law as we launch theproduct," Microsoft deputy general counsel Dave Heiner said in awritten release "Given the pending legal proceeding, we've decidedthat instead of including Internet Explorer in Windows 7 in Europe, wewill offer it separately and on an easy-to-install basis to bothcomputer manufacturers and users"http://www.secuobs.com/revue/news/108819.shtmlhttp://www.secuobs.com/revue/news/108819.shtml 2009-06-12 01:22:24 - Channel 9 : IMAGEHigh DPI is not new to Windows; however in Windows 7 we made fewchanges that developers should be aware of The goal is to encourageend users to set their displays to native resolution and use DPIrather than screen resolution to change the size of displayed text andimages Windows 7 can auto-detect and configure a default DPI on cleaninstalls on machines configured by their OEMs using DPI settings JoinSilvana Moncayo and Matthew Blackshaw, PM in the graphics team andYochay Kiriaty, Technical Evangelist, on a discussion on Windows 7High DPIThis is another video in a sereis of Windows 7 Grahics videos onChannel 9http://www.secuobs.com/revue/news/108765.shtmlhttp://www.secuobs.com/revue/news/108765.shtml 2009-06-11 23:23:12 - iDefense Public Vulnerability Disclosures : http://www.secuobs.com/revue/news/108728.shtmlhttp://www.secuobs.com/revue/news/108728.shtml 2009-06-11 23:11:16 - News : Windows 7 will ship without Internet Explorer in Europe, in an effortby Microsoft to offer the product on time and without running afoul ofcompetitive regulations in Europe, the company saidread moreIMAGEhttp://www.secuobs.com/revue/news/108719.shtmlhttp://www.secuobs.com/revue/news/108719.shtml 2009-06-11 23:10:50 - Toutes les actualités : C'est désormais officiel, Windows 7 n'intégrera pas le navigateur Webinternet explorer pour la vente en Europe Pour le géant du logicielMicrosoft, l'urgence IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/108711.shtmlhttp://www.secuobs.com/revue/news/108711.shtml 2009-06-11 23:06:48 - 4sysops : Submitted by Mobateam - Blog: Mobatek free software MobaXterm formerlyknown as MobaXVT is an enhanced terminal with an X server and a setof Unix commands GNU/Cygwin packaged in a single portable exe fileMobaXterm includes a great multitab native Windows terminal, a new Xserver based on XOrg for easily export your Unix/Linux display http://www.secuobs.com/revue/news/108705.shtmlhttp://www.secuobs.com/revue/news/108705.shtml 2009-06-11 22:48:47 - Windows PowerShell Blog : In part 1 of “Event logs in Powershell” we talked about differencesbetween Get-EventLog and Get-WinEvent In this second part we will digdeeper into Get-WinEventStarting in Windows Vista, the Windows Event Log was updated toprovide a more powerful event model which allows for events to beeasily categorized into logs and for event providers to be easilydiscovered PowerShell V2 lets you search the Event Log for the datathat's interesting to you, making it easier than ever to mine eventsfrom the Event Log The new Get-WinEvent cmdlet provides access to allevent logs on the system, including the legacy Event LogsGet-WinEvent cmdLet will be available on PowerShell V2 Running onWindows Vista and above ie Windows Vista, Windows Vista SP1,Windows Server 2008, Windows 7 and Windows Server 2008 R2Get-WinEvent replaces the existing Get-EventLog cmdlet on thesesystemsGetting Events from the Event LogGetting events is easy with PowerShell If I want to list all of theevents in the system, I can run Get-WinEvent without any parameters: Get-WinEventThe number of events can be excessively large, so be prepared to use‘Ctrl-C’ to break out of it early Since some logs are protected, youmight see an error when running this command if you are not runningPowerShell elevated as an AdministratorSuppose you want to see the most recent 10 events which were loggedIn PowerShell, I’d make a small modification: Get-WinEvent -MaxEvents 10The command above uses the default behavior to get events from everyevent log and uses the MaxEvents parameter to return only the mostrecent 10 eventsIf you wanted to see the events from a specific channel, such as thegeneral “Application” and “System” channels, simply specify which logsyou want to get events from: Get-WinEvent Application, System -MaxEvents 10Discovering Logs, Providers and EventsGenerally it is more interesting to find the specific events that youcare about For that, we can use wildcards to find event providers andlogs which we're interested inFor example, if we're interested in what Windows Update has been doingon a particular machine, we can search for the Windows Update eventprovider:PS C: Get-WinEvent -ListProvider *update*Name LogLinks---- --------MCUpdate {Media Center}Microsoft-Windows-WindowsUpdateClient {System,Microsoft-Windows-WindowsUpdateClient/Operational}Now that we know the name of the providerMicrosoft-Windows-WindowsUpdateClient, we can see the events thatthe provider has already logged to the Event Log: Get-WinEvent -ProviderName Microsoft-Windows-WindowsUpdateClientIn some cases, it is more interesting to know what events the providercan potentially log instead of what it already has logged If we wantto see the events that Windows Update can log in the future, we cantake a deeper look at the provider: Eg to see the messages that willbe logged with word “success” in the event message, we can use thefollowing:PS C: $provider = Get-WinEvent -ListProviderMicrosoft-Windows-WindowsUpdateClientPS C: $providerevents | {$_description -match "success"} |select id,description | ft -AutoSizeId Description-- ----------19 Installation Successful: Windows successfully installed thefollowing update: %123 Uninstallation Successful: Windows successfully uninstalled thefollowing update: %136 The Windows Update Client Core component was successfully updatedfrom version %1 to version %237 The Windows Update Client Auxillary was successfully updated fromversion %1 to version %2PS C: $providerevents | {$_description -match "success"} |select -First 1Id : 19Version : 0LogLink : SystemDiagnosticsEventingReaderEventLogLinkLevel : SystemDiagnosticsEventingReaderEventLevelOpcode : SystemDiagnosticsEventingReaderEventOpcodeTask : SystemDiagnosticsEventingReaderEventTaskKeywords : {, success, install}Template : Description : Installation Successful: Windows successfully installedthe following update: %1From this event description I can tell that the event logs the titleof the update in the "updateTitle" field of the event Template, whichwill let me write a script that reports back the installed updatesFiltering EventsIf I want to look at all of the updates that have been installed, Ican simply filter them in PowerShell: Get-WinEvent -Provider Microsoft-Windows-WindowsUpdateClient | {$_id -eq 19} | ft timestamp, message -autoWhile using PowerShell to filter the events in our last example workswell, Get-WinEvent provides even more powerful filtering which is doneby the Event Log Generally, you'll want to use the Get-WinEventFilterXPath or FilterHashTable parameters to reduce the number ofevents that you have to process in PowerShell This is because theEvent Log is very efficient at filtering events based on thesequeriesFor example, to perform the same filtering as the previous examplewithout using PowerShell to filter I can use a FilterHashTable: Get-WinEvent -FilterHashTable@{ProviderName="Microsoft-Windows-WindowsUpdateClient"; ID=19} | fttimestamp, message -autoTake a look at Get-WinEvent help for more information about how to usethe FilterHashTable parameter It is very, very usefulWorking with EventsAn individual event carries much more information than just thetimestamp, event ID, and a message string Event Log events contain awealth of information such as the level which indicates if the eventwas an error, warning, or simply informational Events also carrypayloads of data which are unique to each event which are described bytheir Going back to our Windows Update example, if I wanted to just returnthe title of the update of each update installed, I could do so bypulling that data out of the event I know from the event descriptionabove that the first property of the event is the title of theupdate which is given by the event template Knowing that, I canjust pull out the single property and display it:PS C: Get-WinEvent -FilterHashTable@{ProviderName="Microsoft-Windows-WindowsUpdateClient"; ID=19} |foreach {$_properties0}Value-----Definition Update for Windows Defender - KB915597 Definition1597890Intel Corporation driver update for Mobile IntelR 45 Express ChipsetFamily Microsoft Corporation …Test Update for Windows 7 Release Candidate for x64-based SystemsKB970424Update for Office Communicator 2007 R2 KB 971083Definition Update for Windows Defender - KB915597 Definition1596590Definition Update for Windows Defender - KB915597 Definition1594580Test Update for Windows 7 Release Candidate for x64-based SystemsKB970421Test Update for Windows 7 Release Candidate for x64-based SystemsKB970423Update for Internet Explorer 8 Compatibility View List for Windows 7Release Candidate for x64-based Systems …Events from Remote MachinesThe Get-WinEvent cmdlet can be used to get events from remote machinesusing the Event Log remote connection protocol For example, if I wantto get the most recent 100 events from the Application and System logfrom a remote machine: Get-WinEvent -ComputerName machinenamecontosocom -LogNameApplication, System -MaxEvents 100It's important to know that Get-WinEvent uses the Windows Event Log toestablish the remote connection and does not use the WindowsPowerShell remoting for a couple of reasons First, since the EventLog is installed on every version of Windows Vista and above, you canuse it to collect logs without requiring PowerShell RemotingSecondly, since the cmdlet uses the Event Log's remote protocol, anyfiltering that you pass to the cmdlet will be done on the remotemachine This means that, if you use one of the Filter* parameters ofthe cmdlet, you'll minimize the data sent across the wire since theremote machine does the filtering instead of the local machineIf you want to gather data from multiple machines at once, you can dothat with a simple script Note that the events will need to be sortedafter this script is run, since the events are gathered from onemachine at a timePS C: emp import-csv computerscsvComputerName------------127001LocalhostPS C: emp import-csv computerscsv | %{Get-WinEvent -ComputerName$_ComputerName -LogName Application, System -MaxEvents 100}TimeCreated ProviderName Id Message----------- ------------ -- -------6/8/2009 2:45:59 PM Service Control Manager 7036 The Multimedia ClassSched6/8/2009 2:45:59 PM Service Control Manager 7036 The Multimedia ClassSchedWe hope you find the new cmdlet very usefulKevin Woley, Windows Event Log PMOsama Sajid, Windows PowerShell PMIMAGEhttp://www.secuobs.com/revue/news/108700.shtmlhttp://www.secuobs.com/revue/news/108700.shtml 2009-06-11 15:59:06 - gHacks technology news : Here is a quick tip that might come in handy in certain situations Mostusers have at least some software programs in their system autostartThis means that these programs are started when the Windows operatingsystem starts The benefit is that these programs are loaded beforeany user interaction which is essential for security http://www.secuobs.com/revue/news/108506.shtmlhttp://www.secuobs.com/revue/news/108506.shtml 2009-06-11 10:22:43 - Global Security Mag Online : Un attaquant peut inviter la victime à utiliser Windows Search afin defaire exécuter un code JavaScript dans le contexte de la machineGravité : 1/4Conséquences : lecture de donnéesProvenance : documentMoyen d'attaque : aucun démonstrateur, aucune attaqueCompétence de l'attaquant : expert 4/4Confiance : confirmé par l'éditeur 5/5Diffusion de la configuration vulnérable : moyenne 2/3Date création : 10/06/2009PRODUITS CONCERNÉSMicrosoft Windows - Vulnérabilitéshttp://www.secuobs.com/revue/news/108404.shtmlhttp://www.secuobs.com/revue/news/108404.shtml 2009-06-11 09:06:25 - Vigil@nce vulnérabilités publiques : Un attaquant peut inviter la victime à utiliser Windows Search afin defaire exécuter un code JavaScript dans le contexte de la machinehttp://www.secuobs.com/revue/news/108398.shtmlhttp://www.secuobs.com/revue/news/108398.shtml 2009-06-11 06:43:15 - Hack In The Box : With its formal release still months away, Windows 7 is already beinggiven the thumbs-up by industry analysts In a recent report, Pund-ITprincipal analyst Charles King said that the early indications arethat the release of Microsoft's newest operating system should go farbetter than the disastrous first months of Windows Vista King notedthe changed approach to development and release Microsoft took withWindows 7 The analyst argued that while Windows Vista was anambitious farewell project for Bill Gates, Windows 7 has reflected abetter-managed development under the eye of Steve Ballmer "Earlyreports suggest that Ballmer’s baby should enjoy a successful andprosperous life, meaning that Microsoft’s customers and partners andthe greater IT marketplace will find much to like and even more togain in Windows 7," he wrotehttp://www.secuobs.com/revue/news/108388.shtmlhttp://www.secuobs.com/revue/news/108388.shtml 2009-06-11 06:20:08 - National Vulnerability Database : Buffer overflow in the Windows Print Spooler in Microsoft Windows 2000SP4 allows remote attackers to execute arbitrary code via a craftedRPC request in conjunction with availability of a print server with acrafted ShareName, related to "printing data structures," aka "BufferOverflow in Print Spooler Vulnerability"http://www.secuobs.com/revue/news/108371.shtmlhttp://www.secuobs.com/revue/news/108371.shtml 2009-06-11 06:20:08 - National Vulnerability Database : The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 andSP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2allows local users to read arbitrary files via a crafted separatorpage, aka "Print Spooler Read File Vulnerability"http://www.secuobs.com/revue/news/108370.shtmlhttp://www.secuobs.com/revue/news/108370.shtml 2009-06-11 06:20:08 - National Vulnerability Database : The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3,Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allowsremote authenticated users to gain privileges via a crafted RPCmessage that triggers loading of a DLL file from an arbitrarydirectory, aka "Print Spooler Load Library Vulnerability"http://www.secuobs.com/revue/news/108369.shtmlhttp://www.secuobs.com/revue/news/108369.shtml 2009-06-11 06:20:08 - National Vulnerability Database : Cross-site scripting XSS vulnerability in Windows Search 40 forMicrosoft Windows XP SP2 and SP3 and Server 2003 SP2 allowsuser-assisted remote attackers to inject arbitrary web script or HTMLvia a crafted file that appears in a preview in a search result, aka"Script Execution in Windows Search Vulnerability"http://www.secuobs.com/revue/news/108368.shtmlhttp://www.secuobs.com/revue/news/108368.shtml 2009-06-11 06:20:08 - National Vulnerability Database : The RPC Marshalling Engine aka NDR in Microsoft Windows 2000 SP4, XPSP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server2008 SP2 does not properly maintain its internal state, which allowsremote attackers to overwrite arbitrary memory locations via a craftedRPC message that triggers incorrect pointer reading, related to "IDLinterfaces containing a non-conformant varying array" and FC_SMVARRAY,FC_LGVARRAY, FC_VARIABLE_REPEAT, and FC_VARIABLE_OFFSET, aka "RPCMarshalling Ehttp://www.secuobs.com/revue/news/108365.shtmlhttp://www.secuobs.com/revue/news/108365.shtml 2009-06-11 06:20:08 - National Vulnerability Database : The LDAP service in Active Directory on Microsoft Windows 2000 SP4 doesnot properly free memory for LDAP and LDAPS requests, which allowsremote attackers to execute arbitrary code via a crafted requestpacket, aka "Active Directory Invalid Free Vulnerability"http://www.secuobs.com/revue/news/108364.shtmlhttp://www.secuobs.com/revue/news/108364.shtml 2009-06-11 06:20:08 - National Vulnerability Database : Memory leak in the LDAP service in Active Directory on Microsoft Windows2000 SP4 and Server 2003 SP2, and Active Directory Application ModeADAM on Windows XP SP2 and SP3 and Server 2003 SP2, allows remoteattackers to cause a denial of service memory consumption and serviceoutage via 1 LDAP or 2 LDAPS requests with unspecified OIDfilters, aka "Active Directory Memory Leak Vulnerability"http://www.secuobs.com/revue/news/108363.shtmlhttp://www.secuobs.com/revue/news/108363.shtml 2009-06-10 22:10:07 - 4sysops : Submitted by Mobateam - Blog: Mobatek free software MobaSSH is a SSHserver for Windows MobaSSH allows you to run commands and transferfiles on a remote Windows PC from any operating system GNU/Linux,Unix, HP-UX, AIX, Windows, … through a fully secured and encryptednetwork connection MobaSSH is 100% compatible with theLinux/Unix/HPUx/AIX SSH clients, http://www.secuobs.com/revue/news/108156.shtmlhttp://www.secuobs.com/revue/news/108156.shtml 2009-06-10 21:49:35 - Global Security Mag Online : Cumulative Security Update for Internet Explorer 969897Date : 10 Juin 2009Plateforme : WindowsProgramme : Internet ExplorerGravité : ElevéeExploitation : Avec une page web malicieuseDommages : Contournement de sécuritéAccès au systèmeDescription :Plusieurs vulnérabilités été corrigées au sein du navigateur InternetExplorer L'exploitation de celles-ci permettait à un attaquant decompromettre le système/Les failles de sécurité résultaient principalement de débordements demémoire lors - Vulnérabilitéshttp://www.secuobs.com/revue/news/108150.shtmlhttp://www.secuobs.com/revue/news/108150.shtml 2009-06-10 19:45:36 - gHacks technology news : The Windows Start Menu seems to grow in size over time Even users whoregularly uninstall software programs the proper way will notice thatthey end up with a massive list of folders and shortcuts in the startmenu Keeping an overview over working and broken shortcuts can bequite time consuming which is why http://www.secuobs.com/revue/news/108097.shtmlhttp://www.secuobs.com/revue/news/108097.shtml 2009-06-10 17:59:32 - OpenRCE Blogs : written by omeghttp://www.secuobs.com/revue/news/108050.shtmlhttp://www.secuobs.com/revue/news/108050.shtml 2009-06-10 17:49:45 - eSecurity Planet Features : Microsoft calls six of the ten security bulletins critical All told, 31vulnerabilities are addressed, including one in the newest InternetExplorerhttp://www.secuobs.com/revue/news/108043.shtmlhttp://www.secuobs.com/revue/news/108043.shtml 2009-06-10 17:06:15 - Security Bloggers Network : Background Windows Desktop Search WDS is a popular desktop search toolreleased by Microsoft WDS indexes a large variety of files located onthe user's computer as well as network shares, if configured to do soby the user Ithttp://www.secuobs.com/revue/news/108021.shtmlhttp://www.secuobs.com/revue/news/108021.shtml 2009-06-10 14:04:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107961.shtmlhttp://www.secuobs.com/revue/news/107961.shtml 2009-06-10 14:04:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107959.shtmlhttp://www.secuobs.com/revue/news/107959.shtml 2009-06-10 14:04:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107954.shtmlhttp://www.secuobs.com/revue/news/107954.shtml 2009-06-10 14:04:57 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107951.shtmlhttp://www.secuobs.com/revue/news/107951.shtml 2009-06-10 12:52:10 - Les derniers documents du CERTA. : Plusieurs vulnérabilités affectent le gestionnaire de files d'impressionde Microsoft Windows permettant à un utilisateur malveillantd'exécuter du code arbitraire à distance, d'accéder à des informationssensibles ou d'élever ses privilègeshttp://www.secuobs.com/revue/news/107919.shtmlhttp://www.secuobs.com/revue/news/107919.shtml 2009-06-10 12:52:10 - Les derniers documents du CERTA. : Une vulnérabilité dans Microsoft Windows Search permet à un utilisateurmalveillant d'accéder à des données sensibleshttp://www.secuobs.com/revue/news/107918.shtmlhttp://www.secuobs.com/revue/news/107918.shtml 2009-06-10 12:52:10 - Les derniers documents du CERTA. : Quatre vulnérabilités dans le noyau de Microsoft Windows permettent uneélévation de privilègeshttp://www.secuobs.com/revue/news/107916.shtmlhttp://www.secuobs.com/revue/news/107916.shtml 2009-06-10 12:52:10 - Les derniers documents du CERTA. : Une vulnérabilité affectant la fonction d'appel de procédure distanteRPC de Microsoft Windows permet à un individu distant d'élever sesprivilèges et d'exécuter du code arbitrairehttp://www.secuobs.com/revue/news/107915.shtmlhttp://www.secuobs.com/revue/news/107915.shtml 2009-06-10 12:20:02 - Toutes les actualités : Les équipes de Microsoft confirment la disponibilité de la R2 de WindowsServer 2008 pour le mois d'octobre, et même à partir de juillet-aoûtpour les IMAGEIMAGEIMAGEIMAGEhttp://www.secuobs.com/revue/news/107891.shtmlhttp://www.secuobs.com/revue/news/107891.shtml 2009-06-10 04:49:37 - News : Microsoft on Tuesday issued 10 security updates that patched a record31 vulnerabilities in Windows, Internet Explorer IE, Excel, Word,Windows Search and other programs, including 18 bugs marked"critical"read moreIMAGEhttp://www.secuobs.com/revue/news/107800.shtmlhttp://www.secuobs.com/revue/news/107800.shtml 2009-06-10 01:51:32 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107728.shtmlhttp://www.secuobs.com/revue/news/107728.shtml 2009-06-09 23:59:45 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Quelques vulnérabilités ont été identifiées dans Microsoft Windows, quipourraient être exploitées par des utilisateurs locaux malveillantspour obtenir des privilèges plus élevéshttp://www.secuobs.com/revue/news/107710.shtmlhttp://www.secuobs.com/revue/news/107710.shtml 2009-06-09 23:59:45 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Quelques vulnérabilités ont été identifiées dans Microsoft Windows, quipourraient être exploitées par des utilisateurs locaux malveillantspour divulguer des informations sensibles, et par des utilisateursmalicieux et personnes malicieuses de compromettre un systèmevulnérablehttp://www.secuobs.com/revue/news/107709.shtmlhttp://www.secuobs.com/revue/news/107709.shtml 2009-06-09 23:59:45 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Microsoft Windows Search, quipourrait être exploitée par des personnes malintentionnées pourdivulguer des informations sensibleshttp://www.secuobs.com/revue/news/107708.shtmlhttp://www.secuobs.com/revue/news/107708.shtml 2009-06-09 23:36:59 - 4sysops : Webhost hack wipes out data for 100,000 sites Mark Russinovich onWindows 7 UAC Very comprehensive Paul Thurrott: Windows 7: The NewNT I strongly disagree NT was a milestone Windows 7 is evolutionIntroducing Windows 7 and Windows Server 2008 R2 RemoteApp and DesktopConnections What’s new in Windows 7’s System Tray Copyright © http://www.secuobs.com/revue/news/107684.shtmlhttp://www.secuobs.com/revue/news/107684.shtml 2009-06-09 23:24:15 - Sysinternals Site Discussion : Inside Windows 7 User Account ControlCheck out Mark’s latest TechNet Magazine article where he goes insidethe changes in Windows 7’s implementation of UAC, including the twonew UAC modes and how certain Windows images are automaticallyelevated to administrative rights in the default modeIMAGEhttp://www.secuobs.com/revue/news/107678.shtmlhttp://www.secuobs.com/revue/news/107678.shtml 2009-06-09 23:15:37 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107670.shtmlhttp://www.secuobs.com/revue/news/107670.shtml 2009-06-09 23:15:37 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107669.shtmlhttp://www.secuobs.com/revue/news/107669.shtml 2009-06-09 22:02:39 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Une vulnérabilité a été rapportée dans Microsoft Windows, qui pourraitêtre exploitée par des personnes malintentionnées pour potentiellementcompromettre un système vulnérablehttp://www.secuobs.com/revue/news/107660.shtmlhttp://www.secuobs.com/revue/news/107660.shtml 2009-06-09 22:02:39 - Bulletins et Alertes de Sécurité SECURINFOS.INFO : Deux vulnérabilités ont été identifiées dans Microsoft Windows, quipourraient être exploitées par des personnes malintentionnées pourcauser un Déni de Service DoS ou compromettre un système vulnérablehttp://www.secuobs.com/revue/news/107659.shtmlhttp://www.secuobs.com/revue/news/107659.shtml 2009-06-09 21:46:06 - Zero Day : Microsoft’s batch of patches this month is a big one: 10 bulletinscovering a total of 31 documented vulnerabilities affecting theWindows OS, the Internet Explorer browser and the Microsoft Officeproductivity suite Word, Works and Excel Five of the 10 bulletinsare rated “critical,” Microsoft’s highest severity rating Among thepatches this month are fixes IMAGEhttp://www.secuobs.com/revue/news/107633.shtmlhttp://www.secuobs.com/revue/news/107633.shtml 2009-06-09 21:09:32 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107607.shtmlhttp://www.secuobs.com/revue/news/107607.shtml 2009-06-09 21:09:32 - Global Security Mag Online : - Vulnérabilitéshttp://www.secuobs.com/revue/news/107606.shtmlhttp://www.secuobs.com/revue/news/107606.shtml