Link: http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt
A Change From Dirty Laundry…
4 hours ago
Monday, September 29, 2008
MS08-052: GDI+ Vulnerability Released
Link: http://www.evilfingers.com/patchTuesday/MS08_052_GDI+_Vulnerability.txt
Thursday, September 25, 2008
Install and Configure Skype on Ubuntu 8.04 in step 1,2,3
Skype Install in Ubuntu 8.04 in 3 steps
Today I installed skype in my Ubuntu 8.04 machines so that people will see I am around although I shut down skype application in my another machine. Skype does not come by default in Ubuntu package, so user need to install it manually. Installing skype in Ubuntu 8.04 default installed is pretty easy and it takes 3 steps to finish it.! :D
1. Download skype from www.skype.com/intl/en/download/skype/linux/choose to temp folder (/tmp)
2.# sudo apt-get install libqt4-gui libqt4-core
3.# sudo dpkg -i skype-debian_2.0.0.72-1_i386.deb
Cheers!
656173747265646576696C
Today I installed skype in my Ubuntu 8.04 machines so that people will see I am around although I shut down skype application in my another machine. Skype does not come by default in Ubuntu package, so user need to install it manually. Installing skype in Ubuntu 8.04 default installed is pretty easy and it takes 3 steps to finish it.! :D
1. Download skype from www.skype.com/intl/en/download/skype/linux/choose to temp folder (/tmp)
2.# sudo apt-get install libqt4-gui libqt4-core
3.# sudo dpkg -i skype-debian_2.0.0.72-1_i386.deb
Cheers!
656173747265646576696C
Monday, September 8, 2008
Beware of the fraud website ask for installation !
Hi, today I found out one of the website trick user that user system was infected by malwares, and pop-up to install an applications . Any click on that webpage will trigger it to download the installer to user system.
htt p://scanner.msscanner.com/35/?advid=4849&p=101000000
filename:
install_4732_MHwzNXwxMDEwMDAwMDAwfHx8fHx8fHw_.exe
md5:8a41ad493981d77c04fbabb149f8f1e4
According to 28-Aug-08 from www.virustotal.com, this installer contain adware.
Thanks,
656173747265646576696C
htt p://scanner.msscanner.com/35/?advid=4849&p=101000000
filename:
install_4732_MHwzNXwxMDEwMDAwMDAwfHx8fHx8fHw_.exe
md5:8a41ad493981d77c04fbabb149f8f1e4
According to 28-Aug-08 from www.virustotal.com, this installer contain adware.
Thanks,
656173747265646576696C
Enable/Disable Outlook 2007 Envelope icon
How to notifiy user when receive new email in Outlook 2007 ? You can configure it and make it appear in notification area.
Steps:
1. Click Tools -->Options --> Preferences tab
2. Click E-mail Options button
3. Click Advanced E-mail Options button
4. Check "Show an envelope icon in the notification area" to enable the feature.
5. Click OK button to apply the change.
Thanks,
656173747265646576696C
Steps:
1. Click Tools -->Options --> Preferences tab
2. Click E-mail Options button
3. Click Advanced E-mail Options button
4. Check "Show an envelope icon in the notification area" to enable the feature.
5. Click OK button to apply the change.
Thanks,
656173747265646576696C
Disable USB and CD-ROM Autorun features
Hi, from my personal experience is malwares can be spread through CDROM or USB removable drive. So the best precautions that can be done on personal systems is to disable the USB removeable and CD-ROM Autorun features. These steps is very simple.
Step 1:
Start --> Run --> regedit
Step 2:
Browse to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Export the registry key before do any changes.
Step 3:
Change the "NoDriveTypeAutorun" from value 91(Hex) to FF(Hex); This is to avoid worry for the autorun on devices.
Note: if "NoDriveTypeAutorun" not exist, you can simply create one with assign name "NoDriveTypeAutorun" without quote.
Step 4:
Click File --> Exit
Reboot system to changes take effect.
As usual, do it in your word risk.
Thanks,
656173747265646576696C
Step 1:
Start --> Run --> regedit
Step 2:
Browse to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Export the registry key before do any changes.
Step 3:
Change the "NoDriveTypeAutorun" from value 91(Hex) to FF(Hex); This is to avoid worry for the autorun on devices.
Note: if "NoDriveTypeAutorun" not exist, you can simply create one with assign name "NoDriveTypeAutorun" without quote.
Step 4:
Click File --> Exit
Reboot system to changes take effect.
As usual, do it in your word risk.
Updated on 17-Aug-09 http://www.us-cert.gov/cas/techalerts/TA09-020A.html
III. Solution
Disable AutoRun in Microsoft Windows
To effectively disable AutoRun in Microsoft Windows, import the following registry value:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"
To import this value, perform the following steps:
1. Copy the text
2. Paste the text into Windows Notepad
3. Save the file as "autorun.reg"
Note: In certain circumstances, Notepad may automatically add a .txt extension to saved files. To ensure that the file is saved with the proper extension, select All Files in the "Save as type:" section of the "Save As" dialog.
4. Navigate to the file location
5. Double-click the file to import it into the Windows registry
Microsoft Windows can also cache the AutoRun information from mounted devices in the MountPoints2 registry key. We recommend restarting Windows after making the registry change so that any cached mount points are reinitialized in a way that ignores the Autorun.inf file. Alternatively, the following registry key may be deleted:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2
Thanks,
656173747265646576696C
Redirecting to www.google.com by blogspot ?
Hi,
Below is the link that spammed through e-mail recently, the URLs will redirecting all the link to www.guariza.com before proceed to www.google.com when click on the button in the page. It seem blogspot already suspect the usage for these URL website. Does anybody can tell what the content for these webpage?
htt p://hattiehepila.blogspot.com
htt p://roxiedezopig.blogspot.com
htt p://marcellaximume.blogspot.com
htt p://katelyngulec.blogspot.com
htt p://doreenpolawo.blogspot.com
htt p://carolinegucyb.blogspot.com
htt p://anitanokyro.blogspot.com
htt p://chelseanihugys.blogspot.com
Thanks,
656173747265646576696C
Below is the link that spammed through e-mail recently, the URLs will redirecting all the link to www.guariza.com before proceed to www.google.com when click on the button in the page. It seem blogspot already suspect the usage for these URL website. Does anybody can tell what the content for these webpage?
htt p://hattiehepila.blogspot.com
htt p://roxiedezopig.blogspot.com
htt p://marcellaximume.blogspot.com
htt p://katelyngulec.blogspot.com
htt p://doreenpolawo.blogspot.com
htt p://carolinegucyb.blogspot.com
htt p://anitanokyro.blogspot.com
htt p://chelseanihugys.blogspot.com
Thanks,
656173747265646576696C
Free online multiple AV scan
Found new suspicious file or malicious file, and want to get the quick result from multiple Anti Virus vendor engine? Please go to one of the popular free online multiple AV scanner below
65 61 73 74 72 65 64 65 76 69 6C
- http://www.virustotal.com/
- http://virscan.org/
- http://www.filterbit.com/
- http://www.viruschief.com/
- http://virusscan.jotti.org/
- http://scanner.virus.org
- http://www.threatexpert.com/
- http://anubis.iselab.org/index.php?action=home
65 61 73 74 72 65 64 65 76 69 6C
vmware problem - Unable to change virtual machine power state: Failed to connect to peer process.
Hi,
Currently I am using ubuntu 8.04(x86_x64), and encounter problem when open existing vmware images. It prompt with error message "Unable to change virtual machine power state: Failed to connect to peer process". The problem solved after installing ia32-libs package.
1. $ sudo apt-get install ia32-libs
Reconfigure again the vmware:
2. $ vmware-config.pl
Thanks for reference from "http://peterdedecker.net/blog/index.php/2005/11/25/vmware_troubles"
Cheers!
656173747265646576696C
Currently I am using ubuntu 8.04(x86_x64), and encounter problem when open existing vmware images. It prompt with error message "Unable to change virtual machine power state: Failed to connect to peer process". The problem solved after installing ia32-libs package.
1. $ sudo apt-get install ia32-libs
Reconfigure again the vmware:
2. $ vmware-config.pl
Thanks for reference from "http://peterdedecker.net/blog/index.php/2005/11/25/vmware_troubles"
Cheers!
656173747265646576696C
Google Chrome new released exploited !!!
Another browser wars was declared, Google official launched its open-source Google Chrome (beta) browser on 02-Sep-08. The browser design look light and simple. Chrome interface extremely minimalistic and totally provide different outlook experience comparing existing popular browsers IE, Firefox, and etc. For those familiar with firefox browser shortcut key (Crtl + W, Crtl + E, Ctrl +B, Ctrl +D, Crtl + E, Crtl + T and etc), you can get it in Chrome as well.
Another nice feature that come with Chrome is "inspect element", user can view the source code, styles, object and properties for the Chrome.
Most Visited tab
Network Settings:
Google Chrome shared the same network setting with IE browser network settings.
Various default Search Engine
Inspect Elements
Requirements:
Windows XP with Service Pack2 or later and Windows Vista
Exploits:
First Google Chrome exploits discovered on the same day as official released. Chrome browser will crashed when user moved the mouse pointer to <a href="EVIL:%">HERE</a>
- http://www.milw0rm.com/exploits/6353
- http://evilfingers.com/advisory/google_chrome_poc.php <POC>
Although this just Google Chrome beta released with exploited <POC> founded on same day, I believe Google Chrome continuely giving out suprise for users by providing attractive features and better secure browser in the coming days. Hope to see Google Chrome be part of main player within browser market segmet.
Cheers!
656173747265646576696C
Another nice feature that come with Chrome is "inspect element", user can view the source code, styles, object and properties for the Chrome.
Most Visited tab
Network Settings:
Google Chrome shared the same network setting with IE browser network settings.
Various default Search Engine
Inspect Elements
Requirements:
Windows XP with Service Pack2 or later and Windows Vista
Exploits:
First Google Chrome exploits discovered on the same day as official released. Chrome browser will crashed when user moved the mouse pointer to <a href="EVIL:%">HERE</a>
- http://www.milw0rm.com/exploits/6353
- http://evilfingers.com/advisory/google_chrome_poc.php <POC>
Although this just Google Chrome beta released with exploited <POC> founded on same day, I believe Google Chrome continuely giving out suprise for users by providing attractive features and better secure browser in the coming days. Hope to see Google Chrome be part of main player within browser market segmet.
Cheers!
656173747265646576696C
Sunday, September 7, 2008
Google Chrome download file without any user prompt !
Well..this is another vulnerability after a day Google Chrome was released. Google should take this seriously. This features potentially for attacker change the user systems files, registry and drop files without user acknowledge.
Exploits:
- http://www.milw0rm.com/exploits/6355 <POC>
Cheers!
656173747265646576696C
Exploits:
- http://www.milw0rm.com/exploits/6355 <POC>
Cheers!
656173747265646576696C
Subscribe to:
Posts (Atom)
