Monday, July 26th, 2010
The Windows Shortcut Exploit is a zero-day vulnerability in all versions of Windows that allows a Windows shortcut link to run a malicious DLL file. Sophos now has a free, easy-to-use tool blocks this exploit from running on your computer.Please note: Existing Sophos Endpoint customers are already protected from the ...
Posted in Hardware, Security, Windows | No Comments
Sunday, June 6th, 2010
A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an ...
Posted in Internet, Security | No Comments
Sunday, May 9th, 2010
In September 2007, we have published an article about a great disease that affected tens of Windows security products. The article called Plague in (security) software drivers revealed awful quality of kernel mode drivers installed by all the major desktop security products for Windows. The revealed problems could cause random ...
Posted in Internet, Security, Software, Windows | No Comments
Tuesday, March 2nd, 2010
Microsoft is investigating new public reports of a vulnerability in VBScript that is exposed on supported versions of Microsoft Windows 2000, Windows XP, and Windows Server 2003 through the use of Internet Explorer. Our investigation has shown that the vulnerability cannot be exploited on Windows 7, Windows Server 2008 R2, ...
Posted in Internet, Security, Windows | No Comments
Saturday, January 30th, 2010
Here's a quick example of grabbing a screenshot of a compromised system using meterpreter's espia module. Start with a basic exploit to gain a meterpreter session. You'll need to make sure you migrate to a process that has access to Active Desktop or else you will get nothing but blank ...
Posted in Internet, Networking, Privacy, Security | 1 Comment
