Archive

Posts Tagged ‘software’

Windows 7 Professional Vs Windows 7 Enterprise

September 17, 2012 3 comments

The information in the slide above will definitely prove valuable to the choice of the windows OS to deploy in your Organisation. It highlights in details all aspects of both OS for Your consideration. Take time to go through the ten (10) page slide and you’ll simply fall in love with it.

Flame virus can hijack PCs by spoofing Windows Update | Microsoft – CNET News

June 8, 2012 1 comment

The infamous Flame virus can infect even secure PCs by tricking them into believing its malicious payload is actually an update from Microsoft.

As we already know, Flame has gained traction by tapping into security certificates for Microsoft’s Terminal Server. Though they appear to be digitally signed by Microsoft, the certificates are actually cooked up by the people behind Flame, thereby tricking PCs into accepting them as legitimate.

Microsoft and Symantec revealed yesterday that the virus can up the ante by using the fake certificates to spoof Microsoft’s own Windows Update service. As such, Windows PCs could receive an update that claims to be from Microsoft but is in fact a launcher for the malware.

Symantec described the method behind Flame’s madness: The virus, also known as Flamer, uses three applications to infect PCs — Snack, Munch, and Gadget. Collectively, this trio can trick PCs into redirecting Internet traffic to an infected computer with a fake Web server,. Once infected, a PC thinks the file that loads Flame is actually a Windows Update from Microsoft.

And as Symantec explained in its blog, spoofing Windows Update is not a trivial matter.

Hijacking Windows Update is not trivial because updates must be signed by Microsoft. However, Flamer bypasses this restriction by using a certificate that that chains to the Microsoft Root Authority and improperly allows code signing. So when a Windows Update request is received, the GADGET module through MUNCH provides a binary signed by a certificate that appears to belong to Microsoft.

The unsuspecting PC then downloads and executes the binary file, believing it to be a legitimate Windows Update file, Symantec added. The binary is not the Flame virus itself but a loader for Flame.

Microsoft also confirmed the risk to Windows Update, explaining that the vulnerability could be used to attack customers who weren’t the focus of the original Flame virus.

“In all cases, Windows Update can only be spoofed with an unauthorized certificate combined with a man-in-the-middle attack,” Microsoft said. The Flame virus itself has employed a man-in-the-middle attack to steal data, listen in on audio conversations, and take shots of screen activity.

Microsoft has already taken action by issuing a Security Advisory on how to block software signed by the unauthorized certificates, releasing an update to block the rogue certificates, and cutting off the ability of the Terminal Server Licensing Service to issue certificates that allow code to be signed.

To further protect its customers, the software giant is promising to harden its Windows Update service.

“We will begin this update following broad adoption of Security Advisory 2718704 in order not to interfere with that update’s worldwide deployment,” Microsoft said. “We will provide more information on the timing of the additional hardening to Windows Update in the near future.”

Some security experts have downplayed the danger of Flame, claiming it’s not as huge a threat as feared.

So far, the virus has targeted just the Middle East. But security vendor Kaspersky, which discovered the virus, is at the very least increasingly amazed by the complexity of it.

“As we continue our investigation of Flame, more and more details appear which indicate our initial statement: this is one of the most interesting and complex malicious programs we have ever seen,” Kaspersky said in a blog yesterday.

via Flame virus can hijack PCs by spoofing Windows Update | Microsoft – CNET News.

New App Grades Facebook Apps on Privacy


By Tony Bradley, PCWorld

When someone plays Zynga’s Words with Friends on Facebook they obviously expect to share that experience with whichever Facebook contact they play against. However, by authorizing Words with Friends–or other Facebook apps–users might be sharing much more than they’re aware of.

Facebook is a social network. By definition, the point of being on Facebook at all is to share with others. However, people like to choose which information to share, and who to share it with–they’re funny that way. Apps that collect or share information without the explicit consent of the user are shady, and infringe on the privacy users expect.

Some app developers do a much better job than others at protecting user privacy.Jim Brock, founder and CEO of PrivacyChoice, explains in a blog post, “Facebook doesn’t control or enforce app privacy practices, so it’s up to users to know the privacy risk

To help users help themselves PrivacyChoice has launched PrivacyScore–a privacy report card that grades Facebook apps on how well they respect the user’s privacy. PrivacyScore is a Facebook app as well. You simply type in the name of the app you want to check, and PrivacyScore will return a grade between 1 and 100. The PrivacyScore rating considers a variety of factors, including the privacy policies of the app vendor, and how the app handles personal data.

Don’t bother trying to get a grade on PrivacyScore itself. The PrivacyChoice started out indexing and rating the most popular apps, and does not have comprehensive coverage of all Facebook apps. Its FAQ claims that it is continuing to expand its app coverage.

via New App Grades Facebook Apps on Privacy | PCWorld Business Center.

Analysis: Microsoft Moves To End iPad’s Free Ride On Windows

April 30, 2012 Leave a comment

Image representing Microsoft as depicted in Cr...

Image via CrunchBase

Microsoft has no mechanism in place to remotely track whether or not they are in compliance, but some customers could be looking at much higher licensing costs if they were to face an audit.

“There are many organizations out there that have deployed VDI and do not understand the licensing, and they are all out of compliance,” said Mike Strohl, president of Entisys, a Concord, Calif.-based solution provider. “They’re not thinking about iPads and smartphones and all the extra endpoints.”

The CDL could clear things up, partners say, as it gives customers the right to access corporate desktops through VDI on up to four personally owned devices. Microsoft has not said how much the CDL will cost, but customers with large numbers of VDI-equipped iPads are obviously going to be fine with the CDL if it costs less than the VDA.

The alternative for Microsoft would be to stage mass audits of customers that use VDI with tablets to ensure compliance with the VDA. Such a move would likely be a PR disaster for Microsoft, though — one that would make the recent uproar over the CDL look tame by comparison.

Jon Roskill, Microsoft’s vice president of worldwide partner sales and marketing, told CRN earlier this week that the company will rely on customers to do the right thing. “Our whole software licensing methodology is based on trust and will continue to be,” he said.

There is no doubt that Microsoft is favoring Windows RT tablets by not requiring the CDL, but this isn’t part of a strategy to keep Appleout of the enterprise: Microsoft just

Image representing iPad as depicted in CrunchBase

Image via CrunchBase

wants to get paid. Partners want Microsoft to get paid, too, and no one is advocating that Microsoft give Windows away for free.

According to one solution provider with nationwide reach, the issue is not whether Microsoft has a right to monetize Windows VDI more aggressively; it is the impact on the channel of having to learn yet another licensing option.

“What is getting to organizations is the layers and layers of licensing: The Remote Desktop Services CAL, the VDI Suite, and the Microsoft Desktop Optimization Pack. All of these are on top of VDA and CDL licensing,” said the source, who requested anonymity.

<< Previous 

Anonymous Hacker Claims Credit For VMware ESX Code Leak

April 26, 2012 Leave a comment

Comparison of VMware Fusion and Parallels Desktop

Comparison of VMware Fusion and Parallels Desktop (Photo credit: Wikipedia)

By Kevin McLaughlin, CRN

April 24, 2012 7:17 PM ET VMware‘s ESX hypervisor source code leak may stem from an attack on a Chinese import-export firm last month in which an anonymous hacker claims to have made off with more than one terabyte of confidential documents.

On Tuesday, Kaspersky Lab‘s Threatpost blog reported the details of its recent IRC conversation with “Hardcore Charlie,” the anonymous hacker who posted the purported VMware ESX source code online on April 8.

Hardcore Charlie claims to have obtained the VMware ESX source code after breaching the corporate network of the China National Electronics Import-Export Corporation (CEIEC), a Beijing-based firm. He also broke into and stole documents from the networks of China North Industries Corporation (Norinco) WanBao Mining Ltd, Ivanho and PetroVietnam, according to the Threatpost report.

VMware could not be reached for comment.

In a security bulletin issued earlier on Tuesday, VMware warned that a single file from its ESX server hypervisor source code had been posted online and said it is possible that more proprietary files could be leaked.

The leaked ESX code is from the 2003 to 2004 period, and security experts told CRN the potential impact of the breach depends on how much VMware

via Anonymous Hacker Claims Credit For VMware ESX Code Leak.

BlueStacks To Deliver 450,000 Android Apps To PCs

April 24, 2012 1 comment

By Kristin Bent, CRN

March 27, 2012 5:04 PM ET

BlueStacks launched Tuesday the beta version of its Android App Player for PCs, a software tool that allows users to run Android applications on a Windows XP, Windows Vista, or Windows 7 PC.

The beta release is built off of BlueStacks’ patent-pending LayerCake technology, which enables apps written for ARM-based processors to run on x86-based desktop and notebook PCs. The company also said LayerCake allows for hardware graphics acceleration, meaning even graphics-heavy applications originally built for high-end tablets will now be compatible with PCs.

BlueStacks, a Silicon Valley-based startup founded by former McAfee CTO Rosen Sharma in 2009, eyed a market early-on for its App Player software.

[Related: AMD, With BlueStacks, Enables Android Apps On Windows Devices]

“You know, first there was Angry Birds on Chrome which was a big deal, then recently Steve Ballmer stood up at CES and announced that Cut the Rope had been ported to IE9 – with BlueStacks, it’s 450,000 apps coming to Windows at once,” said Sharma, who is also CEO of the company.

The alpha version of BlueStacks’ App Player was available last year from October to December, and was used by more than a million users in more than 100 countries, the company said. During those three months, over 4.5 million apps were downloaded to PCs.

via BlueStacks To Deliver 450,000 Android Apps To PCs.

Russian Security Firm Says Flashback Botnet Is Not Shrinking

April 24, 2012 Leave a comment

By Kevin McLaughlin, CRN April 23, 2012 4:34 PM ET

Contrary to recent reports, the worldwide botnet of Macs infected with the Flashback malware has remained relatively steady in size, the Russian security vendor Dr. Web said over the weekend.

Dr. Web discovered the botnet — which it calls BackDoor.Flashback.39 — on April 4. It claims that more than 817,000 bots have connected to the botnet thus far, and that an average of 550,000 infected machines are interacting with a command-and-control server each day.

New infected machines that have not yet been registered in the botnet — and which cannot yet be tracked — are joining every day, according to Dr. Web.

Dr. Web’s latest findings contradict those of Symantec and Kaspersky Lab, which earlier this month reported that the Flashback botnet had shrunk to less than half its peak size of 650,000 infected machines due to Apple’s work with Internet service providers to take down command-and-control servers and the release of malware removal tools from third parties.

However, Dr. Web says these findings are inaccurate because they rely on the analysis of data from hijacked botnet control servers. After conducting its own analysis, Dr. Web found that aadditional control servers have come online, and some bots had been switched to standby mode, which means the botnet is larger than Symantec and Kaspersky claim.

“This is the cause of controversial statistics — on one hand, Symantec and Kaspersky Lab reported a significant decline in the number of BackDoor.Flashback.39 bots,” Dr. Web researchers said in the blog post. “On the other hand, Doctor Web repeatedly indicated a far greater number of bots which didn’t tend to decline considerably.”

“Doctor Web once gain warns Mac OS X users of the BackDoor.Flashback.39 threat and strongly recommends you to install Java updates and scan the system to determine whether it has been infected,” the company said in the blog post.

Apple issued a patch for the Java vulnerability April 4, but security researchers criticized the company for its slow response to the issue, which was first reported in February.

via Russian Security Firm Says Flashback Botnet Is Not Shrinking.

%d bloggers like this: