Main Menu
The PC Doctors
Online Menu
  • Guests: 13
  • Members: 0
  • Newest Member: Ashley
  • Most ever online: 196
    Guests: 195, Members: 1 on 07 Jun : 10:06
recent additions
Search PC Doctors Online Technical Support
Welcome
Username or Email:

Password:



[ ]
[ ]
[ ]
Chatbox
You must be logged in to post comments on this site - please either log in or if you are not registered click here to signup



Morgue[FLB]
1 year ago
:P


stasja
1 year ago
!wave


Morgue[FLB]
2 years ago
sa


Morgue[FLB]
2 years ago
!cold


Morgue[FLB]
2 years ago
Not me... maybe Enigma?


RSS Feeds
can be syndicated by using these rss feeds.
rss2.0
atom
Site Stats
View your mail online
Chat
News by month 2017
Counter
This page today ...
total: 1
unique: 1

This page ever ...
total: 1
unique: 1

Site ...
total: 1
unique: 1
Poll

Is Windows 8 worth it?


Windows 8 is great!

Back to Windows 7!

What is windows 8?



Posted by Christo [PCD]
Votes: 109
Previous polls

Software

Sunday 22 February 2009
Hacker Unveils Stealthy Memory Injection Attack in Mac OSX
Christo [PCD] , Sunday 22 February 2009 - 08:04:35 //

Claims he can overwrite other programs’ code in memory without leaving a trace

Vincenzo Iozzo, a student security researcher at Politchnico di Milano University in Italy, unveiled a startling new attack against Mac OS X computers that allows hackers to inject malicious code into another program’s memory space – and then vanishes as soon as the computer is switched off.

Speaking at the Black Hat DC cybersecurity conference in Washington, DC, Iozzo said his technique relies on injecting arbitrary code into a program’s executable memory while it is running, guided by the memory locations described in the actual program binary, which is stored in a file format called Mach-O. The injected code runs when the code it originally overwrote is called upon by its host.

Attacks of this kind are nothing new, however, and the secret behind Iozzo’s memory injection attack is that it runs completely from RAM, leaving no trace on the host machine’s hard drive; other techniques have generally required, at least minimally, some form of temporary storage.

The main weakness of his attack is that it relies on an unspecified means of executing arbitrary code on the computer in the first place: according to Iozzo’s presentation (PDF), an attacker must have knowledge of remote code execution “in his pocket? in order to convince his mark’s computer run a bootstrapper that initiates the attack.

While it is unclear as to whether or not Iozzo’s technique allows hackers to tamper with code running at System-level privileges – Iozzo describes the attack as limited to “userland?, or regular desktop applications – it does allow an attacker to modify a program like Safari to do something malicious like monitoring passwords and keystrokes.

Iozzo’s technique most closely resembles Firewire-port memory injection attacks that previously felled Windows, Mac OS X, and Linux: both make use of some transient medium to arbitrarily inject code into the program section of a computer’s memory, which is normally heavily protected from attack. Once the malicious code is in, an attacker can make a computer do pretty much the OS would allow the original host program to do – all without setting off security software.

Vincenzo Iozzo (Source: Black Hat DC)


[Submitted by Christo [PCD]]

1 1235282521 Hacker

Click to discuss this news item in the forums


Thursday 19 February 2009
Microsoft Accused of Antitrust Violations, Again
Christo [PCD] , Thursday 19 February 2009 - 21:43:09 //

Latest lawsuit for the software giant alleges anti-trust violations for fees charged to downgrade to XP from Vista

Microsoft is no stranger to lawsuits and allegations of antitrust violations. Many consumers and other software makers have claimed that the software firm has a monopoly in the operating system market. So far, Microsoft has been fined in Europe and other countries for antitrust violations.

The latest allegations of antitrust violations come from a lawsuit filed by a Seattle woman named Emma Alvarado. In court papers filed by Alvarado, the woman claims that she was forced to pay to downgrade a Lenovo notebook she purchased from Vista to Windows XP. According to the suit, Microsoft and its partners are able to charge fees due to the lack of competition in the OS market.

The woman says that she was charged $59.25 to downgrade to XP on her Lenovo computer and that the fee is a violation of antitrust rules. In court documents Alvarado writes, "Since the introduction of Vista, Microsoft has effectively eliminated competition in the operating system PC market and created a monopoly position for itself in that market."

Microsoft told InformationWeek in an email, "Microsoft does not have a downgrade program. It does offer downgrade rights as part of some Windows Vista licenses, including Windows Vista Business purchased through the OEM channel. Microsoft does not charge or receive any additional royalty if a customer exercises those rights."

In other words Microsoft is saying that it did not charge Alvarado the nearly $60 it cost to downgrade to Windows XP, Lenovo did.

Alvarado goes on to claim in the court documents, "Microsoft has used its power to coerce OEMs, internet access providers and others into agreeing to restrictive and anti-competitive licensing terms for its Windows XP operating system in order to stifle competition in the market. Microsoft did so in order to maintain, protect, and extend its market power in operating systems software into the next generation of personal computing, to lessen competition, and to enhance its monopoly position."

Damages being sought in the case are not specified, but Alvarado is seeking to have the case classified as a class action. No official legal response has come from Microsoft at this point.

This lawsuit is the least of Microsoft's worries right now; the firm missed its earnings estimates and cut 5,000 jobs recently.


[Submitted by Christo [PCD]]

1 1235072222 Micros

Click to discuss this news item in the forums


Saturday 14 February 2009
Microsoft Offers $250,000 Reward to Catch Worm Authors
Christo [PCD] , Saturday 14 February 2009 - 09:49:50 //

The worm continues to infect a large number of computers while security experts try and figure out what to do

Microsoft has created a new technology industry posse and a $250,000 reward for people who help turn over the creators of the Conficker worm.

The Conficker worm multiplied like wildfire, and spreads through a hole found in Microsoft Windows systems, though the vulnerability was patched in October. It also is able to disable anti-malware protection and will block an infected PC from visiting anti-malware vendors Web sites to receive updates.

Security experts are even more worried about the possibility the worm calls home every 24 hours to at least 250 servers each day for instructions or directed actions.

The Houston police department was forced to stop arresting people with traffic warrants because the worm spread its way through the police and city court's computer systems. Violent offenders were still arrested, but those with outstanding traffic warrants were simply issued citations instead of being arrested, Houston police officials said.

There also was a Conficker outbreak among French military computers, which led to several fighter planes being grounded until everything could be fixed.

Microsoft is working with the Internet Corporation for Assigned Names and Numbers (ICANN) and PC security experts while trying to identify the worm's creators. VeriSign, NeuStar, Public Internet Registry, Global Domains International, AOL, F-Secure, George Tech, and several other organizations have joined the fight to help capture who ever created the Internet worm.

"As part of Microsoft's ongoing security efforts, we constantly look for ways to use a diverse set of tools and develop methodologies to protect our customers," Microsoft Trustworthy Computing Group G.M. George Stathakopoulos said in a statement. "By combining our expertise with the broader community we can expand the boundaries of defense to better protect people worldwide."

Security company Symantec reported that more than 2.2 million IP addresses over the past five days have been infected with two different forms of the worm, three months after it first hit the Internet. To date, it's infected at least 10 million PCs since first being introduced into the wild.


[Submitted by Christo [PCD]]

1 1234597532 Micros


Midway Files for Chapter 11 Bankruptcy
Christo [PCD] , Saturday 14 February 2009 - 09:48:38 //

Mortal Kombat publisher owes 240 million

Midway has filed for Chapter 11 bankruptcy in order to gain more time to pay their debts which total 240 million. Midway is the publisher of the long running Mortal Kombat series of video games. Midway's debt consists of $150 million owed to various note holders (with Wells Fargo as trustee), and another $90 million owed to the publisher's former majority shareholder, National Amusements. National Amusements is headed by Sumner Redstone.

According to Midway one of the causes of their current financial problems was last November's "change in ownership," when then majority stockholder Sumner Redstone sold off his 87 percent stake in the company valued at $30 million for $100,000. As a result of the ownership change, Midway's debtors have the right to call in the company's debts if they so choose.

If Midway were to default on the $150 million debt, National Amusements would have the right to call in the $90 million that it loaned Midway.

The decision to file bankruptcy buys Midway time to reorganize. Midway chairman, president, and CEO Matt Booty stated, "This was a difficult but necessary decision." He also added, "This filing will relieve the immediate pressure from our creditors and provide us time for an orderly exploration of our strategic alternatives. This Chapter 11 filing is the next logical step in an ongoing process to address our capital structure."

The news is not all bad for Midway as they have shipped (not sold) roughly 2 million copies of their latest iteration of the Mortal Kombat franchise, Mortal Kombat vs. DC Universe. According to GameSpot, Midway was proudly playing up the fact their TNA Impact title has also shipped more than 1 million units, and its Game Party franchise had sold more than 3 million units as of the end of 2008.


[Submitted by Christo [PCD]]

1 1234597309 Midway


Monday 09 February 2009
Microsoft Says "Sorry" About Windows 7 UAC, Vows to Appease Critics
Christo [PCD] , Monday 09 February 2009 - 23:17:11 //

Microsoft wins points with the tech community by reversing its decision to ignore a critical security flaw

DailyTech recently reported on how a critical security flaw found in the beta of Microsoft's upcoming Windows 7 OS could allow attackers to easily disable the integral User Account Control (UAC) security component and gain control of systems. The flaw was first discovered by Windows blogger Long Zheng, and was also independently detailed by blogger Rafael Rivera. The pair followed up with additional information yesterday on how the flaw could be used to give a malicious payload full execution rights.

Microsoft's reaction to the flaw initially was to totally deny that it was a problem, choosing to instead refer to it as "by design". In a blog post, Jon DeVaan, the senior vice president responsible for Windows' architecture and core components defended the move saying it was necessary to prevent user annoyance.

Stated Mr. DeVaan, "If people see more than two prompts in a session they feel that the prompts are irritating and interfering with their use of the computer. We are very happy with the positive feedback we have received about UAC."

His blog post was met with a firestorm of criticism from experienced Windows users in the community. However, rather than casting a blind eye to the criticism, Microsoft has apparently listened to its community and customers, today announcing a swift and dramatic reversal on its UAC stance.

Microsoft announced that it will implement the seemingly obvious solution to the problem. It will warn users before any changes to the UAC. Previously this was only done in safe mode. The change preserves Microsoft's certification system, which provides less irritating warnings, while now safeguarding the UAC.

Jon DeVaan and Steven Sinofsky, two Microsoft executives responsible for Windows' development, released a joint statement today. The pair writes, "Our dialog is at that point where many do not feel listened to and also many feel various viewpoints are not well-informed. That's not the dialog we set out to have and we're going to do our best to improve."

They attempt to placate critics, stating, "We said we thought we were bound to make a mistake in the process of designing and blogging about Windows 7. We want to continue the dialog and hopefully everyone recognizes that engineering, perhaps especially engineering Windows 7, is sometimes going to be a lively discussion with a broad spectrum of viewpoints."

Most importantly, they reveal, "We are going to deliver two changes to the Release Candidate that we'll all see. First, the UAC control panel will run in a high integrity process, which requires elevation. Second, changing the level of the UAC will also prompt for confirmation."

The upcoming Release Candidate of Windows 7, which features these changes, will mark almost the last step before Windows 7 goes on sale. The pair’s remarks may be significant as they seem to indicate that the RC will be coming soon, which would be a sign that Windows 7 is well on-track for its target launch of the second half of 2009.

The move by Microsoft to accept and deal with the criticism constructively is already being praised by some in the security community, even if they feel it was more to avoid negative PR than to strengthen security. Says Andrew Storms, director of security operations at nCircle Network Security Inc. in an interview with ComputerWorld, "This goes back to what beta programs are supposed to provide: feedback from a real audience. This was an obvious design flaw, and for them to say they simply weren't going to fix it, that was the real problem. I think they realized that they needed to do something, more over the concern about their reaction than to the vulnerability itself."

And Mr. Long, who discovered the flaw, reveals pleasant surprise at the response, stating, "This is definitely the result we've been looking for. [But] I'm a little bit shocked at just how quickly Microsoft has turned around, considering they made a post not 12 hours earlier stating that they would not change their position."

UAC for Windows 7 will no longer expose its users' systems to takeovers, thanks to a reversal in policy by Microsoft based on feedback. (Source: Started Something)


[Submitted by Christo [PCD]]

1 1234214026 Micros


Go to page first  2 3 4 5 6 7 8 9 10 11  last
News Categories