Tag Archive | Windows Vista

Microsoft issues usual Patch Tuesday – November 2012 – includes Windows 8 & RT updates

Microsoft has issued the usual Patch Tuesday round of updates, but this time – guess what? Windows 8 updates are included, as well as for RT. Isn’t that wonderful?

19 flaws have been fixed in this round of updates. All are being updated in six bulletins this month. These bulletins are listed as MS12-071 through MS12-076. Four are rated critical and two of them urgent.

Now, some have asked about Internet Explorer 10 being vulnerable yet…not at this time. It is not currently vulnerable to the current set of three related flaws in Internet Explorer 9.

However, a font parsing flaw has been found, which could affect Windows 8, as noted in CVE-2012-2897.

Here is a general CVE list of the latest vulnerabilities fixed in the current round:

Current Microsoft Security Bulletin Page

 

Windows 8 Security Features Explained (mini-whitepaper)

Windows 8 is apparently more secure than Windows 7. Perhaps this is true, and it is best to learn what security features there are for the new operating system. Some of these security features are verified to help out very well in the security of Windows 8, and some may not be in time, or lastly some may not work at all.

One of the most discussed security features is Secure Boot. Now, Secure Boot is a Unified Extensible Firmware Interface (UEFI) specified in the boot process to check cryptographic signatures of kernel-mode drivers, making sure they aren’t modified or corrupted. In other words, the boot process is now made to check if the operating system has been corrupted by malware or some other issue.

This is all part of a hardware restriction process called Hardware DRM. All non-ARM devices have the option to turn Secure Boot off, however ARM devices must keep it on. Experts state that it will be resistant to rootkits, since the MBR and BIOS cannot be accessed, unless if someone working on the computer penetrates it.

Next, Windows 8 features better built in antivirus software, with a much better improved Windows Defender. The software in Windows 8 is combined with the optional tool Microsoft Security Essentials. Now, with Windows Defender super-powered with MSE, it has much more anti-malware features.

With better anti-malware features, Internet Explorer is now made with better features as well. It has the ability to prevent zero-day exploits much greater than previous versions of Internet Explorer. With the challenges of exploiting Windows 7, there was the issue risen up again for Java and Flash Player, so hackers can gain control over the operating system. Those browser plugins are now easier to exploit than the Internet Explorer’s code.

A new application sandboxing environment called AppContainer provides the ability to run all apps in a controlled environment, where it controls how apps work. This prevents apps from disrupting the operating system. Of course, this is just supplemented by Internet Explorer’s SmartScreen filter, which prevents the download/install of known malicious software. However, Windows 8 now has SmartScreen available for any app, allowing even more prevention. Of course, this means Microsoft employees are going to increase in numbers, if they really want to keep up. Now that hackers know their new challenges, they will be relentless.

The questions are still played on whether Windows 8 will be a repeat of Vista or not. The reality of the situation, is if Windows 8 has big popularity, then the security issues will also light up big time. However, many will stick to Windows 7, so the security issues for Windows users are not close to be over. Feel free to take a look at related articles below for Symantec’s opinions, which aren’t too well on the new OS.

Added October 31, 2012: Trusted Platform Module, read more

Keep up with the latest security tips on our blog here. In addition, please donate to help us continue to write these awesome whitepapers.

Apple releases major update to iTunes with version 10.7

160 vulnerabilities are being fixed with a new release from Apple for iTunes 10.

The newest version number is 10.7. Update now!

Most of the fixes rolled out are involved with WebKit. WebKit is a layout engine from Apple, which allows webpages to be rendered in a browser. Therefore, the main problems faced in iTunes 10 are with the Store site. WebKit is also used in Safari browser by Apple and Chrome browser by Google. Google apparently helped get the fixes for Apple’s iTunes program.

Many of the vulnerabilities in WebKit are from bug reports in 2011. Just now fixing these flaws shows how low this is on the priority list with the Apple development team concerning iTunes. These same vulnerabilities were apparently fixed long ago in Safari and Chrome. So, what’s the excuse?

Users can get the security fixes by updating iTunes directly in the application.

Apple’s statement on the security update page:

Available for: Windows 7, Vista, XP SP2 or later

Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

Description: Multiple memory corruption issues existed in WebKit. These issues are addressed through improved memory handling.

 

Protect your computer now from ANY vulnerability by getting a second opinion malware removal scanner and protection program:

 

Thickening Digital/SSL Certifications (mini-whitepaper)

English: A candidate icon for Portal:Computer ...

Current malware trends seem to be focusing on certificate stealing by forgery. Certificate forgery is one of the current plaguing problems since 2011. Ever since last year, CAs have shown high risk issues for certificate forgery. From Stuxnet to Flame, certificate forgery has been on the rise big time.

Normally, web browsers and operating systems keep a copy of a certificate and “pin it” to an identity called a Public Key. So, as Microsoft knows this issue, they have issued their own Automatic Revocation Updater (Win. Vista SP2+). Through this, Windows is able to specifically flag certain certificates that are known to be malicious.

How Microsoft trusts RSAs, certificates, etc.:

“Public key based cryptographic algorithms strength is determined based on the time taken to derive the private key using brute force methods. The algorithm is deemed to be strong enough when the time required to derive private key is prohibitive enough using the computing power at disposal. The threat landscape continues to evolve.  As such, we are further hardening our criteria for the RSA algorithm with key length less than 1024 bits. To further reduce the risk of unauthorized exposure of sensitive information, Microsoft has created a software update that will be released in August 2012 for the following operating systems: Windows XP, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2,” Hudson  said.

Now, top CA companies for online certificates, including Comodo, NGINX, GlobalSign, DigiCert, etc., have enhanced online revocation systems to check for malicious attempts in certification.

NGINX provides an explanation:

Today GlobalSign, DigiCert, Comodo and Nginx Inc. announced a joint effort and a sponsored development contract, to enhance the NGINX open source Web server to support OCSP-stapling. This collaboration further advances the SSL ecosystem by improving the privacy, reliability and revocation checking for all websites using the NGINX web server—currently run by more than 25 percent of the top 1,000 websites, and by 70,000,000 websites on the Internet overall.

“The team at NGINX is delighted that GlobalSign, DigiCert and Comodo support the OCSP stapling enhancement to the NGINX webserver,” said Igor Sysoev CTO and principal architect at NGINX, “We have been continuously working on enhancements to NGINX that increase performance, reliability and security. With improved SSL functionality we expect the vast majority of our customers to share our enthusiasm for increased safety on the Internet.”

Continued here

Now, if it’s all the same to you, an alternative system, like Convergence, is in order. This is a good replacement for certificates for online. See this link for more info.

See more good reading below…

Avoid troubles with malware entirely by purchasing Malwarebytes’ Anti-Malware.

%d bloggers like this: