- Linux Mint 9: “Isadora”
Wed, 27 Jan 2010 15:18:12 +0000
Linux Mint 9, based on the upcoming Ubuntu 10.04 Lucid Lynx, will be released in May this year under the codename “Isadora”. Of Greco-Latin origin, “Isadora” means “Gift from Isis”.
Friday, January 29, 2010
Friday, January 22, 2010
By Stuart J. Johnston
January 22, 2010
Microsoft acknowledged that a security researcher has located a 17-year-old hole in Windows that could be used to take over a user's system and said it plans a patch.
However, compromising a user's PC would not be easy, requiring physical access to the machine as well as authenticated password access, Microsoft (NASDAQ: MSFT) said in a Security Advisory Wednesday.
The hole, which originated with the release of Windows NT back in 1993 and is present in every 32-bit version of Windows since, including Windows 7, was discovered by Tavis Ormandy, a Google security team member in Switzerland.
Ormandy claimed in a posting to the Full Disclosure security mailing list earlier this week that the hole is in a portion of Windows originally meant to enable NT to run 16-bit MS-DOS applications.
The problem lies in what is known as the Virtual DOS Machine or VDM, which is meant to allow NT-based versions of Windows run 16-bit x86 programs. By manipulating what's called the kernel stack, an attacker can elevate his or her user privileges to an administrator’s level in order to take over the user's system.
Ormandy said that he notified Microsoft of the hole in June but, after receiving no response other than an acknowledgement, decided to publish his discussion as well as a proof-of-concept exploit.
That got Microsoft's attention and, on Wednesday, the software giant released the Security Advisory regarding the problem.
Microsoft noted that the proof-of-concept has not triggered any real world attacks so far. Partly, that is related to the requirement that any attack be carried out locally, not remotely. For that reason, the hole is not as dangerous as most zero-day vulnerabilities. Some Windows users are not at any risk
One piece of good news is that users of 64-bit versions of Windows are not affected. Many new PCs sold today are shipped with 64-bit Windows 7 preloaded, meaning they are not at risk, according to Microsoft's Security Advisory.
Microsoft's Security Advisory contains a workaround, which is to disable the use of the 16-bit VDM. That should have little impact on most users since the feature is rarely used today.
Even Ormandy played down how broad the hole's effect might be.
"The primary audience of this advisory is expected to be domain administrators and security professionals," Ormandy's post stated.
Microsoft normally patches zero-day vulnerabilities as quickly as possible, especially if they critically affect users' security.
For example, Microsoft patched a previously unknown zero-day that surfaced last week in attacks on Google China with an "out-of-band" fix Thursday.
Microsoft said it is working on a patch for the problem but hasn’t decided yet whether it will be released as an out-of-band fix or during a regular Patch Tuesday cycle.
However, since it took 17 years to discover the bug in the first place, and the additional requirement that a hacker be physically in control of a PC being attacked, Microsoft's security response team may view the hole as less likely than most to be seriously exploited.
Wednesday, January 6, 2010
Chana Systems can Help you.
Deals 2012 for Medium Sized Business and Organizations
Up to 40 Percent Lower Project Prices to Improve your Business.
CHANA Systems will
Help you Upgrade
Brings Cost's Down. This is our Specialization.
Ask us about it.
Special from Chanasys with IBM , Lenovo and other Leading Brands
Lenovo Laptops and Desktops
and Other Leading Brands this Month.
With or without Linux + Windows and our Expert Support
Thin Client Solutions are more secure cost less and are popular in large organizations
and use a lot less energy. We can offer leading Thin Client Computers.
Any Questions? Send us an e-mail with "Linux Solutions" as subject.
ASUS eeePC BIG HIT BestSeller Now in Israel
Best as a Portable Second Computer for e-mail
and Browsing Wireless WiFi
Lenovo Laptops from 2000 Shekel
with Windows 7 Vista or XP and
Linux with our expert Support
Get in Touch for similar Packages for Business and Desktop Computers