Microsoft issued a security advisory on Friday for a vulnerability in all supported versions of Windows. The vulnerability exists due to the way MHTML interprets MIME-formatted requests for content blocks within a document. It is possible under certain conditions for this vulnerability to allow an attacker to inject a client-side script in the response of …
A mere 5 months after its initial release, Microsoft has made update KB 2264107 available through Microsoft Update. Previously it had been available only as a direct download. This patch was created to control the DLL search path algorithm. As I understand it deploying the patch only gives you the ability to then deploy a …
Continue reading ‘KB2264107 Available Through Microsoft Update’ »
Microsoft has released two security bulletins. Microsoft’s summary of both is posted http://www.microsoft.com/technet/security/bulletin/ms11-jan.mspx
I was looking at the DLL hijacking hotfix (KB 2264107). I deployed the update for 32 bit XP a couple of months back. Tonight I was taking a look at deploying the update for other operating systems. The first bit of weirdness I found is the Windows 7 updates now have “v2″ in the file …
Earlier this week, I read this article reporting on Passware’s presentation at Password^20. It reported that if you are using BitLocker or TrueCrypt and you’ve ever used hibernate, then Passware Kit Forensic is able to recover the encryption key from the Hibernate file. The recommendation was “NEVER EVER EVER EVER allow hibernation for any computer.” I found …
When Quicktime 7.6.7 came out, I wanted to deploy it with Microsoft System Center Update Publisher (SCUP). I’d recently used SCUP to deploy Flash (for IE) and the Dell Inventory Agent. It made sense to look at using SCUP and SCCM Software Updates to deploy patches rather than continuing to use the old Software Distribution …
Microsoft System Center Update Publisher is a method to get third-party updates deployed through SCCM and an internal update server. As I started working with it this summer, I had issues creating applicability rules. When you create a collection in SCCM you get immediate feedback about the accuracy of your rules. You either have the number of computers …
Authentium Command Antivirus on Friday detected a handful of Office documents as MSWord/Dropper.B!camelot. I ran a couple of the files through VirusTotal and found Authentium was the only company detecting the file as a virus. In some cases that would be a sign of being on the cutting edge of detection, but in this case …
Continue reading ‘Authentium Command Antivirus False Positive’ »
I deployed Adobe Flash 10.1 through System Center UpdatesPublisher (SCUP). Its kind of sad how excited this makes me. SCUP is a framework that allows you to integrate third-party update deployment into your SCCM/WSUS server. Companies can provide a CAB file that you import into SCUP, approve updates and publish them to your SCCM server. …
According to Qualys, 50% of enterprise Windows XP computers are still running Service Pack 2. This was reported by Byron Acohido in a USA Today article. This matters because MIcosoft will stop providing security patches for computers with this service pack in July. If you’re running XP, you must have service pack 3 to continue …
Continue reading ‘50 Percent of Enterprise XP running SP2’ »