Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43434
  • Total Topics: 16528
  • Online today: 3056
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 3
Guests: 2979
Total: 2982









Post reply

Name:
Email:
Subject:
Message icon:

Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: Fireberg
« on: 25. January 2010., 00:28:59 »

I was wondering , if how many others  holes there are on it!!

Thanx
Posted by: Samker
« on: 20. January 2010., 22:28:43 »



When it comes to updating security threats and bugs in their operating systems, Microsoft is, for the most part, pretty good about it. True, there are threats here and there that get overlooked, but eventually, Redmond takes care of them... except in this case.

The H Security points out that Microsoft has ignored a security hole in Windows since the release of Windows NT 3.1 in 1993. This vulnerability is present in all 32-bit Windows operating systems since then. The problem exists due to a flaw in the Virtual DOS Machine (or VDM), which was used to support 16-bit applications. The flaw allows for a 16-bit program to manipulate the kernel stack of processes. The site notes that "this potentially enables attackers to execute code at system privilege level," making this a real threat to system security.

The vulnerability was discovered by a member of the Google security team, named Tavis Ormandy. The hole was tested and found to still be present in Windows XP, Server 2003, 2008, Vista, and 7, and can be used to open a command prompt "in the system context, which has the highest privilege level." Ormandy says that he informed Microsoft of this hole back in 2009, but they have yet to fix it. The work around for it happens to be pretty simple; all you have to do is disable the MS-DOS subsystem. It's advised that all companies patch the hole, especially now that the vulnerability is public knowledge. Turning this off should not affect any compatibility issues, unless, for some strange reason, you're still using 16-bit applications.

Here's how to disable it:

"The workaround requires users to start the group policy editor and enable the "Prevent access to 16-bit applications" option in the Computer
Configuration\Administrative Templates\Windows Components\Application Compatibility section."


(NeoWin)

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023