Hardhead's Blog

About Me

My Photo
Name:
Location: Blue Ridge, Va., United States

Monday, February 25, 2008

RogueRemover Pro Version 1.20 Program Update

RogueRemover Pro Program Update

Version 1.20 (2/24/08)

1. Added support for Catalan language.
2. Changed version tab information.
3. Improved Rogue.Infector detection.
4. Rewrote cookie cleaning functions.
5. Packaged new database.

Product Details: RogueRemover Pro

http://www.malwarebytes.org/forums/index.php?s=&showtopic=2595&view=findpost&p=13718

Note: Please update via the program updater

posted by Hardhead | 12:10 AM | 0 comments

RogueRemover Free Version 1.24 Program Update

RogueRemover Free Program Update

Version 1.24 (2/24/08)

1. Changed version tab information.
2. Improved Rogue.Infector detection.
3. Packaged new database.

Product Details: RogueRemover FREE

http://www.malwarebytes.org/forums/index.php?s=&showtopic=2596&view=findpost&p=13719

Note: Please update via the program updater

posted by Hardhead | 12:01 AM | 0 comments

Sunday, February 24, 2008

Critical VMware security alert for Windows-hosted VMware client versions

During the last couple of years intensive security research has been performed on virtualization environments, like VMware, Virtual PC, XEN etc. It has been mainly focused on finding new ways to detect if you are running inside a virtual machine (vs. a native host), and finding ways to escape from a virtual machine to the host (or to another virtual machine).

This new VMware vulnerability discovered by Core means a full scape from the guest virtual machine to the host is possible: "On Windows hosts, if you have configured a VMware host-to-guest shared folder, it is possible for a program running in the guest to gain access to the host's complete file system and create or modify executable files in sensitive locations."

It has been rated as critical by VMware and it affects all VMware client products on Windows, that is:

  • VMware Workstation 6.0.2 and earlier, AND 5.5.4 and earlier
  • VMware Player 2.0.2 and earlier, AND 1.0.4 and earlier
  • VMware ACE 2.0.2 and earlier, AND 1.0.2 and earlier

VMware on Mac OS (Fusion) and Linux are not affected by it.

By default, the shared folders feature is disabled in Workstation 6, Player 2, and ACE 2. Workstation 5, Player 1, and ACE 1 enable the shared folders feature by default, but exploiting this vulnerability still requires at least one folder to be configured as shared between the host and guest.

The impact on production environments is supposed to be limited as they tend to use the server versions. However, we, as security professionals, make an extensive use of virtualization technologies for multiple purposes: malware analysis, incident response, forensics, security testing, training, etc, and we typically use the client versions of the products, so... It is time to disable the shared folder capabilities!!, as no update or patch is available yet:

Workaround (from the VMware advisory)

Until VMware releases a patch to fix this issue, users of affected Windows-hosted VMware products should disable shared folders.

To disable shared folders in the Global settings:

1. From the VMware product's menu, choose Edit > Preferences
2. In the Workspace tab, under Virtual Machines, deselect the checkbox for Enable all shared folders by default.

To disable shared folders for the individual virtual machine settings:

1. From the VMware product's menu, choose VM > Settings.
2. In the Options tab, select Shared Folders and Disable.

http://isc.sans.org/diary.html?storyid=4018

posted by Hardhead | 10:51 AM | 0 comments

Windows Live SkyDrive

When you sign in to Windows Live SkyDrive, you're in charge
For each folder you create, you choose who has access to it. Add new folders, rename them, or change who has access at any time.

Always where you need them
5 GB of free online storage, available from any computer with Internet access.
Create personal, shared, and public folders -- you decide who has access to each folder.
Windows Live SkyDrive works well on any Windows or Macintosh computer with Firefox 1.5 or higher, or Internet Explorer 6 or higher.

How we help protect your files
Your personal folders are password-protected with your Windows Live ID, so only you have access.
When you create a shared folder, the friends you're sharing with need to sign in with their own Windows Live ID and password.
Just like at your online bank, all file transfers are protected using Secure Socket Layers (SSL).

Personal
Use personal folders to back up important files that are only for you.
Get to your files from any computer with Internet access by signing in with your Windows Live ID.

Shared
Shared folders make it easy to collaborate with coworkers or classmates.
You decide how much control each person has over each shared folder. Some can just read what's there: others can add and delete files.
Everyone who is sharing uses their own Windows Live ID.

Public
With public folders, anyone on the Internet can view your files, but they can't change them.
Want to show your public files to others? Just send them a link! Each folder and file has its own web address.

http://skydrive.live.com/

posted by Hardhead | 10:36 AM | 0 comments

Getting ready for Vista SP1

Donna, admin owner of the site Calendar Of Updates has put together a great tutorial about what to do before installing Windows Vista SP1.

Check out what she has to say about it here. I know you will learn more about what you need to do after reading her article.

posted by Hardhead | 10:24 AM | 0 comments

Malwarebytes’ Anti-Malware 1.05

Version 1.05 (February 21st, 2008)

1. (FIXED) Faster response to scan abort.
2. (FIXED) Minor bug detecting registry values.
3. (FIXED) Better uninstall support.
4. (FIXED) Better abort scan cleanup.
5. (ADDED) Improved Zlob detection.

http://www.malwarebytes.org/forums/index.php?s=&showtopic=3283&view=findpost&p=13547

Microsoft Internet Explorer 5.5 or higher.
250MHZ processor with at least 64mb of RAM.
Windows 2000, NT, XP, or Vista.
3MB of available free space on hard drive.
Internet access for updating definitions.

Product Details: Malwarebytes' Anti-Malware

posted by Hardhead | 10:12 AM | 0 comments

Monday, February 18, 2008

Malwarebytes Anti-Malware Version 1.04

Version 1.04 (February 18th, 2008)

1. (FIXED) Minor bug in Winsock LSP repair.
2. (FIXED) Improved autostart detection.
3. (FIXED) Flicker of desktop during update.
4. (FIXED) Quarantine problem with restoring files with no folder.
5. (ADDED) CatchMe driver for better file deletion.
6. (ADDED) Delete on reboot for registry items.
7. (ADDED) Support for Swedish language.

http://www.malwarebytes.org/forums/index.php?showtopic=3593&hl=

Microsoft Internet Explorer 5.5 or higher.
250MHZ processor with at least 64mb of RAM.
Windows 2000, NT, XP, or Vista.
3MB of available free space on hard drive.
Internet access for updating definitions.

Product Details: Malwarebytes' Anti-Malware

posted by Hardhead | 7:50 PM | 0 comments

Sunday, February 03, 2008

Malwarebytes Anti-Malware Version 1.02

Malwarebytes Anti-Malware Version 1.02 (February 3rd, 2008)

1. (FIXED) Problems with Protection Module.
2. (FIXED) Language resetting to English on reinstall.
3. (FIXED) New log naming conventions.
4. (FIXED) New locations of certain files and registry entries.
5. (ADDED) New mirror to update tab.
6. (ADDED) Help button in about tab.
7. (ADDED) Latest news now gets saved and loaded on start.
8. (ADDED) Support for Albanian and Hungarian languages.

http://www.malwarebytes.org/forums/index.php?s=&showtopic=3448&view=findpost&p=12766

Microsoft Internet Explorer 5.5 or higher.
250MHZ processor with at least 64mb of RAM.
Windows 2000, NT, XP, or Vista.
3MB of available free space on hard drive.
Internet access for updating definitions.

Download: http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

posted by Hardhead | 6:40 PM | 0 comments