Showing posts with label Microsoft. Show all posts
Showing posts with label Microsoft. Show all posts

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet

Posted by Avik Sarkar On 12/08/2013 01:14:00 am

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet Responsible For Infecting More Than 2 Million Computers
Redmond based software giant Microsoft yet again got a huge success against a big racket of cyber criminals while shattering one of the world's largest and most rampant botnets named 'ZeroAccess'. The Sirefef botnet, also known as ZeroAccess, is responsible for infecting more than 2 million computers, specifically targeting search results on Google, Bing and Yahoo search engines, and is estimated to cost online advertisers $2.7 million each month. Tech giant Microsoft working alongside the Federal Bureau of Investigation (FBI), Europol's European Cybercrime Centre (EC3) have successfully disrupted this notorious botnet. This is Microsoft’s first botnet action since the Nov. 14 unveiling of its new Cybercrime Center — a center of excellence for advancing the global fight against cyber crime — and marks the company’s eighth botnet operation in the past three years.

“This operation marks an important step in coordinated actions that are initiated by private companies and, at the same time, enable law enforcement agencies around Europe to identify and investigate the criminal organizations and networks behind these dangerous botnets that use malicious software to gain illicit profits,” said Troels Oerting, head of the EC3. “EC3 added its expertise, information communications technology infrastructure and analytic capability, as well as provided the platform for high-level cooperation between cyber crime units in five European countries and Microsoft.”
Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cyber criminals to remotely control the botnet from tens of thousands of different computers. ZeroAccess is used to commit a slew of crimes, including search hijacking, which “hijacks” people’s search results and redirects people to sites they had not intended or requested to go to in order to steal the money generated by their ad clicks. ZeroAccess also commits click fraud, which occurs when advertisers pay for clicks that are not the result of legitimate, interested human users’ clicks, but are the result of automated Web traffic and other criminal activity. Research by the University of California, San Diego shows that as of October 2013, 1.9 million computers were infected with ZeroAccess, and Microsoft determined there were more than 800,000 ZeroAccess-infected computers active on the Internet on any given day.



How It Happened:- 
Last week, Microsoft filed a civil suit against the cyber criminals operating the ZeroAccess botnet and received authorization from the U.S. District Court for the Western District of Texas to simultaneously block incoming and outgoing communications between computers located in the U.S. and the 18 identified Internet Protocol (IP) addresses being used to commit the fraudulent schemes. In addition, Microsoft took over control of 49 domains associated with the ZeroAccess botnet. A10 Networks provided Microsoft with advanced technology to support the disruptive action.
As Microsoft executed the order filed in its civil case, Europol coordinated a multijurisdictional criminal action targeting the 18 IP addresses located in Europe. Specifically, Europol worked with Latvia, Luxembourg, Switzerland, the Netherlands and Germany to execute search warrants and seizures on computer servers associated with the fraudulent IP addresses located in Europe. This is the second time in six months that Microsoft and law enforcement have worked together to successfully disrupt a prevalent botnet. It demonstrates the value coordinated operations have against cyber criminal enterprises. For more information about this botnet operation click here

ZeroAccess is counted as a very sophisticated malware, blocking attempts to remove it, therefore recommended for every Microsoft user to click Here for detailed instructions on how to remove this threat. As Microsoft found that the ZeroAccess malware disables security features on infected computers, leaving the computer susceptible to secondary infections, it is critical that victims rid their computers of ZeroAccess by using malware removal or antivirus software as quickly as possible. 
In conversation with press David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit said -“Microsoft is committed to working collaboratively — with our customers, partners, academic experts and law enforcement — to combat cybercrime. And we’ll do everything we can to protect computer users from the sinister activities and criminal networks that victimize innocent people and businesses around the world.” 

While talking about ZeroAccess botnet take down, I would like to remind you that in Match, last year Microsoft has successfully shutdown two command and control (C&C) server of world's of the most dangerous banking trojan Zeus.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

VOGH Exclusive: Xbox Live Outage Caused For Networking Misconfiguration, Not Hacker Attack

Posted by Avik Sarkar On 4/18/2013 06:08:00 pm

Microsoft Said Xbox Live Outage Caused For Networking Misconfiguration During Routine Maintenance, Not Hacker Attack 

Xbox Live -one of the world's most popular and usually very reliable gaming network which rarely has unexpected outages, nor does Microsoft ever take it down for any extended period of time. But accident occurs, and it happened in last Sunday. The software giant and the developer of Xbox - Microsoft has reported a significant Xbox Live outage, rendering the service unavailable since earlier last 13th afternoon, smack in the middle of the peak weekend usage period. The outage is preventing users from signing in to Xbox Live, blocking access to the online services normally available through the console. While acknowledging the issue, on their official Xbox Live Status page Microsoft said “There is still an issue members are having signing in to Xbox LIVE, we greatly appreciate you sticking it out with us while we work as hard as we can to get this problem fixed. Keep checking back here every 30 minutes for another update on our progress.” This update came from Microsoft at 3:30 Pacific time on 13th of April. As soon as this story get spotted, several hikes rises. Among this buzz, it was a few unnamed hacker who took credit of the Xbox outage, while declaring that a cyber attack. Another buzz which just got spread so quickly, was that the outage of Xbox Live network has been caused by hacker collective Anonymous.  Here we must have to say that those buzz have some solid reasons as couple of months ago Windows Azure faced an organized cyber attack which effected the service of Azure storage, Xbox Live and 52 other. And that outage or in other word service interruption stays for 12 long hours. But unlike earlier, this time the issue get resolved immediately. Within one hour all the service get restored and came back to its normal order. On the same Xbox Live Status page Microsoft said “If you were one of the members who was having issues signing in to Xbox LIVE, good news! This issue has been fixed! Thank you so much for your patience during this time, feel free to go enjoy your favorite games and content!”
So far we have discussed about the story of the outage and it's restoration. Now we will talk about the cause of this interruption. As I have said earlier that the rumor of hacker's attack was there which was claiming responsibility of the Xbox Live outage. But in reality it was not due to cyber attack but some internal network problems. In their official respond of the situation and those buzz Microsoft completely dines all those rumors and said  "The Xbox Live service outage on 13 April resulted from networking misconfiguration during routine maintenance and was in no way related to false claims of hacking the service." 
While talking about Xbox outage, we would like to remind you that - another world famous gaming console 'PlayStation' had fallen victim to cyber attacks. It was Anonymous who hit Sony PSN and caused massive outage, data leak and many other devastating damages







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Pwn2Own 2013 Result: Chrome, Firefox, IE, Adobe Reader, Flash & Java Owned

Posted by Avik Sarkar On 3/11/2013 02:55:00 am

Pwn2Own 2013 Result: Chrome, Firefox, IE, Adobe Reader, Flash & Java Owned Only Safari Survived 

Couple of months ago we have talked about 'Pwn2Own 2013' hacking contest sponsored by HP TippingPoint, ZDI and Google where the most famous and widely used browsers have to face challenges. Now the result of this long awaited security competition has came which is showing that the entire browser security landscape can change in a single day, as browsers thought to be secure are proven to be otherwise. Of the Big Four browsers, only Apple's Safari has so far survived the onslaught of the browser-breakers where Chrome, Internet Explorer 10 and Firefox all fell to the mercy of the hackers. Not only browsers but also three other popular applications that is Adobe Reader, Flash Player and yet again Java fallen victim to hackers at 'Pwn2Own'. And for Java it was a true disaster as Java fell three times, though under the contest rules, only the first attacker was due to win the $20,000 prize. Vupen, a renowned security research firm based in France, cracked both Firefox and Internet Explorer. It roughly explained the attack in a tweet, “We’ve pwned Firefox using a use-after-free and a brand new technique to bypass ASLR/DEP on Win7 without the need of any ROP.” This bug hint leads them winning $100,000 for finding a huge hole. Again in a tweet, Security firm Vupen explained “We’ve pwned MS Surface Pro with two IE10 zero-days to achieve a full Windows 8 compromise with sandbox bypass.” Lastly, U.K.-based security firm MWR Labs cracked Chrome and also gained full control of the operating system, this time Windows 7. It also “demonstrated a full sandbox bypass exploit.” The company explained in a blog post that it found a zero-day in Chrome “running on a modern Windows-based laptop.” It was able to exploit the vulnerability by performing a very similar attack to what took down Facebook, Microsoft, and a number of other well-known companies: It had the laptop visit a malicious website. 

Now lets take look at the final score board of Pwn2Own 2013:

Wednesday:
1:30 - Java (James Forshaw) PWNED
2:30 - Java (Joshua Drake) PWNED
3:30 - IE 10 (VUPEN Security) PWNED
4:30 - Chrome (Nils & Jon) PWNED
5:30 - Firefox (VUPEN Security) PWNED
5:31 - Java (VUPEN Security) PWNED

Thursday:
12pm - Flash (VUPEN Security) PWNED
1pm - Adobe Reader (George Hotz) PWNED
2pm - Java (Ben Murphy via proxy) PWNED


The total damage to the prize fund comes out at a whopping $480k. With HP's announcement that everyone will get paid for each attack, the prize monies will be divvied up as follows:-

  1. James Forshaw: Java = $20K
  2. Joshua Drake: Java = $20k
  3. VUPEN Security: IE10 + Firefox + Java + Flash = $250k
  4. Nils & Jon: Chrome = $100k
  5. George Hotz: Adobe Reader = $70k
  6. Ben Murphy: Java = $20k
As you all know that the main motive of these contest is to make applications, software more safe and secure while figuring out hidden vulnerabilities  Here also for Pwn2Own the security holes figured out by the above experts have already been submitted and taken carefully by those organization  along with that, the expected patch for the browsers have already been released. Those who are still using the older version of those above applications are requested to update their system. So, stay tuned with VOGH and be safe on the Internet. 


 -Source (HP, Naked Security) 








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hackers Hit Microsoft Windows Azure Causing 12 Hour Outage, Affecting Xbox & 52 Other Services

Posted by Avik Sarkar On 2/27/2013 08:17:00 pm

Hackers Hit Microsoft Windows Azure Causing 12 Hour Outage, Affecting Xbox & 52 Other Services 

Windows Azure the cloud computing platform of Microsoft for building, deploying and managing applications and services through a global network of Microsoft-managed datacenters  faced an unwanted disaster due to organized cyber attack which interrupted its service world wide. While looking at the scenario the Redmond based software giant sincerely apologize for the interruption and any issues it has caused and declared that they will  refund Windows Azure customers impacted by the said outage last week caused by an expired SSL certificate. The Windows Azure Storage outage affected at least 52 services, including Xbox Live on Thursday night and Friday. 
In a blog post while describing the situation Microsoft said - "HTTP traffic was unaffected but the event impacted a number of Windows Azure services that are dependent on Storage.  We executed the repair steps to update the SSL certificate on the impacted clusters and availability was restored to >99% worldwide by 1:00 AM PST on February 23.  At 8:00 PM PST on February 23, we completed the restoration effort and confirmed full availability worldwide. Given the scope of the outage, we will proactively provide credits to impacted customers in accordance with our SLA. The credit will be reflected on a subsequent invoice.  Our teams are also working hard on a full root cause analysis (RCA), including steps to help prevent any future reoccurrence."






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Security Advisory (2794220) Remote Code Execution Vulnerability in Internet Explorer Fixed

Posted by Avik Sarkar On 1/05/2013 09:48:00 pm

Microsoft Security Advisory (2794220) Remote Code Execution Vulnerability in Internet Explorer Fixed

The Redmond based software giant Microsoft issued an urgent security advisory to address vulnerabilities in its popular web-browser that is Internet Explorer.  Few of days new “zero day” security hole in IE was discovered which could potentially allow hackers to take over control of your system when all you've done is visit an infected website. The vulnerability affects IE versions 6, 7 and 8. Though the latest versions of the browser, that means IE 9 and 10, are not affected. “An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.” Microsoft said in its statement. The statement went on to say, “an attacker could host a website that contains a webpage that is used to exploit this vulnerability. In addition, compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability.”
On its advisory Microsoft first issued warning of the problem, which involves how IE accesses "an object in memory that has been deleted or has not been properly allocated." The problem corrupts the browser's memory, allowing attackers to execute their own code. Security vendor Symantec described such a scenario as a "watering hole" attack, where victims are profiled and then lured to the malicious site. Last week, one of the websites discovered to have been rigged to delivered an attack was that of the Council on Foreign Relations, a renowned foreign policy think tank. 
While talking about IE and its bugs, then we would like to remind you that couple of weeks ago, Spider.io a website analytics firm has discovered a security vulnerability in all current versions of Internet Explorer that allows attackers to trace mouse cursors anywhere on users' screens even if the Internet Explorer window is minimized. That time the software giant ignored that particular issue. But here they take this one bit seriously; So if you still using the older and affected version of IE, then its time to update your browser, in order to stay safe and secure on the Internet. To update your browser or to access the security fix click Here




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Internet Explorer Vulnerability Allowing Hackers to Track Your Mouse Cursor

Posted by Avik Sarkar On 12/19/2012 12:51:00 pm

Internet Explorer Vulnerability Allowing Hackers to Track Your Mouse Cursor, Still Microsoft is Apathetic 

Yet again Microsoft Internet Explorer have fallen victim in front of hackers. Spider.io a website analytics firm has discovered a security vulnerability in all current versions of Internet Explorer that allows attackers to trace mouse cursors anywhere on users' screens even if the Internet Explorer window is minimized  The vulnerability is particularly troubling because it compromises the security of virtual keyboards and virtual keypads. Spider.io said -The vulnerability is notable because it compromises the security of virtual keyboards and virtual keypads.
As a user of Internet Explorer, your mouse movements can be recorded by an attacker even if you are security conscious and you never install any untoward software. An attacker can get access to your mouse movements simply by buying a display ad slot on any webpage you visit. This is not restricted to lowbrow porn and file-sharing sites. Through today’s ad exchanges, any site from YouTube to the New York Times is a possible attack vector. Indeed, the vulnerability is already being exploited by at least two display ad analytics companies across billions of webpage impressions each month. As long as the page with the exploitative advertiser’s ad stays open—even if you push the page to a background tab or, indeed, even if you minimize Internet Explorer—your mouse cursor can be tracked across your entire display.


Vulnerability Disclosure
Package: Microsoft Internet Explorer
Affected: Tested on versions 6–10
BugTraq Link: seclists.org/bugtraq/2012/Dec/81


Spider.io has set a demo page to demonstrate how the vulnerability is working. According to sources, Microsoft Security Research Center has acknowledged the vulnerability, but unfortunate that Microsoft are not in a hurry to patch this vulnerability in existing versions of its popular browser. "There are no immediate plans to patch this vulnerability in existing versions of the browser."  said MSRC



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Apple Hired Kristen Paget, Renowned Hacker & Former Security Expert of Microsoft

Posted by Avik Sarkar On 12/11/2012 05:53:00 pm

Apple Hired Kristen PagetRenowned Hacker & Former Security Expert of Microsoft 

 To become  the very best along with that to maintain and hold your position, you need to deliver your hundred percent even some times more than hundred percent, and this race continues. For that we have to gather the very best guy with as. The above fact took place again, when Apple hired a renowned computer security researcher who helped Microsoft to rid Windows Vista from glaring exploits. I think, you already started guessing, let me tell you that yes you are absolutely right. Kristen Paget formerly known as Chris Paget who was part of an elite team of security experts of Microsoft has now been hired by Apple to lend her expertise to securing the company's operating systems. Apple, slowly, has been trying to make inroads into the security community. This summer, an Apple engineer spoke at the Black Hat security conference for the first time. So it is a bit predictable that why Apple is looking for security experts. Paget's exact charge at Apple is still somewhat of a mystery, with company representatives declining to comment on the specifics of what she'll be working on. After leaving Microsoft and prior to her move to 1 Infinite Loop, Paget was employed by security firm Recursion Ventures. According to sources, this past July, she'd departed stating that she wished to focus on developing security-related hardware.  
According to a report by Wired - Paget’s work at Microsoft had been similarly secretive. She’d been forbidden from speaking about it for five years after her work there ended.
But in 2011, the NDA expired, and she spilled the beans on her Vista hacking at the Black Hat Las Vegas conference. In short: Microsoft’s security team had expected Vista to be pretty clean when Paget got her hands on it, but they were wrong.
“We prevented a lot of bugs from shipping on Vista,” Paget said, according to a recording of her talk. “I’m proud of the number of bugs we found and helped get fixed.” Paget and company’s bug-hunt was so successful, in fact, that it forced Microsoft to push back Vista’s ship date. When the work was done, the hackers received special T-shirts, signed by Microsoft Vice President of Windows Development Brian Valentine. They read: “I delayed Windows Vista.” 
Until this past summer, Paget had been chief hacker at Recursion Ventures, a company that specializes in hardware security. When she left in July, she said she was looking for a break from bug-finding, hoping to find a job that involved building “security-focused hardware.”
“I’ve done too much breaking of things, it’s time to create for a change,” she said on Twitter. She was hired in September as a core operating system security researcher at Apple, according to her Linkedin Profile. 
Paget made headlines in 2010 when she built her own cellphone-intercepting base station at the Defcon hacker conference. Back then, Paget was known as Chris. She switched genders last year.

While talking about hiring geniuses by giant firms, we would like to remind you that very recently Apple has hired search guru Bill Stasior to oversee Apple's Siri voice-activated personal assistant. Along with this, few months ago social networking giant Twitter had appointed famous whitehat hacker Charlie Miller, to boost up its security.  Also in late 2011 Nicholas Allegra, the world-famous hacker known as "Comex", creator of JailbreakMe.com comes was also hired by Apple.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Launching Surface With Windows 8 Pro in January Starting at $899 For 64GB & $999 For 128GB

Posted by Avik Sarkar On 12/02/2012 07:02:00 pm

Microsoft Launching Surface With Windows 8 Pro in January Starting at $899 For 64GB & $999 For 128GB

Near about five months ago Microsoft announced that they will introduce a tablet computer of its own design that runs a new version of its Windows operating system, and that tablet was named 'Surface'. After this announcement we got the long awaited Surface tablet based on Windows RT. Now the software giant announced that the next version of its tablet computer which will run on full version of Windows 8 Pro is ready for sale. in a blog post Microsoft confirmed that the device will start at $899 for the 64GB model, with the 128GB version setting you back $999. Both of those are what's Microsoft's dubbing the "standalone" model, which means you'll get a Surface pen/stylus, but have to shell out extra for a Touch or Type Cover (each over $100). Both will be available in January, although there's no specific date or word on pre-orders yet. The current Surface uses the slimmed down Windows RT operating system. As a result, it runs only specially designed applications from Microsoft and others sold through the company's online store. The Pro version of Surface will also run regular Windows applications written for desktops and laptops. "It's a full PC AND a tablet," Surface general manager Panos Panay wrote in a blog post Thursday.
Both Surface RT & Pro looks similar to the including the same "VaporMg" casing and built-in kickstand, and it also boasts a 10.6-inch display with a 16:9 aspect ratio. A key difference with that latter bit, though, is that the screen packs a full 1920 x 1080 resolution as opposed to the 1366 x 768 found on the RT model. You'll also get a third-gen Core i5 processor with Intel HD Graphics 4000 (no more specifics on that just yet), 4GB of RAM, a Mini DisplayPort that can output a 2560 x 1440 resolution, a full-size USB 3.0 port and, of course, Windows 8 Pro with support for all your traditional desktop applications. All that expectedly makes the tablet itself a bit heftier than its RT-based counterpart -- it's just over half-an-inch thick and weighs in at two pounds on the nose.
The spec list confirmed that the Surface Pro will have a 42 W-h battery, but Microsoft has now also expanded on that in a tweet, saying that the device is expected to "have approximately half the battery life of Surface with Windows RT." Based on our testing of the RT version, that should translate to just over four-and-a-half hours.



-Source (Microsoft, Engadget)












SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Israeli Domain of MSN, Bing, Skype, Microsoft Store, BBC, CNN & Many More High Profile Israeli Sites Hacked

Posted by Avik Sarkar On 11/21/2012 01:17:00 am

Israeli Domain of MSN, Bing, Skype, Microsoft Store, BBC, CNN & Many More High Profile Israeli Sites Hacked

More hackers taking part in the Israeli rampage dubbed Operation Israel. As soon as the story of bombing and air strike in Gaza get spotted on the social networks, we have seen immediate protest coming from almost every part of the world. In case of digital bombing, then it was first Anonymous who called Operation Israel, then hackers from different part of the world joined and contributed in this combined protest. So far we have seen along with Anon, Pakistani hacker Hitcher from Muslim Liberation Army, Indian hacker Godzilla, & Kosovo Hackers Security have played vital role in this rampage. But now the scenario is going from bad to worse for Israeli cyber space, as a group of Pakistani hackers hit a large number of high profile Israeli domain. Those big giants who have fallen victim in this round of cyber attack from Pakistan are MSN, Bing, Live, Skype, Microsoft Store, BBC, CNN, Coca-Colla, XBOX, Windows, Intel, Philips, Israeli Parliament, Citi Bank and few more. According to sources more than 44 million hacking attempts have been made on Israeli government web sites since Wednesday. Attempts on defense related sites have been the highest, while 10 million attempts have been made on the site of Israel's president, 7 million on the Foreign Ministry and 3 million on the site of the prime minister.

Complete List:-
pm.parliament.co.il        
www.skype.co.il 
www.cnn.co.il 
intelcore.co.il 
www.msn.org.il 
passport.org.il 
www.microsoftstore.co.il 
intelatom.co.il 
www.opel.co.il 
philips.co.il 
bing.co.il 
bbc.org.il 
pantene.co.il 
paypass.co.il 
amazonunbox.co.il 
windowslive.co.il 
windows.co.il 
www.nbcuni.co.il 
citibank.co.il 
blog.fanta.co.il 
blog.sprite.co.il 
sprite.org.il 
xbox360.co.il 
www.xboxfusion.co.il 
cocacola.co.il 
coke.co.il 
www.xboxignite.co.il 
www.intelappup.co.il 
www.intel.co.il 
live.co.il 
solarwinds.co.il 
live.org.il 
www.msn.co.il 

Both the screen shot of the deface page and Zone-H mirror is saying that four hackers from Pakistan named 1337, H4x0rL1f3, ZombiE_KsA & Invectus were behind this massive cyber attack. Though a post on popular hackers forum named Sec4ever we came to know that ZombiE_KsA denied his relation with this hack. As usual self claimed famous security news blog, The Hacker News, tried to do a publicity stunt, while morphing the original news. Chasing fake publicity and money, the ready made source of news, also known as The Hacker News forgot the importance of  the situation in Gaza.
According to the view of VOGH, it hardly matters who take part in this hack, but what matters is that, a few human stand for humanity & humanity is beyond any religion, any cast and any color. So far the world have seen an instance of cruelty and inhumane of Israeli army, where the people of Gaza have been tortured brutally. The peace loving people across the world have already stood against this relentless practice. And when Anonymous called Operation Israel, that protest became a digital bombing. We the entire VOGH team salute those people across the globe, who have actively taken part in this protest. Its our world, its our home, and all the people in it are our family, so its our foremost responsibility to take care those members and stand with them. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

End of Windows Live Messenger: Microsoft Replacing Live Messenger With Skype

Posted by Avik Sarkar On 11/12/2012 06:41:00 am

End of Windows Live Messenger: Microsoft Replacing Live Messenger With Skype

In 2011 the Redmond based software giant Microsoft acquired Skype Communications for US$8.5 billion, later we have seen several ups and downs, along with compliment and criticism of this acquirement. But we have to remember that, it is Microsoft Corporation, who always have done the very best to make its product successful. In case of Skype the same ting happened. Microsoft announced Tuesday that it is retiring Windows Live Messenger & chat tool and replace it with Skype's messaging tool. Microsoft said Windows Live Messenger (WLM) would be turned off by March 2013 worldwide, with the exception of China. This move will allow consumers to use Skype's features such as chat on all platforms including iPad and Android tablets; send instant messages; make video calls; share their screen; join a group chat; and call contacts on their mobile or land lines. This announcement from Microsoft is made in an effort to make Skype the company's main instant messaging software. It reflects the firm's determination to focus its efforts on Skype. 
For the information of VOGH readers, WLM launched in 1999 when it was known as MSN Messenger. According to survey MSN had more than 330 million active users world wide. According to internet analysis firm Comscore, Windows Live Messenger (WLM) still had more than double the number of Skype's instant messenger facility at the start of this year in the US, and was second only in popularity to Yahoo Messenger. But the report suggested WLM's US audience had fallen to 8.3 million unique users, representing a 48% drop year-on-year. By contrast, the number of people using Skype to instant message each other grew over the period. Microsoft highlighted the fact that WLM was still more popular than Yahoo's product in most other territories, but nevertheless decided to call time on the service. To ease the changeover, Microsoft is offering a tool to migrate WLM messenger contacts over. In order to transition over to Skype, just download the latest version, then select the option to sign in with your Microsoft account on the sign in screen. You will then be asked if you’re already using Skype or are a new user. If you use Skype and Messenger already, you can merge your Skype and Messenger account into your Microsoft account. Skype says it will assist users over the coming months to smoothly transition over from Windows Live Messenger. The move is nothing too surprising — it seemed obvious that Microsoft wanted to take advantage of its acquisition of the popular IM and video chat client. So far, it looks like Microsoft is on the right track to do that.


For detailed information about this story Click Here


-Source (Skype, BBC)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

VUPEN Researchers Said: They Have First Zero-Day Exploit for Windows 8 & Internet Explorer 10

Posted by Avik Sarkar On 11/04/2012 04:52:00 am

VUPEN Researchers Said: They Have First Zero-Day Exploit for Windows 8 & Internet Explorer 10

Everyday the users of Microsoft newly launched and so far most advanced windows operating system, I mean Windows 8 are increasing. But we have to keep in mind the security threats are also increasing in parallel. Recently well known French IT security firm Vupen, also known as controversial bug hunters and exploit sellers claimed to have Zero-day exploit of Windows 8. Experts at Vupen Security took credit of cracking the low-level security enhancements featured in Windows 8, Microsoft's latest operating system. According a tweet made by the official account of Vupen Security said it already has a Windows 8 exploit on offer. "Our first 0day for Win8+IE10 with HiASLR/AntiROP/DEP & Prot Mode sandbox bypass (Flash not needed) is ready for customers. Welcome #Windows8" 
Apparently, the exploit combines several unpatched (0-day) security holes in the new version of Windows and the bundled Internet Explorer 10 browser to inject malicious code into systems via specially crafted web pages. Also VUPEN CEO and head of research Chaouki Bekrar sent out a pair of ominous Tweets yesterday claiming to have developed the first zero-day exploit for Windows 8 and Internet Explorer 10, both released Oct. 26. Bekrar hints the exploit is a sandbox bypass for IE10 with ASLR, DEP and anti-ROP mitigations enabled. “We welcome #Windows8 with various 0Ds combined to pwn all new Win8/IE10 exploit mitigations,” Bekrar wrote. 

The exploit allegedly bypasses all of Windows 8's malware protection features: for example the Address Space Layout Randomization (ASLR) function that Microsoft has extended in the current edition of Windows to cover more system areas and offer improved randomisation. Vupen claims that the exploit also bypasses the Data Execution Prevention (DEP) and ROP features as well as Internet Explorer's sandbox-like Protected Mode. A patch for the exploited holes may not become available in the foreseeable future: Vupen said that it discovered the vulnerabilities itself and doesn't plan to disclose them to Microsoft. The company is only offering its exploit to its paying customers, among them government investigation authorities. Should Microsoft close the holes, the elaborate exploit would significantly decrease in value.



-Source (The-H & threatpost)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Security Flaws Allowing Any Windows User to Upgrade to Windows 8 Pro For Just $14.99

Posted by Avik Sarkar On 10/28/2012 04:37:00 am

Security Flaws Allowing Any Windows User to Upgrade to Windows 8 Pro For Just $14.99

The long awaited and the most advanced windows operating system by Microsoft is ready and available to buy from Microsoft Store. Earlier we got three Pre-release version of Windows 8 -Consumer Preview, Developer Preview Release Preview. Along with these the Redmond based software giant also released an Enterprise Edition of Windows 8. With those releases, Microsoft declared that they will start selling Windows 8 from October 26. As per the schedule Microsoft opened its virtual store and began selling upgrades to Windows 8 Pro for $39.99, making good on a promise made last summer. The upgrade, which must be downloaded and installed via a utility called "Windows 8 Upgrade Assistant," can be applied to Windows XP-, Vista-, and Windows 7-powered systems. So far so good, but not that good as it looking, recently a security hole has been spotted in the wild which is allowing Windows user to buy a license for Windows 8 Pro for just $14.99 by faking the details on the WindowsUpgradeOffer page. According to a post from Technology Personalized -For the uninitiated, the MRP of Windows 8 Pro version is $169.99 and during the promotional offer period, which runs till Jan 31st 2013, Microsoft is offering a big $130 discount to encourage early adaption of the latest Windows OS. So, the existing Windows 7/Vista/XP users can upgrade to Windows 8 for just $39.99 (or INR 1999). Additionally, Microsoft had announced that those who bought a Windows 7 PC between June 2, 2012, and January 31, 2013 are eligible for a further discount and can actually upgrade for a meagre $14.99. Moreover, users get to download the ISO and/or save Windows 8 as bootable USB.


Shockingly, the WindowsUpgradeOffer page requires people to enter some extremely basic details about their Windows 7 PC purchase as shown below. As you can see, the details they ask for can no way be used to validate the purchase. It neither asks for a serial number nor Windows 7 key, but just the PC brand and model! As you can see, we entered some random info into each of the fields.


Once the details are submitted, user will get a confirmation email about the registration. Within a few minutes, another email with the promo code is sent to the same email address. This promo code can be used to purchase the Windows 8 Pro edition via the Windows 8 Upgrade assistant app, for a nominal fee of USD 14.99. Unbelievable, isn’t it? 
So far Microsoft did not responded about this issue, but for those who want to buy Windows 8 Pro (Download) click Here & those who want to get Windows 8 Pro shipped to you click Here.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search