NSS Labs are Now Offering Rewards Money for Fresh Exploits

NSS Labs is sweetening the pot for its ExploitHub marketplace by offering rewards to security gurus who can write working exploits for a dozen "high-value" vulnerabilities. The company, which has set aside US$4,400 in reward money, plans to give $100 to $500 to the first people to submit a working exploit for the vulnerabilities. Ten of the vulnerabilities concern Microsoft's Internet Explorer browser and two were found in Adobe's Flash multimedia program.
The exploits must be client-side remote exploits that can result in code execution. Proof-of-concept code and denial-of-service conditions do not qualify. NSS Labs will pay the developer with American Express gift cards. Residents from countries that the U.S. has a standing embargo against are not allowed to participate.
NSS Labs said that those who win can then sell their exploits on ExploitHub, a marketplace the company set up for penetration testers to acquire exploits to test against their infrastructure. ExploitHub was set up to help with the development of penetration testing tools and to assist computer security researchers.
Those who write the winning exploits may then sell their code on ExploitHub, with NSS Labs taking a 30 percent commission. Penetration testers can also make requests via the marketplace for exploits for specific vulnerabilities. Those who want to buy exploits are vetted by NSS Labs to ensure the marketplace is not abused.
ExploitHub also only sells exploits for vulnerabilities that have been patched and does not host ones for zero-day vulnerabilities. 

The vulnerabilities that NSS Labs is offering the reward for are:-

1. CVE-2011-1256: Microsoft Internet Explorer CElement Memory Corruption

2. CVE-2011-1266: Microsoft Internet Explorer VML vgx.dll Use After Free

3. CVE-2011-1261: Microsoft Internet Explorer selection.empty Use After Free

4. CVE-2011-1262: Microsoft Internet Explorer Redirect Memory Corruption

5. CVE-2011-1963: Microsoft Internet Explorer XSLT Memory Corruption

6. CVE-2011-1964: Microsoft Internet Explorer Style Object Memory Corruption

7. CVE-2011-0094: Microsoft Internet Explorer CSS Use After Free Memory Corruption

8. CVE-2011-0038: Microsoft Internet Explorer 8 IESHIMS.DLL Insecure Library Loading

9. CVE-2011-0035: Microsoft Internet Explorer Deleted Data Source Object Memory Corruption

10. CVE-2010-3346: Microsoft Internet Explorer HTML Time Element Memory Corruption

11. CVE-2011-2110: Adobe Flash Player ActionScript Function Variable Arguments Information

12. CVE-2011-0628: Adobe Flash Player Remote Integer Overflow Code Execution

-News Source (PC-World)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">NSS Labs are Now Offering Rewards Money for Fresh Exploits"https://www.voiceofgreyhat.com/2011/10/nss-labs-are-now-offering-rewards-money.html</a>

Microsoft Patches Serious 34 Vulnerabilities

In today's Patch Tuesday, Microsoft released 16 bulletins addressing 34 vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, .NET, SQL, Visual Studio, Silverlight, VML and ISA. Nine of the bulletins are rated Critical, with seven rated as Important. Wolfgang Kandek, Qualys CTO, comments: "The only bulletin with a known expoit in the wild is MS11-046, a local privilege escalation flaw in the "afd.sys" driver. IT admins can check with their end-point security providers for coverage, but should include this bulletin high on their to-do lists in any case, as it is only a matter of time until we see more attackers use malware taking advantage of this exploit to gain control of your workstations."

Here are the bulletins:-

Vulnerability in OLE Automation 
This security update resolves a privately reported vulnerability in Microsoft Windows Object Linking and Embedding (OLE) Automation. The vulnerability could allow remote code execution if a user visits a Web site containing a specially crafted Windows Metafile (WMF) image. In all cases, however, an attacker would have no way to force users to visit such a Web site. Instead, an attacker would have to convince users to visit a malicious Web site, typically by getting them to click a link in an e-mail message or Instant Messenger request.

Vulnerability in .NET Framework and Microsoft Silverlight
This security update resolves a privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions.

Vulnerability in Threat Management Gateway Firewall Client 
This security update resolves a privately reported vulnerability in the Microsoft Forefront Threat Management Gateway (TMG) 2010 Client, formerly named the Microsoft Forefront Threat Management Gateway Firewall Client. The vulnerability could allow remote code execution if an attacker leveraged a client computer to make specific requests on a system where the TMG firewall client is used.

Vulnerability in Windows Kernel-Mode Drivers
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a network share (or visits a web site that points to a network share) containing a specially crafted OpenType font (OTF). In all cases, however, an attacker would have no way to force a user to visit such a web site or network share. Instead, an attacker would have to convince a user to visit the web site or network share, typically by getting them to click a link in an e-mail message or Instant Messenger message.

Vulnerabilities in Distributed File System
This security update resolves two privately reported vulnerabilities in the Microsoft Distributed File System (DFS). The more severe of these vulnerabilities could allow remote code execution when an attacker sends a specially crafted DFS response to a client-initiated DFS request. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems that are connected to the Internet have a minimal number of ports exposed.

Vulnerability in SMB Client
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker sent a specially crafted SMB response to a client-initiated SMB request. To exploit the vulnerability, an attacker must convince the user to initiate an SMB connection to a specially crafted SMB server.

Vulnerability in .NET Framework
This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow remote code execution on a client system if a user views a specially crafted Web page using a Web browser that can run XAML Browser Applications (XBAPs). Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The vulnerability could also allow remote code execution on a server system running IIS, if that server allows processing ASP.NET pages and an attacker succeeds in uploading a specially crafted ASP.NET page to that server and then executes the page, as could be the case in a Web hosting scenario. This vulnerability could also be used by Windows .NET applications to bypass Code Access Security (CAS) restrictions.

Cumulative Security Update for Internet Explorer
This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Vulnerability in Vector Markup Language
This security update resolves a privately reported vulnerability in the Microsoft implementation of Vector Markup Language (VML). This security update is rated Critical for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows clients; and Moderate for Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on Windows servers. Internet Explorer 9 is not affected by the vulnerability.

The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Vulnerability in MHTML
This security update resolves a publicly disclosed vulnerability in the MHTML protocol handler in Microsoft Windows. The vulnerability could allow information disclosure if a user opens a specially crafted URL from an attacker's Web site. An attacker would have to convince the user to visit the Web site, typically by getting them to follow a link in an e-mail message or Instant Messenger message.

Vulnerabilities in Microsoft Excel
This security update resolves eight privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Installing and configuring Office File Validation (OFV) to prevent the opening of suspicious files blocks the attack vectors for exploiting the vulnerabilities described in CVE-2011-1272, CVE-2011-1273, and CVE-2011-1279. Microsoft Excel 2010 is only affected by CVE-2011-1273 described in this bulletin. The automated Microsoft Fix it solution, "Disable Edit in Protected View for Excel 2010," available in Microsoft Knowledge Base Article 2501584, blocks the attack vectors for exploiting CVE-2011-1273.

Vulnerability in Ancillary Function Driver
This security update resolves a publicly disclosed vulnerability in the Microsoft Windows Ancillary Function Driver (AFD). The vulnerability could allow elevation of privilege if an attacker logs on to a user's system and runs a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit the vulnerability.

Vulnerability in Hyper-V Could
This security update resolves a privately reported vulnerability in Windows Server 2008 Hyper-V and Windows Server 2008 R2 Hyper-V. The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

Vulnerability in SMB Server
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker created a specially crafted SMB packet and sent the packet to an affected system. Firewall best practices and standard default firewall configurations can help protect networks from attacks originating outside the enterprise perimeter that would attempt to exploit this vulnerability.

Vulnerability in the Microsoft XML Editor
This security update resolves a privately reported vulnerability in Microsoft XML Editor. The vulnerability could allow information disclosure if a user opened a specially crafted Web Service Discovery (.disco) file with one of the affected software listed in this bulletin. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise the affected system.

Vulnerability in Active Directory Certificate Services Web Enrollment
This security update resolves a privately reported vulnerability in Active Directory Certificate Services Web Enrollment. The vulnerability is a cross-site scripting (XSS) vulnerability that could allow elevation of privilege, enabling an attacker to execute arbitrary commands on the site in the context of the target user. An attacker who successfully exploited this vulnerability would need to send a specially crafted link and convince a user to click the link. In all cases, however, an attacker would have no way to force a user to visit the Web site. Instead, an attacker would have to persuade a user to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes the user to the vulnerable Web site.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Patches Serious 34 Vulnerabilities"https://www.voiceofgreyhat.com/2011/06/microsoft-patches-serious-34.html</a>

Internet Explorer Vulnerability Allowing Hackers to Track Your Mouse Cursor

Internet Explorer Vulnerability Allowing Hackers to Track Your Mouse Cursor, Still Microsoft is Apathetic 

Yet again Microsoft Internet Explorer have fallen victim in front of hackers. Spider.io a website analytics firm has discovered a security vulnerability in all current versions of Internet Explorer that allows attackers to trace mouse cursors anywhere on users' screens even if the Internet Explorer window is minimized  The vulnerability is particularly troubling because it compromises the security of virtual keyboards and virtual keypads. Spider.io said -The vulnerability is notable because it compromises the security of virtual keyboards and virtual keypads.

As a user of Internet Explorer, your mouse movements can be recorded by an attacker even if you are security conscious and you never install any untoward software. An attacker can get access to your mouse movements simply by buying a display ad slot on any webpage you visit. This is not restricted to lowbrow porn and file-sharing sites. Through today’s ad exchanges, any site from YouTube to the New York Times is a possible attack vector. Indeed, the vulnerability is already being exploited by at least two display ad analytics companies across billions of webpage impressions each month. As long as the page with the exploitative advertiser’s ad stays open—even if you push the page to a background tab or, indeed, even if you minimize Internet Explorer—your mouse cursor can be tracked across your entire display.

Vulnerability Disclosure
Package: Microsoft Internet Explorer
Affected: Tested on versions 6–10
BugTraq Link: seclists.org/bugtraq/2012/Dec/81

Spider.io has set a demo page to demonstrate how the vulnerability is working. According to sources, Microsoft Security Research Center has acknowledged the vulnerability, but unfortunate that Microsoft are not in a hurry to patch this vulnerability in existing versions of its popular browser. "There are no immediate plans to patch this vulnerability in existing versions of the browser."  said MSRC

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Internet Explorer Vulnerability Allowing Hackers to Track Your Mouse Cursor "https://www.voiceofgreyhat.com/2012/12/IE-Vulnerability-Allowing-Hackers-to-Track-Mouse-Cursor.html</a>

Microsoft Issues 'fix it' To Close Internet Explorer 0-day Vulnerability

Microsoft Issues 'fix it' To Close Internet Explorer 0-day Vulnerability 

Last few days the whole cyber world have gone through with so many drama of Internet Explorer's security bug, as researchers have unveiled four active exploits of a zero-day vulnerability in the browser. As expected the software giant Microsoft has released an emergency fix to get rid of these major security issues. Microsoft released a “fix it” tool for a critical security flaw in most versions of Internet Explorer 6, 7, 8 and 9  that hackers have been exploiting to break into Windows systems. The company said it expects to issue an official patch (MS12-063) for the vulnerability on Friday, Sept. 21. "While we have only seen a few attempts to exploit this issue, impacting an extremely limited number of people, we are taking this proactive step to help ensure Internet Explorer customers are protected and able to safely browse online," said Yunsun Wee, director of Microsoft Trustworthy Computing in a statement. The zero-day in IE 6-9 is a use-after-free memory corruption vulnerability, similar to a buffer overflow, that would enable an attacker to remotely execute code on a compromised machine. The original exploit payload dropped the PoisonIvy remote access Trojan (RAT) via a corrupted Flash movie file. The latest payload discovered dropped the PlugX RAT via the same corrupted Flash movie, Blasco said. He also said the new exploits are the work of the Chinese hacker group Nitro, the same group behind a pair of Java zero-day exploits disclosed in August.

Blasco also said the new exploits appear to be targeting defense contractors in the United States and India.

Microsoft recommended several workarounds Tuesday morning before announcing its intention to send out a FixIt.

• Setting Internet and local Internet security zone settings to high, which would block ActiveX Controls and Active Scripting in both zones
• Configure IE to prompt the user before running Active Scripting, or disable Active Scripting in both zones

• Use of Microsoft's Enhanced Mitigation Experience Toolkit provides mitigations as well, and would not impact website usability, as both of the first two options might.

Microsoft also said that IE running on Windows Server 2003, 2008 and 2008R2 runs in a restricted mode that mitigates the vulnerability. Outlook, Outlook Express and Windows Mail also open HTML messages in a restricted zone, mitigating the vulnerabilty but should a user click a link in a message, they could still be vulnerable to exploit.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Issues 'fix it' To Close Internet Explorer 0-day Vulnerability"https://www.voiceofgreyhat.com/2012/09/Microsoft-Issues-fixit-To-Close-IE-0day-Vulnerability.html</a>

Microsoft Security Advisory (2794220) Remote Code Execution Vulnerability in Internet Explorer Fixed

Microsoft Security Advisory (2794220) Remote Code Execution Vulnerability in Internet Explorer Fixed

The Redmond based software giant Microsoft issued an urgent security advisory to address vulnerabilities in its popular web-browser that is Internet Explorer.  Few of days new “zero day” security hole in IE was discovered which could potentially allow hackers to take over control of your system when all you've done is visit an infected website. The vulnerability affects IE versions 6, 7 and 8. Though the latest versions of the browser, that means IE 9 and 10, are not affected. “An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.” Microsoft said in its statement. The statement went on to say, “an attacker could host a website that contains a webpage that is used to exploit this vulnerability. In addition, compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability.”

On its advisory Microsoft first issued warning of the problem, which involves how IE accesses "an object in memory that has been deleted or has not been properly allocated." The problem corrupts the browser's memory, allowing attackers to execute their own code. Security vendor Symantec described such a scenario as a "watering hole" attack, where victims are profiled and then lured to the malicious site. Last week, one of the websites discovered to have been rigged to delivered an attack was that of the Council on Foreign Relations, a renowned foreign policy think tank. 

While talking about IE and its bugs, then we would like to remind you that couple of weeks ago, Spider.io a website analytics firm has discovered a security vulnerability in all current versions of Internet Explorer that allows attackers to trace mouse cursors anywhere on users' screens even if the Internet Explorer window is minimized. That time the software giant ignored that particular issue. But here they take this one bit seriously; So if you still using the older and affected version of IE, then its time to update your browser, in order to stay safe and secure on the Internet. To update your browser or to access the security fix click Here. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Security Advisory (2794220) Remote Code Execution Vulnerability in Internet Explorer Fixed"https://www.voiceofgreyhat.com/2013/01/Vulnerability-in-Internet-Explorer-Fixed.html</a>

VUPEN Researchers Said: They Have First Zero-Day Exploit for Windows 8 & Internet Explorer 10

VUPEN Researchers Said: They Have First Zero-Day Exploit for Windows 8 & Internet Explorer 10

Everyday the users of Microsoft newly launched and so far most advanced windows operating system, I mean Windows 8 are increasing. But we have to keep in mind the security threats are also increasing in parallel. Recently well known French IT security firm Vupen, also known as controversial bug hunters and exploit sellers claimed to have Zero-day exploit of Windows 8. Experts at Vupen Security took credit of cracking the low-level security enhancements featured in Windows 8, Microsoft's latest operating system. According a tweet made by the official account of Vupen Security said it already has a Windows 8 exploit on offer. "Our first 0day for Win8+IE10 with HiASLR/AntiROP/DEP & Prot Mode sandbox bypass (Flash not needed) is ready for customers. Welcome #Windows8" 

Apparently, the exploit combines several unpatched (0-day) security holes in the new version of Windows and the bundled Internet Explorer 10 browser to inject malicious code into systems via specially crafted web pages. Also VUPEN CEO and head of research Chaouki Bekrar sent out a pair of ominous Tweets yesterday claiming to have developed the first zero-day exploit for Windows 8 and Internet Explorer 10, both released Oct. 26. Bekrar hints the exploit is a sandbox bypass for IE10 with ASLR, DEP and anti-ROP mitigations enabled. “We welcome #Windows8 with various 0Ds combined to pwn all new Win8/IE10 exploit mitigations,” Bekrar wrote. 

The exploit allegedly bypasses all of Windows 8's malware protection features: for example the Address Space Layout Randomization (ASLR) function that Microsoft has extended in the current edition of Windows to cover more system areas and offer improved randomisation. Vupen claims that the exploit also bypasses the Data Execution Prevention (DEP) and ROP features as well as Internet Explorer's sandbox-like Protected Mode. A patch for the exploited holes may not become available in the foreseeable future: Vupen said that it discovered the vulnerabilities itself and doesn't plan to disclose them to Microsoft. The company is only offering its exploit to its paying customers, among them government investigation authorities. Should Microsoft close the holes, the elaborate exploit would significantly decrease in value.

-Source (The-H & threatpost)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">VUPEN Researchers Said: They Have First Zero-Day Exploit for Windows 8 & Internet Explorer 10"https://www.voiceofgreyhat.com/2012/11/VUPEN-Researchers-Have-0Day-Exploit-for-Windows8-IE10.html</a>

Microsoft Released Security Bulletins To Patch 23 Vulnerabilities (Including Internet Explorer, .NET, Silverlight)

Microsoft has released eight security bulletins to address a total of 23 vulnerabilities across a number of its products on its October Patch Tuesday. One update for Internet Explorer alone closes eight critical holes. An update for .NET and Silverlight closes another critical vulnerability that only requires victims to visit a specially crafted web page in order to infect their computers with malicious code. Microsoft says that this hole can also be exploited to compromise a server if an attacker has the ability to upload ASP.NET pages to an Internet Information Server (IIS) and execute them there.
The remaining updates are rated as important by Microsoft; they fix vulnerabilities in the Microsoft Active Accessibility and Windows Media Center components, in the Windows kernel, in the Host Integration Server, in the Windows Ancillary Function Driver and in the Forefront Unified Access Gateway (UAG). Although some of these holes also enable attackers to inject and execute code, they require more user interaction than those in Internet Explorer.
Microsoft has also released further patches to fix vulnerabilities that are based on "binary planting", an attack which involves causing Windows to load DLLs from shared network volumes without a user's permission. As with the previous Patch Tuesday, an updated version of the Microsoft Windows Malicious Software Removal Tool (MSRT) was released at the same time.

-News Source (The H, Microsoft)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Released Security Bulletins To Patch 23 Vulnerabilities (Including Internet Explorer, .NET, Silverlight)"https://www.voiceofgreyhat.com/2011/10/microsoft-released-security-bulletins.html</a>

Windows 8 Consumer Preview & Windows Server 8 Beta By Microsoft (Freely Downloadable)

Microsoft Released Windows 8 Consumer Preview & Windows Server 8 Beta (Freely Downloadable)

A double boom for Windows lovers. Software giant Microsoft has officially released the Consumer Preview Windows 8 & Windows Server 8 Beta.

Windows 8 Consumer Preview :-

The Windows 8 Consumer Preview offers a more robust experience for testing the world's most popular operating system and is available to the widest range of people yet following the initial release of the Windows 8 Developer Preview late last year. The Developer Preview received more than 3 million downloads.

"With Windows 8, we reimagined the different ways people interact with their PC and how to make everything feel like a natural extension of the device, whether using a Windows 8 tablet, laptop or all-in-one," said Steven Sinofsky, president of the Windows and Windows Live Division at Microsoft. "The Windows 8 Consumer Preview brings a no-compromises approach to using your PC."

The test "beta" version of the revamped system was introduced at the Mobile World Congress in Barcelona, the planet's largest cell phone trade show, and borrows some of the look of Microsoft's Windows Phone 7 software for Windows 8. Windows 8 doesn't have the traditional "Start" menu, and applications are spread across a mosaic of tiles in a design Microsoft calls "Metro" -- seen as an attempt by the company as a scramble to preserve its market share. And executives said it powers up on PCs in eight seconds, much faster than the previous version.

What is New In Windows 8 Consumer Preview :-

• Broad range of product changes and improvements. Since the Developer Preview in September, designed to preview the programming platform, Windows 8 has progressed across every dimension. From completing the user experience for touch, keyboard and mouse to refining the development platform, the Consumer Preview improves performance, quality and reliability across all subsystems.

• With the added features, it represents a more complete view of the capabilities of Windows 8. Windows Store with new apps. The Windows 8 Consumer Preview marks the beta opening of the Windows Store, which is filled with a variety of new Metro style apps from both third-party developers and Microsoft. During the Consumer Preview, these apps are available to try and experience at no cost to users. The Windows Store will offer personalised recommendations, and Windows 8 gives users the ability to take their apps and settings with them across multiple PCs, making it easy to discover and try new apps while offering developers the greatest opportunity of any platform.

• Connecting to the cloud across Windows-based PCs and Windows Phone 7. The Windows 8 Consumer Preview offers seamless integration with the content people care about across their Web services. An optional additional sign-on with a Microsoft account provides access to a host of features, including the ability to roam all settings, use cloud storage, communicate with email, calendar and contacts, and connect to a broad range of services. Your connection to the cloud works across your Windows-based PCs and your Windows 7 phones.

• Internet Explorer 10 Platform Preview 5. The best way to experience the Web on Windows is with Internet Explorer 10. The browser has been re-imagined to create a new experience designed specifically for Windows 8 devices. It provides an edge-to-edge user interface that is all about less browser and more Web. Fast and fluid, Internet Explorer is hardware-accelerated to enable Web performance.

• Preview of new hardware capabilities. At the event, Microsoft also showcased Windows 8 running on a wide range of new x86- and ARM-based reference hardware. This hardware will be available to select developers for trial and testing as previously announced.

Additional details can be found on the official website of Microsoft Windows. Also Microsoft makes Windows 8 Consumer Preview is made available for free Download

Windows Server 8 Beta :- 

The beta of Windows Server 8 is now available for IT professionals and software developers around the world to download. In the Windows Server official Blog Bill Laing, Corporate Vice President of Microsoft Corporation Said - In September we introduced Windows Server “8” with a preview to help developers and hardware partners prepare new and existing applications, systems and devices. The response from that community, along with hundreds of customers in our early adopters program, has been incredibly positive. A common theme of feedback has been how broad and deep the new capabilities are. Now is the time for you, IT professionals in organizations of all sizes, to get your hands on this new release, discover the new capabilities and contribute to the development of what we call the cloud-optimized OS.
I’ll highlight in this post just a few examples of new capabilities that you’ll want to explore. With the new Hyper-V we are taking virtualization above and beyond to provide a multi-tenant platform for cloud computing. For example, with Hyper-V Network Virtualization you can create virtual networks so different business units, or even multiple customers, can seamlessly share network infrastructure.  You will be able to move virtual machines and servers around without losing their network assignments. In Windows Server “8” we are delivering high availability and disaster recovery through software technology on much more cost effective hardware. For example, with File Server Transparent Failover you can now more easily perform hardware or software maintenance of nodes in a File Server cluster by moving file shares between nodes with little interruption to server applications that are storing data on those file shares. We’re also delivering a tremendous amount of new capabilities for multi-machine management and automation. You will want to explore the dramatic new improvements to Server Manager, as well as the new Windows PowerShell. With 2,300 commandlets provided out of the box, Windows PowerShell allows you to automate everything you can do manually with the user interface. And, with technologies like Intellisense, we’ve made it very easy for you to master all of that power. Additionally, Windows Server “8” provides a powerful server application platform that enables you to develop and host the most demanding of application workloads. For example, with .NET Framework 4.5 you can take advantage of new asynch language and library support to build server and web applications that scale far beyond what other platforms provide. Our new IIS 8 web server provides better security isolation and resource sand-boxing between applications, native support for web sockets, and the ability to host significantly more sites on a server.

For Additional Information & To Download Windows Server 8 Beta Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Windows 8 Consumer Preview & Windows Server 8 Beta By Microsoft (Freely Downloadable)"https://www.voiceofgreyhat.com/2012/03/windows-8-consumer-preview-windows.html</a>

Microsoft Plugs Internet Explorer Security Hole (Which was Exposed in A Contest)

Microsoft last week patched the last vulnerability in Internet Explorer (IE) used by a researcher in March to win $15,000 at the
The company had patched IE twice before to quash bugs exploited by Stephen Fewer of Harmony Security to bring down IE8 on Windows 7 at Pwn2Own. For his efforts, Fewer was awarded a cash prize of $15,000 and a Sony notebook.

Microsoft internet explorer Fewer chained three exploits , each for a different vulnerability, to bypass IE's sandbox, called "Protected Mode," and compromise IE8. Pwn2Own sponsor HP Tipping Point called the feat "impressive" at the time.
Microsoft patched the third IE bug in a multiple-flaw update to its browser, part of a 13-bulletin collection .
Although Microsoft credited Fewer in the MS11-057 bulletin for reporting the third vulnerability, it said the bug wasn't a security flaw. "Yes, this update addresses a Protected Mode bypass issue, publicly referenced as CVE-2011-1347," Microsoft said in response to an FAQ query, "Does this update contain any non-security related changes to functionality?"
At Pwn2Own, Fewer used the bypass bug to escape Protected Mode so he could circumvent the browser's sandbox, which allowed him to add a file to the machine, a task that mimicked a hacker's insertion of malware.

Fewer confirmed that last week's IE update fixed the final flaw he used at Pwn2Own.
"Yes MS11-057 patches the final bug, the protected mode bypass, that I used in my Pwn2Own exploit, the other two being a use-after-free which was patched in MS11-018 and an information leak patched in MS11-050," Fewer said today in an email reply to questions.

Earlier Flaws Addressed

MS11-018 and MS11-050 were the designations of the April and June bulletins, respectively, that patched the two other vulnerabilities he reported to Microsoft via Tipping Point's bug bounty program.
According to Aaron Portnoy, manager of TippingPoint security research team and the company's Pwn2Own organizer, Tuesday's IE update wraps up patching for the 2011 contest.
During Pwn2Own, Microsoft said that IE9, the browser that launched shortly after Fewer's hack, did not contain the bugs he exploited.
Including Tuesday's update, IE9 has been patched twice since its March launch. Of the August bugs Microsoft acknowledged as security issues, one was reported by Fewer.
"Yes, I have been doing some research into IE9 and actually my first IE9 vulnerability was also patched this Tuesday as part of MS11-057," Fewer said, referring to a separate bug he was credited with this week.
That flaw, dubbed "CVE-2011-1964," was reported via TippingPoint to Microsoft in May, and was ranked critical for IE9 when run on Vista or Windows 7.
Fewer wouldn't commit to taking on IE9 at next year's Pwn2Own, but he left the door open to a repeat performance. "I don't have any plans as of yet for next year's competition, but if I have a few new bugs handy closer to the time, who knows?"
August's security updates, including MS11-057 for IE, can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services.

-News Source (PC-World)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Plugs Internet Explorer Security Hole (Which was Exposed in A Contest)"https://www.voiceofgreyhat.com/2011/08/microsoft-plugs-internet-explorer.html</a>

Adobe Patches Multiple Security Holes in Adobe Flash Player & AIR (CVE-2012-5274 to 5280)

Critical Buffer Overflow, Memory Corruption & Security bypass Vulnerability in Adobe Flash Player & AIR Patched

Adobe- American multinational computer software company has released new versions of its Flash Player to eliminate a number of critical vulnerabilities  in Flash Player that could lead to system crashes or remote attackers controlling computers running compromised software. All the flaws were discovered by members of the Google Security Team are associated with several CVE numbers; CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5280 are buffer overflows, CVE-2012-5279 is a memory corruption issue and CVE-2012-5278 is a security bypass; all of which are listed as potentially allowing an attacker to inject malicious code into the system. Google said it will update Flash Player installed with Google Chrome, and Microsoft will do the same with Internet Explorer 10. In the security bulletin Adobe said that it has released security updates for Adobe Flash Player 11.4.402.287 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.243 and earlier versions for Linux, Adobe Flash Player 11.1.115.20 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.19 and earlier versions for Android 3.x and 2.x. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system. 

Adobe recommends users update their product installations to the latest versions:-

• Users of Adobe Flash Player 11.4.402.287 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 11.5.502.110.
• Users of Adobe Flash Player 11.2.202.243 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.251.
• Flash Player installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 11.5.31.2 for Windows, Macintosh and Linux.
• Flash Player installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 11.3.376.12 for Windows.
• Users of Adobe Flash Player 11.1.115.20 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.27.
• Users of Adobe Flash Player 11.1.111.19 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.24.
• Users of Adobe AIR 3.4.0.2710 and earlier versions for Windows and Macintosh, SDK (including AIR for iOS) and Android should update to Adobe AIR 3.5.0.600.

AFFECTED SOFTWARE VERSIONS:- 

• Adobe Flash Player 11.4.402.287 and earlier versions for Windows and Macintosh
• Adobe Flash Player 11.2.202.243 and earlier versions for Linux
• Adobe Flash Player 11.1.115.20 and earlier versions for Android 4.x
• Adobe Flash Player 11.1.111.19 and earlier versions for Android 3.x and 2.x
• Adobe AIR 3.4.0.2710 and earlier versions for Windows and Macintosh, SDK (includes AIR for iOS) and Android

To verify the version of Adobe Flash Player installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system. To verify the version of Adobe Flash Player for Android, go to Settings > Applications > Manage Applications > Adobe Flash Player x.x.  To verify the version of Adobe AIR installed on your system, follow the instructions in the Adobe AIR TechNote. Adobe also recommended its Adobe AIR users to update  to 3.5.0.600.
While talking about security patches in Adobe product, we want to give to reminder that just couple of weeks ago Adobe also plugged buffer overflow vulnerability in its Shockwave Player. Also in late September, Adobe disclosed that it had been attacked and hackers were using a valid Adobe certificate to sign two malicious utilities used most often in targeted attacks. Adobe revoked the certificate Oct. 4.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Adobe Patches Multiple Security Holes in Adobe Flash Player & AIR (CVE-2012-5274 to 5280)"https://www.voiceofgreyhat.com/2012/11/Adobe-Patches-Security-Holes-in-Flash-Player-AIR.html</a>

Unpatched DLL bugs let hackers exploit Windows 7 and IE9

Although Microsoft has patched multiple DLL load hijacking vulnerabilities since last summer, Windows and Internet Explorer 9 (IE9) can still be exploited, a security company warned today.

Microsoft confirmed that it's investigating the claims by Slovenia-based Acros Security.

Researchers from Acros will demonstrate the new attacks at the Hack in the Box security conference in Amsterdam later this month.

"We'll reveal how IE8 and IE9 can be used on Windows 7, Vista and XP for attacking users without any security warnings, even in 'Protected mode,' and how to remotely make many seemingly-safe applications, for example, Word 2010 and PowerPoint 2010, vulnerable," said Acros CEO Mitja Kolsek in a Friday email.

The attack class called "DLL load hijacking" by some, but dubbed "binary planting" by Acros, jumped into public view last August when HD Moore, the creator of the Metasploit penetration hacking toolkit and chief security officer at Rapid7, found dozens of vulnerable Windows applications. Moore's report was followed by others, including several from Kolsek and Acros.

Many Windows applications don't call DLLs using a full path name, but instead use only the filename, giving hackers a way to trick an application into loading a malicious file with the same title as a required DLL. If attackers can dupe users into visiting malicious Web sites or remote shared folders, or get them to plug in a USB drive -- and in some cases con them into opening a file -- they can hijack a PC and plant malware on it.

Since Moore's original report, Microsoft has issued 13 DLL load hijacking-related updates stretching from November 2009 to last month, when it patched a pair in Office and Visual Studio as part of a massive 64-fix update.

But the Redmond, Wash. developer has not closed all the holes in its software, said Kolsek today.

In a blog post, Kolsek outlined still-available DLL load hijacking attack vectors, including one that works against any copy of Windows XP, another that can be used to compromise PCs running the newer Vista or Windows 7 operating systems, and a third that can be exploited through Internet Explorer 9 (IE9), Microsoft's eight-week-old browser.

At Hack in the Box, Kolsek intends to demonstrate exploits of DLL load hijacking bugs in Windows using malicious Word 2010 and PowerPoint 2010 documents, and against IE9.

The IE9 attack works even on Windows 7, where the browser runs in a "sandbox" of sorts, an anti-exploit technology designed to block hackers from infecting a PC. "[The attack works] against Internet Explorer 9 in protected mode on Windows 7 ... without any suspicious double-clicks or security warnings," Kolsek wrote on the Acros blog.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Unpatched DLL bugs let hackers exploit Windows 7 and IE9"https://www.voiceofgreyhat.com/2011/05/unpatched-dll-bugs-let-hackers-exploit.html</a>

Internet Explorer & Firefox Also Became Victim To Hackers At Pwn2Own

Internet Explorer (IE 9) & Firefox 10.0.2 Also Became Victim To Hackers At Pwn2Own

At Pwn2Own contest the web-browsers are getting hacked in a series. First it was the turn of Google Chrome where Sergey Glazunov, a Russian security researcher has earned $60,000 by demonstrating how he could waltz past the security sandbox in Google's Chrome browser to run unauthorized code on fully-patched Windows 7 computers. Then the time came for Microsoft's Internet Explorer. A team from a French security firm managed to hack IE 9 on a fully patched Windows 7 SP1 machine. The group from Paris-based Vupen Security brought down IE9 running on Windows 7 by exploiting a pair of previously-unknown "zero-day" bugs that bypassed the operating system's defensive technologies to execute attack code, allowing that code to escape from IE's "Protected Mode," the browser's limited-rights anti-exploit system. They managed to bypass the browser's DEP and ASLR protection with a 0-day heap overflow vulnerability, and then used a separate memory corruption bug to break out of its Protected Mode, which is effectively a sandbox. According to VUPEN founder Chaouki Bekrar, these particular flows have existed in previous incarnations of the browser - all the way back to IE 6 - and will very likely work on the upcoming IE 10.

Then the turn of Firefox came. Mozilla’s Firefox is the latest browser to fall victim to hackers at this year’s Pwn2Own hacker contest. Two researchers working together – Willem Pinckaers and Vincenzo Iozzo — exploited a single zero-day vulnerability in the latest Firefox 10.0.2 on a fully patched Windows 7 SP1 PC to cart off a $30,000 cash prize.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Internet Explorer & Firefox Also Became Victim To Hackers At Pwn2Own"https://www.voiceofgreyhat.com/2012/03/internet-explorer-firefox-also-became.html</a>

Internet Explorer 10 Will Support Do Not Track (DNT) By Default in Windows 8

Internet Explorer 10 Will Support Do Not Track (DNT) By Default in Windows 8

Browser war continues and as a result here come another twist, that is in its recent Windows 8, I mean on Release Preview software giant Microsoft has announced that Internet Explorer 10 will have “Do Not Track” (DNT) on by default. IE 10 will be the first web browser with a Do Not Track feature that's on by default. In their official blog release MS said Consumers can change this setting, but the default will be to send the DNT signal to websites that consumers visit. 

According to Microsoft's Chief Privacy Officer Brendon Lynch - "We've made today’s decision because we believe in putting people first. We believe that consumers should have more control over how information about their online behavior is tracked, shared and used. Consumers should be empowered to make an informed choice and, for these reasons, we believe that for IE10 in Windows 8, a privacy-by-default state for online behavioral advertising is the right approach..." Later he added "We are engaged with the W3C, as we are with many international standards bodies. While we respect the W3C's perspective, we believe that a standard should support a privacy by default choice for consumers"
The company also pointed to minutes from the W3C group working on the draft specs, in which the group's co-chairwoman said: "It will be quite a while before we have a final recommendation with which to comply or not. 

"Do Not Track" is a tool that allows browser users to restrict advertisers from collecting information about their online Web activities. It has the backing of the U.S. Federal Trade Commission. Browsers with "Do Not Track" turned on don't block cookies but send a message to advertisers that the user does not want to be tracked. Companies voluntarily decide whether to comply with "Do Not Track," much as they currently decide whether to comply with the "Do Not Call" registry. Microsoft's announcement that it would turn on "Do Not Track" by default in IE10 angered advertisers. "The Digital Advertising Alliance, a coalition that counts Microsoft as a member, said that the decision ran counter to the industry's agreement with the White House announced earlier this year to honor 'do not track' as long as it is not a default setting," many international standards bodies.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Internet Explorer 10 Will Support Do Not Track (DNT) By Default in Windows 8"https://www.voiceofgreyhat.com/2012/06/internet-explorer-10-will-support-do.html</a>

Firefox 4 vs. Internet Explorer 9: Which is Safer???

The app frenzy is firing the browser wars and accelerating the need for browser development and updates. Chrome seems to update daily, Firefox is getting faster in response and Microsoft is talking IE 10 just IE9 gets fully out of the gate.
Because of the constant changes, it's hard to truly evaluate any given browser on any given day. Even so, there are certain key elements that distinguish one browser from another in terms of security. Here's how two of them, Firefox 4 and Internet Explorer 9, measure up:


Firefox 4
Firefox 4 is packed with security features aimed at resolving common, but difficult-to-avoid attacks such as cross site scripting (XSS), redirects from secure HTTPS webpages to plain old HTTP, and click-jacking.


Firefox 4 uses Content Security Policy (CSP) to quickly identify and block XSS attempts by simply using the server headers to tell it what kind of content to expect and, therefore, which content to block based on its lack of adherence to the server's own CSP.
This beats the heck out of comparing strings from browser and server in the remote hope of preventing XSS. Not only is the string approach akin to matching needles in thousands of remote haystacks, when it did deliver a finding, that finding was usually wrong. Developers often turned off such attempts, as found in IE 8's X-XSS-protection, out of sheer frustration.


However, CSP, though far more efficient, can also give a false positive reading if the website developer fails to sufficiently cover all the features with its policy. Still, CSP beats the string approach hands-down.


Other improvements are equally attractive from a harder to track user-agent header to a do-not-track feature that requires a simple opt-in to enable. However, the do not track feature works on an honor system: the site is notified of your desire for privacy but they don't have to comply with your request.


The strict transport security (STS) feature allows the user to force an HTTPS connection to user chosen sites. For example, the user can force an HTTPS connection-only to Facebook or other social sites thereby avoiding SSL strip attacks on those pages.
Firefox 4 also hides visited links from a hacker. The user still sees a visited link change color but the hacker doesn't. The CSS tweak hides your link viewing in the browser history from prying eyes.



Internet Explorer 9 (IE9)
IE9, says Microsoft, blocked 99 percent of socially engineered malware attacks. If the claim is true, then that's five times more than Firefox. However, both Mozilla and Google contest the interpretation as a definitive competitive edge for IE9 since the type of malware the finding applies to is not a common threat.


It is important to remember too that IE is targeted more often than Firefox simply because of economies of scale. The bad guys know that even people who use Firefox or Chrome often also have IE on their computer and use it at least occasionally. Therefore it makes tons of economic sense for hackers to target it over the competition.


In any case, IE9 is a significant upgrade from previous versions. It appears to run faster too, which is helpful.


Active X can be easily filtered and the user can choose to block or proceed accordingly.
Tracking protection is a new feature that enables users to control what they share. The Tracking Protection List, published by partners PrivacyChoice, TRUSTe, Abine and Adblock Plus, notifies companies if users don't want to be followed. However, just like with FireFox 4, the do not track feature works on an honor system; the site is notified of your desire for privacy but they don't have to comply with your request.
The download manager has an integrated SmartScreen malware protection feature. The Smartscreen Application Reputation cuts down on the aggravation factor as much as it does on security threats. It greatly reduces the number of warning prompts by dropping them entirely from frequently visited sites and warns only when the likelihood of malware is high. The "pinning" feature also helps as it allows users to "pin" frequently-visited and trusted sites to the browser toolbar, which then runs them in their own session. The pinning feature helps prevent HTTPS to HTTP redirects.
IE9 also has improved memory protection to prevent hackers from exploiting memory related vulnerabilities in the browser or any of its add-ons.
And the winner is ...
The consumer!


As of this point, security is no longer a major deciding factor in which browser you should use since both have seriously beefed-up protection. Not that you're totally safe from hackers, but at least these two browsers have finally bolted the doors and locked the windows.


A prolific and versatile writer, Pam Baker's published credits include numerous articles in leading publications including, but not limited to: Institutional Investor magazine, CIO.com, NetworkWorld, ComputerWorld, IT World, Linux World, Internet News, E-Commerce Times, LinuxInsider, CIO Today Magazine, NPTech News (nonprofits), MedTech Journal, I Six Sigma magazine, Computer Sweden, NY Times, and Knight-Ridder/McClatchy newspapers. She has also authored several analytical studies on technology and eight books. Baker also wrote and produced an award-winning documentary on paper-making. She is a member of the National Press Club (NPC), Society of Professional Journalists (SPJ), and the Internet Press Guild (IPG).

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Firefox 4 vs. Internet Explorer 9: Which is Safer???"https://www.voiceofgreyhat.com/2011/05/firefox-4-vs-internet-explorer-9-which.html</a>

NSS Said : IE9 Blocks Virtually all Socially Engineered Malware, Rather Than Other Browsers

A study prepared by NSS Labs concludes that Microsoft's Internet Explorer 9 blocks virtually all socially engineered malware, far more than rival browsers.
The study was designed to examine one aspect of security: how a browser handled a malicious URL, such as one received in a posting on a social network or an email. The NSS goal was to find the browser which identified, warned, and/or blocked malicious URLs from being viewed by the user.
As it did in 2010, Microsoft's IE9 with Smart Screen URL detection and Application Reputation topped the field, blocking 99.2 percent of all malicious emails. Google's Chrome 12 finished far behind, blocking 13.2 percent of all malicious URLs. Apple's Safari 5 and Mozilla Firefox 4 tied at 7.4 percent, with Opera 11 finishing dead last at 6.1 percent.

 

The NSS Labs study showed that, globally, all of the browsers tested showed improvement over an NSS study performed last year, with two exceptions: Safari and Mozilla's Firefox. A year ago, Microsoft IE9 blocked 99 percent of the malicious URLs, followed by Chrome 6 (3%), Safari 5 (11%), Firefox 3.6.15 (19%), and Opera 10 (0%).
NSS attributed Microsoft's success to its Application Reputation technology, which has attempted to categorize applications across the Internet.
"The significance of Microsoft's new application reputation technology cannot be overstated," the NSS report found. "Application reputation is the first attempt by any vendor to create a definitive list of every application on the Internet. This new capability helps users discern malware, and potentially unsafe software from actual good software. The list is dynamically created and maintained, much the same way Google, (or Bing) is continuously building and maintaining a library of content for search purposes."
The NSS tests sliced the potential for malware along one specific axis, socially engineered malware, a distinction Google objected to during the 2010 tests. ""Google Chrome was built with security in mind from the beginning and emphasizes protection of users from drive-by downloads and plug-in vulnerabilities," a spokeswoman said then.
NSS also found that the combination of SmartScreen and Application Reputation means that IE9 blocked new malware in just over half and hour, while Safari 5 and Firefox 4 required 4.91 and 6.07 hours, on average, to detect a new malicious URL. Chrome 12 and Opera 11, by contrast, required 17.7 and 18.4 hours, respectively. Over time, as the malicious URLs changed in response to detection, the browsers maintained their level of protection fairly consistently, NSS found.
"Not only has the effectiveness of the technology improved, but so has the speed at which it is able to identify socially engineered malware," Roger Capriotta, director of Internet Explorer product marketing, wrote in a blog post Monday. "For our Windows customers, this means fewer infections and headaches for you."
In its report, NSS said its findings were independent, and that it had not received funding from any vendor. 

-News Source (PC Mag)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">NSS Said : IE9 Blocks Virtually all Socially Engineered Malware, Rather Than Other Browsers"https://www.voiceofgreyhat.com/2011/08/nss-said-ie9-blocks-virtually-all.html</a>

Every 14 Programs Downloaded by Windows Users Turns out to be Malicious

The next time a website says to download new software to view a movie or fix a problem, think twice. There's a pretty good chance that the program is malicious.
In fact, about one out of every 14 programs downloaded by Windows users turns out to be malicious, Microsoft said Tuesday. And even though Microsoft has a feature in its Internet Explorer browser designed to steer users away from unknown and potentially untrustworthy software, about 5 percent of users ignore the warnings and download malicious Trojan horse programs anyway.
Five years ago, it was pretty easy for criminals to sneak their code onto computers. There were plenty of browser bugs, and many users weren't very good at patching. But since then, the cat-and-mouse game of Internet security has evolved: Browsers have become more secure, and software makers can quickly and automatically push out patches when there's a known problem.
So increasingly, instead of hacking the browsers themselves, the bad guys try to hack the people using them. It's called social engineering, and it's a big problem these days. "The attackers have figured out that it's not that hard to get users to download Trojans," said Alex Stamos, a founding partner with Isec Partners, a security consultancy that's often called in to clean up the mess after companies have been hacked.
Social engineering is how the Koobface virus spreads on Facebook. Users get a message from a friend telling them to go and view a video. When they click on the link, they're then told that they need to download some sort of video playing software in order to watch. That software is actually a malicious program.
Social-engineering hackers also try to infect victims by hacking into Web pages and popping up fake antivirus warnings designed to look like messages from the operating system. Download these and you're infected. The criminals also use spam to send Trojans, and they will trick search engines into linking to malicious websites that look like they have interesting stories or video about hot news such as the royal wedding or the death of Osama bin Laden.
"The attackers are very opportunistic, and they latch onto any event that might be used to lure people," said Joshua Talbot, a manager with Symantec Security Response. When Symantec tracked the 50 most common malicious programs last year, it found that 56 percent of all attacks included Trojan horse programs.
In enterprises, a social-engineering technique called spearphishing is a serious problem. In spearphishing, the criminals take the time to figure out who they're attacking, and then they create a specially crafted program or a maliciously encoded document that the victim is likely to want to open -- materials from a conference they've attended or a planning document from an organization that they do business with.

With its new SmartScreen Filter Application Reputation screening, introduced in IE 9, Internet Explorer provides a first line of defense against Trojan horse programs, including Trojans sent in spearphishing attacks.
IE also warns users when they're being tricked into visiting malicious websites, another way that social-engineering hackers can infect computer users. In the past two years, IE's SmartScreen has blocked more than 1.5 billion Web and download attacks, according to Jeb Haber, program manager lead for SmartScreen.
Haber agreed that better browser protection is pushing the criminals into social engineering, especially over the past two years. "You're just seeing an explosion in direct attacks on users with social engineering," he said. "We were really surprised by the volumes. The volumes have been crazy."
When the SmartScreen warning pops up to tell users that they're about to run a potentially harmful program, the odds are between 25 percent and 70 percent that the program will actually be malicious, Haber said. A typical user will only see a couple of these warnings each year, so it's best to take them very seriously.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Every 14 Programs Downloaded by Windows Users Turns out to be Malicious"https://www.voiceofgreyhat.com/2011/05/every-14-programs-downloaded-by-windows.html</a>

Pwn2Own 2013 Result: Chrome, Firefox, IE, Adobe Reader, Flash & Java Owned

Pwn2Own 2013 Result: Chrome, Firefox, IE, Adobe Reader, Flash & Java Owned Only Safari Survived 

Couple of months ago we have talked about 'Pwn2Own 2013' hacking contest sponsored by HP TippingPoint, ZDI and Google where the most famous and widely used browsers have to face challenges. Now the result of this long awaited security competition has came which is showing that the entire browser security landscape can change in a single day, as browsers thought to be secure are proven to be otherwise. Of the Big Four browsers, only Apple's Safari has so far survived the onslaught of the browser-breakers where Chrome, Internet Explorer 10 and Firefox all fell to the mercy of the hackers. Not only browsers but also three other popular applications that is Adobe Reader, Flash Player and yet again Java fallen victim to hackers at 'Pwn2Own'. And for Java it was a true disaster as Java fell three times, though under the contest rules, only the first attacker was due to win the $20,000 prize. Vupen, a renowned security research firm based in France, cracked both Firefox and Internet Explorer. It roughly explained the attack in a tweet, “We’ve pwned Firefox using a use-after-free and a brand new technique to bypass ASLR/DEP on Win7 without the need of any ROP.” This bug hint leads them winning $100,000 for finding a huge hole. Again in a tweet, Security firm Vupen explained “We’ve pwned MS Surface Pro with two IE10 zero-days to achieve a full Windows 8 compromise with sandbox bypass.” Lastly, U.K.-based security firm MWR Labs cracked Chrome and also gained full control of the operating system, this time Windows 7. It also “demonstrated a full sandbox bypass exploit.” The company explained in a blog post that it found a zero-day in Chrome “running on a modern Windows-based laptop.” It was able to exploit the vulnerability by performing a very similar attack to what took down Facebook, Microsoft, and a number of other well-known companies: It had the laptop visit a malicious website. 

Now lets take look at the final score board of Pwn2Own 2013:

Wednesday:
1:30 - Java (James Forshaw) PWNED
2:30 - Java (Joshua Drake) PWNED
3:30 - IE 10 (VUPEN Security) PWNED
4:30 - Chrome (Nils & Jon) PWNED
5:30 - Firefox (VUPEN Security) PWNED
5:31 - Java (VUPEN Security) PWNED

Thursday:
12pm - Flash (VUPEN Security) PWNED
1pm - Adobe Reader (George Hotz) PWNED
2pm - Java (Ben Murphy via proxy) PWNED

The total damage to the prize fund comes out at a whopping $480k. With HP's announcement that everyone will get paid for each attack, the prize monies will be divvied up as follows:-

1. James Forshaw: Java = $20K
2. Joshua Drake: Java = $20k
3. VUPEN Security: IE10 + Firefox + Java + Flash = $250k
4. Nils & Jon: Chrome = $100k
5. George Hotz: Adobe Reader = $70k
6. Ben Murphy: Java = $20k

As you all know that the main motive of these contest is to make applications, software more safe and secure while figuring out hidden vulnerabilities  Here also for Pwn2Own the security holes figured out by the above experts have already been submitted and taken carefully by those organization  along with that, the expected patch for the browsers have already been released. Those who are still using the older version of those above applications are requested to update their system. So, stay tuned with VOGH and be safe on the Internet. 

-Source (HP, Naked Security) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Pwn2Own 2013 Result: Chrome, Firefox, IE, Adobe Reader, Flash & Java Owned"https://www.voiceofgreyhat.com/2013/03/Pwn2Own-2013-Result.html</a>