Microsoft Security Bulletin (March 2012) Closed Critical RDP Security Hole

Microsoft Security Bulletin (March 2012) Closed Critical RDP Security Hole 

Microsoft released March 2012 Security bulletins to close a total of seven security holes in its products. Among them one Critical-class, four Important and one Moderate – addressing seven issues in Microsoft Windows, Visual Studio, and Expression Design. According to Microsoft (MS12-020) remote code execution vulnerability has been found in RDP (Remote Desktop Protocol).

The first of these is a "critical-class" issue in RDP that could be exploited by an attacker to remotely execute arbitrary code on a victim's system. Although RDP is disabled by default, many users enable it so they can administer their systems remotely within their organizations or over the Internet. All supported versions of Windows from Windows XP Service Pack 3 to Windows 7 Service Pack 1 and Windows Server 2008 R2 are affected. As the issue was reported to company by the Zero Day Initiative (ZDI), Microsoft says that it has yet to see any active attacks exploiting these in the wild, but warns that, "due to the attractiveness of this vulnerability to attackers", it anticipates "that an exploit for code execution will be developed in the next 30 days". Because of this it recommends that installing the updates should be made a priority. 

Microsoft has also provided a workaround and a no-reboot "Fix it" tool that enables Network-Level Authentication (NLA) to mitigate the problem. A second "moderate-class" denial-of-service (DoS) which can cripple an RDP server was also fixed.

A brief overview of all of these updates, including descriptions about each of the vulnerabilities, can be found in Microsoft's Security Bulletin Summary for March 2012.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Security Bulletin (March 2012) Closed Critical RDP Security Hole"https://www.voiceofgreyhat.com/2012/03/microsoft-security-bulletin-march-2012.html</a>

Windows RDP Exploit Can Give You A Reward of $1,500 From Open-source Community

Windows RDP Exploit Can Give You A Reward of $1,500 From Open-source Community 

Yesterday Microsoft released March 2012 Security bulletins to close a total of seven security holes in its products. Among them one Critical-class, four Important and one Moderate – addressing seven issues in Microsoft Windows, Visual Studio, and Expression Design. According to Microsoft (MS12-020) remote code execution vulnerability has been found in RDP (Remote Desktop Protocol).

Tuesday has sparked some greed. Both Black and White Hats are currently trying to develop an exploit that could remotely compromise an unpatched Windows system – as long as the RDP (Remote Desktop Protocol) server is active on the target system and accessible over the web. On the hacker job site gun.io, a reward of about $1,500 has even been offered for a Metasploit module that can be used to exploit the vulnerability. If someone wants to claim the reward, they will have to release the Metasploit module under an open source licence and make it available to the public. Also  GitHub, offering a reward of around $1,500 for functional code that exploits the Windows RDP flaw. The goal, according to founder Rich Jones, is to “advance the culture of independent software development.”

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Windows RDP Exploit Can Give You A Reward of $1,500 From Open-source Community"https://www.voiceofgreyhat.com/2012/03/windows-rdp-exploit-can-give-you-reward.html</a>

Microsoft Security Bulletin (June 2012) Closed Security Hole in RDP, IE,Certificate Tool & .NET

Microsoft Security Bulletin (June 2012) Closed Security Hole in RDP, IE,Certificate Tool & .NET

Microsoft released June 2012 Security bulletin to close a total of 27 security holes in its products, among them 13 in Internet Explorer. The rest of the patches affect all currently supported Windows versions, the .NET Framework, Remote Desktop, Lync, Windows Kernel and Dynamics AX. The company separately announced changes to its automatic updater to block untrusted security certificates. Microsoft updated the updater tool after researchers uncovered how the Flame malware had gamed the process. The most important updates are bundled in the cumulative Internet Explorer patch (MS12-037), which includes fixes for the holes that were targeted by Pwn2Own exploits. Another urgent update is MS12-036, which concerns denial of service and remote code execution vulnerabilities in the Remote Desktop features built into all supported versions of Windows. The third critical update affects the .NET Framework (MS12-038). The remaining 4 updates are rated "important" by Microsoft and close code execution bugs in Lync and privilege escalation holes in Dynamics AX and Windows.

Through this security bulletin Microsoft released an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Server Update Services (WSUS), Windows Update (WU), and the Download Center.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Security Bulletin (June 2012) Closed Security Hole in RDP, IE,Certificate Tool & .NET"https://www.voiceofgreyhat.com/2012/06/microsoft-security-bulletin-june-2012.html</a>

(LPS) Lightweight Portable Security

Lightweight Portable Security (LPS) creates a secure end node from trusted media on almost any Intel-based computer (PC or Mac). It is a LiveCD distro designed by the US Department of Defense to function as a secure end node, in other words, a safe environment from which to access the web or a remote desktop host. Since the focus is on security, LPS boots a thin Linux operating system from a CD or USB flash stick without mounting a local hard drive, while providing tools such as a web browser, a file manager in addition to few other small tools. Administrator privileges are not required; nothing is installed! LPS-Public is a safer, general-purpose solution for using web-based applications. The accredited LPS-Remote Access is only for accessing your organization’s private network and is available only on request. We requested for one and are yet to hear back from “them”.

This livecd is very useful for not for whole organisation but some departments whose employees are on the move or carry critical data in and out of the organisation. In fact there are two version of the lightweight portable securityFREE download. Their brief use is as follows: linux distro available for a

1. LPS-Public: It includes features designed to allow productive use of the Internet and CAC- or PIV-restricted Government websites from home or while traveling. LPS-Public comes preconfigured with a smart card-enabled Firefox web browser with Java and Flash support, Encryption Wizard-Public, a PDF viewer, a file browser, remote desktop software (Citrix, Microsoft or VMware View), SSH client, and the ability to use USB flash drives. This build does not contain any For Official Use Only (FOUO) material or any customized software. It is a very light distro and needs lesser RAM.
2. LPS-Public Deluxe: It adds OpenOffice software, which is a Microsoft Office-compatible suite of office applications, and Adobe Reader, which allows PDF files to be digitally signed. A bit heavier distribution, requiring about a Gigahertz of RAM.

LPS-Public allows general web browsing and connecting to remote networks. It includes a smart card-enabled Firefox browser supporting CAC and PIV cards, a PDF and text viewer, Java, and Encryption Wizard – Public. LPS-Public turns an untrusted system (such as a home computer) into a trusted network client. No trace of work activity (or malware) can be written to the local computer. Our initial working with the linux distro leads us to believe that after logon, you are taken to a desktop that is rendered via IceWM – the window manager for the X Window Systems. You can use a WiFi connection too, but understandably, there is no support for printers and sound. Surprisingly, given the notoriety the Adobe Flash plugins, the distro includes a fairly recent Firefox with the Flash plugin pre-loaded. It also includes a few more Firefox add-ons. You also get a Remote Desktop client to initiate RDP requests. Another interesting thing we observed is that if you plan on using smart cards and you think that it might not be compatible with LPS, worry not as it has the OEM’s firmware updater built in!

Features of LPS

1. LPS differs from traditional operating systems in that it isn’t continually patched.
2. LPS is designed to run from read-only media and without any persistent storage.
3. Any malware that might infect a computer can only run within that session.
4. A user can improve security by rebooting between sessions, or when about to undertake a sensitive transaction.

Download LPS from the following links:-

LPS-Public:

1. LPS-Public ISO version 1.2.2 (LPS-1.2.2_public.iso) here.
2. LPS-Public ZIP version 1.2.2 (LPS-1.2.2_public_iso.zip) here.

LPS-Public Delux:

1. LPS-Public Delux ISO version 1.2.2 (LPS-1.2.2_public_deluxe.iso) here
2. LPS-Public Delux ZIP version 1.2.2 (LPS-1.2.2_public_deluxe_iso.zip) here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">(LPS) Lightweight Portable Security"https://www.voiceofgreyhat.com/2011/07/lps-lightweight-portable-security.html</a>

"April Patch" By Microsoft & Adobe Closed Critical Security Holes

"April Patch" By Microsoft & Adobe Closed Critical Security Holes

As per schedule two software giants Microsoft and Adobe today each issued security bulletin to plug security holes in their vulnerable products. The patch batch from Microsoft fixes at least 11 flaws in Windows, Internet Explorer (IE), Office and several other products, including one bug that attackers are already exploiting. The company also issued the first patch for Windows 8 Consumer Preview, the beta-like build Microsoft released at the end of February. Adobe’s update tackles four vulnerabilities that are present in current versions of Adobe Acrobat and Reader. 

Seven of the 11 bugs Microsoft fixed with today’s release earned its most serious “critical” rating, which Microsoft assigns to flaws that it believes attackers or malware could leverage to break into systems without any help from users. In its security bulletin summary for April 2012. Among those is an interesting weakness (MS12-024) in the way that Windows handles signed portable executable (PE) files. According to Symantec, this flaw is interesting because it lets attackers modify signed PE files undetected. Microsoft said that this patch the highest priority security update this month. “What makes this bulletin stand out is that Microsoft is aware of attacks in the wild against it and it affects an unsually wide-range of Microsoft products, including Office 2003 through 2010 on Windows, SQL Server 2000 through 2008 R2, BizTalk Server 2002, Commerce Server 2002 through 2009 R2, Visual FoxPro 8 and Visual Basic 6 Runtime,” Kandek said. “Attackers have been embedding the exploit for the underlying vulnerability (CVE-2012-0158) into an RTF document and enticing the target into opening the file, most commonly by attaching it to an e-mail. Another possible vector is through web browsing, but the component can potentially be attacked through any of the mentioned applications.” Other notable fixes from Microsoft this month include a .NETupdate, and a patch for at least five Internet Explorer flaws. Patches are available for all supported versions of Windows, and available through Windows Update. In March 2012 Security bulletins Microsoft closed a total of seven security holes in its products. Among them one Critical-class, four Important and one Moderate – addressing seven issues in Microsoft Windows, Visual Studio, and Expression Design. According to Microsoft (MS12-020) remote code execution vulnerability has been found in RDP (Remote Desktop Protocol).

After Microsoft here comes the turn for Adobe &  they updates fix critical problems in Acrobat and Reader on all supported platforms, including Windows, Mac OS X, and Linux. Users on Windows and Mac can use each products’ built-in update mechanism. The newest, patched version of both Acrobat and Reader is v. 10.1.3 for Windows and Mac systems. The default configuration is set to run automatic update checks on a regular schedule, but update checks can be manually activated by choosing Help > Check for Updates. Reader users who prefer direct links to the latest version can find them by clicking the appropriate OS, Windows, Mac or Linux (v. 9.5.1).

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">"April Patch" By Microsoft & Adobe Closed Critical Security Holes"https://www.voiceofgreyhat.com/2012/04/april-patch-by-microsoft-adobe-closed.html</a>

Cain & Abel v4.9.43! (Network Sniffer & Password Recovery Tool)

Earlier we have talked about Cain & Abel. Now, oxid.it has released an updated Cain & Abel version 4.9.43. 

What is Cain & Abel?

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of  passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

Official Change Log:-

• Added SAP R/3 sniffer filter for SAP GUI authentications and SAP DIAG protocol decompression.
• Added support for Licensing Mode Terminal Server connections to Windows 2008 R2 servers in APR-RDP sniffer filter.
• Added support for MSCACHEv2 Hashes (used by Vista/Seven/2008) in Dictionary and Brute-Force Attacks.
• Added MSCACHEv2 Hashes Cryptanalysis via Sorted Rainbow Tables.
• Added MSCACHEv2 RainbowTables to WinRTGen v2.6.3.
• MS-CACHE Hashes Dumper now supports MSCACHEv2 hashes extraction from Windows Vista/Seven/2008 machines and offline registry files.
• Fixed a bug (crash) in Certificate Collector with Proxy settings enabled.

To Download Cain & Abel v4.9.43 Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Cain & Abel v4.9.43! (Network Sniffer & Password Recovery Tool)"https://www.voiceofgreyhat.com/2011/12/cain-abel-v4943-network-sniffer.html</a>

Red Hat Inc Announced The General Availability Red Hat Enterprise Linux (RHEL) 6.5

Red Hat Inc Announced The General Availability Red Hat Enterprise Linux (RHEL) 6.5 

The RHEL 6x series get another important update as Red Hat Inc, the world's leading provider of open source solutions announced the general availability of Red Hat Enterprise Linux 6.5, the latest version of Red Hat Enterprise Linux 6. According to the official press release of Red Hat -RHEL 6.5 expands Red Hat’s vision of providing an enterprise platform that has the stability to free IT to take on major infrastructure challenges and the flexibility to handle future requirements, with an extensive partner and support ecosystem. 

Red Hat Enterprise Linux 6.5 is mainly designed for those who build and manage large, complex IT projects, especially enterprises that require an open hybrid cloud. From security and networking to virtualization, Red Hat Enterprise Linux 6.5 provides the capabilities needed to manage these environments, such as tools that aid in quickly tuning the system to run SAP applications based on published best practices from SAP.“Red Hat Enterprise Linux 6.5 provides the innovation expected from the industry’s leading enterprise Linux operating system while also delivering a mature platform for business operations, be it standardizing operating environments or supporting critical applications. The newest version of Red Hat Enterprise Linux 6 forms the building blocks of the entire Red Hat portfolio, including OpenShift and OpenStack, making it a perfect foundation for enterprises looking to explore the open hybrid cloud.”-said Jim Totton, vice president and general manager of Red Hat Inc. Now lets take a closer look to the main highlights of RHEL 6.5 : 

Securing the Next-Generation Enterprise

Red Hat Enterprise Linux 6.5 continues the push for integrated security functionality that combines ease-of-use and up-to-date security standards into the platform. The addition of a centralized certificate trust store enables standardized certificate access for security services. Also included are tools that meet leading security standards, including OpenSCAP 2.1, which implements the National Institute of Standards and Technology’s (NIST’s) Security Content Automation Protocol (SCAP) 1.2 standard. With these additions, Red Hat Enterprise Linux 6 provides a secure platform upon which to build mission-critical services and applications.

Networking – When Every (Micro)Second Matters

In the financial services and trading-related industries, application latency is measured in microseconds, not seconds. Now, the latest version of Red Hat Enterprise Linux 6 fully supports sub-microsecond clock accuracy over the local area network (LAN) using the Precision Time Protocol (PTP). Precision time synchronization is a key enabler for delivering better performance for high-speed, low latency applications. Red Hat Enterprise Linux 6.5 can now be used to track time on trading transactions, improving time stamp accuracy on archived data or precisely synchronizing time locally or globally. Thanks to other networking enhancements in Red Hat Enterprise Linux 6.5, system administrators now have a more comprehensive view of network activity. These new capabilities enable sysadmins to inspect IGMP (Internet Group Management Protocol) data to list multicast router ports, multicast groups with active subscribers and their associated interfaces, all of which are important to many modern networking scenarios, including streaming media.

Virtualization Enhancements

Red Hat Enterprise Linux 6.5 continues Red Hat’s commitment to improving the overall virtualization experience and includes several improvements that make it a compelling choice for running in virtualized environments. Sysadmins can now dynamically enable or disable virtual processors (vCPUs) in active guests, making it an ideal choice for elastic workloads. The handling of memory intensive applications as Red Hat Enterprise Linux guests has also been improved, with configurations supported for up to 4TB of memory on the Kernel-based Virtual Machine (KVM) hypervisor. The KVM hypervisor also integrates with GlusterFS volumes to provide direct access to the distributed storage platform, improving performance when accessing Red Hat Storage or GlusterFS volumes. Finally, guest drivers have been updated to improve performance of Red Hat Enterprise Linux 6.5 running as a guest on supported third-party hypervisors.

Evolving Ease-of-Use, Storage, and More

As application deployment options grow, portability becomes increasingly important. Red Hat Enterprise Linux 6.5 enables customers to deploy application images in containers created using Docker in their environment of choice: physical, virtual, or cloud. Docker is an open source project to package and run lightweight, self-sufficient containers; containers save developers time by eliminating integration and infrastructure design tasks. Red Hat Enterprise Linux 6.5 stays current with the advancements in Solid-State Drive (SSD) controller interface, introducing support for NVM Express (NVMe)-based SSDs. The NVMe specification aims to standardize the interface for PCIe-based SSDs and its inclusion in Red Hat Enterprise Linux 6.5 positions the platform to support an expanding range of future NVMe-based devices.

Improvements have also been added to improve enterprise storage scalability within Red Hat Enterprise Linux 6.5. It is now possible to configure more than 255 LUNs connected to a single iSCSI target. In addition, control and recovery from SAN for iSCSI and Fibre Channel has been enhanced, and updates to the kexec/kdump mechanism now make it possible to create debug (dump) files on systems configured with very large memory (e.g. 6TB).

Red Hat Enterprise Linux 6.5 makes it easier to track and manage subscription consumption across the enterprise, integrating subscription tracking into existing business workflow. Usability enhancements include support for remote access to Windows clients and servers that use a newer version of the RDP protocol, including Windows 7 and 8 desktops and Windows Server 2012. 

To Download Red Hat Enterprise Linux 6.5 Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Red Hat Inc Announced The General Availability Red Hat Enterprise Linux (RHEL) 6.5 "https://www.voiceofgreyhat.com/2013/11/redhat-enterprise-linux-rhel-6.5-released.html</a>

THC-HYDRA ver7.0 (Network Logon Cracker)

THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. It was tested to compile cleanly on Linux, Windows/Cygwin, Solaris, FreeBSD and OSX.

Official change log for THC-HYDRA v7.0:-

• New main engine for hydra: better performance, flexibility and stability

• New option -u – loop around users, not passwords

• Option -e now also works with -x and -C

• Added RDP module, domain can be passed as argument

• Added other_domain option to smb module to test trusted domains

• Small enhancement for http and http-proxy module for standard ignoring servers

• Lots of bugfixes, especially with many tasks, multiple targets and restore file

• Fixes for a few http-form issues

• Fix smb module NTLM hash use

• Fixed Firebird module deprecated API call

• Fixed for dpl4hydra to work on old sed implementations (OS/X …)

• Fixed makefile to install dpl4hydra (thx @sitecrea)

• Fixed local buffer overflow in debug output function (required -d to be used)

• Fixed xhydra running warnings and correct quit action event

 To download THC-HYDRA ver7.0 Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">THC-HYDRA ver7.0 (Network Logon Cracker)"https://www.voiceofgreyhat.com/2011/09/thc-hydra-ver70-network-logon-cracker.html</a>