MicrosoftSurface RT Available For Pre-order & Priced $599 With Touch Cover
Near about four months ago Microsoft announced that they will introduce a tablet computer of its own design that runs a new version of its Windows operating system, and that tablet was named 'Surface'. After this announcement Microsoft’s Surface tablet has generated a massive buzz over the last few weeks, culminating in the lowest priced option. After the long wait finally the software giant Microsoft has now unveiled the pricing for both of its ARM-based Surface RT tablets at its Microsoft online stores. The 10.6-inch Surface, powered by Windows RT, will go on sale on October 26th and will be priced starting at $499 for the 32GB version without Touch Cover and a 32GB version with the Touch Cover for $599. Microsoft is also offering 64GB model for $699 with a Touch Cover included. The 9.3mm thin tablet weighs just 1.5lbs and includes a built-in kickstand and vapor-deposited (PVD) magnesium case. Microsoft listed its Surface pricing at its online Microsoft Store this morning, indicating that pre-orders will be available shortly. The company has also listed the prices for its Touch Cover, at $119.99 each, and Type Cover for $129.99. The Touch Cover appears to be available in white, red, black, blue, and purple colors – while the Type Cover is listed as a single item in black.
For Pre-Order & get Surface Within 3 weeks Click Here. If you are from outside of U.S. and you want to book Surface then Click Here.
Microsoft Issues 'fix it' To Close Internet Explorer0-day Vulnerability
Last few days the whole cyber world have gone through with so many drama of Internet Explorer's security bug, as researchers have unveiled four active exploits of a zero-day vulnerability in the browser. As expected the software giant Microsoft has released an emergency fix to get rid of these major security issues. Microsoft released a “fix it” tool for a critical security flaw in most versions of Internet Explorer 6, 7, 8 and 9 that hackers have been exploiting to break into Windows systems. The company said it expects to issue an official patch (MS12-063) for the vulnerability on Friday, Sept. 21. "While we have only seen a few attempts to exploit this issue, impacting
an extremely limited number of people, we are taking this proactive
step to help ensure Internet Explorer customers are protected and able
to safely browse online," said Yunsun Wee, director of Microsoft
Trustworthy Computing in a statement. The zero-day in IE 6-9
is a use-after-free memory corruption vulnerability, similar to a
buffer overflow, that would enable an attacker to remotely execute code
on a compromised machine. The original exploit payload dropped the
PoisonIvy remote access Trojan (RAT) via a corrupted Flash movie file.
The latest payload discovered dropped the PlugX RAT via the same
corrupted Flash movie, Blasco said. He also said the new exploits
are the work of the Chinese hacker group Nitro, the same group behind a
pair of Java zero-day exploits disclosed in August.
Blasco also said the new exploits appear to be targeting defense contractors in the United States and India.
Microsoft recommended several workarounds Tuesday morning before announcing its intention to send out a FixIt.
Setting
Internet and local Internet security zone settings to high, which would
block ActiveX Controls and Active Scripting in both zones
Configure IE to prompt the user before running Active Scripting, or disable Active Scripting in both zones
Use
of Microsoft's Enhanced Mitigation Experience Toolkit provides
mitigations as well, and would not impact website usability, as both of
the first two options might.
Microsoft also said that IE
running on Windows Server 2003, 2008 and 2008R2 runs in a restricted
mode that mitigates the vulnerability. Outlook, Outlook Express and
Windows Mail also open HTML messages in a restricted zone, mitigating
the vulnerabilty but should a user click a link in a message, they could
still be vulnerable to exploit.
Adobe Says Windows 8 Users are Vulnerable to Active Flash Exploits (Microsoft Will not Patch the Bug Until October 26)
Adobe confirmed a serious security hole in Windows 8, hackers have been aiming at Microsoft's Windows 8 PCs for several weeks as it is vulnerable to attack by exploits. Its very unfortunate for those who runs all the four (consumer preview, developer preview, release preview & enterprise) pre-release version of Windows 8, because the Redmond based software giant Microsoft said it will not patch the bug in Flash Player until what it called "GA," for "general availability." That would be Oct. 26, when Windows 8 hits retail and PCs powered by the new operating system go on sale.
"We will update Flash in Windows 8 via Windows Update as needed," a spokeswoman said in a reply to questions. "The current version of Flash in the Windows 8 RTM build does not have the latest fix, but we will have a security update coming through Windows Update in the GA timeframe." Microsoft, not Adobe, is responsible for patching Flash Player in Windows 8 because the company took a page from Google's playbook and integrated the popular media software with Internet Explorer 10 (IE10), the new operating system's browser. Last month, Adobe issued two updates for Flash Player that patched eight vulnerabilities, some of which were ranked as "1" by the company, its highest threat warning. One of the vulnerabilities, tagged as CVE-2012-1535, was patched Aug. 14, but had been exploited for an indeterminate time before that. In fact, CVE-2012-1535 was one of four "zero-days," or unpatched vulnerabilities, exploited in a 16-week stretch by an elite hacker gang revealed by Symantec researchers on Friday. Microsoft has not updated the Flash in IE10 within Windows 8 to accommodate those two sets of patches, Adobe confirmed Friday. "Flash Player 11.3.372.94 does not incorporate the fixes released in APSB12-18 and APSB12-19," said Wiebke Lips, a spokeswoman for Adobe, referring to the Aug. 14 and Aug. 21 Flash updates. Windows 8 RTM's IE10 identifies the integrated Flash Player as version 11.3.372.94, a more recent build than the one in Windows 8 Release Preview, but older than the most-up-to-date version for Windows, 11.4.402.265, which Adobe delivered on Aug. 21.
Adobe actually told some users about Windows 8's Flash situation two weeks ago. On an Adobe support forum,
a company representative announced on Aug. 23 that there would be no
Flash update for Windows 8 and IE10 until late October. "Since Windows 8
has not yet been released for general availability, the update channel
is not active," said Chris Campbell, identified as an Adobe employee.
"Once this goes live, you'll start getting updates to Flash Player."
Microsoft Releases Windows Server 2012 With Complete Virtualization, Cloud Services, Improved Scalability & Performance [Download Now]
In March this year software giant Microsoft has announced the availability of Windows Server 8, later in April it has been renamed to Windows Server 2012. Windows Server powers many of the worlds' largest datacenters, enables small businesses around the world, and delivers value to organizations of all sizes in between. Windows Server 2012 redefines the server category, delivering hundreds of new features and enhancements spanning virtualization, networking, storage, user experience, cloud computing, automation, and more. Simply put, Windows Server 2012 helps you transform your IT operations to reduce costs and deliver a whole new level of business value. With Windows Server 2012, Microsoft delivers a server platform built on our experience of building and operating many of the world's largest cloud-based services and datacenter. Whether you are setting-up a single server for your small business or architecting a major new datacenter environment, Windows Server 2012 will help you cloud-optimize your IT so you can fully meet your organization's unique needs.
Features at a Glance:-
Beyond Virtualization:-Offers a dynamic, multitenant infrastructure to help you scale and secure workloads and build a private cloud. Windows Server 2012 can help you provide:
Complete Virtualization Platform- A fully-isolated, multitenant environment with tools that can help guarantee service level agreements, enable usage-based chargeback, and support self-service delivery.
Improved Scalability and Performance- A high-density, scalable environment that you can modify to perform at an optimum level based on your needs.
Connecting to Cloud Services- A common identity and management framework to enable highly secure and reliable cross-premises connectivity.
The Power of Many Servers, the Simplicity of One:- Delivers a highly available and easy to manage cloud-optimized platform. Windows Server 2012 can help you provide:
Flexible Storage- Diverse storage choices that can help you achieve high performance, availability, and storage resource efficiency through virtualization and storage conservation.
Continuous Availability- New and improved features that provide cost-effective, highly available services with protection against a wide range of failure scenarios.
Management Efficiency- Automation of a broad set of management tasks and simplified deployment of workloads as you move toward full, lights-out automation.
Every App, Any Cloud:- Offers a cloud-optimized server platform that gives you the flexibility to build and deploy applications and websites on-premises, in the cloud, or across both. Windows Server 2012 can help you deliver:
Flexibility to Build On-Premises and in the Cloud- A consistent set of tools and frameworks that enables developers to build symmetrical or hybrid applications across the datacenter and the cloud.
A Scalable and Elastic Infrastructure- New features to help you increase website density and efficiency, plus frameworks, services, and tools to increase the scalability and elasticity of modern applications.
An Open Web and App Development Environment- An open platform that enables mission-critical applications and provides enhanced support for open standards, open-source applications, and various development languages.
Modern Workstyle, Enabled:- Provides users with flexible access to data and applications while simplifying management and maintaining security, control, and compliance. Windows Server 2012 can help you offer:
Access to Applications and Data from Virtually Anywhere, Any Device- Seamless, on-demand access to virtualized work environments from virtually anywhere.
A Full Windows Experience Anywhere- A personalized and rich user experience from virtually any device that adapts to different network conditions quickly and responsively.
Enhanced Data Security and Compliance- Granular access to data and corporate resources based on strong identity, data classification, and centralized policy administration and auditing.
To Download Windows Server 2012 (Both iso & VHD) Click Here
Cyber criminals are distributing mass on the internet while sending rogue email notifications about changes in Microsoft's Services Agreement to trick people into visiting malicious pages that use a recently circulated Java exploit to infect their computers with malware. Oracle left a security flaw in one of the world’s most widely used programs unpatched for four months and then issues a half-baked fix, the company is practically inviting cyber criminals to exploit its users en mass. And as expected the invitation has been accepted.
The rogue email messages are copies of legitimate notifications that Microsoft sent out to users to announce changes to the company's Services Agreement that will take effect Oct. 19. "This email is a legitimate announcement regarding updates to the
Microsoft Services Agreement and Communication Preferences," a Microsoft
program manager for supporting mail technologies who identifies herself
as Karla L, said on the Microsoft Answers website in response to a user inquiring about the authenticity of the email message.
However,
she later acknowledged the existence of reports about malicious emails
that use the same template. "If you received an email regarding the
Microsoft Services Agreement update and you're reading your email
through Hotmail or Outlook.com, the legitimate email should have a Green
shield that indicates the message is from a Trusted Sender," she said.
"If the email does not have a Green shield, you can mark the email as a
Phishing scam."
However,
in the malicious versions of the emails, the correct links have been
replaced with links to compromised websites that host attack pages from
the Blackhole exploit toolkit. Blackhole is a tool used by
cybercriminals to launch Web-based attacks that exploit vulnerabilities
in browser plug-ins like Java, Adobe Reader or Flash Player, in order to
install malware on the computers of users who visit compromised or
malicious websites.
This type of attack is known as a drive-by
download and is very effective because it requires no user interaction
to achieve its goal. The malicious Java applet used in this attack is detected by only eight
of the 42 anitivirus engines available on the VirusTotal file scanning
service. The Zeus variant has a similarly low detection rate.
"We're receiving multiple reports of a phishing campaign using the
template from a legitimate Microsoft email regarding Important Changes
to Microsoft Services Agreement and Communication Preferences," Russ
McRee, security incident handler at the SANS Internet Storm Center, said
Saturday in a blog post.
Registration Open For Microsoft’s Imagine Cup 2013, Prize Money Boosted
After the success of 'Blue Hat' Security Contest, now it is the time for Microsoft’s Imagine Cup. Redmond based software giant Microsoft has been organizing its Imagine Cup student technology competition for the last 10 years and today, the company opened registration for the 2013 edition of this event. Students ages 16 and older can now register for their national events and the winners of these local events will be flown to St. Petersburg, Russia, where the worldwide finals will take place from July 8 to 11. For this edition of Imagine Cup, Microsoft has doubled the prize money to $300,000. Since the first Imagine Cup in 2003, says Microsoft, over 1.65 million students across the globe have participated in Imagine Cup and a number of the teams that made it to the finals (and many that have not) went on to create startups.
Here is Microsoft’s description of the new core competitions:
World Citizenship: Honors the software application developed on Microsoft platforms with the greatest potential to make a positive impact on humanity. For example, a project might address education-, social- or healthcare-related problems.
Games: Honors the most engaging and entertaining games targeting teens and youth, built on Microsoft platforms (Windows 8, Windows Phone, Kinect for Windows Software Development Kit, and Xbox Indie Games).
Innovation: Honors apps that give consumers inspiration and innovation at their fingertips, whether it be a new spin on social networks, online shopping or search, built with Microsoft tools and technology.
The winners of each of these competitions will get $50,000. In addition to the core competitions, students can also compete in a number of online challenges focused on specific technologies and platforms, including Windows 8, Windows Azure and Windows Phone. For detailed information click Here.
Few weeks ago software giant Microsoft announced to release an official SkyDrive app for Android phones. So finally the application is ready to download and use. This new app for Android is similar to other mobile apps for Windows Phone and iOS and is a key part of making sure your SkyDrive files are accessible and shareable from all your devices. The app was mainly designed to work best with Android 4.0 Ice Cream Sandwich, though it will work on Android 2.3 and above. "In building the new SkyDrive app for Android, we wanted to ensure we kept the same intuitive design of all SkyDrive experiences while also making use of Android design patterns and conventional interactions, so this feels natural for people with Android phones," Mike Torres, group program manager for SkyDrive Apps, wrote in a blog post Tuesday.
Brief Description:-
SkyDrive is the place to store your files so you can access them from virtually any device. With SkyDrive for Android, you can now easily access and share files on the go. You can also upload photos or videos from your phone to SkyDrive.
Features:-
Access all of your SkyDrive content including files shared with you.
View recently used documents.
Choose multiple photos or videos to upload from your phone.
Share your files and photos – send a link in email or in another app.
Open your SkyDrive files in other Android apps.
Manage your files – delete, or create new folders.
The official SkyDrive app is now available in the Google Play store. For more information and to download click here.
Microsoft Releases Windows 8 Enterprise Edition (Freely Available For 90 Days)
Redmond based software giant Microsoft has released the Windows 8 Enterprise Evaluation version yet again making it available free for 90 days. Before this Evolution version we have tested three different flavors of Microsoft's upcoming and long awaited operating system Windows 8, and they are
Windows 8Consumer Preview,
Windows 8 Developer Preview& Windows 8 Release Preview. According to Microsoft - Windows 8 Enterprise features include all the capabilities that customers get with Windows 8 Pro* plus premium features designed to provide the mobile productivity, security, manageability and virtualization needs of today’s businesses. Developers can write their own apps in widely used languages such as C#, C++, JavaScript, and Microsoft’s Visual Basic. Windows 8 Enterprise also includes a built-in print driver that supports “a wide range” of printers without the hassle of installing printer drivers from CDs or the Web onto print servers or client devices.
Some of the key features that will be available exclusively to Windows 8 Enterprise customers are:-
Windows To Go is a fully manageable corporate Windows 8 desktop on a bootable external USB stick. This will allow IT organizations to support the “Bring Your Own PC” trend and businesses can give contingent staff access to the corporate environment without compromising security.
Direct Access allows remote users to seamlessly access resources inside a corporate network without having to launch a separate VPN and helps IT administrators keep remote users’ PCs in compliance by applying the latest policies, software updates. When used with Windows Server 2012, Windows 8 makes Direct Access easier to deploy and implement with the existing IPv4 infrastructure.
BranchCache allows users’ PCs to cache files, websites, and other content from central servers, so content is not repeatedly downloaded across the wide area network (WAN). When used with Windows Server 2012, Windows 8 brings several improvements to BranchCache to streamline the deployment process, optimize bandwidth over WAN connections and ensure better security and scalability.
AppLocker can help mitigate issues by restricting the files and apps that users or groups are allowed to run.
VDI enhancements: Enhancements in Microsoft RemoteFX and Windows Server 2012, provide users with a rich desktop experience with the ability to play 3D graphics, use USB peripherals and use touch-enabled devices across any type of network (LAN or WAN) for VDI scenarios.
New Windows 8 App Deployment: Domain joined PCs and tablets running Windows 8 Enterprise will automatically be enabled to side-load internal, Windows 8 Metro style apps.
OllyDbg 2.01 Beta 2 Released! (x86 Debugger For Microsoft Windows)
The author, Oleh Yuschuk (also known as Olly), of widely used assembler level debugger 'OllyDbg' has released the Beta 2 version of OllyDbg 2.01. As you all know OllyDbg itself is hardly changed, only minor improvements (like correct reaction on MOV SS,anything; PUSHF or disassembling of JE vs. JZ etc. depending on the preceding comparison). More important, the developer have removed the nasty crashes that happened on some computers while invoking menu, or pressing ALT, or on similar harmless actions. Last year August got the Alpha 4 of OllyDbg 2.01 since then we have not seen nay upgrades or improvements, so after one year this release includes some of major upgrades and fixes several bugs. Plugin interface is slightly extended. Plugin API
includes more than 500 functions, structures and variables. Of these, I
have described less than 100, so you will frequently encounter 404
while browsing the help data. But all APIs used by Bookmarks plugin are
fully documented. I would also like to describe briefly for those who are not familiar with debugger- OllyDbg is an x86 debugger that emphasizes binary code analysis, which is useful when source code is not available. It traces registers, recognizes procedures, API calls, switches, tables, constants and strings, as well as locates routines from object files and libraries. In many cases reverse engineers preferred OllyDbg, even this tool is widely used by underground communities for making crack of popular software & games.
Outlook.com -A New Email Service Introduced By Microsoft
After successfully revamping it's popular mail serviceHotmailthrough it's look and features with the name of 'Newmail', now the software giant Microsofthas launched a new email service that shares the name of its famed email software, Outlook. Outlook.com is accessible as a preview now, and anyone can sign up for an account. If you already have a Hotmail or Live email address, you can convert that to an Outlook.com address in the settings now. The old Hotmail/Live address remains active--users will still get mail sent to the old addresses--unless you explicitly choose to delete it. The interface is based on Metro, the user interface you see in Windows Phone and the upcoming Windows 8. This means you get a clean, uncluttered design and simple icons familiar to anyone who has used a Nokia Lumia smartphone. Microsoft is not requiring everyone that has a Hotmail account to switch to the new address, but it seems the plan is to eventually have everyone move over.
Research firm comScore says Hotmail has 41 million monthly unique visitors; AOL, 24 million. That makes them the No. 3 and No. 4 e-mail providers in the U.S., behind Yahoo Mail, with 84 million unique visitors, and Gmail, 68 million. Worldwide, more than 324 million people still use Hotmail monthly, making it the top provider globally. But Hotmail's user base is on the decline.
Like many email clients, you get a list of folders on the left navigation bar. What's interesting is the Quick Views dropdown below the folders, which lets you filter certain kinds of email. By default, it filters emails with documents or photos, flagged messages and those that give you shipping updates. That last one will be useful for those who frequently shop online and are always expecting packages. These categories can be customized to suit your needs.
With Outlook.com, you can also turn on a reading pane that lets you read the message either below or on the right of the email list. As a security measure, it shows a blank message by default, and not the first one in your inbox--you have to explicitly click on a message to show it, reducing the risk of being exposed to malicious emails by accident.
On the far right is an advertisement column. This shows a random selection, unlike Gmail, which uses targeted ads based on the content of your email messages.
To find out more about the features and design of Outlook.com it will be best if you try it out yourself, just visit www.outlook.com and sign up for an account, or simply switch your current Hotmail/Live email to an Outlook.com one.
SQL Server 2008 R2 Service Pack 2 (SP2) Released & Available To Download
The software giant Microsoft announced the availability of SQL Server 2008 R2 Service Pack 2 (SP2). SQL Server 2008 R2 SP2 contains fixes to issues that have been reported through customer feedback platforms and Hotfix solution provided in SQL Server 2008 R2 SP1 Cumulative Update 1 thru to Cumulative Update 5. Service Pack 2 also includes supportability enhancements and issues that have been reported through Windows Error Reporting system. The update fixes several bugs with the product, most notably a problem that could cause a deadlock of the server when synchronising database logs to another server. A bug that prevented users of the JDBC Driver to connect to the server when using JRE 6 update 29, or later, was also fixed. A problem where users receive "incorrect results" when running "a complex query" which contains joins and aggregate functions and uses the DISTINCT statement has been fixed, but Microsoft is not offering any further details on it. Other patches correct false error reports, fix problems with the server's update install mechanism and more.
Both the Service Pack and Feature Pack updates are available for download on the Microsoft Download Center. As part of the continued commitment of Microsoft to software excellence for the customers, this upgrade is free and doesn't require an additional service contract. Microsoft SQL Server 2008 R2 SP2 also addresses a few key customer requests:
Reporting Services Charts Maybe Zoomed & Cropped
Customers using Reporting Services on Windows 7 may sometime find charts are zoomed in and cropped. To work around the issue some customers set ImageConsolidation to false.
Batch Containing Alter Table not Cached
In certain situations with batch files containing the alter table command, the entire batch file is not cached.
Collapsing Cells or Rows, If Hidden Render Incorrectly
Some customers who have hidden rows in their Reporting Services reports may have noticed rendering issues when cells or rows are collapsed. When writing a hidden row, the Style attribute is opened to write a height attribute. If the attribute is empty and the width should not be zero.
Customers are highly encouraged to stay on a supported service pack to ensure they are on the latest and most secure version of SQL Server 2008 R2. The Service Pack is freely available for download from Microsoft's Download Center. We would like to share with you that, earlier in this year Microsoft has released SQL Server 2012 , and the Evaluation edition of SQL Server 2012 is also freely available to download from Microsoft.
Vasilis Pappas Won 'Blue Hat' Security Contest & Grand Prize of $200,000 From Microsoft
Earlier in last year software giant Microsoft started Blue Hat security contest. BlueHat Prize was globally announced by the company at the 2011 Black Hat security conference in Las Vegas, offers a grand prize of $200,000, a runner-up purse of $50,000, and a third-place award of a one-year subscription to MSDN Universal--a developer's platform for Microsoft products--worth $10,000--to security researchers who design the most effective ways to prevent the use of memory safety vulnerabilities.
This year Microsoft awarded a bunch of hackers and gave away an amount of $260,000. 'Hackers' in the good sense here, the clever programmers who won its Blue Hat security contest, including a grand prize of $200,000.
The big prize was awarded to a PhD student at Columbia University, Vasilis Pappas, who was handed the check in an American Idol-style contest finale complete with loud music and confetti. The winners were announced during a party at the Black Hat hackers conference 2012 that just happened this week in Las Vegas. Two other guys took home significant prizes, too. Ivan Fratric, a researcher at the University of Zagreb in Croatia, got $50,000 and Jared DeMott, a Security Researcher for Harris Corp. won $10,000.
They all submitted ideas to help solve a really hard security problem called Return-Oriented Programming. ROP is a hacker technique that is often used to disable or circumvent a program's computer security controls. Twenty people submitted ideas in the contest. Without getting into too much technical detail, Pappas came up with something called kBouncer which blocks anything that looks like an ROP attack from running. It's become popular these days to pay security researchers bounties. But what's cool about the Blue Hat contest is that it paid the researcher for actually coming up with a fix to a problem. Not only Microsoft, other compaines- Google, Facebook, Paypal & many more already have their "Bug Bounty" program, where they reward researchers for simply identifying flaws in thier system. But by contrast Microsoft and Adobe don't pay bounties. Here Microsoft promised that this first Blue Hat prize won't be its last, So this may be a sign of a smart new approach to engaging with security researchers for the software giant.
Microsoft Fixes & Apologizes Embarrassing 'Big Boobs' String (0xB16B00B5) From Linux Code
Buried in the software that connects the Linux kernel to Microsoft‘s HyperV virtualization program was the following code string: '0xB16B00B5'. The string was spotted by programmer Paolo Bonzini, who posted about his discovery to the Linux Kernel mailing list saying “Somone (sic) was trying to be funny, I guess”.
The string was used every time the Microsoft program ran a virtual version of Linux. Linux developer Dr Matthew Garrett is upset by what he sees as “straightforward childish humour”. He points out that previously Microsoft used the string 0x0B00B135 (or “BOOBIES” to non-programmers) in a previously submitted piece of code. Dr Garrett points out that the string may be used to connect Linux system to Microsoft’s Azure cloud platform, making the problem even tougher to fix. “So, full marks, Microsoft,” says Dr Garrett. “You’ve managed to make the kernel more offensive to half the population and you’ve made it awkward for us to rectify it”.Microsoft was made aware of the code quickly issued an apologetic statement, saying “We thank the community for reporting this issue and apologize for the offensive string. We have submitted a patch to fix this issue and the change will be published in a future release of the kernel.” The software giant then immediately issued a patch that corrected the string. In early June, Microsoft suffered another embarrassment over '"vulgar" language used during a song and dance routine at a company conference.
Reverse EngineeredSource Code of Skype Allegedly Stolen & Exposed
After VMWare & Norton's Symantec now another big fish -Skype get caught among the list of those whose source code has been allegedly stolen. An Anonymous affiliated hacker named "57UN" also known as 'Stun' claims to have stolen the source code which he made public. From this leak several fact come in front, according to the hacker the Federal Authorities uses skype for surveillance, in his twitter the hacker said - "Oh and the FBI uses #Skype as a surveillance tool?! #Lulz?! Privacy my ass! Wake up people!..." He added "#Skype & privacy?! Yeah! Did you know that #Microsoft works with each and every government, for instance in #Tunisia!..."
"AFTER MICROSOFT ACQUIRING SKYPE FOR 8.5 BILLION DOLLARS AND PROCEEDING TO ADD BACK DOORS FOR GOVERNMENT TO THE PROGRAM, THE SOFTWARE HAS BEEN HACKED AND IT'S SOURCE CODE RELEASED
However, experts state that the source code published by the hacker is actually the one leaked some time ago by a researcher who reverse engineered the Windows binaries. According to security researcher Janne Ahlberg “I managed to get a copy of the file ‘skype55_59_deobfuscated’ from May. It is not Skype source code, but a reverse engineered version of the Windows binaries. The tool used in reverse engineering seems to be IDA disassembler/debugger”
So far 3 torrent files being released which include a reversed engineered copy of the skype protocol, the source development kit(sdk) and needed runtime and de-obfuscated, unpacked Skype 5.5 and 5.9 binaries for Windows.
Microsoft's Windows 8 Will Be Available On October 26
The final countdown of Windows 8 begins as software giant Microsoft announced that they will start selling Windows 8 from coming October 26, a little more than three months from now. This release will be first stable one of Windows 8, earlier we got three pre-release version of Windows 8 -Consumer Preview, Developer Preview& Release Preview. Windows 8 is Designed to work on both PCs and tablet computers, So far Windows 8 is Microsoft's best hope for competing with devices.According to official blog of Windows Steam - "Steven Sinofsky announced at Microsoft’s annual sales meeting that customers will be able to get Windows 8 – whether in upgrade fashion or on a new PC – starting on October 26th. Earlier this month at the Microsoft Worldwide Partner Conference, Tami Reller told attendees Windows 8 would be available in October. But now everyone has a specific date to mark on their calendars."
The Oct. 26 date is also significant to users now running Windows XP, Vista or Windows 7, as it marks the debut of the $39.99 upgrade to Windows 8. The price is a dramatic discount from other Windows upgrade. All users who upgrade will receive Windows 8 Pro, the more advanced of the two retail editions. Microsoft has also tied the launch of its Windows RT operating system, and its first-ever tablet, dubbed "Surface" to the debut of Windows 8. It does have some wiggle room, however, for the tablet, because it has said that the device would go on sale around the time of Windows 8's release. Microsoft officials have not said how much the promised System Builder SKU will be for those who want to build their own PCs. They also have not said whether a full, non-upgrade version will be available via retail and how much it will cost.
Microsoft Unveils Office 365 With Cloud, Web Apps & Many More (Available For Download)
The software giant Microsoft on Monday unveiled the next version of Microsoft Office which indeed is a dramatic departure from the software that millions of users have come to know, built for the cloud and for touch-based computing and packed with features that make it more social and, Microsoft hopes, more intuitive to use than past releases. With this version Microsoft is offering consumers the option of performing many chores through a Web browser, rather than installing programs on their personal computers. Users will still be able to buy and install Office 2013, as the new version is called, but Microsoft plans to offer incentives for people to opt for a Web-based subscription variant known as Office 365.
"Your modern Office thinks cloud first," said CEO Steve Ballmer, at an event here Monday.
Office 2013 is designed to work on traditional PCs, tablets or hybrid devices that combine touchscreen capability on a clam-shell style laptop, Microsoft said. Hardware options include devices that use conventional PC-style chips from Intel Corp., or those running cellphone-style chips based on designs from ARM Holdings PLC, the company said.
Microsoft already offers Office 365 as a companion service to businesses, and the company has a little-discussed bare-bones online version of Office called Office Web Apps. But Microsoft says this is Office's biggest foray in the cloud. Microsoft said the overhaul is designed to respond to issues such as the desire for consumers to synchronize and preserve data files as they move among multiple mobile devices and PCs. Even for people who opt to buy rather than subscribe to the software, Microsoft said Office will automatically save and store files on SkyDrive—its online-file-storage service—letting users return to where they left off in documents.
Users who opt for the subscription service will receive an additional 20 gigabytes of SkyDrive storage capacity on top of the standard seven gigabytes given to new customers. They will have rights to future upgrades as well as to use Office on up to five computers or mobile devices.
Customer & Technical Preview of the new Office 365 is available now to Download and test.
Two Young Researchers Found Security Flaws in Microsoft Windows Live Which Could Lead Identity Theft
Recently two young security researchers of Morocco named Abdeljalil S'hit and Yasser Aboukir discovered a serious vulnerability in Microsoft's Windows Live service. The vulnerability has been reported to Microsoft, but unfortunately the software giant neither gave compastion nor did any comment about the said topic. In a report ZDNet said the vulnerability in question leveraged Cross-Site Scripting (XSS) to execute a malicious script.
More specifically, the two researchers managed to cause an error on the Windows Live login page (as you can see above), and once the victim clicked on the "Continue" button, their malicious script would be executed. XSS flaw means that an attacker could impersonate a Windows Live user by gaining full control of the victim's cookies. Combined with social engineering, this technique could be used to steal a victim's Windows Live identity with ease.
The last update we got from Microsoft is saying - "We quickly addressed the vulnerability in question to help keep customers protected and appreciate the researchers using Coordinated Vulnerability Disclosure to assist in us working toward a fix in a coordinated manner"
Java-Based Multi-platform Backdoor Targeting Windows, Mac & Linux Computers
Security researcher at Kaspersky Lab have revealed a new java-based web vulnerability which is targeting Windows, Linux & Mac computers while installing backdoor. Mainly the whole thing is a Web-based social engineering attack that relies on malicious Java applets. According to security researchers from antivirus vendors F-Secure - the attack was detected on a compromised website in Colombia. When users visit the site, they are prompted to run a Java applet that hasn't been signed by a trusted certificate authority.
If allowed to run, the applet checks which operating system is running on the user's computer -- Windows, Mac OS X or Linux -- and drops a malicious binary file for the corresponding platform.
The JAR file checks if the user's machine is running in Windows, Mac or Linux then downloads the appropriate files for the platform. All three files for the three different platforms behave the same way. They all connect to 186.87.69.249 to get additional code to execute. The ports are 8080, 8081, and 8082 for OSX, Linux, and Windows respectively.
The files are detected as: Trojan-Downloader:Java/GetShell.A (sha1: 4a52bb43ff4ae19816e1b97453835da3565387b7) Backdoor:OSX/GetShell.A (sha1: b05b11bc8520e73a9d62a3dc1d5854d3b4a52cef) Backdoor:Linux/GetShell.A (sha1: 359a996b841bc02d339279d29112fe980637bf88) Backdoor:W32/GetShell.A (sha1: 26fcc7d3106ab231ba0ed2cba34b7611dcf5fc0a)
However, since F-Secure researchers began monitoring the attack, the remote control server hasn't pushed any additional code. It appears that the attack uses the Social Engineer Toolkit (SET), a publicly available tool designed for penetration testers, Aquino said Tuesday via email. However, the chances of this being a penetration test sanctioned by the website's owner are relatively low.
Kaspersky's researchers are in the process of analyzing the backdoor-type malware downloaded by the malicious shell code on Windows and Linux. "The Win32 backdoor is large, about 600KB; the Linux backdoor is over 1MB in size, both appear to contact very complex code which communicates encrypted with other servers."
+Released.png)
.jpg)
