Browse by Tags
All Tags »
Windows Vista (
RSS)
Every Anti-Virus has a mechanism called tamper protection that helps administrator keep users from mishandling there antivirus settings and services. Forefront Client Security only offers basic control over what the user can or cannot do with the FCS Client Console on his client machine. What the FCS System doesn’t provide is a built-in mechanism to protect FCS services from being stopped or prevent FCS from being removed by the user. It’s true that some of these are possible to prevent by not giving...
Alun Jones ( Security MVP ) wrote in his great blog about a new "so-called" hole in Vista Firewall machanism. To tell the truth, it's not really a hole, but I thought I'd grab your attention. it's not a flaw in the operation of Windows Firewall on Windows Vista. It's a design feature, it makes sense, and it fits in with the principle that the firewall should keep out unsolicited traffic. this so called feature, allows windows to leave a FTP connection open before and even...
This step-by-step guide illustrates how to deploy Active Directory® Group Policy objects (GPOs) to configure Windows Firewall with Advanced Security in Windows Vista® and Windows Server® 2008. Although you can configure a single server locally by using Group Policy Management tools directly on the server, that method is not consistent or efficient when you have many computers to configure. When you have multiple computers to manage, create and edit GPOs, and then apply those GPOs to the computers...
לפי המידע שמפורסם כרגע מיקרוסופט עומדת להוציא החודש 5 עדכונים: 1. עדכון המיועד ל- Microsoft Windows 2000 Service Pack 4 אשר סותם פרצה המאפשרת לבצע Remote Code Execution. 2. עדכון המיועד ל- Visual Studio .NET (פרטים נוספים ב-KB937057 עד KB937061 עפ"י גרסאות) אשר סותם פרצה המאפשרת לבצע Remote Code Execution. 3. עדכון המיועד ל-Windows Services for UNIX 3.0 ול-Windows Services for UNIX 3.5 על כל גרסאות ה-Windows הקיימות מ-2000 ו-XP ומעלה. עדכון זה נועד ע"מ למנוע אפשרות לנצל את מנגנון ה-Elevation...
בגרסאות ישנות יותר של Windows, ה-Services במערכת ההפעלה בד"כ לא רצו עם הרשאות מינימליות. אם זה לא מספיק, רוב ה-Services אפילו רצו עם Local System Account, חשבון המאפשר להם הרשאות אף יותר מרחיקות לכת מאשר Administrator מקומי. מעבר לכך, רוב המשתמשים לא היו מודעים לכך ש-Services אשר קיימים אצלהם במחשב ניתנים לביטול (Disable). לסיכום הכל, ה-Services והמשתמשים רצו תחת אותו מרחב מחייה, דבר שהיה יכול לגרום לגישה בלתי מורשה ושימוש לא מורשה ב-Services. במערכת ההפעלה החדשה (Vista), מיקרוסופט מאפשרת למשתמשים...
like every other month, Jeff Jones publishes in his blog the operating system vulnerability scorecard comparing all popular operating system for the client and server side. Year-to-date 2007 Client and Server Charts - Full Set of Supported Components * RHEL Desktop 5 shipped in March, so only represents vulns since then * RHEL 5 Advanced Server shipped in March, so only represents vulns since then. read the full article at the source .
Nick White from the Windos Vista Team Blog has interviewed Mike Burk, a Security Center Program Manager, and Austin Wilson, a Director from Windows Client Marketing about how and why the Windows Vista Security Center evolved If you've used Windows Vista, I’m sure you've noticed that the Firewall, Automatic Updating, Antivirus, Antispyware, Internet Security Settings and User Account Control settings are all located in one easily accessed place: the Security Center. Although the Security Center was...
I've was recently contacted by several people who have encountered the following messege in Windows Vista: This issue is because services that runs in session0 run separately from the user’s session and therefore can't display popups directly to the user. in my exploration for the solution to that one, i've encounted a post at Brad Rutkowski's Blog that talks and explains exactly that: "Windows Vista isolates services in Session 0 and runs applications in other sessions, so services are protected...
Jeff Jones from CSOnline has published last week a 6 months vulnerability report for windows vista, comparing it to other majors OS that are competing against it. For those that only want the executive summary, here is a key chart that shows the publicly disclosed High severity vulnerabilities during the first 90 days of availability, broken down by vulns fixed and vulns unfixed. Note that this chart is showing the reduced Linux builds that exclude non-default and optional components without equivalents...
Robert Paveza, a web application developer with marketing firm Terralever, has published a paper demonstrating a two-stage attack which he says allows malicious code to infect Vista systems even from accounts running under the limited privileges afforded by UAC. The attack takes advantage of the fact that UAC permissions are somewhat porous, with programs able to ride on the coattails of other processes that are commonly granted higher privileges. This is related to one of the flaws in UAC pointed...
Microsoft is frequently dinged for having insecure products, with security holes and vulnerabilities. But Symantec (Quote), no friend of Microsoft, said in its latest research report that when it comes to widely-used operating systems, Microsoft is doing better overall than its leading commercial competitors . The information was a part of Symantec's 11th Internet Security Threat Report. The report, released this week, covered a huge range of security and vulnerability issues over the last six months...
If you use Vista, then you're probably aware that it has a new security feature called User Account Control (UAC). This feature enables you log in as a regular user without administrator privileges (which is a more secure way of using your computer), but quickly elevate your privileges when a program needs greater access to your computer than is allowed for a regular user account. Overall, UAC is a good feature. But some people find it to be bothersome, due to the prompts that appear, asking if you...
One of the most exciting security features in Vista is Windows BitLocker drive encryption. BitLocker is a full-volume encryption tool that supports custom protection and authentication methods. However the user and support experience can be a mixed blessing, depending on which protection and authentication methods you choose. In this article we’ll walk you through a best-practice step-by-step approach on how to install and configure BitLocker in Windows Vista. WindowsSecurity.com's has published...
Jim Allchin writes in the Windowsvistablog.com about o ne of the most basic conundrums in computer security which is the constant trade-off between security and usability. At the end of the day, if security is too complicated to use, then it simply won't be used. Even if a feature offers a good level of security protections, if it is complicated or has poor usability it will likely be disabled by the end-user or network administrator, which doesn't benefit anyone. The same issue with safety and security...
Microsoft is now working on a remote access tunneling protocol for Vista and Longhorn Server that lets client devices securely access networks via a VPN from anywhere on the Internet without concern for typical port blocking issues. The Secure Socket Tunneling Protocol (SSTP) creates a VPN tunnel that travels over Secure-HTTP, eliminating issues associated with VPN connections based on the Point-to-Point Tunneling Protocol (PPTP) or Layer 2 Tunneling Protocol (L2TP) that can be blocked by some Web...
More Posts
Next page »