attack – Jack's server blog

Critical Windows Patch for .lnk exploit

Hi guys,

Check out this website for the available download for the .lnk exploit.

Qoute from Microsoft:

“This security update resolves a publicly disclosed vulnerability in Windows Shell. The vulnerability could allow remote code execution if the icon of a specially crafted shortcut is displayed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”

Large scale attack on IIS/ASP websites

An incredibly large number of sites have been hacked in the last day with a malware script pointing to http://ww.robint.us/u.js. Not only small sites, but some big ones got hit as well:

http://www.intljobs.org (still hacked)
http://www.servicewomen.org (still hacked) Continue reading “Large scale attack on IIS/ASP websites”

new virus (low profile)

McAfee has released a new notification for the W32/Zimuse virus. Find more information about this virus here.

◦Vulnerability in the Windows kernel

Microsoft is investigating new public reports of a vulnerability in the Windows kernel. We are not aware of attacks that try to use the reported vulnerability or of customer impact at this time.

Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-band security update, depending on customer needs.

Read more about this vulnerability here.

Out-of-band security bulletin from Microsoft

*** UPDATE January 22 2010 ****

Download information for the patch.

This is an advance notification of one out-of-band security bulletin that Microsoft is intending to release on January 21, 2010. The bulletin will be for Internet Explorer to address limited attacks against customers of Internet Explorer 6, as well as fixes for vulnerabilities rated ‘Critical’ that are not currently under active attack.

See the Microsoft Security Bulletin at: http://www.microsoft.com/technet/security/bulletin/ms10-jan.mspx.

Microsoft Security Advisory (979682)

Microsoft Security Advisory (979682)
Vulnerability in Windows Kernel Could Allow Elevation of Privilege

Microsoft is investigating new public reports of a vulnerability in the Windows kernel. We are not aware of attacks that try to use the reported vulnerability or of customer impact at this time.

Read more about this vulnerability here.

Microsoft announces additional patch

Microsoft announces today that they will release a critical patch for the “zero-day” leak. This leak has caused serveral attacks to huge company’s such as Google, Northropp Grumman etc. This patch will be released outside of the usual patch tuesday window.

When the patch is released is still not available. When the patch is release we will post a link to this patch.

In the meantime you can take action by scanning your server of computer by using this patch.

Enable Application Compatibility Database	Disable Application Compatibility Database