Microsoft has did it again with the WGA. They don’t seems to learn the lesson…
Microsoft has admitted that the latest update to its Windows Genuine Advantage program will phone back to Redmond even if the user clicks cancel.
WGA is meant to help Redmond fight piracy, but has been criticised on privacy grounds and because previous versions have incorrectly labelled people with genuine software as pirates.
But if you cancel the installation of WGA, maybe because you dislike the privacy implications, the software will still phone home. Microsoft stresses that WGA does not take any information which could identify you as an individual, but is only used to collate statistics on WGA use.
Microsoft UK anti-piracy manager Michala Alexander said in a statement:
More at http://www.theregister.co.uk/2007/03/09/ms_wga_phones_home/
This initiative was stated by a German researcher, Stefan Esser, on the 1st of March 2007. Esser was once a member of the PHP Security Response Team, but had since left the team in December 2006 due to un-cooperative and incompetent team members, according to his blog.
Also according to him, this initiative is not an attempt of revenge or payback, but rather an audit on PHP. The language came under scrutiny after he left, as PHP flaws had accounted to over 40 percent of the vulnerabilities reported in 2006.
Additional Information
What is PHP?
MoPB Homepage
A error message by the popular VoIP software, Skype, had led an asembly expert with pseudonym Myria to discover that Skype had attempted to to execute a .com file which reads from the BIOS, as reported at her blog.
32-bit OS which supports NT Virtual DOS Machine (NTVDM), allows programs to have a read-only access to BIOS address area. However, 64-bit OS does not support NTVDM, thus an error is thrown when an applications attempts to read from the BIOS.
The interesting part is why is Skype reading from the BIOS.
Last Friday, Microsoft issued a security advisory on their spreadsheet program vulnerability. The exploit, inorder to work, requires user to manually open a malicious Office file. Once the exploit is successful, attackers can gain control of the compromised system remotely. This vulnerability affects Microsoft Office 2000, Microsoft Office XP, Microsoft Office 2003, and Microsoft Office 2004 for Mac.
http://www.microsoft.com/technet/security/advisory/932553.mspx
Days after Vista was launched, some users had been discussing about the possibility exploit on the Speech Command feature. The speech command is one of Vista new feature. It allows user to speak thru the microphone, and the OS will execute the command given, that is, if the voice command is a valid command.
The exploit is not due to a bug in the Speech Recognition system, but rather the design of the system. It works by sending a victim a malicious audio file that contains voice commands, then by tricking the victim to play the audio file, the Speech Command will pick up the command thru the microphone (where the audio file was played out thru the speakers) and execute whatever the command is. For example, the victim received an audio file that has “shutdown” recorded in it. Unknowingly, the victim played the audio file and the Speech Command will pick it up and execute the “shutdown” command.
However for this exploit to work, the Speech Command must be enabled and the malicious audio file had to be played. Fortunately, the Speech Command is by default disabled.
iDefense Labs (part of the Verisign company) has just issued a new challenge to the white and black hats, to discover security vulnerabilities within the mentioned products, which can be remotely exploited. iDefense will be awarding US$8000 for each vulnerabitity submitted, to a maximum of six payments of $8000. On top of the $8000, $2000-$4000 will also be awarded for each working exploit codes that exploits the submitted vulneralbility.
from http://labs.idefense.com/vcp/challenge.php
As part of an effort to support MOAB, Landon Fuller, a Infrastructure Software Engineer from Three Rings has started a project to patch up the flaws that are noted in MOAB, possibly patching one per day, or as per release. He decided to start this project after coming across MOAB website, as stated in his blog.
Following of ‘the Month of Kernal Bugs’ and ‘the Month of Browser Bugs’, two researchers had planned for ‘the Month of Apple Bugs’ of January 2007. Infact, they had kick started off with the first security flaw on Apple QuickTime on New Year Day. The two researchers, Kevin Finisterre and another going by the initials LMH, had set up the website at Month of Apple Bugs.
According to them, they had discovered enough flaw which could allow them to announce one per day. Some of the flaws will be reported to the vendors before making it public, as according to the so-called “responsible disclosures”.
The project will target not only the MacOS, but the Apple products in general.
While this project had been welcomed by some, apparently some Mac User group (the Mac Observer) is rather unhappy about it.
Security fact or myth: While the MacOS platform had been considered more secured that Windows, many researchers believed that this is attributed to the more secure Unix kernal and MacOS’s less widespread adoption, rather than Apple’s security practices.
Knowing the Enemy - A lightning demonstration on how hackers attack networks
http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=351
Marcus Murray, Senior Security Architect, Truesec
Advanced Malware Cleaning
http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=359
Mark Russinovich, Technical Fellow, Platform and Services Division, Microsoft
Windows Vista User Account Control Internals
http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=360
Mark Russinovich, Technical Fellow, Platform and Services Division, Microsoft
Defending Layer 8: How to recognize and combat social engineering
http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=339
Steve Riley, Senior Program Manager, Security Business and Technology, Microsoft Corporation
Windows Vista Kernel Changes
http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=340
Mark Russinovich, Technical Fellow, Platform and Services Division, Microsoft
Windows Vista Firewall and IPSec Enhancements
http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=352
Steve Riley, Senior Program Manager, Security Business and Technology Unit, Microsoft Corporation
Comments (0) 
