Rajaats Weblog

My weblog about all things that interest me (and hopefully you): viruses, programming in general, death & black metal, certain web sites... Well, it could be anything.

Monday, February 28, 2005

Microsoft books teaches on security

When mindlessly browsing through a shitload of del.icio.us posted links I found a very interesting book, which I hope the people at Microsoft and the Antivirus vendors will read. After all who can teach you better about securing your applications than the security folks at the biggest company in Redmond?

Damn, I feel sarcastic...
Posted by at 2 comments:

Friday, February 25, 2005

Vulnerability in VSAPI ARJ parsing could allow Remote Code execution

Recently I posted messages about overflow vulnerabilities in Symantecs and F-Secures antivirus products concerning buffer overflows in unpacking files, now it seems yet another antivirus vendor suffers from the same problem. Check the Trend Micro advisory "Vulnerability in VSAPI ARJ parsing could allow Remote Code execution"
Posted by at No comments:

Tuesday, February 22, 2005

F-Secure silently alters mydoom source picture

Apparently F-Secure reads Benny's or my weblog (see here and here), as they have realised that publishing a picture of the source of mydoom is indeed not a smart thing to do. If you look in their archive you'll see that they now blurred out the important parts of the source which I used to find the source code. Of course they wouldn't announce that they changed it, because making such failure is not good for the credibility of their company. Unfortunately for them I still have the screenshot, so if you really want the source you can still Google for it. But don't be naughty by using it for making YABV (Yet Another Boring Variant) but for educational purposes only (blatant disclaimer).
Posted by at 2 comments:

Thursday, February 17, 2005

KLEENEX goes AV!

For a little bit of fun, see how Kleenex now jumps into the
Antivirus business :-) Go eat your heart out, other AV'ers!
Posted by at No comments:

Friday, February 11, 2005

Internet Security Systems - F-Secure AntiVirus Library Heap Overflow

Internet Security Systems has a report on a vulnerability on F-Secure Antivirus, which is similar to the other report on the UPX vulnerability of Symantec Antivirus. It looks to me that you're safer using NO ANTIVIRUS software than using one. All you need to do is securing your Windows a bit better (get a external firewall, drop Internet Explorer in favor of Mozille FireFox/Thunderbird) and be careful what you download and NEVER RUN THINGS WITH ADMINISTRATOR RIGHTS unless you really have to.
Posted by at No comments:

Wednesday, February 09, 2005

Symantec AntiVirus Library Heap Overflow

Internet Security Systems has a report about a vulnerability found in almost all antivirus products from Symantec concerning the use of a malformed UPX compressed executable that causes a heap overflow, making it possible to execute code on a remote machine when scanning such file. Newer products are immune, but I think there are still enough users that use an older version of some product.
Posted by at No comments:
Subscribe to: Posts (Atom)