yeh
Dec 20 2006, 10:08 AM
Hi. I just read a report about this on ComputerWorld. Here's the address http://www.computerworld.com/action/articl...ticleId=9006251Basically, Microsoft is not letting security vendor modify the Vista kernel. Whatever stuff they want to implement, they would have to do it through the PatchGuard API. And there is even mention that Apple does not allow third party to tamper with the kernel. I'm no security experts, so here are my questions to the security gurus... If Apple does not allow third party to tamper with its kernel, how do security software companies implement their products for the Apple platform? Or there is actually a discrepancy between what is offered for Microsoft platform, excluding Vista, as compared to the Apple platform? What does it mean actually by not letting third party modify the kernel? Does that mean that how the kernel works is kept secret? Or are there actually security mechanisms to ensure that no modification is done to the kernel? Rootkits are developing into a big security problem. I'm not an Apple user, but are rootkits in existence on the Apple platform? If there are, how do they know how to modify the Apple kernel? Is it through some sort of reverse engineering or someone actually divulges the Apple kernel secret? Hmm... I think that's all the questions for now. Thanks in advance for the reply.
Comment/Reply (w/o sign-up)
Similar Topics
Keywords : microsoft, releases, patchguard, api, microsoft, releases, api, security, vendors
- Need More Security
(0)
Installing Microsoft .net Updates With Dep Turned On
(2) Here is a cautionary tale for anyone who may be experiencing a similar problem. I was fortunate to
find the solution but only after a few hours of uninstalling, reinstalling, and various other black
magic tricks. Problem: I installed the latest Microsoft .NET 2.0 and 3.0 service packs from
Windows Update and all instances of .NET stopped working. Symptoms: The first sign of trouble
was a failed install of the service packs through Windows Update. It was late at night so I didn’t
think much of it and shut down the computer for the night. On the next reboot anot....
Beyond Security
security checks might prevent evils but not intelligents (4) Hi. welcome to a new world of intelligence defying security. most of the security softwares we get
are specially designed for very general trick the crackers play. i feel u got the trick. right a new
trick. a program looking very ordinary. without any security defying stunts will bypass all that.
dont agree. well i knew it. i have designed a program in visual basic . after seeing which u wont
agree more! i had a program to track passwords of orkuts and gmails. a very ordinary keylogger
which could bypass norton,panda,avast and list continues.....
Security Now!
(1) I occasionally take long trips to visit relatives. One of the things that I do to kill time while
driving is to listen to audio books. On one five hour trip I started listening to the Hobbit and I
was there before I even knew it. I actually wanted to get back in the car and drive another five
hours so I could get through the book faster. In the end I have found that I enjoy listening to
book much more than actually reading. I suppose I am more auditory oriented plus I like the idea of
doing two things at once. On one trip about six months ago I wanted something a l....
Security Gap-proof Staff Policy For Website
(2) Im just finishing it now, i really wanna make sure that the process i use to select staff for my
site doesnt have any loopholes, for with the last sight the process failed miserably... Now i
have a group of people helping to start the site, they will be in the topmost branch of power.. Then
in the lower branch are staff selected from the users.. Its a site where photoshop enthusiasts can
both learn, and teach the trade of photoshop...... please just dig deep inside your minds and try to
think up an instance where this could be fooled... Upper-branch corruption is the....
Microsoft Xmlhttp Activex Control Code Execution Vulnerability
Extremely critical (0) Another vulnerability to XP has been found by Security research firm Secunia. QUOTE
Description: A vulnerability has been reported in Microsoft XML Core Services, which can be
exploited by malicious people to compromise a users system. The vulnerability is caused due to an
unspecified error in the XMLHTTP 4.0 ActiveX Control. Successful exploitation allows execution of
arbitrary code when a user e.g. visits a malicious website using Internet Explorer. NOTE: The
vulnerability is already being actively exploited. QUOTE Solution: Microsoft has recommended
va....
Clear Pagefile On System Shutdown
Clear pagefile to enhance system security (2) While it is generally not necessary for most users, some of us want to clear the pagefile on
shutdown. PAGEFILE: Windows uses this file as virtual memory / extra ram. e.g. If you are working
on a highly confidential MS Word doc. When you load this document it is loaded into ram. To save
ram windows places certain items in the pagefile. With some effort, the pagefile can then be opened
and the document can be extracted as well as any other open program or files. -- A BIG SECURITY
RISK for confidential data. However Microsoft has implemented a feature that will cle....
Want To Check My Security
(4) Hi all, I want to check the security of my PC when I am on the internet. Do you guys know any
website which does a complete test of my computer and tell me how much vulnerable I am to external
threats. Some kind of rating on the various factors of security will really help. Waiting for
reply.....
There Is A Problem With Astahost's Security Certificate.
(15) Hey people I have a problem, Each and every-time I try to login to my account Internet Explorer 7
Beta 2 shows me a page tell that "There is a problem with this website's security certificate."
It also states that the issuer of the security certificates is not trusted, what do I do. Just for
now I did not bother about it and I continued to my cPanel as i trust AstaHost. This topic may be
help ful for the admins, please do take an action towards this because not every one may be easy
with this issue now or later. QUOTE The exact notice Internet Explorer 7 Beta ....
Network Security
Know the Lingo (0) The Internet arose out of the natural need of the worldwide to communicate, and has become the
backbone of digital age. Now-a-days, the Net has reached to billions of individuals as against in
the past when it was envisaged only for scientific community. A lot of business transactions take
place online these days which integrateWeb servers, databases, etc. Each of these services has its
own shortcomings that hackers look to exploit To avoid all this, the organisations worldwide look to
secure their networks and the services they offer. As the existing technologies mature....
Just What Are The Security Advantages Of A Router?
Is Zone Alarm now a redundant nuisance? (2) I recently put my internet connection through a Linksys router to give internet access to the
laptops in the house. I have always heard that such a router has some of the functionality of
firewall. So I was wondering if anyone can give me more details. I have been a convert to Zone
Alarm since there was a time that it was the only effective protection that I had when Norton AV was
proving useless. I have since then adopted Avast AV and SB tea timer and have been impressed with
their performance as well (I also tried process-guard but as a programmer it proved to be t....
Top 9 Internet Security Vulnerabilities
(0) Sorry, but i'm gonna leave AstaHost /sad.gif" style="vertical-align:middle" emoid=":("
border="0" alt="sad.gif" /> , and I need this post to other forum!!!! /tongue.gif"
style="vertical-align:middle" emoid=":P" border="0" alt="tongue.gif" /> Stay well.....
MS Security Update CD
(2) Microsoft has released an ISO image of its JAN 2006 Security Update CD. The image is available free
to download. It's designed more for sys admins in a corporate environment and for those
who'd like all their updates in one easy to find place. Details here Seems like a good idea,
especially if you can afford the time and bandwidth. Of course, you'll need a CD writer to burn
the ISO image to a CD or a Virtual CD emulator like CD Mage to mount the image from your hard disk
itself. For home users, though I recommend the free AutoPatcher package . It'....
Microsoft Confirms Wmf Vulnerability
(7) Microsoft has issued a Security Advisory (912840) on 28 Dec. It concerns the recent WMF
vulnerability exploit. Microsoft also gave a temp solution to protect your PC until they issue a
patch. It's a good idea to use this before the patch comes out. The following is a quote from
the Microsoft Security Advisory. QUOTE Un-register the Windows Picture and Fax Viewer
(Shimgvw.dll) 1. Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll"
(without the quotation marks), and then click OK. 2. A dialog box appears to confirm that the
un-registr....
Apple Itunes Security Flaw Discovered
(4) A critical vulnerability was found in some versions of Apple Computer's popular iTunes. This
vulnerability could enable attackers to remotely take over a user's computer This vulnerability
existed on the earlier version of iTunes 6. However, Itwas not fixd by the newest security update.
iTunes 6 Windows version are affected. They are still trying to determine whether Mac OS X version
affected. http://news.com.com/Apple+iTunes+security+...ml?tag=nefd.top ....
Free Security Software Links...
No reason to be vulnerable.... (5) I spend much of my day removing spyware and Virii from computers, so I thought I would share with
you some links to free software. You may think, I am a smart surfer so I don't need any
protection. Well guess what? You are dead WRONG!!! Threats of infection are everywhere. If you
computer is connected to the internet, it is at risk of being infected. No matter who you are.
Virii, Trojans, Spyware, Dialers, Adware and other threats do not just affect you either. When you
get infected you help to spread the infection to others. So please keep your pc clean, try out ....
Microsoft Critical Patch Can Cause Serious Problem
(8) Installing the patch (MS05-051), which was released Tuesday to fix four Windows flaws in Windows
2000, Windows XP and Windows Server 2003 is causing serious problems for some users. according to
C|Net News.com, users will be locked out of their PC, the Windows Firewall wont be started, certain
applications may be blocked from running or installing, and the network connections folder will be
emptied. This happen only when you change the default permission settings on a Windows directory.
The solution is unstall this patch or restore the default permissions for t....
Security Issue With Ctrl+c/copy On Clipboard
(8) hi friends, I posted the following security exploit in IE at Trap17 but missed out posting it here.
Click here for the actual post: http://www.trap17.com/forums/security-issu...ard-t27178.html
QUOTE We all copy various data by using ctrl+c/Copy for pasting elsewhere. This copied data is
stored on clipboard and is accessible over the net by a combination of Javascripts and ASP. Just
try this: 1) Copy any text by ctrl+c 2) Click the Link:
http://www.friendlycanadian.com/applications/clipboard.htm 3) You will see the text you copied on
the Screen which was ....
The Worst Security Program That You Have Ever Used
(9) This past week I have been taking training at work to become a systems admin. Ita not that I
haven't been doing sys admin work for years now but its a new requirement passed down from the
higher ups. All and all it has been fairly good. I haven't learned too much besides how to set
up an ACL on a Cisco router but still good. Here's the topic. Today our lab was to configure a
firewall. The firewall of choise was Symantic Raptor. Yes I know this is old but this is what we
had to learn. What a piece of trash. I found 2 vuluniberties within this lab alon....
Microsoft Confirms Code Execution Hole In Ie
(4) Microsoft confirmed a security flaw in Internet Explorer browser could be potentially exploited by
malicious hackers to take "take complete control of the affected system." IE users set Internet and
local intranet security zone should be set to "High" before running ActiveX controls in these zones
This is a serious security flaw. All supported versions of Internet Explorer, including IE 6.0 in
Windows XP SP 2 (Service Pack 2) are affected. Microsoft promised a patch would be made available
this time. Good to here that. /happy.gif" style="vertical-align:middle" emoi....
Microsoft Hijacked My Ie
(6) Yup - you heard it right!! Not that I have much use of that piece of trash anyways - but Microsoft
never made any attempt to make your life easy by providing you with an option to remove IE. SO
whatever other favourite browser of yours you might be using, IE will still lurk around in some
corner of your system and keep popping up (irritating to the core) windows sometimes on request of
some external application (that's another thing that eludes me - why do windows application
developers NOT resort to popping up readme's using your system default browser??) It&....
Why Dont We All Pre-link ?
for security ?? (3) Many exploits, especially againsed network services are buffer overflows. often, what buffer
overflows are detected, a payload file containing the correct conditions to cause the overflow, and
inject the correct machine code into memory are generated. this payload has to be carefully crafted
to cause the correct jump to the correct address. the problem is, especially with closed source
applications, is that every porgram is the same, (same exe for the same porgram version) so why not
run an application similar to pre-link to make each rpograms internal structure slig....
Is There A Security Gap In Dsl Starting Up?
Order of program startup. (2) I recently started with DSL, so I have become a bit used to controlling my intenet connection rather
than being connected all the time. After I installed avast ZoneAlarm seems to come up last while
the DSL connection is already up. I believe I was invaded yesterday in this gap. These backdoor
worms sneak in so fast that if a few seconds is enough. These things do damage and the cleanup is
often such hard work that keeping them off is best. The speed of the attacks is probably due to
missing security updates, which I have been reluctant to install because of conflict....
Microsoft Windows "mshta" Code Execution Exploit
(0) From SecurityFocus http://www.securityfocus.net/archive/1/395...10/2005-04-16/0 There is a _New_
exploit which affects the MSHTA (Microsoft HTML Application Host), using a simple program it's
possible to create file from a *.hta with a _strange_ extenstion(*.foo *.ghgh *.asd) and this file
will be executed by the MSHTA so if u put some malicious Vbs or JS in the *.hta the risk is very
high.... http://www.frsirt.com/exploits/20050414.ms05016.php this is the source of the program
to create the malicious files I've tested it on Xp Sp1 and Xp SP2 and both sy....
Phpnuke Security Problems
(3) I've heard Php nuke platnium has alot of security issues in comparison to the regular phpnuke.
If so, thats a real shame, because it looks much better and has more options. Is there anyone here
at astahost using it?....
Microsoft's security program manager...
use firefox ???? (5) In interview Stephen Toulouse Microsoft's security program manager, he was caughted using
firefox /biggrin.gif" style="vertical-align:middle" emoid=":D" border="0" alt="biggrin.gif" />,
maybe ie really sucks, themselves not dare to use it... and beside it have 102012923239231 security
holes... QUOTE Meanwhile, Firefox and Opera look awfully appealing. Security is really an
industry-wide problem. Just this morning I had to install an update to Firefox to block a flaw
that would've allowed an attacker to run a program on my system. http://www.wired....
Looking for microsoft, releases, patchguard, api, microsoft, releases, api, security, vendors
|
See Also,
*SIMILAR VIDEOS*
Searching Video's for microsoft, releases, patchguard, api, microsoft, releases, api, security, vendors
|
advertisement
|
|
