Astiostech – Blog, News and Updates
#TeamOpenSourceMalaysia
If you run a proxy server in your organization, please take note about enabling caching for dynamic objects. Dynamic objects are normally pages that change based on user inputs or is a similar page with different information based on who’s logged on etc. Why you … “Why you should disable dynamic objects caching on your proxy server”
Read MoreIf you patched your system with the ANI patch from Microsoft, it may break certain drivers such as the Networking & Audio ones from Realtek. If you have this particular problem checkout this article: http://support.microsoft.com/kb/935448 (I guess if your network adapter is down, chances are … “ANI has been patched, but bugs are known and workarounds are available”
Read MoreThis update is outside Microsoft’s standard security update cycle thus clearly sends a message of the seriousness of these issues. Customer using Windows should do Windows Update and/or read this article http://www.microsoft.com/technet/security/Bulletin/MS07-017.mspx where you can find more information about the patches available. This KB article … “Microsoft releases patches for several GDI vulnerabilities including the new ANI vulnerability”
Read MoreMicrosoft hasn’t released the patch, yet. So, if you are concerned about this exploitation, there’s a temporary patch available from eEYE which can fix the issue until Microsoft releases an official patch. Please test these files before using in production environment. Thie eEye patch should … “eEye Releases Temporary Patch for Windows .ANI Exploit”
Read MoreInteresting, ISS Raised It’s threatcon (alertcon, what have you) to 2. This is due to the .ANI exploitation code and trojan out there. Do read the articles i’ve posted for prevention and workarounds. Do take this seriously, alert customers, friends and grandma!
Read MoreThere’s a new exploit of Windows without a patch (yet). The vulnerability is in the .ani file extension used for animated cursors in Windows. The exploit allows attackers to run code and potentially take ownership of your computer. Most antivirus should have already been updated … “Windows .ANI File – Zero Day Exploit”
Read MoreCracking MD5 (Message Digest 5) and now, SHA-1 (Secure Hashing Algorithm), she and her team are a bunch of geniuses. They managed to crack the widely used SHA1 hashing algorithm which supposedly, succeeded MD5 after being scrambled by the same Chinese Associate Prof. Wang Xiaoyun … “SHA-1 Is Now Crack-able”
Read MoreWindows 2000 and later gives you the option to configure your DNS as Active Directory Integrated Zone (ADIZ). This mode is required for name and service automatic update and its super crucial to a successful Active Directory (and some of other MS products like Exchange) … “If you use Windows 2000 DNS (for Active Directory ..etc) use only Secure Updates”
Read MoreWithout much notice, publicity, hue and cry, Microsoft released Service Pack 2 for Windows 2003. This release introduces significant collection of patches and a couple of new features to the operating system. From experience, upgrading SP1 of Windows 2003 a while back broke a lot … “Windows 2003 Service Pack 2 (and XP Pro 64bit) Released”
Read MoreIf you run OneCare 1.5 and have a malware email sent to your Outlook email client, there’s a large potential that the OneCare scheduled scanner will place your entire PST file under quarantine or other actions depending on what the administrator has set (which could … “Microsoft OneCare destroys Outlook PST”
Read More