Tag Archives: microsoft

Top 25 vulnerability RSS feeds

One way to receive up-to-date reports about vulnerability issues is subscribing to vulnerability RSS feeds: they update on demand, they don’t rely on your mail subsystem and they don’t fill up your mailbox. The only drawback is that you could miss alerts if you don’t sync your feeds for a long time, but if you’re […]

Posted in Sysadmin, Tips | Also tagged , , , , , , , , , , , , , , , | 1 Comment

The Microsoft hotfix tale

A few people on Earth still have a Windows 2000 machine laying around in their lab, mostly schools with severe budget cuts. Some time ago, one of these retro labs had a problem with roaming profiles: apparently Windows 2000 desktop machines refused to sync their profile on logoff. A collegue of mine asked my help […]

Posted in Rants, Sysadmin | Also tagged , , , | Leave a comment

Windows back-to-the-future bug

According to this advisory written by Tavis Ormandy, Windows has been exposed to a vulnerability for over 15 years! Microsoft will only release a patch for supported products, so if you have any Windows 2000 or earlier in your lab, the only way to fix is disabling DOS and WOWEXEC.

Posted in Sysadmin | Also tagged , , | Leave a comment

Security through obscurity

If anyone ever, ever, ever dares saying again that open-source-ness is not relevant to security assessment (or worse, that it’s counter-productive), I will kick them to China. Freedom of choice, yeah right.

Posted in Sysadmin | Also tagged , , , , | 2 Comments