Forgot your password?
typodupeerror

+ - Microsoft Downplays Threat of New Windows Zero-Day->

Submitted by Batblue
Batblue (1916684) writes "Microsoft downplayed the threat posed to Windows users by a recently-revealed vulnerability, saying that it was unlikely the bug could be exploited to compromise a computer.

"Based on our initial investigation this vulnerability cannot be leveraged for remote code execution (RCE) on 32-bit platforms," said Jerry Bryant, a general manager in the Microsoft Security Response Center (MSRC). "We are still investigating the possibility of code execution on 64-bit platforms, but so far have not found a likely scenario that would result in reliable code execution."

A successful attack that exploits the SMB bug would instead result in a "denial of service," said Bryant, using the term that describes a Window crash that would require rebooting the PC. Windows crashes often inform users of the dire situation with the infamous "Blue Screen of Death.""

Link to Original Source

Comment: Re:90's OS (Score 1) 312

by Drizzt Do'Urden (#33638860) Attached to: Looking Back At OS X's Origins

Sorry, but you're wrong!

There was a kernel, it was called nuKernel. The boot ROM was used to launch the machine and provide the hardware information. You could replace the Finder with any other app and make the computer boot and work, but the System file was necessary for anything to function.

For the WaitNextEvent thing, what you describe is cooperative multitasking in an OS without memory protection.

Oh.. and DOS was an OS too...

Comment: Re:Mobile Home Directory (Score 1) 421

by Drizzt Do'Urden (#28480477) Attached to: How Do You Sync & Manage Your Home Directories?

It's built in the Mac environnement. It's called portable home directories, a bit like remote profiles on Windows. You need to have the good LDAP structure laid out and used on your macs, so network accounts are seen. Than, on the Mac, you can log in with the network account and enable Portable Home Directories for that account. It will then automaticly sync on login and logout and show the conflicts in a GUI.

Comment: Mobile Home Directory (Score 2, Informative) 421

by Drizzt Do'Urden (#28443765) Attached to: How Do You Sync & Manage Your Home Directories?

At home, I've got a Linux server hosting an LDAP structure to mimic MacOS X Server's config. It is sharing my home directory via NFS. My Macs sync this home directory on login and logout, so all my personnal data is centalized for easy backup and available on any Mac I happen to add to my home network.

Security

Dan Bernstein Confirms Security Flaw In Djbdns 66

Posted by timothy
from the gets-yer-money-and-takes-yer-chances dept.
secmartin writes "Dan Bernstein has just admitted that a security issue has been found in the djbdns software, one of most popular alternatives for the BIND nameserver. As part of the djbdns security guarantee, $1000 will be paid to Matthew Dempsky, the researcher that found the bug. The bug allows a nameserver running djbdns to be poisoned using just a single packet. Other researchers have found a separate issue that allows dnscache, the DNS cache that is also part of the djbdns package, to be poisoned within just 18 minutes when using the default configuration. Anyone using djbdns is strongly encouraged to patch their servers immediately." Reader emad contributes a link to the djbdns mailing list post containing both a patch and a sample exploit, and adds: "In the words of Dan Kaminsky (of recent DNS security fame): 'However, Dempsky's bug in djb's tinydns is way more surprising, if only because ... holy crap, he pulled an exploitable scenario out of THAT?!'"

Suburbia is where the developer bulldozes out the trees, then names the streets after them. -- Bill Vaughn

Working...