System7 » anti-virus

wtf

Sat, 13 Aug 2011 13:19:16 +0000

VMWare Fusion Recommends Anti-Virus

SophosLabs Released Free Tool to Validate Microsoft Shortcut

Tue, 27 Jul 2010 09:42:46 +0000

I read this on the Internet Storm Center yesterday. Sophos has released a tool that will provide detection against the Windows shortcut exploit announced last week (originally being used to exploit Siemens SCADA machines). Be careful, this is a nasty vulnerability with a large scope — the entire Windows family of OS going back to NT as far I’m aware. If you want to play with the vulnerability yourself it has to be added to Metasploit — thanks hd!

SophosLabs has made a video available on what is the exploit and how the tool works here and the tool is available for downloaded here.

Trend Officescan – Proof of concept

Sat, 06 Jun 2009 19:19:29 +0000

In April a Trend vulnerability was discovered. The Trend real time scan service can be exploited by running a scan on a long directory name. It’s surprising that this vulnerability was discovered and yet is still exploitable in the latest release of Trend — which I’ve confirmed today. What’s neat is someone who only has user level privilege on a machine would be able to halt the Trend service and then potentially run some nasty code.

Here’s a VB project that will generate a long directory name and then attempt to run the scan: Trend POC (I’ve also compiled the source for those who don’t have VB — rename the .exe_ to .exe)

I’m running AVG Free on my Windows machine and happy with that.