Microsoft Releases Out-of-Band Advisory for all Versions of Internet Explorer
Microsoft just released an advisory on an Internet Explorer vulnerability that would allow for remote execution. The report references public availability of details of his vulnerability. The long story short, a targetted attack that gets a user to view a malicious webpage (or malicious content on an otherwise safe webpage) could lead to memory corruption that could execute arbitrary code with the permissions of the logged in user. Two suggested actions are provided by Microsoft, apply the FixIt provided by Microsoft or deploy EMET 3.0/4.0 which provides generalized protection of memory (and probably not a bad idea to deploy anyway). Note, the FixIt ONLY applies to 32-bit versions of Internet Explorer.
This post will be updated with more details as the situation warrants.
--
John Bambenek
bambenek \at\ gmail /dot/ com
Bambenek Consulting
A Random Diary
The current discussion about breaking encryption algorithm has one common thread: random number generators. No matter the encryption algorithm, if your encryption keys are not random, the algorithm can be brute forced much easier then theoretically predicted based on the strength of the algorithm. All encryption algorithms depend on good random keys and generating good random numbers has long been a problem.
In Unix systems for example, you will have two random devices: /dev/random and /dev/urandom. "random" usually produces random numbers based on some source of entropy. In Linux, parameters like mouse movements, disk activity and interrupts are used. Older versions of the random number generator used network activity, but since the attacker may be able to affect network activity, this parameter is no longer used. The Linux random number generator was found to be not particularly well implemented, in particular on disk less systems and systems with little user activity, like for example routers [1] .
Recently, some implementations of Linux like OpenWRT where found vulnerable if they are used on MIPS based hardware. The random number generator on these systems uses the number of CPU cycles since reboot as a seed. However, the respective function always returns 0, not the actual number of cycles on MIPS. [2]
Are there better ways to collect random numbers? One of the challenges is to increase the amount of entropy (random events) collected. There are some good attempts to use microphones, cameras and other hard ware devices to improve the pool of entropy. Sadly, there are no simple "standardized" solutions to implement these techniques.
Here are a couple pointers to projects that may help you implement better random number generators:
Using the camera in Windows : http://wcrnd.sourceforge.net
using the sound card in Windows: http://sourceforge.net/projects/trng
Linux camera based random number generator: http://sourceforge.net/projects/lavarnd/
Linux sound card random source: http://code.google.com/p/snd-egd/
testing random number generators: http://www.leidinger.net/FreeBSD/dox/dev_rndtest/html/df/d2a/rndtest_8c_source.html (look for "rndtest" in your Linux distro)
Got any other tips to create good random numbers (cheaply)?
[1] http://www.pinkas.net/PAPERS/gpr06.pdf
[2] https://lists.openwrt.org/pipermail/openwrt-devel/2013-September/021318.html
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
Comments
Anonymous
Dec 3rd 2022
9 months ago
Anonymous
Dec 3rd 2022
9 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
Anonymous
Dec 26th 2022
8 months ago
Anonymous
Dec 26th 2022
8 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
8 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
8 months ago
Anonymous
Dec 26th 2022
8 months ago
https://defineprogramming.com/
Dec 26th 2022
8 months ago
distribute malware. Even if the URL listed on the ad shows a legitimate website, subsequent ad traffic can easily lead to a fake page. Different types of malware are distributed in this manner. I've seen IcedID (Bokbot), Gozi/ISFB, and various information stealers distributed through fake software websites that were provided through Google ad traffic. I submitted malicious files from this example to VirusTotal and found a low rate of detection, with some files not showing as malware at all. Additionally, domains associated with this infection frequently change. That might make it hard to detect.
https://clickercounter.org/
https://defineprogramming.com/
Dec 26th 2022
8 months ago
rthrth
Jan 2nd 2023
8 months ago