Microsoft Security Bulletin with Remote Desktop Flaws

Microsoft has released 6 updates in this month's patch Tuesday, including a patch for a critical hole which the software maker warns could be hit within the next 30 days. Microsoft is warning that there’s a remote, pre-authentication, network-accessible code execution vulnerability in its implementation of the RDP protocol.

A remote code execution vulnerability exists in the way that the Remote Desktop Protocol accesses an object in memory that has been improperly initialized or has been deleted. An attacker who successfully exploited this vulnerability could run abitrary code on the target system. An attacker could then install programs; view,change, or delete data; or create new accounts with full user rights,

The vulnerability, which affects all versions of Windows, was privately reported to Microsoft’s via the ZDI vulnerability broker service and the company said it was not yet aware of any attacks in the wild. The threat was given the highest rating on Microsoft's exploitability index, meaning that the exploit is an "attractive target for attackers" because they "could consistently exploit that vulnerability," according to Microsoft.

Also, Microsoft's DNS servers maintain DoS vulnerabilities. With hacktivist activity hugely increasing over the past year, enterprises and providers running this software should quickly move to patch their DNS servers. Indications of attack include your standard UDP request flood.

The following is a breakdown of the issues being addressed this month:

• MS12-020 Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387)
• MS12-022 Vulnerability in Expression Design Could Allow Remote Code Execution (2651018)
• MS12-017 Vulnerability in DNS Server Could Allow Denial of Service (2647170)
• MS12-021 Vulnerability in Visual Studio Could Allow Elevation of Privilege (2651019)
• MS12-019 Vulnerability in DirectWrite Could Allow Denial of Service (2665364)
• MS12-018 Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2641653)

Among the other patches that Microsoft has issued, 4 are also marked as important. A DLL preloading issue in Expression Design has been fixed and Visual Studio's add on also gets an issue resolved. In addition fixes for kernel and DNS system level issues have also been addressed.

Govt's Internet spy systems fail to capture 100% data traffic.....

Looks like it might take a bit longer for the government to intercept messages with keywords such as 'ammonium nitrate' or 'bomb' passing through emails, web forums, blogs, social networks and even images.

In a first of its kind live competition held between two spy systems developed by reputed tech arms of India's national security apparatus, both failed to capture 100% internet data traffic, one system even crashing a number of times during the test held in January, reveal documents reviewed by ET.

The competition was a precursor to an Internet scanning and coordination centre, which India wants to put in place, just like the ones used by US, UK, China, Iran and other countries.

In the live competition held near the Air Force Station, Arjangarh, a high-level committee declared Defence Ministry's 'Netra' system a winner. 'Netra' beat NTRO's 'Vishwarupal', on technical superiority concerns that the latter was developed in collaboration with a private firm Paladion Networks. Paladion's scanning system information was exposed on Wikileaks, three months ago.

DRDO's Netra will now be made a robust system, to scan all tweets, status updates, messages, emails, internet calls, blogs and forums for keywords such as 'attack', 'bomb' and 'drill' within shortest time possible. Quick response is crucial for such a system, which can save many lives, in the nick of time.

During the test demo, "Vishwarupal", an Internet monitoring system developed by the National Technical Research Organisation (NTRO), technical intelligence arm, under Prime Minister's Office, crashed a number of times and had to be restarted. The system did not capture entire internet traffic passing via its probes installed at Sify Technologies premises in Delhi. It could return results only after repeated attempts and that too with a latency of 15 minutes.

"Scanning of internet traffic happens in packets. If the packets are too large, a system would need better hardware," explains Alok Gupta, founder and MD of Pyramid Cyber Security and Forensics, which works with various security agencies. "There are two ways to scan internet -- on the fly and scanning while archiving data. The latter may increase latency."

NTRO's system was developed in 2008, with Paladion Networks, which has offices in Bangalore, London, Sharjah. Factors such as the system's IP is not wresting with NTRO, added to its defeat.

During demonstration of rival NETRA, a system developed by Centre for Artificial Intelligence and Robotics (CAIR), a lab under DRDO, the system showed limited success. Only 3GBPS of traffic out of 28 GBPS could pass through its probes installed at MTNL's premises. However, NETRA could successfully capture all voice traffic passing through software such as Skype, Google Talk. According to documents reviewed by ET, CAIR expressed its inability to decrypt Skype conversations, unless it resorted to hacking.

The inter-ministerial committee chose Netra as the internet monitoring system to be used by India.

The committee has members from Ministry of Home Affairs, Intelligence Bureau, Department of Telecom, Department of IT, and National Intelligence Agency, which is probing various terror attacks in the country.

The committee also directed NTRO, to wrest the design and source code of its system, exclusively from Paladion, due to a risk on national security.

Indian Stock Market next target of Bangladesh Hackers

Bangladesh Cyber Army hackers released a Youtube video mentioning their next attack would be on Indian Stock Market, in order to Protesting the killing of another Bangladeshi citizen on Border by BSF. Bangladesh Cyber Army has attacked 3 important Indian Stock Market sites :

http://www.dseindia.com/

http://www.nseindia.com/

http://www.paisacontrol.com/

The websites were down during the peak hour. So all types of online transaction was off. The sites faced DDoS attacks and were down for around 10 hours. This caused a huge amount of loss in the financial sector of India. The amount of loss may reach millions of rupees as well.

Bangladesh Cyber Army mentioned that they are still not done. They will continue their attacks if BSF does not stop their brutality over innocent Bangladeshi citizens. They also mentioned that these high-profile sites will suffer continuous attacks if the points mentioned by them are not accepted. Bangladesh Cyber Army has released another video in Youtube regarding this which can be seen here:

Welcome to All of you

Hi All,

Welcome to the new world of hacking
Here, we learn about many new thing which I think that is very valuable for you..

:)

PJ