Ever forgotten your own wireless network key or been to visit a client who doesn’t remember theirs? If so, this small free utility called WirelessKeyView allows you to view saved wireless network keys in plain text.

This tool can retrieve both WEP and WPA wireless network keys and even allow you to output the results to HTML so you can save or print them out. This tool is a must have for any technician supporting wireless networks for clients.
Read the rest of this entry »

Microsoft has released seven patches yesterday which fixes vulnerabilities on their Windows operating system, Office suite, Exchange, Internet Explorer, and BizTalk Server softwares.

One of the patches was designed to fix the vulnerability in Windows’ DNS service.

Most of the patches will be able to fix remote code execution flaws in the the various softwares that were mentioned above and Microsoft’s Cryptographic API Component Object Model.

The vulnerabilities in Microsoft Word are array overflow, document stream, and RTF parsing. The Excel vulnerabilities are BIFF record, set font, and filter record. In their Exchange Server product, the vulnerabilities are Outlook Web access script injection flaw, malformed iCal, MIME decoding, and IMAP literal processing.

Source: Redmondmag

A headmaster / schoolteacher named Alexander Ponosov is in a trial due to purchasing computers which has illegal version of Microsoft’s Windows operating systems. The court is charging him the equivalent of half-a-month’s salary which is equal to 266,000 rouble that Microsoft lost.

The court says that its interest is not in prosecuting schools or teachers, it is in helping students develop the technology skills they need in the 21st century.”

Microsoft had a response to this specific issue and they said “Mr. Ponosov’s case was initiated by Russian authorities under Russian law. Microsoft neither initiated nor has any plans to bring any action against Mr. Ponosov.”

This is the second time that Ponosov got in trouble with the same issue.

Source: Engadget

Sun, a company that make some of its software free to the public, is releasing a new free software. This time, it’s an encryption key software.

The company’s SVP in storage marketing said “We believe in 3 years you will not be able to buy a storage device without encryption in it . When you have encryption you might as well turn it on. There will not be one key management solution. It’s a heterogeneous world and that means multiple key management solutions.”

According to SUN, KMS which stands for key management systems will slow down the adoption of encyption.

Source: COMPUTERWORLD

The Register reported that they have received reports about Blackberry devices which does not work with the latest version of Outlook.

RIM has contacted The Register to get in touch with the users who are having problems and their engineers have made a patch so users can use their devices on Microsoft’s Outlook 2007 software.

The patch is called Desktop Manager V4.2 sp1. After it’s been installed, users must reboot to complete the installation process.

RIM UK was not aware of this problem before The Register made this report on their website.

Source: The Register

The customer’s always right. Even if you work in a technical area where the customer is actually (pardon me customers) CLUELESS! They are still right. Know why? Because if they don’t like what you do, they take their business elsewhere. So even if they weren’t technically correct, they’re still right, because they’re buying, or not, if you fall foul of one!
Read the rest of this entry »

Symantec has recently detected a Trojan that looks like a very legitimate Windows Activation screen.

Their security response weblog says “Recently we came across an interesting Trojan sample, detected by Symantec as Trojan.Kardphisher. The Trojan is not very technical - it’s really just another classic social-engineering attack. What makes it interesting is that the author has obviously taken great pains to make it appear legitimate.”

A screenshot is available in the link below. If you look at it, you can see that it asks for a credit card number, your ATM PIN, the name on your credit card, the expiry date, the CVV2, your location, email, and phone number. It also has that blue theme that Windows has.

Source: Geekzone

Microsoft will release seven patches next tuesday for their softwares and operating system.

Two of them are rated as critical which affects Windows. Microsoft’s Office suite will also be patched by three patches. Their severity rating is also critical. The Exchange software of Microsoft will received a patch too since a critical rating is also given to a flaw in the software. The last patch will fix flaws on CAPICOM and BizTalk.

An updated Windows Malicious Software Removal Tool will also be released for Windows users.

The specific vulnerabilities were not announced by MIcrosoft. The Register notes that a patch will probably be released about a DNS flaw in Microsoft’s Windows Server versions 2000 and 2003.

Source: The Register

Two vulnerabilities has been identified which is connected to ActiveX. The programs that can be affected are PowerPoint Viewer 3.1.0.3 and its earlier versions and Excel Viewer.

FrSirt has made a comment on the PowerPoint Viewer flaw and it said “This issue is caused by a buffer overflow error in ‘PowerPointViewer.ocx’ when calling certain methods e.g. ‘HttpDownloadFile()’ with overly long arguments, which could be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a specially crafted web page.”

The flaw in the Excel Viewer can let an attacker take-over the affected computer. Secunia gave this flaw a rating of highly critical.

Source: The Register

CPU-Z is a small stand-alone utility designed to give you advanced information about the main devices on your system such as the CPU, Mainboard, Memory and System.
Read the rest of this entry »