KezNews.com
DownloadsOther NewsForumBlogsWallpapersJokewareSearch
Downloads:
Download Chrome OS VMware Image
Windows Server AppFabric Beta 1
Office 2010 Beta Public Download Site URL Lives
RemoveWAT or Chew-WGA Bypass Activate Windo..
Office 2010 Beta Available for Download via..
Office 2010 Beta Public Download Site URL Lives
Recent Forum Posts:
Blindwrite suite 6.3.1.5
Zoom player home max v7.00
Registry winner v5.6.11.20

News letter:


Enter Your E-mail:
Top Downloads:
Windows 7 32-Bit (x86) Direct Download Links
Windows 7 64-Bit x64 Direct Download Links
Leaked Windows 7 RTM Direct Download Links for Both x86 and x64 Flavors
Windows 7 RTM USB/DVD Download Tool Available
Windows 7 RTM Patches ISO Image for October 2009
Windows 7 ISO Image Edition Switcher Free Download for Direct Convert
RemoveWAT or Chew-WGA Bypass Activate Windows 7 and Server 2008 R2 Forever
Advertisements:

Search in KezNews.com:







Short TimerStop.sys hack

Huskieguy731 report this very short TimerStop.sys hack in our forum.
windows - comments - 3.2.2007

Permanently Activate Windows Vista by Skip Activation with Patched TimerStop.sys Crack

Hackers are going all out to crack Windows Vista activation procedure which is enhanced by Software Protection Platform (SPP).
windows - comments - 20.12.2006

First Trojan using Sony DRM spotted

 Virus writers have begun taking advantage of Sony-BMG's use of rootkit technology in DRM software bundled with its music CDs.

Sony- BMG's rootkit DRM technology masks files whose filenames start with "$sys$". A newly-discovered variant of of the Breplibot Trojan takes advantage of this to drop the file "$sys$drv.exe" in the Windows system directory.

"This means, that for systems infected by the Sony DRM rootkit technology, the dropped file is entirely invisible to the user. It will not be found in any process and file listing. Only rootkit scanners, such as the free utility RootkitRevealer, can unmask the culprit," warns Ivan Macalintal, a senior threat analyst at security firm Trend Micro...
winbeta.org - 11.11.2005

Provision Plans Portable Virtual Desktop Beta

Provision Networks expects to enter beta testing of its portable virtual desktop technology in the first quarter of 2008.



Paul Ghostine, general manager of Provision, put the same timeframe on the delivery of another capability he mentioned to Computer Business Review in August: the ability to provision multiple virtual desktops reading from a single OS image.



Ghostine said the development of the virtual desktop mobility offering is being done in collaboration with another company, Vizioncore, which is 70% owned by Quest and whose backup and replication engine Provision is using for the purpose.




winbeta.org - 29.11.2007

XP/Vista IGMP Buffer Overflow Explained

With all the hoopla about the remotely exploitable, kernel-level buffer overflow discussed in today's security bulletin MS08-0001, what is the actual bug that triggers this? The bulletin doesn't give all that much information. This movie (Flash required) goes through the process of examining the 'pre-patch' version of tcpip.sys and comparing it against the 'post-patch' version of tcpip.sys. This comparison yields the actual code that causes the overflow: A mistake in the calculation of the required size in a dynamic allocation.




winbeta.org - 09.01.2008

Trojan Horse Hides Using Sony Rootkit

What security experts have warned about Sony's DRM has come to pass, with a new trojan horse attempting to hide itself using techniques enabled by the company's anti-piracy software. Dubbed "Troj/Stinx-E" by Sophos, the application copies itself to a file called: $sys$drv.exe, which is hidden by Sony's copy protection...
betanews.com - 11.11.2005

More on Windows XP SP3...

Microsoft Update Team: We'd like to provide more information and address reports you may have heard about "continuous reboot loops" occurring upon the update to Windows XP SP3.



After investigation, weve determined this problem occurs on AMD-based machines with Windows XP images that were originally captured by an OEM on an Intel-based machine. The problem is a registry value, present on images created w/ Intel processors, that causes a driver (intelppm.sys) to load at boot. When intelppm.sys attempts to load on an AMD-based system upon the install of SP3, it causes a blue screen and the continuous reboot. Were planning to add a filter to prevent Windows Update from offering SP3 to affected systems and are investigating a fix. Any customers affected by this issue should contact Microsoft Customer Support Services for assistance. More information is available in KB888372 and here.




winbeta.org - 16.05.2008

The Pirate Bay down, but not due to the trial

Various websites have reported in the last couple of hours that The Pirate Bay, currently in court due to the nature of their website, has been offline. Reuven of the website Sys-Con.tv rumored that this was due to a 'DDoS' attack, or Distributed Denial of Service. The site speculated it could also have been a hijacked botnet causing issues for the Swedish-owned website. The website TorrentFreak has dismissed all rumors, and has posted the following statement: At the moment there is no estimate for when the site will return. The problem can't be fixed remotely we were told.

Read full story.....
neowin.net - 03.03.2009

Windows Server 2008 Event Subscription with Task Scheduling

Event subscription has been one of the most requested server features by sys admins. Combined with task scheduling, this is a cost-effective and customizable tool to get a consolidated view of monitored activities and events in target servers, and timely issue alerts. In Windows Server 2008 subscribing and forwarding events with triggers to send out alerts can be done very easily as the following...




winbeta.org - 07.05.2008

ATI Driver Package Opens Vista to Flaw

In case you haven't seen it, the ATI driver package can potentially open your Vista kernel up to a compromise. ATI and MS are working to rectify the issue.



In an interview, Ionescu confirmed his tool was exploiting a vulnerability in an ATI driver - atidsmxx.sys, version 3.0.502.0 - to patch the kernel to turn off certain checks for signed drivers. This meant that a malicious rootkit author could essentially piggyback on ATI's legitimately signed driver to tamper with the Vista kernel.




jcxp.net - 13.08.2007

Windows Vista Live Event- 5th & 6th

IT Pro Buzz: We have organized a 2 day live meeting session on optimizing & deploying windows Vista. We have had a great response to this event so far. I do hope that Sys admins & IT support folks find it useful as well. More on this at http://www.vistalive.timeus.net/



As we plan for FY'09 (Microsoft's financial year starts in July), we are very keen to do more of these online engagements. There are a few areas that we need to fix, specifically with the audio & user experience. We are working on that. Should you have any suggestions on improvements, please feel free to leave a comment.




winbeta.org - 05.06.2008

Intel Hexes AMD

While AMD stumbles around trying to get its first errata-free Barcelona quads out two years behind Intel, Intel is off planning the launch of its six-core Dunnington microprocessor, a hex, if you will, the last of the expected Core 2-based Xeon server chips before it switches over to the Nehalem microarchitecture capable of supporting eight or more cores.



Dunnington, a Bangalore-designed successor to Harpertown, is still supposed to be relatively hush-hush but Intel has reportedly put three dual-core 45nm Penryn chips on a die the size of a postage stamp and sharing a 16MB L3 cache. Like other Penryns, Dunnington still uses a front-side bus.




winbeta.org - 23.02.2008

Microsoft To Patch Driver Vulnerability

Microsoft is warning Windows XP and Server 2003 users of a faulty driver used for copy protection that could allow a hacker to gain high-level access to their systems. The company is currently working on a fix for the problem but did say it was concerned that the vulnerability had been disclosed before it had a chance to fix it.



The problem lies with a driver called secdrv.sys, which is part Macrovision's SafeDisc software included with Windows Server 2003 and Windows XP. The software, which can block unauthorized copying of some media, also ships with Windows Vista, but that OS is not affected.






jcxp.net - 07.11.2007

Analyzing a Hack from A to Z

This article series will be based upon a network system breach. What we shall cover is the actual hack itself, from the reconnaissance stage, through to enumeration, network service exploitation, and ending with post-exploitation strategies. All of these steps will then be viewed at the packet level, and then explained. Being able to view, and understand an attack at the packet level is critically important for both system administrators (sys admin) and network security personnel. The output of firewalls, Intrusion Detection Systems (IDS) and other security devices will always in turn lead you to look at the actual network traffic. If you dont understand what you are looking at, at the packet level, then all of the network security technology you have is utterly useless. This will then be followed by how to write a Snort signature based off of the attack traffic.




winbeta.org - 12.03.2008

ATI driver flaw exposes Vista kernel to attackers

An unpatched flaw in an ATI driver was at the center of the mysterious Purple Pill proof-of-concept tool that exposed a way to maliciously tamper with the Windows Vista kernel.



Purple Pill, a utility released by Alex Ionescu and yanked an hour later after the kernel developer realized that the ATI driver flaw was not yet patched, provided an easy way to load unsigned drivers onto Vista effectively defeating the new anti-rootkit/anti-DRM mechanism built into Microsofts newest operating system.



In an interview, Ionescu confirmed his tool was exploiting a vulnerability in an ATI driver atidsmxx.sys, version 3.0.502.0 to patch the kernel to turn off certain checks for signed drivers. This meant that a malicious rootkit author could essentially piggyback on ATIs legitimately signed driver to tamper with the Vista kernel.




winbeta.org - 10.08.2007

Attackers target Windows DRM flaw

Microsoft has warned that attackers are actively targeting a security vulnerability in the SafeDisc DRM technology that ships as part of Windows. The problem affects the secdrv.sys file, a component of the SafeDisc copy encryption developed by Macrovision and sold to game developers.

The DRM technology is bundled with Windows Server 2003, Windows XP and Windows Vista, but does not affect Windows Vista. Danish security website Secunia rates the vulnerability as less critical, the second step on a five step severity scale. The risk to end users is limited because a successful exploit requires attackers to have an account on the targeted system.


neowin.net - 07.11.2007

Show your SysAdmins a little love today

Today marks the Eighth Annual System Administrator Appreciation Day so when you don't notice any problems with your e-mail, you experience no network latency or your application runs smoothly, remember to thank your closest IT professionals ¦ and maybe even give them a hug.


System Admin Day, the last Friday in July, began in 2000 when Systems Administrator Ted Kekatos, an IT manager for a small start-up, decided it was time he and his colleagues received a bit of recognition for keeping systems running and workers productive.


"A SysAdmin installed the routers, laid the cables, configured the networks, set up the firewalls, and watched and guided the traffic for each hop of the network that runs over copper, fiber-optic glass, and even the air itself to bring the Internet to your computer. All to make sure the Web page found its way from the server to your computer," the home page of the annual appreciation day reads.



winbeta.org - 27.07.2007

Windows Users Getting Bitten by Macrovision Zero Day

Microsoft is working with Macrovision to check out a flaw in a driver on Windows Server 2003 and Windows XP that's being exploited in the wild, according to a Microsoft special security advisory released after business hours on Nov. 5. The danger is complete system takeover.



The vulnerability is in the Macrovision secdrv.sys driver on supported editions of Windows Server 2003 and Windows XP. The affected product is Macrovision SafeDisc, a copy-protection application written for Windows.



Microsoft said in security advisory 944653 that Vista is immune.



FrSRT reported on Oct. 19 that the trouble is a memory corruption error in the Macrovision Security Driver when processing user-supplied data. The vulnerability can be used by local attackers to gain so-called Ring 0 privileges and take complete control of an affected system.




winbeta.org - 06.11.2007

Microsoft: Just a pair of security updates coming next week

Security administrators should have a pretty easy time of it next Tuesday as Microsoft says it will issue just two updates in its monthly security software release. Microsoft said Thursday that next weeks updates will include a critical update for the Windows operating system as well as a less-serious "important" Windows update.

Microsoft has been working on a fix for buggy antipiracy that has been shipping with Windows for the last few years and security experts believe that this will be one of the flaws fixed next week. The bug lies in the secdrv.sys driver built by Macrovision that ships with Windows XP, Server 2003, and Vista, but Vista is not vulnerable to the problem, according to Microsoft. The software vendor is aware of "limited attacks" that exploit this vulnerability to get elevated privileges on a victims machine.


neowin.net - 09.11.2007

Microsoft Halts XP SP3 Update to HP PCs Running AMD CPU's

The recent Windows XP Service Pack 3 update has left certain AMD-based PCs manufactured by Hewlett-Packard caught in an endless reboot cycle caused by an Intel-specific disk image mistakenly being used with AMD hardware. According to the Microsoft Update Product Team Blog, "The problem is a registry value, present on images created with Intel processors, that causes a driver (intelppm.sys) to load at boot."

In order to fix the problem, Microsoft has temporarily blocked these AMD machines from getting the service pack while it cobbles together an alternative update. While some users wait for Microsoft's fix to eventually be released, others have turned to a former Microsoft employee, Jesper Johansson, who coded up a free tool to detect and fix the problem and made it available last Wednesday. Once Johansson's fix has been implemented, users can update their systems to SP3 without any problems.


neowin.net - 20.05.2008

ActiveWin.com: Microsoft Windows Vista Ultimate - Review

ActiveWin have just posted their 72-page, 200+ screenshot (Part 1) review of Microsoft Windows Vista, ActiveWin's largest and most in-depth review in ten years. In the review, we have broken down the information into 28 different sections, including (but not limited to): Windows Activation, Pricing, Installation, Daily Usage, Media Center, Windows Mail, DirectX 10, Gaming, Defender, IE 7, ReadyBoost, Developer Technologies, Sidebar, Windows Media Player 11, and much much more. Moreover, we have included respective screenshots where applicable. Here is an excerpt:

I would describe the Windows DVD Maker interface as straight forward because of its wizard based approach to creating a movie, the part where I probably got a confused is the options link located at the bottom of the window. Here you can personalize how your DVD is played, whether it starts with a menu, play and end with video or play in continuous loop. You can then choose your aspect ratio, 4:3 or 16:9 and then the Video format, NTSC (National Television System's Committee - color standard) or PAL (Phase alternation line - colour encoding system used in broadcast television systems). It's not so bad, if you find any of it confusing, you can click the "How do I change my DVD settings"? This will give a run down of what each setting does. I almost forgot, you can choose where temporary files are stored, in my case it's recommended, since the partition on which I am running Vista is very low on disk space.


neowin.net - 30.01.2007

Conficker Comes out of Hibernation

After just over a week after its announced "wake-up call," the rumored "Conficker" worm comes out of its dormancy and storms right into the spotlight.

Researchers at Trend Micro have been tracking the worm since its discovery, and found that yesterday, the worm had awakened, and was dumping mysterious payloads on to victim's computers. The payloads, suspected to be keyloggers of some sort, comes in the form of a .sys file, hidden behind a complex rootkit. Due to heavy encryption, researchers are having a difficult time analyzing the code of the program.

After locating a file in the Windows Temporary Files folder that contained a uge encrypted TCP response from a known Conficker host, they determined that the worm is most likely being transferred via P2P networks, making it nearly impossible to stop, but at the same time, limiting the disruption it will cause on the websites that victims visit.

With between 3 and 12 million infected machines discovered, the creator(s) could have incredible control over a huge number of computers. By blocking security websites and security applications, it's also very difficult to remove if discovered.

If you're one of the unlucky ones that have been infected, try your security applications first for removal. If you got even more unlucky and your security applications and websites have been blocked, there are manual removal instructions. The best guide available so far appears to be here: 411-Spyware's Conficker Removal Guide.

The best way to keep safe is to avoid going on 'sketchy' websites - stick to what you know, and don't download anything you don't have to. Always run an antivirus and antispyware application - run scans regularly in case the worm wasn't detected upon installation. Keep your wits about you; use common sense. Don't do anything you don't think is safe, and you'll more than likely stay safe.


jcxp.net - 09.04.2009