KezNews.com
DownloadsOther NewsForumBlogsWallpapersJokewareSearch
Downloads:
Download Chrome OS VMware Image
Windows Server AppFabric Beta 1
Office 2010 Beta Public Download Site URL Lives
RemoveWAT or Chew-WGA Bypass Activate Windo..
Office 2010 Beta Available for Download via..
Office 2010 Beta Public Download Site URL Lives
Recent Forum Posts:
Fraps 3.0.2 build 10687 - retail
D3dgear 3.55 build 1230
Windows 7 loader v1.7.7 by daz

News letter:


Enter Your E-mail:
Top Downloads:
Windows 7 32-Bit (x86) Direct Download Links
Windows 7 64-Bit x64 Direct Download Links
Leaked Windows 7 RTM Direct Download Links for Both x86 and x64 Flavors
Windows 7 RTM USB/DVD Download Tool Available
Windows 7 RTM Patches ISO Image for October 2009
Windows 7 ISO Image Edition Switcher Free Download for Direct Convert
RemoveWAT or Chew-WGA Bypass Activate Windows 7 and Server 2008 R2 Forever
Advertisements:

Search in KezNews.com:







Latest patched Windows exploit is a golden oldie

We've seen Microsoft patch vulnerabilities in Windows that we swear we'd seen before, and sometimes they all look so much alike that they tend to run together. But this one really is a classic: a buffer overrun triggered by a fake image file.
windows - comments - 9.9.2008

New exploit blows by fully patched Windows XP system

We saw a new nasty exploit yesterday around 5:00 PM. This is a totally new exploit and is not the same one posted by FrSIRT back on 11/30/05.

We have a number of sites that we have found with this exploit. Different sites download different spyware.
windows - comments - 28.12.2005

Microsoft patched critical Windows bug in XP SP3 early

The appearance and disappearance of a Windows XP installation snafu indicates that Microsoft patched a critical vulnerability in XP's still-unfinished Service Pack 3 (SP3) weeks before it fixed any other version of Windows.
windows - comments - 15.4.2008

Permanently Activate Windows Vista by Skip Activation with Patched TimerStop.sys Crack

Hackers are going all out to crack Windows Vista activation procedure which is enhanced by Software Protection Platform (SPP).
windows - comments - 20.12.2006

Windows (including Vista and XP) process and DLL library

On your computer, tens of invisible (hidden) processes run silently in the background. Some consumes system resources, radically slowing your PC. Other useless processes contains spyware and Trojans - at least violating your privacy. This process and DLL library is a free grat resource for anyone who wants to know the exact purpose of every process and DLL running on the computer.



The very complete listing of Windows processes and DLLs commonly found on Windows systems, their ratings, descriptions and purpose.




winbeta.org - 10.09.2007

Rafael's at it Again

As a lot of people are aware, Rafael from Within Windows has been finding and exposing un-released Windows 7 features, most notably the "Superbar" and Desktop Slideshows.

He has now created a full unlocking tool called "Blue Badge" that will unlock the following features:

- The Superbar
- Gestures and Panning (for use on touch screens)
- Desktop Slideshows

Please note two things:

1. This application does NOT back up any of the files it patches, so to be safe, you will need to back up these files:

WindowsExplorer.exe
WindowsSystem32wisptis.exe
WindowsSystem32ieframe.dll
WindowsSystem32shell32.dll
WindowsSystem32stobject.dll
WindowsSystem32TabletPC.cpl
WindowsSystem32themecpl.dll
WindowsSystem32themeui.dll
WindowsSystem32powercfg.cpl

-----------

2. This application IS compatible with systems currently running the superbar who want to extend their desktop to allow the three other features.


jcxp.net - 10.11.2008

5 IE Flaws Patched with 14 Others

For May's Patch Tuesday, Microsoft corrected a total of 19 security flaws across its consumer and business product lines, with an update for IE fixing five remote code execution vulnerabilities. A highly-publicized DNS flaw was also patched...
betanews.com - 09.05.2007

Conficker, Downadup, Kido: A skunk by any other name

It's hard to blame Microsoft for the latest mega-infection sweeping the Windows world: The vulnerability that's enabled the new Downandup (or Conficker or Kido or whatever) worm was patched back in October of last year. Still, because at least 9 million machines haven't been patched are now infected, here's what you need to know...
betanews.com - 22.01.2009

Microsoft Warns Over New Exploit

Microsoft disclosed over the weekend that exploit code for a recently patched flaw in Routing and Remote Access had been published to the Internet. The vulnerability had been patched in June's Patch Tuesday release, and the company was not aware of any active attacks using the exploit...
betanews.com - 28.06.2006

Microsoft patched critical Windows bug in XP SP3 early

The appearance and disappearance of a Windows XP installation snafu indicates that Microsoft patched a critical vulnerability in XP's still-unfinished Service Pack 3 (SP3) weeks before it fixed any other version of Windows. The glitch, which sent some PCs into an endless round of reboots, was strangely similar to one faced by Vista users in February. Attackers have already tried to exploit that bug, which was patched last Tuesday -- as it turned out, two weeks after the newest build of Windows XP SP3 was released with the flaw fixed.

According to reports from multiple users on a Microsoft support newsgroup, PCs began rebooting immediately after they had been updated to SP3. "I have just updated my pc from xp sp2 to sp3," said a user identified as "yaojinglin" in a message to a SP3 support forum last Thursday. "The installation was successful, but when I reboot my pc after the installation finished, my pc started to reboot again and again."

On the XP SP3 support threads, a Microsoft representative named Shashank Bansal stepped into the rebooting discussion, which was beginning to seem as endless as the rebooting itself. Bansal asked for more information, then offered an explanation: "This issue happens with 3311 build of XP SP3. It happens because KB948590 stops installation of SP3 version of gdi32.dll on the system due to file-version differences."


neowin.net - 15.04.2008

HD Audio patch for cursor patch

Yes, a patch for a patch: When you start a computer that is running Microsoft Windows XP with Service Pack 2, the Realtek HD Audio Control Panel may not start. Additionally, you may receive the following error message:



"Rthdcpl.exe - Illegal System DLL Relocation



The system DLL user32.dll was relocated in memory. The application will not run properly. The relocation occurred because the DLL C:WindowsSystem32Hhctrl. ocx occupied an address range reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL.



This problem occurs when the Realtek HD Audio Control Panel (Rthdcpl.exe) by Realtek Semiconductor Corporation is installed."



This problem may occur after you install security update 925902 (MS07-017) and security update 928843 (MS07-008). The Hhctrl.ocx file that is included in security update 928843 and the User32.dll file that is included in security update 925902 have conflicting base addresses. This problem occurs if the program loads the Hhctrl.ocx file before it loads the User32.dll file.




jcxp.net - 04.04.2007

Trend Micro Warns Of Server Antivirus Flaws

Trend Micro has patched a pair of remote code execution vulnerabilities in ServerProtect, its server-based antivirus software, that could open the door for attackers to gain control over affected machines.

Both are stack-based buffer overflow bugs affecting ServerProtect For Windows version 5.58, Trend Micro said in a Tuesday advisory.

The first flaw stems from the failure of the "TmRpcSrv.dll" library to check user input before copying it to memory, Symantec said in a Deepsight Threat Management System advisory.

The bug affects the "EarthAgent.exe" daemon on TCP port 3628, and an attacker could exploit it by sending malicious code to a server with ServerProtect installed, according to Symantec.

The second vulnerability exists in the "AgRpcCln.dll" library and can be used to trigger a malicious RPC request to the "SpntSvc.exe" service, which is on TCP port 5168, Symantec said.


neowin.net - 09.05.2007

Symantec false positive cripples thousands of Chinese PCs

 A signature update to Symantec's anti-virus software crippled thousands of Chinese PCs Friday when the security software took two critical Windows .dll files for malware.

According to numerous blog entries from Chinese computer users, a virus signature database seeded yesterday mistook two system files of a Chinese edition of Windows XP SP2 as a Trojan horse which Symantec dubs "Backdoor.Haxdoor." The anti-virus software -- Norton AntiVirus, for example, or the anti-virus component of the Norton 360 or Norton Internet Security suites -- then quarantined the netapi32.dll and lsasrv.dll files.

"With these files removed, Windows XP will no longer start up, and even the system Safe Mode no longer functions," said one user writing to the alt.comp.anti-virus newsgroup this morning...
winbeta.org - 19.05.2007

UxStyle beta now available

Rafael Rivera from Within Windows has announced that UxStyle Core beta now available for download. To give us some information on what UxStyle Core is, we'll start with a little history. Back in the Windows XP days, users were able to modify a system file called Uxtheme.dll and create custom .msstyle files, thus creating their own desktop themes to replace the default "Luna" theme. However, over time, patching went from just one file to multiple files and repatching was necessary when Microsoft would update the Uxtheme.dll files.

Read full story.....
neowin.net - 22.06.2009

Norton Antivirus targets Windows files on Chinese computers

Chinese PCs running Symantec antivirus software have been incapacitated by a faulty virus signature update delivered automatically to users on Friday about 1:00 a.m. Beijing time. Symantec's antivirus scanning engine mistook two critical system files (netapi32.dll and lsasrv.dll) of the Simplified Chinese edition of Windows XP Service Pack 2 for a Trojan horse, then falsely quarantined them, which in turn crippled Windows. If an affected PC was rebooted, Windows failed on start-up and showed only a blue screen. According to China's state-sponsored Xinhau News Agency the number of PCs were in the millions while other reports cited numbers as low as 7,000 affected PCs; crippled systems were said to be concentrated in Beijing, Shanghai and Guangzhou province.

Symantec re-released a revised signature update around 2:30 p.m. Friday, Beijing time, but the fix was too late for any PC that had been rebooted in the intervening 13.5 hours. Those now-worthless systems needed new copies of the two .dll files restored to the hard drive's "windowssystem32" directory. Symantec posted a support document on its Chinese-language Web site that outlined how to use the Windows XP installation CD to start the PC and use the Recovery Console to replace the quarantined netapi32.dll and lsasrv.dll with new copies. There was no notice of the update problem or the solution on the site's front page, or on the company's English global home page. Many PC makers now forgo installation or restore CDs meaning users would have to obtain copies of the two .dll files from another working PC.


neowin.net - 21.05.2007

Patch to a patch of a patch needs patching

In the latest incident of a now-chronic problem that has been bugging Microsoft all year, a recent security patch now causes IE6 to crash in Windows XP...again.



In a classic Tim Conway comedy sketch, he plays a corpse being prepared for a funeral by mortician Harvey Korman. But one limb of Conway's body simply insists on sticking up in the air, and whenever Korman finally retracts it, another one pops up elsewhere. This morning, Microsoft must know what it was like to have been one of Carol Burnett's regulars, as the Internet Explorer team admitted that a chronic problem that was supposed to have been cumulatively updated by last Patch Tuesday's round of updates, causes a new problem: Internet Explorer 6 will crash on systems running Windows XP Service Pack 2.




jcxp.net - 20.12.2007

Where the Heck's the Bug Reporter?

The whole point of a beta operating system is to test it and report flaws, right? (Well at least that's what Microsoft thinks...
jcxp.net - 06.05.2009

Mozilla patched a remote code execution flaw in Thunderbird

Mozilla has released Thunderbird 2.0.0.12 which fixes a remote exploitation of a vulnerability that allows an attacker to execute arbitrary code on Linux and Windows.

The vulnerability exists when parsing an e-mail if the "Preview" pane is turned on, which is the default. Then all a targeted user has to do is select the message in the browsing pane. Once the message is previewed, the vulnerability will be triggered, resulting in the execution of arbitrary code with the privileges of the current user.

Read full story.....
neowin.net - 27.02.2008

Attacks begin against critical Patch Tuesday bug

Hackers are trying to exploit a critical Windows vulnerability just patched on Tuesday, security researchers said this afternoon -- and the only version of Windows not at risk is the unfinished Windows XP Service Pack 3 (SP3).



Fortunately, attackers' incompetence means that these initial sorties have been unsuccessful, Symantec Corp. said in a brief warning to customers of its DeepSight threat service. "The DeepSight honeynet has observed in-the-wild exploit attempts targeting a GDI vulnerability patched by Microsoft on April 8, 2008," said Symantec in its alert.




winbeta.org - 11.04.2008

20,000 Web pages help exploit 'patched' Flash flaw

A possible zero day exploit has been discovered for a flaw in Flash thought to have been patched by Adobe a month ago.



Symantec researchers claim the exploit has several different payloads, including one to steal passwords from systems with the vulnerable software. Affected versions of Adobe Flash Player include 9.0.124.0 (latest version) and 9.0.115.0.



Around 20,000 legitimate Web pages have been manipulated, likely via SQL-injection vulnerabilities, to redirect browsers to domains in China which host the exploit, according to Vincent Weafer, senior director of development for Symantec's Security Response team.




winbeta.org - 28.05.2008

IE7 Beta 2 Preview Open to DoS Attack

Security researcher Tom Ferris says he has discovered a security vulnerability in the Beta 2 Preview release of Internet Explorer 7. The bug lies in the urlmon.dll file and causes the browser to crash when it encounters a URL with the "file://" protocol followed by a long string of dashes...
betanews.com - 01.02.2006

Issues installing updates after repairing XP

We received reports today that some Windows XP customers havent been able to install updates from Windows Update/Microsoft Update with the latest version of the Windows Update client. We are only seeing this issue when users have performed a repair on their Windows XP installation. I wanted to take a minute and let folks know what we know about this right now and what were doing about it.



After getting the reports, we began actively reproducing and investigating the issue. We have identified the root cause and the steps to resolve this issue.



Heres what we found: when an XP repair CD is used, it replaces all system files (including Windows Update) on your machine with older versions of those files and restores the registry. However, the latest version of Windows Update includes wups2.dll that was not originally present in Windows XP. Therefore, after the repair install of the OS, wups2.dll remains on the system but its registry entries are missing. This mismatch causes updates to fail installation.



If you experience this issue, you can contact customer service using the contact info at http://support.microsoft.com/security. Additionally, a KB article describing the steps to resolve this issue will be available soon. I will update this blog with a link to the KB article when it is available. In the meantime, here are the steps included in the KB:



1. Stop the Automatic Updates service. To do this, follow these steps:

2. Register the file that is used by Windows Update and Microsoft Update. To do this, follow these steps:3. Start the Automatic Updates service. To do this, follow these steps:


winbeta.org - 28.09.2007

Exploits hot on the heels of Microsoft's patches

 Exploits appeared within hours for two of the bugs that Microsoft Corp. fixed yesterday.

Microsoft's June set of security updates patched 15 separate vulnerabilities, nine of them labeled "critical," the company's most serious threat rating. Exploit code for two of the bugs -- one in Internet Explorer (IE), the other in Windows XP, Windows 2000 and Windows Server 2003 -- have been posted to the Bugtraq and Full-disclosure mailing lists by researchers.

A. Micalizzi went public with a pair of exploits -- one successful against Windows 2000, the other against Windows XP -- that leverage one of the six IE bugs patched yesterday. A bug -- actually two because both the ActiveListen and ActiveVoice ActiveX controls are flawed -- was tagged "critical" in IE6 on Windows 2000 and Windows XP SP2, and "critical" in IE7 on both XP SP2 and Windows Vista. ActiveListen and ActiveVoice provide speech processing and text-to-speech to the browser. ..
winbeta.org - 14.06.2007

Malicious Hackers Exploit Windows Flaw

Fully patched Windows XP and Windows Server 2003 systems may be vulnerable, security firms warn...
pcworld.com - 29.12.2005