Thursday, December 5, 2013

CPE: McAfee AudioParasitic: Episode 37: M$ Sec bulletin

length: 00:10:50
M$ vista speech recognition (released Feb last year)
Website controlling your machine
The are setting the killbit

MS08-036: PGM DoS Vulnerability,  vulnerabilities in the Pragmatic General Multicast (PGM) protocol that could allow a denial of service if malformed PGM packets are received by an affected system. An attacker who successfully exploited this vulnerability could cause a user’s system to become non-responsive and to require a restart to restore functionality.
Specially crafted packet, you must have M$ messaging queue 3.0, - not installed by default in 2000/XP, default in Vista

MS08-033: A couple of media Player vulnerability, vulnerabilities in Microsoft DirectX that could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploited either of these vulnerabilities could take complete control of an affected system.
MJPEG decoder

This should be good combined with iFrame

MS08-031: vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer.

MS08-035: vulnerability in implementations of Active Directory on Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008; Active Directory Application Mode (ADAM) when installed on Windows XP Professional and Windows Server 2003; and Active Directory Lightweight Directory Service (AD LDS) when installed on Windows Server 2008. The vulnerability could be exploited to allow an attacker to cause a denial of service condition. On Windows XP Professional, Windows Server 2003, and Windows Server 2008, an attacker must have valid logon credentials to exploit this vulnerability.

Labels: ,


Post a Comment

Subscribe to Post Comments [Atom]

<< Home