Brian Krebs from The Washington Post has been advising the average Windows user on various things. A while ago, people started asking him if they could trust a Service Pack for the .Net framework. While you probably are well aware about .Net, what it is and what it does, many people are not. So Brian took it upon himself to test the SP and after some time gave it a go.

However, it seems now that when installing this update, Microsoft is so friendly to add their own add-on for FireFox. While it is nice to see that MS is acknowledging FF as a major player in the browser world, it is not the normal way to install add-ons. One of the great features of FF has always been it extendability, but moreover the choice what & when to extend it.

No big deal right? Let’s just go and remove this unwanted extension. Right, this would work with any other developer, but we are dealing with Microsoft, which means the ‘Uninstall’ button is disabled, and removing the add-on is only possible through some obscure registry hacks, with which you don’t only risk in breaking the good operation of your favorite browser, but also your whole OS when you don’t really know what you’re doing.

Nobody really knows how this add-on behaves, but personally I don’t like this situation at all. Like Brian says in his article, it makes you wonder what else Microsoft’s installs behind your back… Maybe calling this malware is a bit over the top, but nevertheless I’m going to tag this post with it, since such behaviour is typical for malware, and it’s not because it’s coming from MS that we should keep one eye closed.

It’s already bad enough the Redmond company does not seem to be able to create a decent browser of their own, but now they seem to have to mess up the work of others as well. I for one am not very happy with this. In fact this makes me going to avoid Microsoft software even more than before, and I hope the same for you as well… Remember, it’s for your own good .

(yes I know… I’m late )

The hole is exploited through the use of a specially constructed pdf-file using javascript. When successful, the attack could make it so that the attacker can execute code with the user credentials of the person opening the malafied pdf.

Adobe has already issued a security patch for version 8.1.2 which resolves the problem. Alternatively, users can also disable the use of javascript in pdfs in the Preferences menu.

Originally, the exploit was discovered in one of Adobe Reader’s alternatives, called Foxit Reader. By using a similar crafted pdf-file, the same kind of attack could be executed. At first it was assumed that only this Foxit Reader was affected, since the way the javascript was constructed didn’t pose a problem in Acrobat Reader.

However when security analysts examined the code in more detail, they found that also Adobe’s version was being affected. It is true that the bug is not being caused by exactly the same code, but nevertheless this hole was exploitable here as well.

More in detail, the vulnerability is caused by a hole in the Server Service. Using a custom crafted RPC-call, an attacker could execute code without any authentication. All current supported platforms are affected, but mostly Windows 2000, XP and 2003 are the most vulnerable. For Vista and server 2008 the bug is marked ‘Important’, as on these platforms there is already a double-check through the much debated UAC option.

However it needs to be noted that even without patching, you can successfully protect a computer against the attack by properly using the firewall, or of course turning off the file-sharing option.

The striking fact is that usually Microsoft doesn’t like to deviate from their normal patch cycle. In fact, this has only happened 3 times before according to the Washington Post. So when the Redmond boys do, it usually means the hole is already being used to break into machines.

I’d recommend to everyone to update their Windows machines as soon as possible, either by using Windows Update, or by visiting the Microsoft Update website.

The idea is that when exchanging data between for example PDA’s using Bluetooth, a 4-digit password is not secure and can easily be compromised. With biometric security measures on the rise, miss Buhan looked into the possibility of using this technology to dramatically increase security.

In her thesis, she describes a way of using pictures to generate secure passwords. The idea is that 2 users that want to exchange data through their mobile device, have a picture of both themselves as the other person on their mobile. Software then compares the 2 photos and generates a security code. This code can then be used to exchange the data. The way this code is built makes it almost impossible to crack.

Since a lot of mobile devices these days already are equipped with cameras, this doesn’t sound so far-fetched. It takes little effort on the user side, as they only need to take the photos and the software does the rest. In my opinion, this is very, very interesting technology, and I’m hoping to see some real-world applications in the near future. As a matter of fact, I can’t wait to test this stuff out .