Microsoft has announced an out-of-band release for a vulnerability (CVE-2009-3103) in the SMB2 protocol which exposes Windows Server 2008 and Windows Vista users to possible remote code execution attacks. It does not appear that Windows 2000 and Windows XP are affected because they do not have the vulnerable SMB2 driver. The vulnerability is labeled as [...]

As some of you may know, Palo Alto Networks discovered 2 critical vulnerabilities for Microsoft DirectX which were released today via Microsoft’s July security bulletin. Successful exploitation of these critical vulnerabilities can allow an attacker to run remote code on a victim’s PC. The 2 vulnerabilities CVE-2009-1538 (DirectX Pointer Validation Vulnerability) and CVE-2009-1539 (DirectX Size [...]

Conficker is back in the news as there are reports of new variants popping up. I’m sure that you’ve all heard the news and hype about how many endpoints Conficker has infected, and even more speculation on what the bot herder will do with the massive botnet. Here’s some background info on Conficker and what [...]