XP still Continues though "eXPired"

1.    XP has now got the authorized prefix and suffix to get renamed as "eXPired" since it has been now officially announced by Microsoft as discontinued and has advised XP and Office 2003 users to migrate to Windows 7 and Office 2010 and thus systems are left vulnerable to new forms of malware. No further support to XP...no patches to update...no updates by Microsoft.....but certainly it will take time for XP to get disowned by more then a decade old loyal user population most of whom made their first PC experience with a XP machine...for a home guy who surfs net...it will be difficult to make him/her understand about how vulnerable he/she is now....actually very difficult.

2.    But what about the corporates and govt sector offices? I am sure private sector will make a fast change since it may adversely effect their business model in case of a undesired info leakage or a hack!!!Only recently I made a visit to a post office in Delhi for doing a speed post...wherein the dedicated  loyal postmaster was using a xp machine connected to Internet.I informally asked him about any upgrades in OS planned in their department to which he replied confidently that it's not required since it is working fine.Today the Indian postal department is slowly getting online.Today thanks to vision implementation of the government(though late) that we are able to locate the movement of a speed post letter...what time it was opened..whats the location and when it got delivered...etc etc..but all this can go waste and get a setback if the backbone nodes are not updated and monitored....more so if the staff handling all the machines are low on security aspect.

3.   Well...this postal department is one of the examples cited here since I just interacted with one of them today...but the risk stakes are high when we see this at national level...all the online-governance machines located in remote areas...have they been ensured removed of XP?....if it has not been done....this can be just on the lines of zero day exploits...in this case there must be millions of machines thrown open to hacking....and invasion to classified information.

Internet Explorer : Vulnerable as always!!!

1.   Microsoft IE vulnerability CVE-2012-1889 is the latest to generate interest amongst avid cyber security readers. The special thing about this vulnerability is that it focusses on users using Gmail, MS Office and Internet Explorer. And the sad thing is that this is still a ZERO day exploit...... Rapid 7,Security software company,explains the vulnerability as follows:

“This is an uninitialized memory bug found in MSXML. According to Microsoft, such a component can be loaded from either Internet Explorer and Microsoft Office. This vulnerability is rumored to be “state-sponsored”, and what makes it really critical is it’s still an 0-day hijacking Gmail accounts. That’s right, that means if you’re using Gmail as well as Internet Explorer or Microsoft Office, you’re at risk. We expect this vulnerability to grow even more dangerous since there’s no patch, and it’s rather easy to trigger.”

2.    Whatever may say...majority of the users still by default keep using IE across the globe....when I see my own blog stats,about 60 % of the visitors use IE...and as we all keep seeing the exponential growth in the users of internet across the globe....but sadly the awareness level of how vulnerable they all are is unknown and is growing at a similar rate!!!

3.    Got the reference from here.Thanks https://community.rapid7.com.

ZERO DAY EXPLOIT : ???

1. While reading an article on Browser Forensics,came across this term "0-day" exploit....whats it all about?

2. A zero day exploit is a malevolent computer attack that takes capitalizes on a security hole before the vulnerability is known. This means the security issue is made known the same day as the computer attack is made. In other words, the software developer has zero days to prepare for the security breach and must work as quickly as possible to develop a patch or update that fixes the problem.This occurs on or before the first or "zeroth" day of developer awareness, meaning the developer has not had any opportunity to distribute a security fix to users of the software.

3. Zero day exploits may involve viruses, trojan horses, worms or other malicious code that can be run within a software program. While most programs do not allow unauthorized code to be executed, hackers can sometimes create files that will cause a program to perform functions unintended by the developer. Programs like Web browsers and media players are often targeted by hackers because they can receive files from the Internet and have access to system functions.While most zero day exploits may not cause serious damage to your system, some may be able to corrupt or delete files. Because the security hole is made known the same day the attack is released, zero day exploits are difficult to prevent, even if you have antivirus software installed on your computer. Therefore, it is always good to keep a backup of your data in a safe place so that no hacker attack can cause you to lose your data.

4. Thanks http://www.techterms.com/