[Laurent Gaffié] has discovered an exploit that affects Windows Vista, Windows 7, and possibly Windows Server 2008 (unconfirmed). This method attacks via the NEGOTIATE PROTOCOL REQUEST which is the first SMB query sent. The vulnerability is present only on Windows versions that include Server Message Block 2.0 and have the protocol enabled. A successful attack requires no local access to the machine and results in a Blue Screen of Death.
[Laurent] has a proof of concept available with his writeup in the form of a python script (please, white hat use only). There is no patch for this vulnerability but disabling the SMB protocol will protect your system until one is available.
Update: According to the Microsoft advisory this vulnerability could lead to code execution, making it a bit worse than we thought. On the bright side, they claim that the final version of Windows 7 is not open to this attack, only Windows Vista and Windows Server 2008.
[via Full Disclosure]
Everybody hates it when they have to rename a fileset to fit a new naming scheme. Instead of doing it the hard way and writing a one-time script to go through and rename everything, check out Bulk Rename Utility from [Jim Willsher]. It provides you with a multitude of methods to take care of business and allows you do pick your favorite method, be it regular expressions, simple finding and replacing, prefix/suffix modification, or a combination of many more.
However, if the sheer amount of options available overwhelms you or if you just want an easier way to do things, check out A.F.5 from [Alex Fauland]. A.F.5 offers features like adding a counter to your filenames, change file attributes, and save your rename settings out to a file for repeat use.
No one will ever accuse us of being Windows fanboys; we’re certainly fans of netbooks though (or anything cheap enough that we don’t care if we accidentally burn a hole through it). We’ve heard from quite a few friends that Windows 7 is actually an excellent operating system to run on a netbook and is a dream compared to XP. Gizmodo has compiled a guide to getting the release candidate on your lightweight machine. It’s available now and will work for free for a year. The image is 2.36GB which you need to dd onto a USB device. They recommend at least an 8GB drive, but anything smaller than 16GB and you’ll have to use Window’s compact utility to save space. Other than these space considerations, the install appears to be easy. Let us know about your experiences using Windows 7 on your netbook.
TechRepublic and iFixit partnered to teardown Dell’s flagship notebook, the Adamo. The Adamo is positioned to compete directly with Apple’s MacBook Air. The Dell crams a lot of technology into a very thin frame and they use a clever locking system for the backplate to hide any screws. The built in battery has a longer life than the Air and an SSD comes stock. The team points out that the Windows logo is etched on the backside instead of the standard ugly stickers; apparently this took quite a bit of teeth-pulling to get approved. Check out the full photo gallery which includes the fetish packaging and comparison shots to the Air and Dell Mini 9.
With all the noise about Conficker turning your computer into liquid hot magma on April 1st, there’s actually some positive news. Researchers from the HoneyNet Project have been following the worm since infections started in late 2008. They recently discovered an easy way to identify infected systems remotely. Conficker attempts to patch the MS08-067 vulnerability during infection. A flaw in the patch causes the machine to respond differently than both an unpatched system and an officially patched system. Using this knowledge, the team developed a proof of concept network scanner in python to find infected machines. You can find it in [Rich Mogull]’s initial post. [Dan Kaminisky] has packaged it as an EXE and has instructions for how to build the SVN version of Nmap, which includes the new signature. Other network scanner vendors are adding the code as well.
In conjunction with this detection code, the team has also released the whitepaper Know Your Enemy: Containing Conficker. It discusses ways to detect, contain, and remove Conficker. They’ve combined this with a tool release that covers Conficker’s dynamic domain generation among other things.
We’ve had this same hack submitted by two people, pointing to two different(translated) sources(translated) today. It seems with a recent version of dos box, you can load windows 3.1 or windows 95 on N95 or N85 devices. They’re both in polish, so they may be the same people posting in different places. If you can follow along, there seems to be sufficient information to do this yourself. We don’t know why you would want to, but you could. You can see a video of it in action after the break.
Continue reading “Windows 95 running on an N95″
Recently, a Japanese coder on the DCEmu Forums released Windows drivers for DualShock 3 controllers. While the drivers only support using the controllers over USB and not bluetooth, they do include force feedback and Sixaxis support. Included with the drivers is a configuration tool, and though it appears to be in Japanese there is some explanation of how to use it included in the forum post. We have not tested these personally, but you can try out the drivers for yourself by downloading them from the forum here.
[photo: William Hook]