Finnaly we have our domain and hosting, visit us:
win7shrine.com
Continue Reading »
Monday, May 4, 2009
Thursday, April 30, 2009
Windows 7 Release Candidate Now Available
Microsoft has a lot riding on the upcoming release of its new operating system, Windows 7, and it's doing everything possible to insure that the software gets a favorable reception -- including effectively giving it away for free for the first year.
Starting Thursday, MSDN and TechNet subscribers can download the official release candidate for testing. The general public will be able to get downloads beginning May 5. The RC version of Windows 7 will not expire until June 1, 2010.
There were some initial reports that demand for the RC software was so heavy that Microsoft's servers failed under the load, and visitors were greeted with the message "We're sorry! The page you were expecting to see has been removed or is unavailable." By early afternoon, however, the servers were back up and running.
The release candidate is considered by Microsoft to be a "near-finished" product, with only minor changes likely before to the official Windows 7 release late this year or early next year. According to company representatives, the milestone means the software is ready "for partners to develop new applications, device drivers, and services, and ready for IT pros to evaluate Windows 7 and examine how it will operate in their environment."
"Listening to our partners and customers has been fundamental to the development of Windows 7," said Bill Veghte, senior vice president for the Windows business at Microsoft. "We heard them and worked hard to deliver the highest-quality release candidate in the history of Windows."
Microsoft says more than 10,000 companies have signed up for access to development tools designed to help existing software and hardware work with Windows 7.
It's a little difficult to reconcile Microsoft's earnings last quarter of $13.65 billion with its palpable sense of urgency over the success of Windows 7. But there is no question that the software giant was surprised and frustrated by the lukewarm, even hostile, response to its much-touted Vista OS.
The new OS has a number of features designed to allay the concerns of IT departments and individual consumers. For instance, the user access controls have been toned down, the interface is less cluttered, and Microsoft has put much more effort into compatibility than it apparently did with Vista.
Still, the question remains whether the many Vista holdouts -- who are still happily running Windows XP -- will make the leap to Windows 7. Microsoft is planning the release shortly of an upgrade adviser to let consumers know if their hardware can handle the new OS (much as it did with Vista).
An even more telling development, however, is that Microsoft will offer consumers a separate program to enable Windows XP Mode under Windows 7, which will enable older programs to run directly from the Windows 7 desktop. Whether that will tip the scales in favor of the new OS, however, remains to be seen.
Continue Reading »
Starting Thursday, MSDN and TechNet subscribers can download the official release candidate for testing. The general public will be able to get downloads beginning May 5. The RC version of Windows 7 will not expire until June 1, 2010.
There were some initial reports that demand for the RC software was so heavy that Microsoft's servers failed under the load, and visitors were greeted with the message "We're sorry! The page you were expecting to see has been removed or is unavailable." By early afternoon, however, the servers were back up and running.
The release candidate is considered by Microsoft to be a "near-finished" product, with only minor changes likely before to the official Windows 7 release late this year or early next year. According to company representatives, the milestone means the software is ready "for partners to develop new applications, device drivers, and services, and ready for IT pros to evaluate Windows 7 and examine how it will operate in their environment."
"Listening to our partners and customers has been fundamental to the development of Windows 7," said Bill Veghte, senior vice president for the Windows business at Microsoft. "We heard them and worked hard to deliver the highest-quality release candidate in the history of Windows."
Microsoft says more than 10,000 companies have signed up for access to development tools designed to help existing software and hardware work with Windows 7.
It's a little difficult to reconcile Microsoft's earnings last quarter of $13.65 billion with its palpable sense of urgency over the success of Windows 7. But there is no question that the software giant was surprised and frustrated by the lukewarm, even hostile, response to its much-touted Vista OS.
The new OS has a number of features designed to allay the concerns of IT departments and individual consumers. For instance, the user access controls have been toned down, the interface is less cluttered, and Microsoft has put much more effort into compatibility than it apparently did with Vista.
Still, the question remains whether the many Vista holdouts -- who are still happily running Windows XP -- will make the leap to Windows 7. Microsoft is planning the release shortly of an upgrade adviser to let consumers know if their hardware can handle the new OS (much as it did with Vista).
An even more telling development, however, is that Microsoft will offer consumers a separate program to enable Windows XP Mode under Windows 7, which will enable older programs to run directly from the Windows 7 desktop. Whether that will tip the scales in favor of the new OS, however, remains to be seen.
Continue Reading »
Tuesday, April 28, 2009
Leaked Windows 7 RC may contain a trojan
Microsoft have warned users several times that downloading unofficial releases via torrents isn’t advised, and news that some of the leaked Windows 7 RC copies contain a trojan, may make some users who rushed out and installed the Windows 7 RC build regret it.
The trojan in question can potentially open a security hole in the user’s system once the installation file is run, installing both Windows 7 RC and also the malware.
If you do install an official RC build then you should confirm that the MD5 checksum on the ISO is the same as a known safe MD5. Known safe MD5s are:
Windows 7 RC Build 7100 x86 is 8867C13330F56A93944BCD46DCD73590
Windows 7 RC Build 7100 x64 is 98341af35655137966e382c4feaa282d
If you’ve already installed the windows 7 RC build, then all is not lost as some AV software is catching the trojan, so if you were infected you’d probably know by now.
Continue Reading »
The trojan in question can potentially open a security hole in the user’s system once the installation file is run, installing both Windows 7 RC and also the malware.
If you do install an official RC build then you should confirm that the MD5 checksum on the ISO is the same as a known safe MD5. Known safe MD5s are:
Windows 7 RC Build 7100 x86 is 8867C13330F56A93944BCD46DCD73590
Windows 7 RC Build 7100 x64 is 98341af35655137966e382c4feaa282d
If you’ve already installed the windows 7 RC build, then all is not lost as some AV software is catching the trojan, so if you were infected you’d probably know by now.
Continue Reading »
Windows 7 BitLocker and TPM can protect against VBootkit 2.0
Trusted Platform Modules and BitLocker Drive Encryption can protect Windows 7 computers against a bootkit attack unveiled last week, but these technologies won't be available on a large portion of computers, leaving millions of users unprotected when Microsoft releases its next version of Windows.
VBootkit 2.0 is proof-of-concept code that was unveiled by security researchers Vipin Kumar and Nitin Kumar, of NVLabs, at the Hack In The Box (HITB) security conference held in Dubai last week. The code, which is just 3KB in size, allows an attacker to take control of a Windows 7 computer by patching files as they are loaded into the system's main memory. Because no software is modified on the computer's hard disk, the attack is nearly undetectable.
VBootkit 2.0 is an updated version of an earlier tool, called VBootkit 1.0, that can take control of a Windows Vista computer by a similar method.
With VBootkit 2.0, once an attacker has taken control of the Windows 7 computer during the boot process they are able to get system-level access to the computer, the highest level possible. They can also remove user passwords to gain access to protected files and strip DRM (digital rights management) protection from multimedia files. The passwords can then be restored, hiding any evidence that it was compromised.
"There's no fix for this. It cannot be fixed. It's a design problem," Vipin Kumar said during his presentation last week, referring to Windows 7's assumption that the boot process is safe from attack.
In response, a Microsoft representative said Windows 7's support for Trusted Platform Module (TPM) and BitLocker Drive Encryption (BDE) means the attack is "void," downplaying the threat to users.
That assertion is partly correct. TPMs are microcontrollers that contain encryption keys and digital signatures, adding an extra level of security through hardware authentication of software files. BDE is a data-protection feature available in some versions of Windows Vista that works by encrypting data on a computer's hard disk. These are powerful protections that defend against bootkit attacks but they are not available on all computers.
"TPM and BitLocker (collectively) would stop VBootkit from working. But TPM is not available on consumer PCs -- most of the them -- and BitLocker is available only in high-end Vista editions," Nitin Kumar wrote in an e-mail.
Restricting BitLocker to high-end versions of Windows Vista, which cost more than other versions, is intentional. Microsoft segments Windows into different versions with varying prices to target different markets. Because corporate customers are willing to pay more for security features like BitLockers, these capabilities are not offered with less expensive versions of the operating system. That's a smart approach from a product marketing and sales standpoint, but it leaves millions of users without the same level of protection.
BitLocker will not be available on all versions of Windows 7, according to Microsoft's latest plans. It will be available as features of Windows 7 Enterprise and Windows 7 Ultimate, but will not be part of the other four versions of the operating system: Professional, Home Premium, Home Basic and Starter. That means computers with these flavors of Windows 7, which are likely to represent the bulk of Windows 7 users, will not be protected against VBootkit-like attacks.
The proof-of-concept code demonstrated at HITB Dubai represents a limited security threat because an attacker must have physical control of a computer to use VBootkit 2.0, loading the software with a CD-ROM, USB memory stick or through a FireWire port. But that doesn't mean the code can't be modified for a remote attack.
A precursor of VBootkit, called Bootkit, was released under an open-source license and was modified by others for remote attacks against computers running Windows XP, Nitin Kumar said.
VBootkit 2.0 could be modified for use as a BIOS virus, PXE (Pre-Boot Execution Environment) boot virus, or a normal boot virus. As a result, NVLabs plans to keep the VBootkit 2.0 code under wraps. "We don't have any plans to make it open source, due to chances of misuse," he said.
While there is some comfort in NVLabs decision not to release the VBootkit 2.0 code, history has shown that if one group of security researchers can find and exploit a vulnerability, another group or individuals can exploit it as well.
Continue Reading »
VBootkit 2.0 is proof-of-concept code that was unveiled by security researchers Vipin Kumar and Nitin Kumar, of NVLabs, at the Hack In The Box (HITB) security conference held in Dubai last week. The code, which is just 3KB in size, allows an attacker to take control of a Windows 7 computer by patching files as they are loaded into the system's main memory. Because no software is modified on the computer's hard disk, the attack is nearly undetectable.
VBootkit 2.0 is an updated version of an earlier tool, called VBootkit 1.0, that can take control of a Windows Vista computer by a similar method.
With VBootkit 2.0, once an attacker has taken control of the Windows 7 computer during the boot process they are able to get system-level access to the computer, the highest level possible. They can also remove user passwords to gain access to protected files and strip DRM (digital rights management) protection from multimedia files. The passwords can then be restored, hiding any evidence that it was compromised.
"There's no fix for this. It cannot be fixed. It's a design problem," Vipin Kumar said during his presentation last week, referring to Windows 7's assumption that the boot process is safe from attack.
In response, a Microsoft representative said Windows 7's support for Trusted Platform Module (TPM) and BitLocker Drive Encryption (BDE) means the attack is "void," downplaying the threat to users.
That assertion is partly correct. TPMs are microcontrollers that contain encryption keys and digital signatures, adding an extra level of security through hardware authentication of software files. BDE is a data-protection feature available in some versions of Windows Vista that works by encrypting data on a computer's hard disk. These are powerful protections that defend against bootkit attacks but they are not available on all computers.
"TPM and BitLocker (collectively) would stop VBootkit from working. But TPM is not available on consumer PCs -- most of the them -- and BitLocker is available only in high-end Vista editions," Nitin Kumar wrote in an e-mail.
Restricting BitLocker to high-end versions of Windows Vista, which cost more than other versions, is intentional. Microsoft segments Windows into different versions with varying prices to target different markets. Because corporate customers are willing to pay more for security features like BitLockers, these capabilities are not offered with less expensive versions of the operating system. That's a smart approach from a product marketing and sales standpoint, but it leaves millions of users without the same level of protection.
BitLocker will not be available on all versions of Windows 7, according to Microsoft's latest plans. It will be available as features of Windows 7 Enterprise and Windows 7 Ultimate, but will not be part of the other four versions of the operating system: Professional, Home Premium, Home Basic and Starter. That means computers with these flavors of Windows 7, which are likely to represent the bulk of Windows 7 users, will not be protected against VBootkit-like attacks.
The proof-of-concept code demonstrated at HITB Dubai represents a limited security threat because an attacker must have physical control of a computer to use VBootkit 2.0, loading the software with a CD-ROM, USB memory stick or through a FireWire port. But that doesn't mean the code can't be modified for a remote attack.
A precursor of VBootkit, called Bootkit, was released under an open-source license and was modified by others for remote attacks against computers running Windows XP, Nitin Kumar said.
VBootkit 2.0 could be modified for use as a BIOS virus, PXE (Pre-Boot Execution Environment) boot virus, or a normal boot virus. As a result, NVLabs plans to keep the VBootkit 2.0 code under wraps. "We don't have any plans to make it open source, due to chances of misuse," he said.
While there is some comfort in NVLabs decision not to release the VBootkit 2.0 code, history has shown that if one group of security researchers can find and exploit a vulnerability, another group or individuals can exploit it as well.
Continue Reading »
VBootkit 2.0 : A real danger to Windows 7
VBootkit 2.0's proof-of-concept code takes control of the computer during the boot process; for the attack to work, an attacker must have physical access to the victim's computer
Security researchers demonstrated how to take control of a computer running Microsoft's upcoming Windows 7 operating system at the Hack In The Box Security Conference (HITB) in Dubai on Thursday.
Researchers Vipin Kumar and Nitin Kumar used proof-of-concept code they developed, called VBootkit 2.0, to take control of a Windows 7 virtual machine while it was booting up. They demonstrated how the software works at the conference.
"There's no fix for this. It cannot be fixed. It's a design problem," Vipin Kumar said, explaining the software exploits the Windows 7 assumption that the boot process is safe from attack.
While VBootkit 2.0 shows how an attacker can take control of a Windows 7 computer, it's not necessarily a serious threat. For the attack to work, an attacker must have physical access to the victim's computer. The attack can not be done remotely.
VBootkit 2.0, which is just 3KB in size, allows an attacker to take control of the computer by making changes to Windows 7 files that are loaded into the system memory during the boot process. Since no files are changed on the hard disk, VBootkit 2.0 is very difficult to detect, he said.
However, when the victim's computer is rebooted, VBootkit 2.0 will lose its hold over the computer as data contained in system memory will be lost.
VBootkit 2.0 is a follow-up to earlier work that Kumar and Kumar have done on vulnerabilities contained in the Windows boot process. In 2007, Kumar and Kumar demonstrated an earlier version of VBootkit for Windows Vista at the Black Hat Europe conference.
The latest version of VBootkit includes the ability to remotely control the victim's computer. In addition, the software allows an attacker to increase their user privileges to system level, the highest possible level. The software can also able remove a user's password, giving an attacker access to all of their files. Afterwards, VBootkit 2.0 restores the original password, ensuring that the attack will go undetected.
Continue Reading »
Security researchers demonstrated how to take control of a computer running Microsoft's upcoming Windows 7 operating system at the Hack In The Box Security Conference (HITB) in Dubai on Thursday.
Researchers Vipin Kumar and Nitin Kumar used proof-of-concept code they developed, called VBootkit 2.0, to take control of a Windows 7 virtual machine while it was booting up. They demonstrated how the software works at the conference.
"There's no fix for this. It cannot be fixed. It's a design problem," Vipin Kumar said, explaining the software exploits the Windows 7 assumption that the boot process is safe from attack.
While VBootkit 2.0 shows how an attacker can take control of a Windows 7 computer, it's not necessarily a serious threat. For the attack to work, an attacker must have physical access to the victim's computer. The attack can not be done remotely.
VBootkit 2.0, which is just 3KB in size, allows an attacker to take control of the computer by making changes to Windows 7 files that are loaded into the system memory during the boot process. Since no files are changed on the hard disk, VBootkit 2.0 is very difficult to detect, he said.
However, when the victim's computer is rebooted, VBootkit 2.0 will lose its hold over the computer as data contained in system memory will be lost.
VBootkit 2.0 is a follow-up to earlier work that Kumar and Kumar have done on vulnerabilities contained in the Windows boot process. In 2007, Kumar and Kumar demonstrated an earlier version of VBootkit for Windows Vista at the Black Hat Europe conference.
The latest version of VBootkit includes the ability to remotely control the victim's computer. In addition, the software allows an attacker to increase their user privileges to system level, the highest possible level. The software can also able remove a user's password, giving an attacker access to all of their files. Afterwards, VBootkit 2.0 restores the original password, ensuring that the attack will go undetected.
Continue Reading »
Windows 7 RC "Play To" Feature
The Digital Living Network Alliance created DLNA technology, Microsoft included it in Windows 7, and it's turned into a standout feature: DLNA adds a contextual "Play to" menu item to PCs connected on the same network (seemingly independent of HomeGroup status). This lets you send a video, photo, or song to another PC or device, and control the playback remotely.
Microsoft has tweaked Windows Media Player a fair bit between the Beta and the Release Candidate, however, making it a bit of a challenge to find the feature in the new build. Curious to learn how it works in Windows 7 Release Candidate? After the jump, my hands on with this clever networking technology.
In WIndows 7 Beta 1, WMP had a Share menu, which allowed you to "Receive media on your network" (whatever that means). Select it and a dialog explained that the feature lets other devices on your network push media to you.
In Windows 7 Beta 1, WMP had a Share menu, which allowed you to "Receive media on your network" (whatever that means). Select it and a dialog explained that the feature lets other devices on your network push media to you.
In the Release Candidate, that menu is renamed Stream and expanded; again, Play To (here called "Allow remote control of my Player") is disabled by default. Enable it on one PC and you'll be able to send files to that PC from others on the same HomeGroup, either from Window Media Player or by directly clicking a file in Windows Explorer.
This brings up a separate application (WMPDMC.exe, which lives in the C:\Program Files\Windows Media Player\ directory). Unfortunately, Play To is a WMP technology, not a Windows technology, meaning the Play To menu only exists when both PCs have WMP actively running, ostensibly for security purposes. Play To isn't part of Windows Media Center, even though Center relies heavily on Player's capabilities. Perhaps MS will make this feature more pervasive in the "Release to Master" version of Windows 7. For now, it's a very cool feature that shows a lot of promise. Home multimedia networking is getting easier!
Continue Reading »
Microsoft has tweaked Windows Media Player a fair bit between the Beta and the Release Candidate, however, making it a bit of a challenge to find the feature in the new build. Curious to learn how it works in Windows 7 Release Candidate? After the jump, my hands on with this clever networking technology.
In WIndows 7 Beta 1, WMP had a Share menu, which allowed you to "Receive media on your network" (whatever that means). Select it and a dialog explained that the feature lets other devices on your network push media to you.
In Windows 7 Beta 1, WMP had a Share menu, which allowed you to "Receive media on your network" (whatever that means). Select it and a dialog explained that the feature lets other devices on your network push media to you.
In the Release Candidate, that menu is renamed Stream and expanded; again, Play To (here called "Allow remote control of my Player") is disabled by default. Enable it on one PC and you'll be able to send files to that PC from others on the same HomeGroup, either from Window Media Player or by directly clicking a file in Windows Explorer.
This brings up a separate application (WMPDMC.exe, which lives in the C:\Program Files\Windows Media Player\ directory). Unfortunately, Play To is a WMP technology, not a Windows technology, meaning the Play To menu only exists when both PCs have WMP actively running, ostensibly for security purposes. Play To isn't part of Windows Media Center, even though Center relies heavily on Player's capabilities. Perhaps MS will make this feature more pervasive in the "Release to Master" version of Windows 7. For now, it's a very cool feature that shows a lot of promise. Home multimedia networking is getting easier!
Continue Reading »
Free Vista to Windows 7 upgrade rumors
Windows Vista users might receive a free Windows 7 upgrade depending on the time of their purchase. Some new information came to light that have not been confirmed yet by Microsoft.
Techarp, a technology website, has listed the requirements for receiving a free Windows 7 upgrade. They do mention that the program is optional meaning that not all OEMs might participate.
A new PC has to be purchased between July 1, 2009 and a date that has not been announced yet. A pre-installed version of either Windows Vista Home Premium, Windows Vista Business or Windows Vista Ultimate has to be supplied with the PC that must have a valid Certificate of Authenticity (COA) attached.
The upgrade paths are straightforward:
1. Windows Vista® Home Premium -> Windows® 7 Home Premium
2. Windows Vista® Business -> Windows® 7 Professional
3. Windows Vista® Ultimate -> Windows® 7 Ultimate
Continue Reading »
Techarp, a technology website, has listed the requirements for receiving a free Windows 7 upgrade. They do mention that the program is optional meaning that not all OEMs might participate.
A new PC has to be purchased between July 1, 2009 and a date that has not been announced yet. A pre-installed version of either Windows Vista Home Premium, Windows Vista Business or Windows Vista Ultimate has to be supplied with the PC that must have a valid Certificate of Authenticity (COA) attached.
The upgrade paths are straightforward:
1. Windows Vista® Home Premium -> Windows® 7 Home Premium
2. Windows Vista® Business -> Windows® 7 Professional
3. Windows Vista® Ultimate -> Windows® 7 Ultimate
Continue Reading »
Subscribe to:
Posts (Atom)