Microsoft Windows: Turn off Data Execution Prevention for Explorer

Disabling data execution prevention can allow certain legacy plug-in applications to function without terminating Explorer. C Microsoft Corporation 2015. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Windows NSA Information Assurance: Locklevel

Windows NSA Information Assurance LOCKLEVEL was a rapidly built prototype that demonstrates a method for scoring how well Windows systems have implemented some of the NSA Information Assurance top 10 mitigation strategies . This prototype is being shared to encourage industry adoption of these...

DoD Secure Host Baseline

NSA Information Assurance configuration guidance and files in support of the DoD Secure Host Baseline The Secure Host Baseline SHB provides an automated and flexible approach for assisting the DoD in deploying the latest releases of Windows 10 using a framework that can be consumed by organizatio...

Cimon CmnView DLL Hijacking Vulnerability

OVERVIEW Ivan Sanchez of Wise Security has identified a DLL Hijacking vulnerability in the CIMON CmnView.exe application. CIMON, Inc. has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely with social engineering and requires local user input...

Privilege escalation

The memory-management implementation in the Virtual Machine Monitor aka VMM or hypervisor in Microsoft Virtual PC 2007 Gold and SP1, Virtual Server 2005 Gold and R2 SP1, and Windows Virtual PC does not properly restrict access from the guest OS to memory locations in the VMM work area, which allo...

CVE-2010-1225

The memory-management implementation in the Virtual Machine Monitor aka VMM or hypervisor in Microsoft Virtual PC 2007 Gold and SP1, Virtual Server 2005 Gold and R2 SP1, and Windows Virtual PC does not properly restrict access from the guest OS to memory locations in the VMM work area, which allo...

CVE-2010-1225

The memory-management implementation in the Virtual Machine Monitor aka VMM or hypervisor in Microsoft Virtual PC 2007 Gold and SP1, Virtual Server 2005 Gold and R2 SP1, and Windows Virtual PC does not properly restrict access from the guest OS to memory locations in the VMM work area, which allo...

CVE-2010-1225

The CVE-2010-1225 issue affects Microsoft Virtual PC 2007 Gold/SP1, Virtual Server 2005 Gold/R2 SP1, and Windows Virtual PC. The root cause is a memory-management flaw where the VMM work-area memory is not properly protected from guest access, allowing context-dependent attackers to bypass some g...

Ken "Skywing" Johnson joins Microsoft security team

Microsoft has hired yet another well-known security researcher to join its ever-growing team of exploit and defense experts. This time it’s Ken Johnson, known in the hacker world as Skywing. Johnson is known as an expert on debugging and reverse engineering, and has done a tremendous amount of wo...

Opera plugs code-execution vulnerabilities

Opera Software has shipped a high-priority security patch for its flagship Web browser to plug at least three vulnerabilities that expose Windows users to code execution and cross-domain scripting attacks. The Opera 9.64 upgrade also adds support for DEP Data Execution Prevention and ASLR Address...