Tag Archives: windows

New Windows Server 2012 puts virtualization front and center

Posted on by

That’s no longer the case with Windows Server 2012. Both Standard and Datacenter editions will support the same set of features and the same hardware limits. Both will require CALs for authenticated server access. Both will be licensed on a per-socket-pair basis. The only difference will be in virtualization rights: Standard edition can be run in up to two virtual machines (in addition to the host operating system); Datacenter edition can be run in an unlimited number of virtual machines.

via New Windows Server 2012 puts virtualization front and center | Ars Technica.

Microsoft own-brand tablet PCs a ploy to drive Windows 8 adoption, says Acer founder

Posted on by

While Microsoft’s unveiling of two own-brand tablet PCs has surprised the supply chain in Taiwan and brought worries on PC vendors, Acer founder Stan Shih has commented that Microsoft has no real intention to sell own-brand tablet PCs and the offering is an ploy to boost adoption of Windows 8.

via Microsoft own-brand tablet PCs a ploy to drive Windows 8 adoption, says Acer founder.

Flame Malware Hijacks Windows Update Mechanism

Posted on by

According to Symantec’s Security Response team, the Snack module sniffs NetBIOS requests on the local network. NetBIOS name resolution allows computers to find each other on a local network via peer-to-peer, opening up an avenue for spoofing.

“When clients attempt to resolve a computer name on the network, and in particular make WPAD (Web Proxy Auto-Discovery Protocol) requests, Flamer will claim it is the WPAD server and provide a rogue WPAD configuration file (wpad.dat),” Symantec noted. “NetBIOS WPAD hijacking is a well-known technique and many publicly available hack tools have implemented the technique.”

via Flame Malware Hijacks Windows Update Mechanism | SecurityWeek.Com.

This is why automatic Windows updates should always be off.  Only update manually when you know your network is secure.

Dell follows Q1 sag with weak outlook for Q2

Posted on by

Dell’s quarterly revenue fell more than analysts had expected, hurt by weak sales to consumers, large enterprises and government units. PC makers have struggled with slowing demand as mobile devices such as the iPad erode market share.

Brian Marshall, an analyst with ISI Group, said the “real poor results” shows that it will take Dell more time to transform itself from a PC company to a one-stop shop for all the information technology needs of corporations.

via Dell follows Q1 sag with weak outlook for Q2 – chicagotribune.com.

Microsoft: Remote Desktop Protocol Vulnerability Should be Patched Immediately

Posted on by

Those IT admins who use RDP to manage their machines over the internet, which is essentially the default in cloud-based installations such as Amazon’s AWS, need to patch as quickly as possible, Qualys CTO Wolfgang Kandek opined.

via Microsoft: Remote Desktop Protocol Vulnerability Should be Patched Immediately | SecurityWeek.Com.

RDP will always be a vector into a machine if running.  The simplest solution would  be to figure out a way so that you never have to run rdp.

Researchers Seek Help in Solving DuQu Mystery Language

Posted on by

While other parts of DuQu are written in the C++ programming language and are compiled with Microsoft’s Visual C++ 2008, this part is not, according to Alexander Gostev, chief security expert at Kaspersky Lab. Gostev and his team have also determined that it’s not Objective C, Java, Python, Ada, Lua or many other languages they know.

via Researchers Seek Help in Solving DuQu Mystery Language | Threat Level | Wired.com.

The module is an important part of DuQu’s payload — which is the part of DuQu that performs malicious functions once it’s on an infected machine. The module allows DuQu’s DLL file to operate completely independent of other DuQu modules. It also takes data stolen from infected machines and transmits it to command-and-control servers and has the ability to distribute additional malicious payloads to other machines on a network, in order to spread the infection.

NSIS Wiki

Posted on by

From NSIS WikiNSIS Nullsoft Scriptable Install System is a professional open source system to create Windows installers. It is designed to be as small and flexible as possible and is therefore very suitable for internet distribution.

via NSIS Wiki.

Packetstan: NBNS Spoofing on your way to World Domination

Posted on by

Since the look up is just a hostname, windows adds the local DNS suffix to the query and asks its DNS server(s). The suffix picked up my the Windows box usually comes from the DHCP server. As you can see, the DNS server replied that it had no idea on how to lookup that name. Next, you’ll see the NBNS Request. The beautiful thing is, the NBNS Request is a broadcast, so anyone can reply easily and redirect traffic.

via Packetstan: NBNS Spoofing on your way to World Domination.

How Computer Browser Service Works: Browser Service

Posted on by

Every computer running Windows that has the file sharing component installed and enabled on a network interface broadcasts a periodic (every 12 minutes) Host Announcement message on the local subnet. On the master browse server for the subnet, these messages are used to maintain the list of available servers in the browse list

via How Computer Browser Service Works: Browser Service.

This is a very noisy service — especially on a network that doesn’t care about browser services.

Cisco plans virtual switch for Hyper-V in Windows Server 8

Posted on by

Expanding the ability of Cisco networking tools to work with Hyper-V could help Microsoft make its case that its server virtualization software is a viable alternative to VMware. The analyst firm Gartner has praised the Hyper-V technology and said Microsoft has the advantage of providing management tools that are familiar to Windows administrations, but that it has struggled to convert large enterprise customers from VMware to Hyper-V.

via Cisco plans virtual switch for Hyper-V in Windows Server 8.