Tag Archives: windows

This is how Windows get infected with malware

Posted on by

CSIS has over a period of almost three months actively collected real time data from various so-called exploit kits. An exploit kit is a commercial hacker toolbox that is actively exploited by computer criminals who take advantage of vulnerabilities in popular software. Up to 85 % of all virus infections occur as a result of drive-by attacks automated via commercial exploit kits.

The purpose of this study is to reveal precisely how Microsoft Windows machines are infected with malware and which browsers, versions of Windows and third party software that are at risk.

via This is how Windows get infected with malware.
I have never been a big fan of constantly chasing patches but this conclusion has me rethinking my thoughts on this…

The reason why patching are essential

The conclusion of this study is that as much as 99.8 % of all virus/malware infections caused by commercial exploit kits are a direct result of the lack of updating five specific software packages.

I think the main problem here is that all these PCs were directly connected to the Internet.  The simplest solution of using a hardware router and NAT should stop these kind of attacks from ever hitting the PC.   I’m still leery about constantly applying patches because sometimes the patches themselves are buggy and may introduce new vectors into your OS.  Software upgrade needs to be planned as a general policy for the entire PC or sets of PCs and not dictated to by a mere application or OS vendor.

VMware KB: VMware VirtualCenter Server service does not start automatically after reboot

Posted on by

This issue may occur if the VirtualCenter Server service starts before one of the services it depends on is started. The VirtualCenter Server service is dependent on the following services: SQL Services ADAM Services when using linked mode in vCenter Server 4.x To resolve this issue, add a dependency to the VirtualCenter service so that it starts only after the necessary services have started.

via VMware KB: VMware VirtualCenter Server service does not start automatically after reboot.

Yikes!  You need to edit the registry to get this to work.

Mount dd images in Windows

Posted on by

Tools for OSForensics – OSFMount – Mount dd images in Windows.

OSFMount allows you to mount local disk image files (bit-for-bit copies of a disk partition) in Windows with a drive letter. You can then analyze the disk image file with PassMark OSForensics™ by using the mounted volume’s drive letter. By default, the image files are mounted as read only so that the original image files are not altered.