|
|
|
Lets Paint The Kettle Black,Do You Have A Bitch On Whats Going On Around The Site Or Any Thing Negative To Report
|
|
AfterDawn Addict
15 product reviews
|
30. March 2007 @ 12:05 |
Link to this message
|
|
LOL!!! I loved watching louiepsp2 get whomped by Neph! Expertly done :)
AMD Phenom II X6 1100T 4GHz(20 x 200) 1.5v 3000NB 2000HT, Corsair Hydro H110 w/ 4 x 140mm 1500RPM fans Push/Pull, Gigabyte GA-990FXA-UD5, 8GB(2 x 4GB) G.Skill RipJaws DDR3-1600 @ 1600MHz CL9 1.55v, Gigabyte GTX760 OC 4GB(1170/1700), Corsair 750HX
Detailed PC Specs: http://my.afterdawn.com/estuansis/blog_entry.cfm/11388 |
|
Advertisement
|
|
|
|
|
The_Fiend
Suspended permanently
|
30. March 2007 @ 12:35 |
Link to this message
|
|
@ ddp : yeah i noticed, my internet was being iffy, had some timeouts, wasn't sure if those reports got sent or not.
I'll edit it out later, right now i need to get back to work.
Or feel free to edit it out for me if you feel the need, not sure how soon i'll be back, end of the world being at hand here.
irc://arcor.de.eu.dal.net/wasted_hate
Wanna tell me off, go ahead.
I dare ya !
|
|
ddp
Moderator
|
30. March 2007 @ 17:04 |
Link to this message
|
|
fiend, what for? lets see where the chips fall
|
|
The_Fiend
Suspended permanently
|
30. March 2007 @ 18:02 |
Link to this message
|
|
Yes sir !
irc://arcor.de.eu.dal.net/wasted_hate
Wanna tell me off, go ahead.
I dare ya !
|
AfterDawn Addict
2 product reviews
|
30. March 2007 @ 20:04 |
Link to this message
|
|
Microsoft Customer service Sucks!
January 14th- I called and requested a box for a repair.
January 18th- Called to see where the box was because no box yet.
February 13th- I receive the box after a mounth of trying to get M$ to ship it to me
February 14th- Ship to M$
February 24th- receive XBOX while out of country
March 1st- I return home to my "NEW" XBOX which gave me 3 flashing red lights
March 2ond- Call M$ to bitch about my problem
March 14th- Box arrives
March 15th- Ship broken XBOX back to M$
March 22nd- Call to check on Status, and just waiting for my new (refurbished/used console) to be shipped.
March 30th- Box arrives, crack it open plug it all in and get the ring of death. Turn it off, then back on again. Same thing.
Call M$, and talk to an agent and tell him my story, he says he is going to put me on hold, so I sit on hold for 30 Minutes, then the line goes dead. I was disconnected. Oh yes, I had also waited in the phone tree for 45 minutes. This is messed up!
|
AfterDawn Addict
|
31. March 2007 @ 08:10 |
Link to this message
|
NOW THIS IS A BITCH
Quote:
"Blood just all over my face, in my mouth, I could taste it. It was terrible.
Blood Sprays Out of Sewer, On City Worker
(WCCO) Minneapolis A Minneapolis city worker is worried about blood in the sewer system because he said, while he was cleaning the system, blood sprayed out of a hole and got all over him.
ARTICLE HERE
http://wcco.com/topstories/local_story_088224059.html
|
AfterDawn Addict
|
31. March 2007 @ 09:26 |
Link to this message
|
|
BOY DO I HAVE A REAL BITCH,AS SOME KNOW:
I USE WINDOWS 2000 AS MY PRIMARY SYSTEM
AND XP-PRO JUST TO KEEP ON THE SAME PAGE AS MOST OF YE.
XP is only on the net just for updates.like for virus,windows updates..and spysweeper..last time xp was on the net was 2-28-07
yesterday 3-30-07 i got the windows update,shut down the net then i installed the new printer solfware for a hp 7360..
i went into explorer to check the user accounts to delete some temp files,i noted a new user account as admin,note:i am the only user for this system..and i did not set up that user account....
note this same printer is installed on another XP AND 2000 computer.i use as my office computer,so its not the printer solfware that installed the new account
i made a back up image of the current system and then i recovered my system back to 3-27-07 using true image..then installed the printer,
and then i got the virus update and spysweeper,did not get the win updates..
checked the user accounts it was just me and the admin account..
JUST LIKE IT SHOULD BE.......
I SURE AS HELL LOVE XP->>>(NOT)<<<,XP->>>(NOT)<<<,XP->>>(NOT)<<<
This message has been edited since posting. Last time this message was edited on 31. March 2007 @ 09:36
|
AfterDawn Addict
|
31. March 2007 @ 10:06 |
Link to this message
|
NOTE:I USE Firefox AND THUNDBIRD..I DO NOT USE OUTLOOK..
Windows cursor threat
p2pnet.net news:- To borrow a phrase from Shakespeare, beware the "arrows of outrageous fortune," because the humble cursor is central to the latest serious security danger to threaten Windows users.
And it's currently being used in hack attacks.
A new security hole discovered by McAffee affects the way Windows handles animated cursors, and could leave PCs open, says US-CERT. The unpatched stack buffer overflow vulnerability in Microsoft Windows could allow an attacker to execute arbitrary code, it says.
"Configuring Outlook Express to read email in plaintext will not protect against this vulnerability," warns US-CERT (the United States Computer Emergency Readiness Team).
"Outlook Express in plaintext mode will download and parse a malicious .ANI file referenced in the email message without prompting."
The hole has been opened because Windows fails to properly handle specially crafted animated cursor (ANI) files, states US-CERT, going on.
"According to public reports, this vulnerability is actively being exploited via Internet Explorer. Specifically, the reports claim that browsing to a specially crafted web page with Microsoft Internet Explorer results in exploitation."
Posts US-CERT:
Vulnerability Note VU#191609
Microsoft Windows animated cursor ANI header stack buffer overflow
Overview
Microsoft Windows contains a stack buffer overflow in the handling of animated cursor files. This vulnerability may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
I. Description
Animated cursor files (.ani) contain animated graphics for icons and cursors. A stack buffer overflow vulnerability exists in the way that Microsoft Windows processes malformed animated cursor files. Microsoft Windows fails to properly validate the size specified in the ANI header. Note that Windows Explorer will process ANI files with several different file extensions, such as .ani, .cur, or .ico.
Note that animated cursor files are parsed when the containing folder is opened or it is used as a cursor. In addition, Internet Explorer can process ANI files in HTML documents, so web pages and HTML email messages can also trigger this vulnerability.
More information on this vulnerability is available in Microsoft Security Advisory (935423).
This vulnerability is being actively exploited.
II. Impact
A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition.
III. Solution
We are unaware of a practical solution to this vulnerability. Until a fix is available, the following workarounds may reduce the chances of exploitation:
Configure Outlook to display messages in plain text
An attacker may be able to exploit this vulnerability by convincing a user to display a specially crafted HTML email. This can happen automatically if the preview pane is enabled in your mail client. Configuring Outlook to display email in plain text can help prevent exploitation of this vulnerability through email. Consider the security of fellow Internet users and send email in plain text format when possible.
Note: The Outlook Express option for displaying messages in plain text will not prevent exploitation of this vulnerability. This workaround is only viable for systems with Microsoft Outlook.
Disable preview pane
By disabling the preview pane in your mail client, incoming email messages will not be automatically rendered. This can help prevent exploitation of this vulnerability.
Configure Windows Explorer to use Windows Classic Folders
When Windows Explorer is configured to use the "Show common tasks in folders" option, HTML within a file may be processed when that file is selected. If the "Show common tasks in folders" is enabled, selecting a specially crafted HTML document in Windows Explorer may trigger this vulnerability. Note that the "Show common tasks in folders" is enabled by default. To mitigate this attack vector, enable the "Use Windows classic folders" option. To enable this option in Windows Explorer:
* Open Windows Explorer
* Select Folder Options from the Tools menu
* Select the "Use Windows classic folders" option in the Tasks section
Do not follow unsolicited links
In order to convince users to visit their sites, attackers often use URL encoding, IP address variations, long URLs, intentional misspellings, and other techniques to create misleading links. Do not click on unsolicited links received in email, instant messages, web forums, or internet relay chat (IRC) channels. Type URLs directly into the browser to avoid these misleading links. While these are generally good security practices, following these behaviors will not prevent exploitation of this vulnerability in all cases, particularly if a trusted site has been compromised or allows cross-site scripting.
Slashdot Slashdot it!
Also See:
US-CERT - Active Exploitation of an Unpatched Vulnerability in Microsoft Windows ANI Handling, March 29, 2007
(Saturday 31st March 2007)
http://p2pnet.net/story/11826
|
AfterDawn Addict
|
31. March 2007 @ 11:16 |
Link to this message
|
Kids allegedly had sex in classroom during assembly about killing
SPEARSVILLE, La. (AP) -- Two fifth-graders had sex on a classroom floor while two others fondled each other in the classroom, according to a teacher at Spearsville High School.
ARTICLE HERE
http://hosted.ap.org/dynamic/stories/L/L...N&SECTION=HOME&
|
AfterDawn Addict
|
31. March 2007 @ 11:25 |
Link to this message
|
HOT READ
Attackers exploit zero-day Windows flaw
Attackers take advantage of vulnerability in Windows animated cursor. Also: Trojan spam dupes users into thinking it's an IE 7 beta.
By Dawn Kawamoto
Staff Writer, CNET News.com
Published: March 30, 2007, 2:28 PM PDT
Tell us what you think about this storyTalkBack E-mail this story to a friendE-mail View this story formatted for printingPrint Add to your del.icio.usdel.icio.us Digg this storyDigg this
A zero-day exploit that takes advantage of a vulnerability in the Windows cursor could be spreading rapidly.
The hole in the Windows animated cursor, which was flagged in a Microsoft advisory Thursday, has moved from a targeted attack to one that is widespread, said Johannes Ullrich, chief research officer for the Sans Institute, which also issued an advisory.
Attackers also on Thursday launched a Trojan spam that dupes users into thinking it's an IE 7 beta, according to a Sans advisory. The Trojan uses the same file name as Microsoft's legitimate IE 7 betas, making detection more difficult, Ullrich noted.
Antivirus software was initially pretty useless in combating it," Ullrich said. "It was spammed out quickly and probably used an existing spam network."
He noted, however, that users have to click on a link to have their systems affected, so it is less of a threat than the Windows animated cursor zero-day flaw, or a security hole that has been publicly disclosed but not fixed.
"With the (animated cursor), you don't have to click on a link to get it to launch," Ullrich said. "You just have to open a malicious e-mail or go to a malicious Web site."
Several dozen Web sites have become infected with the exploit in the past day, and Microsoft has yet to issue a patch, he added.
http://news.com.com/Attackers+exploit+ze...ml?tag=nefd.top
Quote:
Windows Zero-Day Flaw 'Very Dangerous,' Experts Say
Bug affecting IE and Windows is potentially very damaging, and there's no quick fix in sight.
Gregg Keizer, Computerworld
Friday, March 30, 2007 03:00 PM PDT
The Windows zero-day bug now being used by attackers is extremely dangerous, security researchers said Friday, and ranks with the Windows Metafile vulnerability of more than a year ago on the potential damage meter.
"This is a good exploit," Roger Thompson, CTO of Exploit Prevention Labs, said in an instant message exchange. "It's very dangerous. One of the reasons is that there's no crash involved...it's instantaneous. And all it takes is visiting a site."
Thursday, Microsoft's Security Response Center (MSRC) issued an advisory acknowledging a bug in Windows' animated cursor, a component that lets developers show a short animation at the mouse pointer's location. Attackers, who are already exploiting the bug in limited fashion, can hijack PCs by tempting users to malicious Web sites or by sending them a malformed file via e-mail.
Other researchers waded in Friday with warnings of the animated cursor danger. "This is reminiscent of the former Windows Metafile (WMF) attacks from 2005 and 2006," Ken Dunham, director of VeriSign's iDefense rapid response team, said in an e-mail. "It's trivial to update, multiple sites now host the code in a short period of time, and the highly virulent file exploitation vector within Windows Explorer exists."
The WMF Infections
In late 2005, exploits of the WMF vulnerability swept through malicious sites and infected thousands of PCs with a raft of malware, including spyware and bot Trojans. Microsoft rushed a patch into place in early January 2006, one of the few times it has gone out-of-cycle with a fix.
"There are a lot of exploits the equivalent of triple lutzes," said Ross Brown, the CEO of eEye Digital Security. "Only those high to the right on the hacker bell curve can pull it off. But this one doesn't need a lot of sophistication.
"It doesn't require a PhD in hacking," Brown said. "The number of people who can use this is huge."
EEye considered it so dangerous that early this morning it released a rare unofficial patch to temporarily plug the dike. This is only the second time that eEye has put out an unsanctioned fix for a Microsoft bug.
"We have some internal criteria for doing that, which this met," said Brown. "First, there's no direct mitigation, no registry switch or kill bit that a user or administrator can set. Second, the patch itself should be unobtrusive. And third, we want to make sure that the patch will unload itself when Microsoft releases its patch."
EEye's fix is "straight-forward," said Brown, who likened it to a shim. "This prevents any animated cursor except those already installed by Windows from being executed," he said. eEye's patch notes said that the fix blocks cursors from being loaded outside of %SystemRoot%, which prevents sites from loading their own, potentially malicious animated cursors.
Brown confirmed that the patch includes code to automatically uninstall itself once a user installs the expected Microsoft fix.
Safest E-Mail Client
Because simply previewing an HTML e-mail message can result in an infection, Microsoft also provided additional details late Thursday on which of its e-mail clients are safest to use. According to Adrian Stone, an MSRC program manager, Outlook 2007 is invulnerable, as is Vista's Windows Mail--as long as users don't reply or forward the attacker's messages. The SANS Institute's testing, however, contradicted Microsoft; by SANS' account, Outlook Express in Windows XP, Windows Mail in Vista, and Outlook 2003 in any version of Windows puts users at risk when they simply preview a malicious message. They don't have to actually open the message to be in danger of an infection.
In-the-wild attacks, said Dunham, have been limited so far to those against Windows XP SP2 through Microsoft's Internet Explorer 6 and 7 (IE6 and IE7) browsers. But that won't likely remain the case for long. "Our tests prove that trivial modification is all that's required to update the payload and functionality on multiple operating system builds," he said.
And while Microsoft Thursday said Vista's version of IE7 protects users, eEye's Brown added that browser-based attacks aren't the only game in town. "I get the PR [public relations] angle they're going down, but there are all sorts of ways this can come in, including HTML e-mail. Vista's not immune."
Who's Doing This
Websense said in a separate alert that it had identified at least nine different sites hosting the animated cursor exploit as of last night. Dunham, of iDefense, could only narrow it to "multiple domains," but added that they point back to two hostile servers, both based in China.
Both iDefense and Websense pinned blame on known hacker groups. Dunham said his team had traced the attacks to the Chinese Evil Octal forum, a group using a server supposedly registered to the Guilin University of Electronic Technology in Guilin, Guangxi Province, People's Republic of China. For its part, Websense claimed a link between the newest attacks and the group responsible for hacking the Web site of Dolphin Stadium in Miami, Fla.--the site of the 2007 Super Bowl--just days before this year's game between the Indianapolis Colts and the Chicago Bears.
The next regularly-scheduled Microsoft patch release date is April 10, more than a week and a half away. However, Microsoft has not yet committed to a fix date, much less to April 10. Thursday, a company spokeswoman would only say: "[We] will release an update for this issue at the conclusion of our investigation."
"The thing that really bugs me about this," said Brown, eEye's CEO, "is that it affects Vista. This is a known vulnerability that has a connection to a vulnerability patched in January 2005. I'm not sure what happened; maybe they checked in old code for Vista and then didn't fully check it against known vulnerabilities." More than two years ago, in its MS06-002 security bulletin, Microsoft credited eEye with providing information on a bug involving cursor, animated cursor and icon files.
"Worse, we know there are vulnerabilities that can be exploited in Vista to escalate privileges," said Brown. "All you need is access to the system, which this [animated cursor] provides." Once inside, said Brown, the attacker could up rights from even a safer local user to administrator privileges.
"Then, all bets are off."
http://www.pcworld.com/article/id,130287-page,1/article.html
This message has been edited since posting. Last time this message was edited on 31. March 2007 @ 11:30
|
AfterDawn Addict
|
31. March 2007 @ 11:39 |
Link to this message
|
Bug affecting IE and Windows is potentially very damaging,
Common Name:
Windows .ANI Processing
Date Disclosed:
3/28/2007
Expected Patch Release:
Unknown
Vendor:
Microsoft
Application:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Description:
An unspecified vulnerability exists within Microsoft Windows which may possibly allow for a remote attacker to execute arbitrary code under the context of the logged in user. This vulnerability requires user interaction by viewing a malicious Windows animated cursor (.ANI) file. .ANI files are commonly used by web developers to display custom cursor animations to enhance web-site experiences.
The most potent attack method is by embedding a malicious .ANI file within an HTML web page. Doing so allows the vulnerability to be exploited with minimal user interaction by simply coaxing a user to follow a hyperlink and visit a malicious web site. Other exploit vectors exist including Microsoft Office applications since they also rely on the same .ANI processing code, making e-mail delivery also a potent threat by using Microsoft Office attachments.
Since .ANI processing is performed by USER32.dll and not the attack vector application itself, all attack vectors have the potential to use a similar exploit with similar address offsets targeted at Windows directly, allowing for a very reliable exploit.
NOTE: This advisory information is gathered from the references below. eEye Research is currently researching the cause of the vulnerability and trying to identify other vulnerable and will update this ZDT entry as more information becomes available.
Severity:
High
Code Execution:
Yes
Impact:
Arbitrary code execution under the context of the logged in user
A web browser remote code execution vulnerability has a very high impact since the source of the malicious payload can be any site on the Internet. An even more critical problem is generated when clients are administrators on their local hosts, which would run the malicious payload with Administrator credentials. Exploitation impact can vary from the reported trojan installation to full system compromise by coupling this attack with a privilege escalation vulnerability to acquire SYSTEM access.
Mitigation:
eEye Digital Security's Research Team has released a workaround for the zero-day vulnerability as a temporary measure for customers who have not yet installed Blink. Blink generically protects from this and other vulnerabilities without the need for updating and is available for free for personal use on all affected platforms except for Vista. This workaround is not meant to replace the forthcoming Microsoft patch, but rather as a temporary mitigation against this flaw.
The temporary patch mitigates this vulnerability by preventing cursors from being loaded outside of %SystemRoot%. This disallows websites from loading their own, potentially malicious animated icons, while causing little to no business disruption on hosts with the patch installed.
Organizations that choose to employ this workaround should take the steps required to uninstall it once the official Microsoft patch is released. More information regarding installation and uninstallation is available in the patch installer. Please note that at this time this workaround supports all affected platforms except for x64 and Itanium architectures.
Patch Location: Download Now!
Patch Version: 1.0
http://www.eeye.com/html/research/tools/...yPatchSetup.exe
Patch Source Code: View
http://research.eeye.com/html/alerts/zeroday/20070328.html
|
Senior Member
|
31. March 2007 @ 14:44 |
Link to this message
|
|
AfterDawn Addict
2 product reviews
|
31. March 2007 @ 15:08 |
Link to this message
|
|
Senior Member
|
31. March 2007 @ 15:12 |
Link to this message
|
|
I know, and just for the sake of a few L.E.D.'s?
|
|
fortunat1
Newbie
|
31. March 2007 @ 15:19 |
Link to this message
|
|
I don't smoke the ciggies but a peace pipe. you guys all are a bunch of knots. Give up that crap!
|
Senior Member
|
31. March 2007 @ 15:39 |
Link to this message
|
|
@fortunat1,
????????????
|
|
ddp
Moderator
|
31. March 2007 @ 16:24 |
Link to this message
|
|
blivetNC, 2nd that!!
|
AfterDawn Addict
|
31. March 2007 @ 18:12 |
Link to this message
|
|
Must be smoking crack in that peace pipe!
|
|
aabbccdd
Suspended permanently
|
31. March 2007 @ 20:25 |
Link to this message
|
|
damn no more RipIt4Me its gone finshed out of here .all links are dead on the web
|
AfterDawn Addict
|
31. March 2007 @ 20:36 |
Link to this message
|
|
|
Senior Member
|
1. April 2007 @ 04:15 |
Link to this message
|
|
@Ireland,
I am afraid the lamentations are directed at the fact that Ripit4me is no longer being offered by its author(s), which means that there will be no more updates to it, and like Shrink, and DVDdecrypter, will fade away until someone writes another program to get around the new copyright schemes implimented by the mafia.
|
AfterDawn Addict
|
1. April 2007 @ 04:36 |
Link to this message
|
Or we could just get AnyDVD and be happy :-P
[Edit]
:-)
This message has been edited since posting. Last time this message was edited on 1. April 2007 @ 10:04
|
|
The_Fiend
Suspended permanently
|
1. April 2007 @ 04:43 |
Link to this message
|
|
jackrocks ? little typo, or are you having delusions of grandeur here ?
irc://arcor.de.eu.dal.net/wasted_hate
Wanna tell me off, go ahead.
I dare ya !
|
AfterDawn Addict
|
1. April 2007 @ 04:51 |
Link to this message
|
|
Lmfao!
Hmm, subconcious typo methinks ;-)
Oh btw Dan, around on Irc?
This message has been edited since posting. Last time this message was edited on 1. April 2007 @ 04:51
|
|
Advertisement
|
|
|
Moderator
|
1. April 2007 @ 09:52 |
Link to this message
|
|
I have a bitch. I looooove the classic rock stations but they never play anything new. It's always the same old stuff..................................
My killer sig came courtesy of bb "El Jefe" mayo.
The Forum Rules You Agreed To! http://forums.afterdawn.com/thread_view.cfm/2487
"And there we saw the giants, and we were in our own sight as grasshoppers, and so we were in their sight" - Numbers 13:33 |
|
