首先感谢alax\jick117\Proll三位弟弟的热情帮助:[s:62]
仅仅以为是增加了Http功能,才急于想测试一下。结果,没想到它的进步、它的改观,让我惊大于喜。
假如提示找不到文件的,可看一下,其实存在的:C:\Documents and Settings\Administrator\Local Settings\Temp\IXP000.TMP\vcredist.msi
14天的试用Key,将就着用用吧。alax的破解方法在:http://bbs.crsky.com/read.php?tid=1245117
多了四个模块,让我吃惊的是,它在加了Http监控的同时,居然又加上了RegMon,野心~~~
记得有许多朋友说ArcaVir在Web Http监控方面薄弱的,现在好了,估计说的朋友会少很多了。那似RD功能的,放在后面说吧。
重启后,弹出的第一个对话框却是提示Tencent的TM,呵,可启发式还是中级呢:
官 网:http://www.malwarebytes.org
下载地址:http://www.malwarebytes.org/mbam/program/mbam-setup.exe
放手头上有些天了,因为版本更新速度很快,从Version 0.70到7.1,7.2到Version 0.76,从另一方面说明软件本身目前的不完善性。
在0.75时试用了,发现问题,提交不久,官方就放出0.76,以为得到改进,结果此版本仍未改进。
安装后打开界面,默认为Quick Scan即快速扫描,主要扫描系统盘、注册表等信息:
SecurityFocus Microsoft Newsletter #370
—————————————-
This issue is Sponsored by: SPI Dynamics
XPATH Injection Attacks- Web Hackers New Trick: White Paper
One particular form of injection attack, XPath Injection, is rapidly gaining in popularity due to the spread of AJAX applications and their inherent use of XML to store data. XPath Injection can be just as dangerous as SQL Injection, and can be even easier to exploit. Learn how to identify XPath Injection vulnerabilities and which methods of recourse to take to prevent them. Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!
https://download.spidynamics.com/1/ad/XP.asp?Campaign_ID=70160000000D803
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
——————————————————————
I. FRONT AND CENTER
1.Aye, Robot, or Can Computers Contract?
2.Don’t blame the IDS
II. MICROSOFT VULNERABILITY SUMMARY
1. Tencent QQ LaunchP2PShare Multiple Stack Buffer Overflow Vulnerabilities
2. VanDyke VShell Unspecified Denial Of Service Vulnerability
3. Samhain Labs Samhain Insecure Random Number Generator Information Disclosure Weakness
4. Skype Technologies Skype Voicemail URI Handler Remote Denial of Service Vulnerability
5. Apple QuickTime RTSP Response Header Content-Length Remote Buffer Overflow Vulnerability
6. Apple QuickTime RTSP Response Header Remote Stack Based Buffer Overflow Vulnerability
7. Wireshark 0.99.6 Multiple Remote Vulnerabilities
8. IBM Director CIM Server Remote Denial of Service Vulnerability
9. SMF Private Forum Messages Information Disclosure Vulnerability
10. Microsoft Windows Insecure Random Number Generator Information Disclosure Weakness
III. MICROSOFT FOCUS LIST SUMMARY
1. Windows NT Desktop
2. Security and Implications of Hosted Exchange
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
———————
1.Aye, Robot, or Can Computers Contract?
By Mark Rasch
A contract is usually described as a “meeting of the minds.” One person makes an offer for goods or services; another person sees the offer and negotiates terms; the parties enter into an agreement of the offer; and some form of consideration is given in return for the provision of something of value. At least that’s what I remember from first year law school contracts class.
http://www.securityfocus.com/columnists/458
2.Don’t blame the IDS
By Don Parker
Some years ago, I remember reading a press release from the Gartner Group. It was about intrusion detection systems (IDS) offering little return for the monetary investment in them and furthermore, that this very same security technology would be obsolete by the year 2005. A rather bold statement and an even bolder prediction on their part.
http://www.securityfocus.com/columnists/457
II. MICROSOFT VULNERABILITY SUMMARY
————————————
1. Tencent QQ LaunchP2PShare Multiple Stack Buffer Overflow Vulnerabilities
BugTraq ID: 26613
Remote: Yes
Date Published: 2007-11-27
Relevant URL: http://www.securityfocus.com/bid/26613
Summary:
Tencent QQ is prone to multiple stack-based buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data.
继续阅读 »