SecPod Research Blog

MS09-050 addresses the much talked about SMB2 Negotiation vulnerability. A crafted SMB packet could crash the Windows Vista/2008 systems with blue screen.
The OpenVAS plugin for checking MS09-050 hotfix is now available in the svn. This doesn’t require any credentials. The patched system responds differently to a particular SMB negotiation request (a crafted PID’s low_id field) [...]

OpenVAS plugins for Microsoft Security Bulletins – July 2009 are now available in the SVN repository. The plugins can be also synced via openvas-nvt-sync method.
There were 6 bulletins in total, including the much in-news Video ActiveX control (MS09-032)

The news…
Passing the 10000th Network Vulnerability Test (NVT) is a perfect occasion to report about the progress of the OpenVAS project[1].
In October 2008 the systematic development of new NVTs started with a base of around 5800 Tests. With the release of OpenVAS 2.0 in December 2008, the development was boosted and has now reached an [...]

OpenVAS plugins for Microsoft Bulletins – April 2009 are now available in OpenVAS. Update your OpenVAS plugins by running openvas-nvt-sync or download from the SVN directly.

Conficker worm variants A, B and C are dependent on vulnerability in Microsoft server service. Microsoft had released an advisory MS08-067 back in October 2008 to address the above vulnerability. As was expected at that time, number of attacks are spreading, major one being Conficker worm.
We have plugins for OpenVAS,
900055 – secpod_ms08-067_900055.nasl
900056 – secpod_ms08-067_900056.nasl

We had earlier released SecPod plugin for Nessus for MS08-067, vulnerability. The plugin required SMB credentials for it to work.
We have now made available the exploit code for the much talked about vulnerability in here. This has been tested with Nessus and OpenVAS and works well on Microsoft Windows 2000, XP and 2003. This doesn’t [...]

The advisory released by Microsoft yesterday, MS08-067, calls for immediate update. The vulnerability is actively being exploited. We have the SecPod plugin for Nessus and OpenVAS available here, scan your system quickly and run the missing update.

Microsoft Bulletins – Sept08
There are 4 security bulletins released addressing 8 security vulnerabilities and all are Critical.
1. MS08-052 – GDI+ Remote Code Execution Vulnerability
2. MS08-053 – Windows Media Encoder 9 Remote Code Execution Vulnerability
3. MS08-054 – Windows Media Player Remote Code Execution Vulnerability
4. MS08-055 – Microsoft Office Remote Code Execution Vulnerability
More details can be found [...]