Saturday, December 16

Microsoft updates Windows Vista in latest piracy crackdown

'Frankenbuild' update detects and tackles piracy of Vista code:


Microsoft on Thursday released an update to Windows Vista that will shut down unauthorized versions of the OS that allow users to skip the product's activation system.

The move comes as pirated copies of Vista are already making the rounds, mere weeks after the product was released to business customers.

The update, which Microsoft has dubbed "frankenbuild," detects tampering of Windows Vista code that would allow users of the OS to work around the product's built-in activation system, which requires users to validate their copy of Vista with a product activation key to use the full version of the product after 30 days.

Frankenbuild mixes files from various test and final versions of the software. It will require only systems in which it detects specific tampering to go through a validation check for authenticity, according to a posting on the Windows Genuine Advantage blog.

If a version of Vista that has used a workaround to avoid product activation is detected, a user of that software will have 30 days before the OS goes into a reduced functionality mode, Microsoft said. In this mode, all users can do is access their existing files and surf the Web for an hour before having to log back on to the software.

Read more on Infoworld.

Friday, December 15

"Logic bomb" backfires on hacker

Hacker duped by his own Logic bomb:


A former UBS PaineWebber employee was sentenced to eight years in prison on Wednesday for planting a computer "logic bomb" on company networks and betting its stock would go down.

The investment scheme backfired when UBS stock remained stable after the computer attack and Roger Duronio lost more than $23,000.

A federal judge in New Jersey sentenced Duronio, 64, to 97 months in prison and ordered him to make $3.1 million in restitution to his former employer, the U.S. attorney's office said in a statement.

Duronio was convicted on July 19 of one count of securities fraud and one count of computer fraud in the 2002 case.

Read the complete article here.

Hackers Selling Vista Zero-Day Exploit

Hackers Selling Vista Zero-Day Exploit


Underground hackers are hawking zero-day exploits for Microsoft's new Windows Vista operating system at $50,000 a pop, according to computer security researchers at Trend Micro.

The Windows Vista exploit—which has not been independently verified—was just one of many zero-days available for sale at an auction-style marketplace infiltrated by the Tokyo-based anti-virus vendor.

In an interview with eWEEK, Trend Micro's chief technology officer, Raimund Genes, said prices for exploits for unpatched code execution flaws are in the $20,000 to $30,000 range, depending on the popularity of the software and the reliability of the attack code.

Bots and Trojan downloaders that typically hijack Windows machines for use in spam-spewing botnets were being sold for about $5,000, Genes said.

Read complete article here.