Blog wrap-up for September 2010

Last record to first: Vulnerability in VMWare Workstation installer. Not a 0-day anymore. The report of my first reported vulnerability Old good command line #2… The CLI nostalgic series continues (Driverquery, fc, find) Old good command line… The CLI nostalgic series continues (clip, color, comp) IE 9 Beta starts Yeah. MS issued MS Chrome Utilities: cmdkey The start of CLI Series. Nostalgia begins here Certification News MS CTA and discounts for MS Partners’ employees x64 attacks, part II Viruses go x64. Beware! Kaspersky Lab has implemented UC Call me if you want, I’m on my phone if I’m online

Vulnerability in VMWare Workstation installer. Not a 0-day anymore.

The only reason for mentioning the vulnerability is… Bragging. Yes, I’m going to brag about the first vulnerability I had discovered and reported before the CVE was issued =,,) I found several vulnerabilities earlier, but all of them already had a CVE published, so it was useless. The vulnerability in VMWare Workstation and Player installer allowed criminal to launch any code you may embed into a .htm page. Well, the page must be placed in the same directory where the installer is placed and it will shoot your computer only if you are installing the new version, but, hey, it’s … Continue reading Vulnerability in VMWare Workstation installer. Not a 0-day anymore.

Old good command line #2…

Let’s continue overview of what was found by me in command line tools. driverquery. List drivers, installed into your system with various information about them. For example, we can obtain information about signed drivers: May be handy in case of some drivers problems. fc. Whoa, kind of déjà vu… Haven’t we such a command described in the previous issue of “old good command line”? Isn’t it the same as “comp command”? Well, not exactly. While “comp” compares byte-by-byte, this command has some different options and is more powerful in some cases. It can compare in ASCII mode, be case-sensitive or … Continue reading Old good command line #2…

Old good command line…

You know what? What struck me after I had written the post about cmdkey is that while reading about cmdkey’s syntax, I saw many commands which… Well, it’s a shame but I didn’t know them. Really. Though I still remember what did “expand” word in DOS I can’t tell you what does “comp” or “clip”. Actually, I couldn’t, because I’ve done some research and in this message I’ll tell you about some command which seem to be interesting to me. Of course there are many commands, which either deprecated (break), or cannot be used directly from a script or in … Continue reading Old good command line…

IE 9 Beta starts

Yeah, we are receiving it. Come to http://www.beautyoftheweb.com/invite on the 15th of September (UPD: the download links are already accessible) to get more info about it, to download it and try it any way you want. The brief and not very full list of what’s new: – HTML5 support – Faster than previous – Many improvements in CSS and HTML compatibility – And more and more and more… Enjoy! =,,)

Certification News

Just news, briefly: New certification program for students and newbies without IT experience just started. You already can pass several exams to become MS Certified Technology Associate. More info in the program site. Brilliant way to start your certified life, I think Another freebies… Well, almost. MS gives discount up to 30% on certification exams for employees of companies which are MS partners. And, though you are to by the exams wholesale, those who work for MS partners know that you are sometimes to pass them wholesale too, so enjoy. Details.

x64 attacks, part II

When I wrote about the surge of 64-bit platform which had come to the client computers I didn’t think about one obvious things: as some platform becomes mass and popular, it attracts all sorts of ill-minded persons to it. In our age it means that all the instruments that hackers use to do what they do will become adapted to the new reality. Unfortunately it is happening whether I think about it or no (maybe someone else had thought about it? Quit it, then ). Guys from MS have reported that we have received a 64bit version of Alureon malware. … Continue reading x64 attacks, part II

Kaspersky Lab has implemented UC

Completely as advertising   We did it! “We” is somewhat exaggerated: my participation in the project was not very bold but still we have OCS and it is convenient. What think our management team you can read here (Russian). Actually, the management don’t lie: it is cool and convenient. I don’t mind where I am unless I have Internet access: I can call anyone.  The real check for me was the time I fled to our Saint Petersburg’s office from turf fires and smog. Of course I could have got a phone in the office and configure it to answer … Continue reading Kaspersky Lab has implemented UC