不幸因為誤裝新版WGA的解法！

很多人包括我以前也都是有正版授權但卻選擇安裝D版
原因不外乎就是安裝容易，省了時間在打Patch上
把安裝的過程簡化到三歲小孩也能使用XD

當然有些人可能因此中了新版會導致黑屏的WGA
如果你有正版授權又不幸中獎，那就按"繼續閱讀"
看擺脫的方法，如果你只有D版，那就請您就此打住！


去掉新版的WGA不難
也不需要任何第三方Patch，自己動動手就可以解決了

首先開啟"執行"，輸入regedit.exe

接著尋找

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\NotifyWgaLogon

把WgaLogon這項刪除就完成了 (繼續閱讀...)

微軟10月份安全性更新

微軟在前些天發佈了安全性更新預告
現在更新已經可以下載了

KB941229
32bit
64bit

KB941600
32bit
64bit

KB941649
32bit
64bit

KB941651
32bit
64bit

KB942239(for Server 2008)
32bit
64bit
IA64 (繼續閱讀...)

Apple修復Quick Time安全性漏洞

這個漏洞先前介紹過了,透過FireFox觀看某些不良的Quick Time媒體檔案
會遭到駭克的攻擊,這個漏洞從發現到修復已經經過一年了,Apple才將它修復
影響的作業系統包括Windows XP以及Vista
(繼續閱讀...)

Windows Vista SP1測試版開始

微軟從25號開始進行了Vista SP1的測試,首批參與測試的人員高達12000名
除了微軟的程式人員外,還有受到微軟邀請一同測試的非微軟程式人員一同加入

目前Vista SP1共兩個測試版,差別為一個是獨立五國語言另一個是36國語言
還分為32以及64bit,其中32bit的HotFix檔案大小為687mb,64bit則為1117mb
而36語言版的檔案大小為1308mb,1778mb (繼續閱讀...)

Windows XP/2003/Vista 9月下旬HotFix發布(英文)

此次更新修正了MCE撥放,以及非管理員再使用www十與iis的相容性問題
有需要就更新!

Vista (x86):
-KB938126: Install this update to enable new types of Windows Media Center Extenders, such as digital televisions and networked DVD players, to connect to the Windows Media Center PC.
-KB933228: Install this update to resolve an issue where a user may receive a "Page can not be displayed" error message when using Internet Explorer 7 to access a web server configured to use OpenSSL.
-KB939786: Install this update to resolve an issue where the system cannot listen for HTTP traffic when a non-administrator user starts an application.
-KB932385: Install this update to resolve an issue where CGI applications that set multiple instances of a response header in Internet Information Services (IIS) 7.0 do not work as expected.

Vista (x64):
-KB938126: Install this update to enable new types of Windows Media Center Extenders, such as digital televisions and networked DVD players, to connect to the Windows Media Center PC.
-KB933228: Install this update to resolve an issue where a user may receive a "Page can not be displayed" error message when using Internet Explorer 7 to access a web server configured to use OpenSSL.
-KB939786: Install this update to resolve an issue where the system cannot listen for HTTP traffic when a non-administrator user starts an application.
-KB932385: Install this update to resolve an issue where CGI applications that set multiple instances of a response header in Internet Information Services (IIS) 7.0 do not work as expected.

XP (x86):
-KB931678: Install this update to resolve an issue where an access violation may occur when a pop-up window in Internet Explorer 7 is closed on a system running Windows XP with Service Pack 2.

XP (x64):
-KB938680: Install this update to prevent problems which may occur when you use Windows Server 2003 to implement Winsock Direct (WSD) in a fast System Area Network (SAN) environment.

Server 2003 (x86):
-KB940349: Install this update to improve the reliability, scalability, and memory optimization of the Volume Shadow Copy Service (VSS) in Windows Server 2003.
-KB938680: Install this update to prevent problems which may occur when you use Windows Server 2003 to implement Winsock Direct (WSD) in a fast System Area Network (SAN) environment.

Server 2003 (x64):
-KB940349: Install this update to improve the reliability, scalability, and memory optimization of the Volume Shadow Copy Service (VSS) in Windows Server 2003.
-KB938680: Install this update to prevent problems which may occur when you use Windows Server 2003 to implement Winsock Direct (WSD) in a fast System Area Network (SAN) environment.

Server 2003 (IA64):
-KB940349: Install this update to improve the reliability, scalability, and memory optimization of the Volume Shadow Copy Service (VSS) in Windows Server 2003.
-KB938680: Install this update to prevent problems which may occur when you use Windows Server 2003 to implement Winsock Direct (WSD) in a fast System Area Network (SAN) environment. (繼續閱讀...)

發現新的Windows Buffer Overflow!!

這個漏洞也是一個典型的Buffer Overflow(中譯:緩衝區溢位)
主要是由Windows中的mfc42.dll,mfc42u.dll這兩個API發生了問題
目前已知這兩個API在HP的All-In-One系列產品驅動有調用這兩個API
如果遇到有心人積極破解,很有可能就會因此得到了操作系統底層的權限!!
(繼續閱讀...)

Windows Media Player發新漏洞!!

這是一個叫做Petko Petkov資安人員發現的
這個漏洞是利用wpm媒體檔案來導致讓沒有安裝過HotFix的IE發生缺陷!
就算你使用了其他非IE核心的瀏覽器,一樣無法避免遭受到此漏洞的危害!

Petko Petkov也公佈了攻擊代碼,以下是利用XML的HTML View value標籤漏洞所進行的攻擊代碼

< name="HTMLView" value="[url here]">

對於這個漏洞微軟的態度頗為消極,因為他們還沒有接到任何因為這個露懂所引發的攻擊事件... (繼續閱讀...)

微軟在Windows裡放後門又被抓包

內容大意是說有些人的windows本身沒設置自動更新,也沒上windows updata,結果居然有hotfix被悄悄的更新了...
接著ZD NET也證實了這項消息
針對這次的更新,微軟的說法是他們更新的是Windows Updata,認為這樣子做不會打擾到使用者..

Windows Update pushes out "stealth" updates, Microsoft explains

Posted Sep 13th 2007 4:12PM by Donald Melanson
Filed under: Desktops, Laptops
Microsoft kicked up a bit of a stir recently, when it began what appeared to be a practice of updating files on individuals' computers even when they had turned off the automatic update feature in Windows XP and Vista. That first came to light courtesy of the folks at the "Windows Secrets" newsletter, which found that nine files in XP and Vista were changed on or after August 24th, with no notification of the changes in Windows whatsoever. That was later confirmed by ZDNET's Hardware 2.0 blog, which tracked down the affected files and also pinpointed the update date as August 24th. Now, Microsoft has come out and explained itself, saying that the updates weren't really updates for Windows, but rather updates for Windows Update itself, which apparently didn't merit a notification. The company does admit that it could have been more "transparent" about the matter, however, and says it's now "looking at the best way to clarify" the behavior of Windows Update.

[Thanks, Robert J] (繼續閱讀...)

intel E4000/6000 系列windows 重要更新!

剛剛看到的,搜尋了一下沒找到相關主題
文章中提到這是一個嚴重的問題,受到影響的處裡器包括:
"Core 2 Duo E4000/E6000, Core 2 Quad Q6600, Core 2 Xtreme QX6800, QX6700 and QX6800"

不清楚到底是什麼問題
目前此更新在ms 的網站上已經可以下載

A COUPLE OF WEEKS ago, we heard that Dell was dealing with a certain situation considering Intel dual-core MCW and quad-core KC marchitecture, and that the company was releasing urgent BIOS and microcode versions for its line up.

We learned that the affected CPUs are the Core 2 Duo E4000/E6000, Core 2 Quad Q6600, Core 2 Xtreme QX6800, QX6700 and QX6800.

In the mobile world, people with the Core 2 Duo T5000 and T7000 need to visit Microsoft's site, while the server guys will want to use motherboard BIOSes if they do not rely on Microsoft Windows operating systems.

The affected servers are Xeon 3000, 3200, 5100 and 5300s - or just about every model from the second generation of Core marchitecture.

Oddly enough, Yonah - 32-bit Core Duo processor - isn't among the affected cores.

We are assured that no product recall will happen, and that La Intella took all appropriate steps in order to minimise damage to its public image, because if a product recall happened, Intel's credibility would be ruined for good.

Anyway, if you have a Core CPU based machine, go to the link below to download the update. AMD processors are not affected at all, in case you were wondering. µ
引用文章出處 (繼續閱讀...)