Windows 7 zero day exploit

A security researcher has said there is a zero-day vulnerability affecting Windows 7 and Vista.

The flaw in Windows 7 could allow an attack which would cause a critical system error, or “Blue Screen of Death”, according to researcher Laurent Gaffie.

Gaffie wrote in his blog that the flaw lies in a Server Message Block 2 (SMB2) driver.

“SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionality,” wrote Gaffie in a blog post on Monday.

Gaffie said he had contacted Microsoft. Comments on his blog by other users said that the flaw could lead not only to denial of service, but could also lead to remote code execution.

Computer security publication ‘The H’ wrote on Tuesday that its German sister publication had tested the proof-of-concept code, and that while the exploit had caused a reboot on Vista, the exploit had not worked on Windows 7.

Metasploit creator HD Moore said in a tweet on Tuesday that an SMB bug appeared to have been introduced into Vista SP1. Coder Josh Goebel said in a blog post that he had added the exploit code to Metasploit.

Microsoft had not responded to a request for comment at the time of writing.

source

Windows 7 fishy secret

As Microsoft has given green light to the public downloads of Windows 7 Beta 1 Build 7000, millions of testers will be greeted by the new default wallpapers of the operating system, featuring none other than the Siamese fighting fish. In fact, Windows 7 has been offering users a chance to have the creature, a member of the Betta splendens species, as their background since before Christmas 2008, when Build 7000 was initially leaked. Microsoft’s reason for choosing the Siamese fighting fish for Windows 7 was rather simple. The wallpaper is included only in the Beta version of Windows 7, and not in the previous three milestone developments, because this very popular freshwater fish is actually known as betta.

There is no telling, at this point in time, whether the Redmond company will continue to feature the Windows 7 betta fish wallpaper into the operating system moving forward to the next development milestone, or if the specimen will end up out of water. Should users expect an RC (release candidate) fish next? Or maybe even a gold fish for the RTM (gold) edition of Windows 7?

The betta fish featured in Windows 7 Beta on the default background is native of Thailand. However, Microsoft has chosen a specific variety of betta. Fact is that the wild and “plain vanilla” bettas are not much to look at. Just brown with shades of green and with short fins, the natural betta fish would never have been chosen to complement the Windows 7 Beta 1 default wallpaper. Nevertheless, the process of selective breeding has produced Betta splendens fish with a wide range of colors, including the blue and red, as the specimen on the Windows 7 background.

Fact is that, with the inclusion of the selectively bred betta in Windows 7 Beta, Microsoft is hinting that the previous Milestone releases of the platform were just the native versions of the fish. Yet, at the same time, Milestone 1, M2 and M3 of Windows 7 were much more Windows Vista than the next iteration of the Windows client. The inclusion of the betta fish in Windows 7 Betta is accompanying the evolution process from Vista to Win 7, as Microsoft is doing a tad of “selective breeding” of its own.

windows 7 secret tricks

Lately I installed windows 7 on my xps 1210 and its awesome. I had been discovering small tricks in win 7 and then I stumbled upon to this mega tricks list of the OS on msdn blogs.

Enjoy.

  1. Windows Management. By now, you’ve probably seen that Windows 7 does a lot to make window management easier: you can “dock” a window to the left or right half of the screen by simply dragging it to the edge; similarly, you can drag the window to the top of the screen to maximize it, and double-click the window top / bottom border to maximize it vertically with the same horizontal width. What you might not know is that all these actions are also available with keyboard shortcuts:
    • Win+Left Arrow and Win+Right Arrow dock;
    • Win+Up Arrow and Win+Down Arrow maximizes and restores / minimizes;
    • Win+Shift+Up Arrow and Win+Shift+Down Arrow maximizes and restores the vertical size.

    This side-by-side docking feature is particularly invaluable on widescreen monitors – it makes the old Windows way of shift-clicking on two items in the taskbar and then using the context menu to arrange them feel really painful.

  2. Display Projection. Had enough of messing around with weird and wonderful OEM display driver utilities to get your notebook display onto an external projector? In that case, you’ll be pleased to know that projection is really quick and simple with Windows 7. Just hit Win+P, and you’ll be rewarded by the following pop-up window:
    The Win+P Projector Settings window allows you to quickly switch display settings.
    Use the arrow keys (or keep hitting Win+P) to switch to “clone”, “extend” or “external only” display settings. You can also access the application as displayswitch.exe.If you want broader control over presentation settings, you can also press Win+X to open the Windows Mobility Center, which allows you to turn on a presentation “mode” that switches IM clients to do not disturb, disables screensavers, sets a neutral wallpaper etc. (Note that this feature is also available in Windows Vista.)
  3. Cut Out The Clutter. Working on a document in a window and want to get rid of all the extraneous background noise? Simply hit Win+Home to minimize all the non-active background windows, keeping the window you’re using in its current position. When you’re ready, simply press Win+Home again to restore the background windows to their original locations.
  4. Multi-Monitor Windows Management. The earlier tip on window management showed how you can dock windows within a monitor. One refinement of those shortcuts is that you can use Win+Shift+Left Arrow and Win+Shift+Right Arrow to move windows from one monitor to another – keeping them in the same relative location to the monitor’s top-left origin.
  5. Command Junkies Only. One of the most popular power toys in Windows XP was “Open Command Prompt Here”, which enabled you to use the graphical shell to browse around the file system and then use the context menu to open a command prompt at the current working directory. In Windows 7 (and in Windows Vista, incidentally – although not many folk knew about it), you can simply hold the Shift key down while selecting the context menu to get exactly the same effect. If the current working directory is a network location, it will automatically map a drive letter for you.
  6. It’s a Global Village. If you’ve tried to change your desktop wallpaper, you’ve probably noticed that there’s a set of wallpapers there that match the locale you selected when you installed Windows. (If you picked US, you’ll see beautiful views of Crater Lake in Oregon, the Arches National Park, a beach in Hawai’i, etc.) In fact, there are several sets of themed wallpapers installed based on the language you choose, but the others are in a hidden directory. If you’re feeling in an international mood, simply browse to C:\Windows\Globalization\MCT and you’ll see a series of pictures under the Wallpaper directory for each country. Just double-click on the theme file in the Theme directory to display a rotation through all the pictures for that country. (Note that some countries contain a generic set of placeholder art for now.)
  7. The Black Box Recorder. Every developer wishes there was a way that an end-users could quickly and simply record a repro for the problem that they’re running into that is unique to their machine. Windows 7 comes to the rescue! Part of the in-built diagnostic tools that we use internally to send feedback on the product, the Problem Steps Recorder provides a simple screen capture tool that enables you to record a series of actions. Once you hit “record”, it tracks your mouse and keyboard and captures screenshots with any comments you choose to associate alongside them. Once you stop recording, it saves the whole thing to a ZIP file, containing an HTML-based “slide show” of the steps. It’s a really neat little tool and I can’t wait for it to become ubiquitous on every desktop! The program is called psr.exe; you can also search for it from Control Panel under “Record steps to reproduce a problem”.
    The Problem Steps Recorder provides an easy way for users to record a problem repro for later diagnosis.

more secrets and tricks

Microsoft Windows 7 scam

Today I came across this website www.windows7giveaway.com which promises to give away a free copy of windows 7 ultimate if you pay $25 as the shipping cost. This looks like a very attractive deal. One of our friends from Pune startups group took the initiative to verify it from Microsoft and here is what they have to say.

windows 7 scam

“Dear Sir,

Thank you for your e-mail concerning the Microsoft lottery. We would

like to confirm this is a hoax website and did not originate from

Microsoft. Microsoft does not have any connection whatsoever with

this alleged lottery. It’s unfortunate that some people have chosen to

abuse the freedom that the internet offers by conducting fraudulent

activity.

Privacy and security are very important to Microsoft. For more

information please visit the following website:

http://www.microsoft.com/security/lottery/default.mspx

Yours sincerely,

Microsoft UK”

I would recommend everyone to inspect such offers closely as this might make you pocket a few bucks lighter and you would not be getting anything in return except frustration and annoyance.

Moreover any such issues can be reported here http://go.microsoft.com/?linkid=9661492