Friday, October 31, 2014

Software and IT Partner News

Aug24

Written by:SuperUser Account
8/24/2010 7:54 AM RssIcon

Today we released Microsoft Security Advisory 2269637. This is different from other Microsoft Security Advisories because it's not talking about specific vulnerabilities in Microsoft products. Rather, this is our official guidance in response to security research that has outlined a new, remote vector for a well-known class of vulnerabilities, known as DLL preloading or "binary planting" attacks.  We are currently conducting a thorough investigation into how this new vector may affect Microsoft products. As always, if we find this issue affects any of our products, we will address them appropriately.

Additionally, today we are providing a defense-in-depth update that customers can deploy that will help protect against attempts to exploit vulnerable applications through this newly identified vector. Finally, we are using our strong connections with researchers and partners in the industry to help address this new class of vulnerability. Our Microsoft Vulnerability Research program has been working to coordinate communication between the researcher who first brought this new vector to us and other application developers who are affected by this issue.

Technical Background

What this new research demonstrates is a new remote vector for DLL preloading attacks. These attacks are not new or unique to the Windows platform. For instance, PATH attacks that are similar to this issue constitute some of the earliest class of attacks against the UNIX operating system. The attack focuses on tricking an application into loading a malicious library when it thinks it's loading a trusted library. For this to succeed, the application has to call the trusted library by name instead of properly using its full path (for example, calling dllname.dll rather than C:\Program Files\Common Files\Contoso\dllname.dll). The attacker then has to place a malicious copy of the library in a directory that the system will search to locate the library and have that be a directory it will search before the directory where the trusted library actually is. For example, if an attacker knows that the application simply calls for dllname.dll (rather than using the full path) and it will look for dllname.dll in the current working directory before looking in C:\Program Files\Common Files\Contoso\. Then if the attacker can plant a malicious copy of dllname.dll in the current working directory, the application will load it first executing the attacker's code in the application's security context.

PATH or DLL preloading attacks have so far required the attacker to plant the malicious library on the local client system. This new research outlines a way an attacker could levy these attacks by planting the malicious library on a network share. In this scenario, the attacker would create a data file that the vulnerable application would open, create a malicious library that the vulnerable application would use, post both of them on a network share that the user could access, and convince the user to open the data file. At that point, the application would load the malicious library and the attacker's code would execute on the user's system.

Because this is a new vector, rather than a new class of vulnerability, the existing best practices that protect against this class of vulnerability, automatically protect against this new vector: ensuring that applications make calls to trusted libraries using full path names.

While the best protection is following best practices, we are able to provide an additional layer of defense by offering a tool that can be configured to disable the loading of libraries from network shares. In particular, because this is altering functionality, we encourage customers to evaluate this tool before deploying it. As part of your evaluation, we encourage you to review the information at the Security Research and Defense (SRD) blog.

We will continue our work with the researchers and the industry to identify and address vulnerable applications. And as always, we will update you with any new information we have through our security advisories, security bulletins and the MSRC weblog as appropriate.

Original post is here.

Featured Microsoft Partners

 

RoseASP 
Office Location:  San Diego, California, United States
Type:  Reseller,VAR,Other
Industry Focus:  Application Hosting of Microsoft Dynamics ERP solutions and ISV solutions. SPLA licensing, SAAS Hosting,


RoseASP is a leading provider of SOX compliant, hosted ERP solutions to mid-sized business. We specialize in hosting Dynamics GP, AX, CRM, and SharePoint. With our growing partner program membership, we offer an expanding catalog of ISV products and solutions to our clients, ensuring maximum security, and reliability for mission-critical applications.

 

 

T3 Information Systems 
Office Location:  Washington, District of Columbia, United States
Type:  ISV,Systems Integrator,Reseller,VAR
Industry Focus:  Not-For-Profit


T3 Information Systems, a Microsoft Gold Certified Partner specializing in Microsoft Dynamics GP, SL and CRM, as well as financial reporting, dashboard and budgeting applications such as FRx\Management Reporter, OnseStop Reporting, NetCharts Performance Dashboards, Forecaster and our own Full Circle Budget. T3 combines best in class software applications with industry best practices and proven processes to meet the unique business needs of nonprofit organizations. To learn more about T3 Information Systems, visit www.t3infosystems.com.

 

 

Jack Frost Design 
Office Location:  San Ramon, California, United States
Type:  ISV,Training Firm,VAR,Other
Industry Focus:  Jack Frost Design is all about business and not necessarily about a specific industry. After 40+ years in business JFD has touched corporations, medium size businesses and some small business entities. No matter what industry you are in delivering a successful business initiative requires a strong command of four key business skills:•Business Operations: a solid understanding of workflow process and ROI (return on investment).•Marketing: the ability to identify and reach a target market with an effectively motivating message.•Technology: the technical skills to harness the most effective technologies for business process automation.•Branding: the ability to encapsulate all of the above factors within a unified vision that resonates with the target customer and builds loyalty.Because it only takes weakness in one of these areas to undermine what would have otherwise been a successful enterprise, Jack Frost Design has taken the unusual step of including each of these areas of expertise in a single company. It a unique approach. It has been successful for 40+ years.


SharePoint Makes it Possible. JFD Makes it HappenAt JFD we have a solid understanding and respect for SharePoint. We pioneered using the technology for public facing websites and we are skilled at configuring it to reduce the possibility of uncontrolled over deployment. We use the product the same way that most of our clients do.We also let ROI be our guide in the development of workflow automation and we never build without a financial goal and a documented blueprint or project plan. JFD has been brought in to clean up other partner's failed projects. And as a company we are most proud of our work ethic.

 

 

LearnDevNow 
Office Location:  Eden Prairie, Minnesota, United States
Type:  Training Firm
Industry Focus: 


LearnDevNow provides practical online learning videos for Microsoft developers worldwide. Our comprehensive learning library features self-paced training videos for Visual Studio, SQL Server, SharePoint and more, allowing busy developers to learn whenever and wherever it fits their schedule.

 

 

NCC Data 
Office Location:  Addison, Texas, United States
Type:  ISV,Systems Integrator,Reseller
Industry Focus:  NCC Data specializes in IT Outsourcing. We consult with companies in order to help maximize employee’s productivity with the goal of reducing costs.


NCC Data has grown to one of the top independently owned IT services and communications companies in the Dallas-Fort Worth Metroplex. Why? Our clients come first. It’s important to us as a company to give each and every client the best in cost-effective innovation, strategies, service and professionalism.

 

Search All Companies


Tag List

Minimize
mobile (19)
social media (12)
gaming (11)
Android (7)
security (7)
tablet (6)
Amazon (5)
CES (5)
management (5)
advertising (4)
EAM (4)
foursquare (4)
Microsoft Partner Network (4)
Nokia (4)
API (3)
Barnes & Noble Nook (3)
malware (3)
salesforce (3)
smb nation (3)
The Resource Group (3)
.NET (2)
analytics (2)
Australia (2)
Blackberry (2)
chrome (2)
developers (2)
Digg (2)
education (2)
Enterprise Asset Management (2)
facebook (2)
Government (2)
Green (2)
Hadoop (2)
Halo (2)
hotmail (2)
Legal (2)
McAfee (2)
PaaS (2)
Paul Allen (2)
planning (2)
RIM (2)
skype (2)
SMB (2)
SQL (2)
Staffing Software (2)
System Center (2)
usage (2)
Windows Live (2)
Yahoo (2)
3D Technology (1)
Active Directory (1)
adCenter (1)
Adobe (1)
ADP (1)
Alternative Energy (1)
Amazon Kindle (1)
annual enhancement (1)
AOL (1)
apache (1)
App Store (1)
Apple TV (1)
Arch Touch (1)
Asset Management (1)
Asset Point (1)
AT&T (1)
Atom (1)
Augmented Reality (1)
Aurora (1)
B2B (1)
B2C (1)
Ballmer (1)
Bill Gates Annual Letter (1)
Bob Scott's (1)
bots (1)
Browsers (1)
business (1)
business IT integrators (1)
business sales presentations (1)
Cameron Diaz (1)
CBS (1)
Cisco (1)
citrix (1)
CMMS (1)
Collins Computing (1)
consumer electronics (1)
Convergence.Keynote (1)
creative commons (1)
crm (1)
Crowd Sourcing (1)
crowdsourcing (1)
data visualization (1)
David Pogue (1)
Development (1)
Docs.com (1)
Document Management (1)
dropbox (1)
Dryad (1)
EAS (1)
e-book (1)
ecommerce (1)
email (1)
Enterprise Portfolio Management (1)
Epicor 9 (1)
Eric Ligman (1)
ERP (1)
Event (1)
Excel (1)
Facebook IPO (1)
farm (1)
FarmVille MSN (1)
FCC (1)
feeds (1)
Ford (1)
GameTuts (1)
Goldman Sachs (1)
golf (1)
google docs (1)
Google TV (1)
Government Contractors (1)
hardware (1)
Healthcare (1)
heat maps (1)
home (1)
HP (1)
HTC (1)
Hyper-V (1)
IaaS (1)
IBM (1)
IE6 (1)
Infor Visual (1)
Intel (1)
iphone 5 (1)
IPM Global (1)
IT (1)
iTunes (1)
JAVA (1)
Kevin Turner (1)
keywords (1)
KnowledgeLake (1)
LexisNexis (1)
LightSwitch (1)
Lime (1)
location (1)
Logo (1)
Mainframe (1)
Managed Services (1)
mapping (1)
MapReduce (1)
maps (1)
marketing (1)
Mass Notification (1)
Media Center (1)
MED-V (1)
menlo mobile (1)
metrics (1)
Micorsoft Partner Network (1)
Microsoft Entertainment & Digital Media (1)
Microsoft Store (1)
Microsoft System Center Operations Manage (1)
MirageTable (1)
Motally (1)
mouse (1)
MPN (1)
MPN Renewal (1)
MSN (1)
MySQL (1)
Natural User Interface (1)
net neutrality (1)
Nikkei (1)
Nook (1)
NY Times (1)
Oak Trail (1)
OASIS (1)
Online Training (1)
outlook (1)
Partner Logos (1)
PartnerEd (1)
PartnerPoint (1)
Patches (1)
Patent (1)
PayPal (1)
PerformancePoint (1)
PIPA (1)
PowerPoint (1)
presentations (1)
Professional Services (1)
Public Sector (1)
Rackspace (1)
Ray Ozzie (1)
RearType (1)
Red Hat (1)
redu (1)
ROI (1)
Salesforce.com (1)
scaling (1)
schools (1)
SDL (1)
search (1)
Search Market (1)
Security Flow (1)
selling (1)
server (1)
SherWeb (1)
slate (1)
small business (1)
Smart Phone (1)
SoC (1)
Social Search (1)
software (1)
SOPA (1)
Southwest Airlines (1)
spam (1)
speech TellMe (1)
Staffing (1)
Steve Jobs (1)
SugarCRM (1)
sun (1)
Sync (1)
techcrunch (1)
TechED (1)
TEDx (1)
Telecommunications (1)
T-Mobile (1)
training (1)
TV (1)
Vail (1)
venture capital (1)
Virtual Event (1)
Virtual Partner Concierge (1)
VMWare (1)
VPC (1)
Vulnerability (1)
W3C (1)
web (1)
White Paper Leads (1)
wifi (1)
WikiLeaks (1)
Wikipedia (1)
Win 95 (1)
Window Live (1)
windows (1)
Windows 8 (1)
Windows 8 Release Preview (1)
Windows Azure Media Services (1)
Windows Phone 8 (1)
WoW (1)
xp (1)
Print  
© 2005 - 2011 PartnerPoint