Content Type
Profiles
Forums
Events
Everything posted by Sampei.Nihira
-
POSReady 2009 updates ported to Windows XP SP3 ENU
Sampei.Nihira replied to glnz's topic in Windows XP
Yes. For now nothing. -
POSReady 2009 updates ported to Windows XP SP3 ENU
Sampei.Nihira replied to glnz's topic in Windows XP
-
Are you cyber savvy?
Sampei.Nihira replied to Sampei.Nihira's topic in Malware Prevention and Security
True. I use a double check of the scripts. I had to struggle hard to get tested -
-
This is the original report: https://www.fireeye.com/blog/threat-research/2016/02/using_emet_to_disabl.html even those who have installed EMET 5.0 ........... As I have previously written better to change.
-
https://support.microsoft.com/it-it/kb/3015976
-
Better a good security setup: MalwareBytes Anti-Exploit free + PsExec (To run Firefox as with limited-user privileges) https://technet.microsoft.com/en-us/sysinternals/psexec.aspx + Firefox + UBlock Origin + Noscript + HTTPS Everywhere + MalwareBytes AntiRamsoware (beta) Not support Windows XP http://www.wilderssecurity.com/threads/malwarebytes-anti-ransomware-beta.383333/#post-2559068
-
I use very light software: Bandizip, Softmaker FreeOffice, Potplayer, ImgBurn, HonilStylepix Portable, SumatraPDF Portable, IobitUnistaller Portable, Sumo Portable.
-
There is a free version of MBAE. Crystal Anti-Exploit is very poor. Even HPA3 is good against CVE-2015-2545.
-
Other explanation: http://www.wilderssecurity.com/threads/i-e-8-and-the-web-pages-htpps.383772/#post-2564099
-
https://support.globalsign.com/customer/portal/articles/1499561-sha-256-compatibility I have: XP Home SP3 x86 (Trick POSReady2009)
-
Not all anti-exploit are equal. Best with XP are MBAE and HPA3.
-
My XP is x86.
-
With Chrome and I.E.11..........ecc...... on Windows 7 it is OK: OS old is the first suspect. For me. ______________________ @ Dibya Authorizes the certificate on Firefox.
-
Some Web pages open correctly: Others do not: Why? TH.
-
Even with HPA3 you can uninstall all of the .NET Framework. With EMET 4.1U1 you need at least the .NET 4
-
It's possible. But it is necessary competence to disable the mitigations of 2 anti exploits and get a good symbiotic job. EMET 4.1U1 is very poor on Exploit Test Tool (HPA3): http://www.surfright.nl/en/downloads/
-
Good choice: http://casual-scrutiny.blogspot.in/2016/02/cve-2015-2545-itw-emet-evasion.html
-
Protection for I.E. scripting on MBAE: An example of testing with Exploit Test Tool (HPA3): With MBAE you can uninstall all of the .NET Framework.
-
My security setup: XP Home SP3 Trick POSReady 2009 Windows Firewall PsExec Black Viper's List Norton DNS MBAE Premium Firefox - uBlock Origin + Noscript + Toggle Referer + HTTPS Everywhere. No Java Installed No Flash I.E.8 No Silverlight Installed No NET Installed Nothing malwares !!
-
The link below: hxxps://www.malwaredomainlist.com/ still it has problems certificates
-
@ Dave-H Anti Exploits below are the best performing of EMET4.1U1: https://it.malwarebytes.org/antiexploit/ http://www.surfright.nl/en/alert Do a test with the Exploit Test Tool: http://www.surfright.nl/en/downloads/ p.s. Advantage that works without need of NET
-
POSReady 2009 updates ported to Windows XP SP3 ENU
Sampei.Nihira replied to glnz's topic in Windows XP
I uninstalled all NET. Before I had only installed NET 4. Also because I had installed EMET 4.1U1. I replaced EMET with MBAE. NET is no longer needed. -
POSReady 2009 updates ported to Windows XP SP3 ENU
Sampei.Nihira replied to glnz's topic in Windows XP
Hi to all. You have installed the KB3020338? TH. -
POSReady 2009 updates ported to Windows XP SP3 ENU
Sampei.Nihira replied to glnz's topic in Windows XP
AFAIK there shouldn't be any sequence problems. OS itself and Windows installer should take care of this automatically. About KB2938780 (NET 4 ): This update is questionable. On the one hand the update description says "Description of the security update for the .NET Framework 4 on Windows 7 and Windows Server 2008 R2: May 13, 2014" on the other hand we can read the following "This update is for the Microsoft .NET Framework to disable RC4 in Transport Layer Security (TLS) through the modification of the system registry. Use of RC4 in TLS could allow an attacker to perform man-in-the-middle attacks and recover plaintext from encrypted sessions.". TLS 1.0 is definitely supported on Windows XP. Currently, due to vulnerabilities in SSL 2.0/3.0, TLS remains the last secure protocol in XP. Moreover Supported Operating System list says "Windows 7, Windows XP, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Vista" (if I remember correctly Windows XP was listed at the release time of this update). So - Why "security update for the .NET Framework 4 on Windows 7 and Windows Server 2008 R2" can be successfully installed on XP, Server 2003, Vista and Server 2008? Strange, isn't it? This update has been successfully installed on my system, zero problems so far. Decide for yourself, is it worth to install it or not. Which ones? Sorry. I made a mistake with update KB2894843. This morning I was very tired.