lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <427C0065259949EDB585100E647A283D@W340>
Date: Wed, 11 Feb 2015 16:42:17 +0100
From: "Stefan Kanthak" <stefan.kanthak@...go.de>
To: <bugtraq@...urityfocus.com>
Cc: fulldisclosure@...lists.org
Subject: [FD] [ANN] MSKB 3004375 available for Windows 2000 and later too
	(but NOT from Mcirosoft)

Hi @ll,

yesterday Microsoft published the security advisory 3004375
<https://technet.microsoft.com/en-us/library/security/3004375>
announcing an update which enables Windows 7 and newer to log
the command lines used to start processes to the event log.

If you want to have this functionality on older versions of
Windows too see <http://home.arcor.de/skanthak/appinit.html>
(but notice the license terms).

Limitation: command lines of processes that dont load USER32.DLL
are not logged. Fortunately almost all Win32 applications but
load USER32.DLL

JFTR: APPINIT.DLL works since 20 years.

regards
Stefan Kanthak

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists