Hacking-101.com

Last Thursday the hacking group GNUCitizen announced that they found a critical flaw in Adobe PDF documents that allow an attacker to compromise any Windows operating system.  This requires the user to execute a malicious specially-crafted file.  It has been said that the flaw affects Windows XP with Service Pack 2.

There wasn’t any Proof-of-Concept code released with the announcement.  According the the founder they are not releasing the POC because it may take a while for Adobe to fix the product.

Within the last several days, Microsoft Windows Updates has started patching files on Windows XP and Windows Vista without users’ knowledge or intervention.  What is even stranger is that these updates will run even if the auto-update features have been disabled.

Many organizations opt to test software updates before distributing out to the end user.  Unauthorized patching in the background, even for the patching mechanism itself, should not happen.  If Microsoft can update their software without permission or user intervention what other changes or access to your information do they have?

When users launch the Windows Update website from their browser they may be prompted to install an update for Windows Update.  This holds true on new installations of the operating systems, which makes total sense.  At this point the user can opt to not install the update and therefore not patch the system or they can accept the change and load up all 85 updates (since Windows XP Service Pack 2 was released).  Microsoft has now decided that they will do this in the background without permission even if the user has disabled automatic updates.

Microsoft has been fairly silent about the updates.  The only information released was a snip on the Microsoft Community forums.

“Windows Update Software 7.0.6000.381 is an update to Windows Update itself. It is an update for both Windows XP and Windows Vista. Unless the update is installed, Windows Update won’t work, at least in terms of searching for further updates. Normal use of Windows Update, in other words, is blocked until this update is installed.”

Microsoft responded stating that the update is a consumer only release that addresses specific issues found after the previous release of Windows Updates.  Even so, Microsoft has yet to disclose what these issues are that the patches addressed.

Vista Files Updated:

1. wuapi.dll
2. wuapp.exe
3. wuauclt.exe
4. wuaueng.dll
5. wucltux.dll
6. wudriver.dll
7. wups.dll
8. wups2.dll
9. wuwebv.dll

Windows XP Files Updated:

1. cdm.dll
2. wuapi.dll
3. wuauclt.exe
4. wuaucpl.cpl
5. wuaueng.dll
6. wucltui.dll
7. wups.dll
8. wups2.dll
9. wuweb.dll

It’s important that we note that there’s nothign harmful about the updated files.  There’s been no reports of roll-backs beng required or issues after the update was installed.  The real issues isn’t if the patch was necessary but how Microsoft is handling the patching, without user authorization or consent.

Many people misunderstand hacking, cracking, white hat, black hat or other terms that security professionals use. So that we’re on the same foot I’m going to list several phrases and terms that get used.

• White Hat Hacker - A computer professional that is ethical and law-abiding.
• Black Hat Hacker - Someone who compromises the security of a system without permission from an authorized party with the intent of defeating security systems and gaining access to restricted areas
• Hacking - Unauthorized use, or attempts to circumvent or bypass the security mechanisms of an information system or network
• Cracking - The act of breaking into a computer system (see Hacking) to do harm
• Vulnerability - Hardware or software that leaves a network system open for possible exploitation. This weakness may be caused by weak security procedures, administrative controls, physical access or other controls
• FOSS - Free Open Source Software also known as OSS
• Fuzzing (Fuzz Testing) - A software technique used to discovery vulnerabilities in applications by sending random or unexpected data as input
• Script-Kiddie - Someone not skilled in hacking who uses freely available tools in an automated fashion without any technical know-how
• pwnd! - Hopefully something that doesn’t happen to this blog! Pwnd is analogous to ‘owned’ meaning to being beaten or dominated by an opponent.

Hacking-101.com is the product of the overactive imagination of several security professionals that have too much time on their hands. We come from all walks of life and we’re spread out across the United States. Our tools and techniques are tried and tested across all of the major operating systems.

Are we all 1337 hackers? The answer is an emphatic “NO!” Sure, some of us are incredibly skilled white-hat security professionals. Our skill sets come from years of experience in Information Technology and Information Security. We’re passionate about what we do.

What do we plan on talking about? Anything and everything that revolves around information security. That’s almost an unlimited amount of topics! With the sheer volume of attacks, cracks and hacks we’re bound to find something to discuss.

Subscribe to our feed to get the latest updates.