When a USB stick is connected to a PC the Windows operating system enumerates the device. In simple terms, this means Windows will check to see what type of device was just connected, a HID device, Mass Storage Devicet etc, it will also check the speed of the device.
During the enumeration process some registry entries are made into the Windows registry…this is where a hacker could get into your system and take control. This is the update Microsoft issues earlier this week to fix the security flaw.
Since the vulnerability is triggered during USB enumeration, no user intervention is required. In fact, the vulnerability can be triggered when the workstation is locked or when no user is logged in, making this an unauthenticated elevation of privilege for an attacker with casual physical access to the machine. Other software that enables low-level pass-through of USB device enumeration may open additional avenues of exploitation that do not require direct physical access to the system.
So be sure to update your PC with the update notification comes through – it’s in your best interest.
Full Microsoft article
Microsoft has made available a new version of “Defender” to ride infected computers of malware, including rootkits which highjack your boot process and corrupt your computer.
The “Defender Offline Beta” is available from Microsoft for free [here] and does require updates as virus definitions are always changing.
Definitions are files that provide an encyclopedia of potential software threats. Because new threats appear daily, it’s important to always have the most up-to-date definitions installed in Windows Defender Offline Beta. Armed with definition files, Windows Defender Offline Beta can detect malicious and potentially unwanted software, and then notify you of the risks.
The Redmond company suggests you make a USB drive with the Defender Offline Beta software from a PC which is not infected. Doing so on a corrupted computer could interfere with the USB and yield the Microsoft tool useless.
To use Windows Defender Offline Beta, you need to follow four basic steps:
A leaked version of Windows 8 has surfaced and there look to be some promising features for the USB lovers out there. First and formost, check out this screen shot of Windows 8 asking if you’d like to run from a USB flash drive.
Is it possible Microsoft figured out the best possible solution for longevity is letting users run their OS from a flash drive, then plug it into any PC they see fit to run their computer? Some storage problesm with that, but never-the-less, a good starting point.
Here are some other things we think might be bundled with Windows 8:
- Run from an ARM processor
- Multi touch gesture interface
- USB portability
- Ribbon user interface
- Easy access to cloud storage
But who knows exactly what will be included until Microsoft makes the official beta version available.
USB stick manufacturers will rejoice with this news. No longer will their flash memory be limited with the FAT32 file system, but rather an unlimited size of storage space.
Up to this point FAT file systems had a limitation of 4GB for a single file size and up to 32GBs for an entire volume. But no more. Microsoft has released a new exFAT file system. This means our USB sticks will become supersized and no longer need to worry about dynamic file structures of NTFS. With USB memory getting bigger each year, this is great news for mobile storage.
On January 27 2009, Microsoft released their new exFAT file system. Or extended File Allocation Table [exFAT]. Here is some information off the Microsoft website:
The exFAT file system is the successor to FAT32 in the FAT family of file systems. The exFAT file system is a new file format system to address the growing demand and size of mobile storage like USB sticks, PDAs, and solid state hard drives. What’s nice about the exFAT file system
Microsoft developed a USB stick to pluck evidence out of computers at crime scenes. The USB device is called COFEE (Computer Online Forensic Evidence Extractor) and has the power to blast through security settings to get the good stuff…and quick.
The COFEE USB devices is ideal for on-site investigation where law-enforcement needs to extract data quickly and accurately. The Microsoft COFEE contains 150 commands which dramatically cuts down time to gather digital evidence. It can decrypt passwords and analyze a computer’s