We are aware that research has been published detailing a remote attack vector for a class of vulnerabilities that affects how applications load external libraries.
This issue is caused by specific insecure programming practices that allow so-called "binary planting" or "DLL preloading attacks". These practices could allow an attacker to remotely execute arbitrary code in the context of the user running the vulnerable application when the user opens a file from an untrusted location.
This issue is caused by applications passing an insufficiently qualified path when loading an external library. Microsoft has issued guidance to developers in the MSDN article, Dynamic-Link Library Security, on how to correctly use the available application programming interfaces to prevent this class of vulnerability. Microsoft is also actively reaching out to third-party vendors through the Microsoft Vulnerability Research Program to inform them of the mitigations available in the operating system. Microsoft is also actively investigating which of its own applications may be affected.
In addition to this guidance, Microsoft is releasing a tool that allows system administrators to mitigate the risk of this new attack vector by altering the library loading behavior system-wide or for specific applications. This advisory describes the functionality of this tool and other actions that customers can take to help protect their systems.
Mitigating Factors
· This issue only affects applications that do not load external libraries securely. Microsoft has previously published guidelines for developers in the MSDN article, Dynamic-Link Library Security, that recommend alternate methods to load libraries that are safe against these attacks.
· For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a document from this location that is then loaded by a vulnerable application.
· The file sharing protocol SMB is often disabled on the perimeter firewall. This limits the possible attack vectors for this vulnerability.
Affected Software
Microsoft is investigating whether any of its own applications are affected by insecure library loading vulnerabilities and will take appropriate action to protect its customers.
http://www.talktoht.com/
I am frm Punjab.I am a Microsoft Certified IT Professional. MY Skills:IT Security,Client/Domain,Cloud,VPN,AD,DNS,DHCP,Relay Agent,Access Point And Networking(LAN/WAN/WLAN/WWAN/Wi-MAX)TCP/IP,Virtualization Computing and diskless networking.
Subscribe To http://gurbindersh.blogspot.com
Posts
All Comments
SHAREPOINT
Spotlight on share server 2010
Saturday, August 28, 2010
Wednesday, August 25, 2010
FIGHT AGAINST ADVANCED MELANOMA
HI GUYS
In Early Trial, Targeted Therapy Fights Advanced Melanoma
WEDNESDAY, Aug. 25 -- By probing deeper into the biological mechanisms that go awry in melanoma, scientists have come up with an experimental drug that has had an effect in a surprising number of patients with advanced melanoma.
The drug, PLX4032, just completed a phase 1 clinical trial in which 81 percent of participants with a particular gene mutation had a partial response, meaning at least some shrinkage of the tumor.
The current standard treatments for metastatic melanoma -- chemotherapy and interleukin-2 (IL2) -- only have response rates in about 15 percent of these patients, said Dr. Paul Chapman, senior author of a study in which the findings are described.
The average survival time for someone diagnosed with melanoma is nine to 11 months, added Chapman, who is an attending physician in the Melanoma Sarcoma Service at Memorial Sloan-Kettering Cancer Center in New York City.
One expert cautioned that it's too early to say whether the drug will actually prolong patient's lives, or if it might be helpful to patients in earlier stages of the disease.
"I don't want to say this is going to change survival rates but they're working with the most ill people, so you can't really generalize [to other patient populations]," said Dr. Alice Pentland, chair of dermatology at the University of Rochester Medical Center. "I think the most important part of this breakthrough is the bigger percentage of people who responded."
About nine years ago, scientists discovered that the tumors of about half of patients with melanoma have a mutation in a gene called BRAF.
The gene appears to help drive the runaway cell division that is a hallmark of cancer. "It's always on. It's always signaling to the nucleus [of the tumor cells] that it's time to divide," Chapman explained.
That finding opened the door to potential targeted, molecular therapies for melanoma, which has been sorely lacking in effective treatments.
PLX4032 is the first potent inhibitor of BRAF that has made it to the clinical trial stage, Chapman said.
In the trial, 55 patients received escalating doses of the drug. Ten of 16 patients who had the BRAF gene mutation had a partial response to the drug, meaning the tumor shrank by at least 30 percent, while one had a complete response, with the tumor disappearing altogether.
Among 32 patients with BRAF-mutated melanoma in the second phase of the study, 24 had a partial response and two had a complete response.
"It worked: 81 percent had a partial response -- which has never been seen. I don't know of any solid tumors that have a response rate that high," said Chapman. "What's different here is that we've discovered a molecule that is responsible for driving the melanoma cell. It turns out that the melanoma really cares if we block the gene BRAF. It matters. It's addicted to this pathway."
There are some important caveats, however. It's not known at this time if the drug can improve overall survival, and a sizable proportion of participants developed resistance to the drug, the researchers say.
The findings join other recent reports of potential treatments for melanoma in what appears to be an exciting time for the field. Progress in this field has essentially been stalled for decades, experts say.
Recently, scientists reported that another experimental drug, ipilimumab, prolonged median survival in patients with metastatic melanoma from 6.4 months to 10 months.
"[Existing therapy] is not good for melanoma, so this is really a new opportunity that I think may have some importance to people," Pentland said.
However, she stressed that the best defense against melanoma is to get your skin examined regularly by a professional who knows what to look for.
"Our most successful treatment is to get [the lesion] early, get it before it's thick, get it before it spreads," she said.
Gurbinder Sharma
"NEVER STEP BACK ONCE YOU STEP AHEAD"
In Early Trial, Targeted Therapy Fights Advanced Melanoma
WEDNESDAY, Aug. 25 -- By probing deeper into the biological mechanisms that go awry in melanoma, scientists have come up with an experimental drug that has had an effect in a surprising number of patients with advanced melanoma.
The drug, PLX4032, just completed a phase 1 clinical trial in which 81 percent of participants with a particular gene mutation had a partial response, meaning at least some shrinkage of the tumor.
The current standard treatments for metastatic melanoma -- chemotherapy and interleukin-2 (IL2) -- only have response rates in about 15 percent of these patients, said Dr. Paul Chapman, senior author of a study in which the findings are described.
The average survival time for someone diagnosed with melanoma is nine to 11 months, added Chapman, who is an attending physician in the Melanoma Sarcoma Service at Memorial Sloan-Kettering Cancer Center in New York City.
One expert cautioned that it's too early to say whether the drug will actually prolong patient's lives, or if it might be helpful to patients in earlier stages of the disease.
"I don't want to say this is going to change survival rates but they're working with the most ill people, so you can't really generalize [to other patient populations]," said Dr. Alice Pentland, chair of dermatology at the University of Rochester Medical Center. "I think the most important part of this breakthrough is the bigger percentage of people who responded."
About nine years ago, scientists discovered that the tumors of about half of patients with melanoma have a mutation in a gene called BRAF.
The gene appears to help drive the runaway cell division that is a hallmark of cancer. "It's always on. It's always signaling to the nucleus [of the tumor cells] that it's time to divide," Chapman explained.
That finding opened the door to potential targeted, molecular therapies for melanoma, which has been sorely lacking in effective treatments.
PLX4032 is the first potent inhibitor of BRAF that has made it to the clinical trial stage, Chapman said.
In the trial, 55 patients received escalating doses of the drug. Ten of 16 patients who had the BRAF gene mutation had a partial response to the drug, meaning the tumor shrank by at least 30 percent, while one had a complete response, with the tumor disappearing altogether.
Among 32 patients with BRAF-mutated melanoma in the second phase of the study, 24 had a partial response and two had a complete response.
"It worked: 81 percent had a partial response -- which has never been seen. I don't know of any solid tumors that have a response rate that high," said Chapman. "What's different here is that we've discovered a molecule that is responsible for driving the melanoma cell. It turns out that the melanoma really cares if we block the gene BRAF. It matters. It's addicted to this pathway."
There are some important caveats, however. It's not known at this time if the drug can improve overall survival, and a sizable proportion of participants developed resistance to the drug, the researchers say.
The findings join other recent reports of potential treatments for melanoma in what appears to be an exciting time for the field. Progress in this field has essentially been stalled for decades, experts say.
Recently, scientists reported that another experimental drug, ipilimumab, prolonged median survival in patients with metastatic melanoma from 6.4 months to 10 months.
"[Existing therapy] is not good for melanoma, so this is really a new opportunity that I think may have some importance to people," Pentland said.
However, she stressed that the best defense against melanoma is to get your skin examined regularly by a professional who knows what to look for.
"Our most successful treatment is to get [the lesion] early, get it before it's thick, get it before it spreads," she said.
Gurbinder Sharma
"NEVER STEP BACK ONCE YOU STEP AHEAD"
Subscribe to:
Comments (Atom)