UNpatched Windows Privilege Escalation Vulnerability + Flash exploits

Similar Messages

• Adobe Reader XI privilege escalation

  ...I know, this is not really a privilege escalation in the classical way...
  Hi.
  With both the current versions of Adobe Reader X and XI, standard users are able to repair adobe reader going via appwiz.cpl/control panel.
  Problem is: if reader is opened, Windows needs to restart to finish repairing...problem is, even if standard users are NOT allowed to restart the computer (think of terminal servers with dozens of clients logged on), they MAY restart the server, causing real trouble. So even with GPOs in place that deny standard users the privilege to shutdown/restart the computer, buggy Adobe Reader makes it possible.
  Side note: while UAC will prompt users to supply admin credentials when trying to uninstall Adobe Reader, it does not prompt when trying to repair. That's the bug.
  Tested on win8/server 2012, Server 2008 R2. Adobe Reader 11.0.3/10.1.7

  http://www.adobe.com/devnet/reader.html
  You may want to check with the dev people about the shut down and how to disable it, this being a user-to-user forum, and not often frequented by development personnel. I'm sure there's a simple code change that will disable it, however, without the restart, the repair becomes useless as Reader cannot repoen until the proper reg keys and dll files are amended per the repair, but then you already know that.
  There may also be a code change to enable UAC for repairs. My understanding is that an uninstall may remove shared files, and that's the parameter for Windows to prompt with UAC. but the repair only changes installed files using existing files, so Windows doesn't see that as a potential for damage.

• Mac OS X Local Privilege Escalation Vulnerabilities

  Yes this has happened to me
  I found out about it on this site:
  http://projects.info-pull.com/moab/MOAB-15-01-2007.html
  It effects desk utility.
  If you have the below when you check you disk permissions
  Determining correct file permissions.
  Group differs on ./Applications/Utilities/Activity Monitor.app/Contents/Resources/pmTool, should be 80, group is 0
  Group differs on ./Applications/Utilities/Keychain Access.app/Contents/Resources/kcproxy, should be 80, group is 0
  Group differs on ./Applications/Utilities/ODBC Administrator.app/Contents/Resources/iodbcadmintool, should be 80, group is 0
  There is a work around but I am not sure if I know how to do it. Can any one write me a step by step guide. IE open terminal cd into so & so that sort of thing. Also is their work around sound or just some other vulnerabilities.
  Please check out the link before answering.
  Thanks in advance
  PS Am I worried no not really we can only learn from these things

  This "exploit" or whatever you want to call it is absolutely ridiculous, in my opinion.
  "Multiple binaries inside the /Applications directory tree are setuid root, but remain writable by users in the admin group (ex. first user by default in a non-server Mac OS X installation), allowing privilege escalation. A malicious user can overwrite the binaries and perform a disk permissions repair operation via the diskutil tool, effectively setting back the default ownership and permissions (root setuid)."
  The file at "/Applications/Utilities/Activity Monitor.app/Contents/Resources/pmTool" is indeed a SetUID root helper tool which the Activity Monitor uses. It's owner is root, with a group of admin. Its parent folder is owned by root with a group of admin.
  A "Standard" non-privileged user, or in other words, a user for whom the "Allow user to administer this computer" checkbox isn't checked in System Preferences, cannot do anything to alter the pmTool. When that checkbox is enabled, the user is part of the "admin" group. Since the pmTool is only writable by its owner "root", or by a user who's part of the "admin" group, a standard user can do nothing to alter it. Since the parent directory, /Applications/Utilities/Activity Monitor.app/Contents/Resources/, is only writable by its owner "root", or by a user who's part of the "admin" group, a standard user cannot remove, add, or replace the contents, including the "pmTool".
  So what's left of this "exploit" is that a user that's an administrator could replace or modify the pmTool and use Disk Utility's Repair Permissions feature to "blindly" turn this malicious replacement executable into a SetUID root tool. They could then use this tool to wreak havoc on the system.
  My only comments are:
  1) Duh.
  2) Why the heck would you want to go through this convoluted procedure just to create a (malicious?) SetUID root executable? If you're an admin, there are much simpler methods available.
  If a user is an administrator, all they need to do to create a SetUID root tool is enter the following in the Terminal:
  sudo chmod 4755 /Users/mdouma46/Desktop/myMaliciousSetUIDTool; sudo chown 0:0 /Users/mdouma46/Desktop/myMaliciousSetUIDTool
  Just as effective, without all the convoluted "psuedo-exploit" stuff.
  So, where exactly is the exploit now?
  Dual 2.7GHz PowerPC G5 w/ 2.5 GB RAM; 17" MacBook Pro w/ 2 GB RAM -   Mac OS X (10.4.8)  

• How to install Windows XP into a Flash Drive?

  I would like to install Windows XP into my flash drive. Not boot from the flash drive and install into my PC. I've searched extremely hard on the internet and found the other thing around and I tried what I could. Any suggestions? (Here's what I tried: Creating partition tables. Install using VMware. Using different formats.

  Thanks for the tips. I was able to install Windows XP and boot from the SATA drive by using these options and setting the appropriate boot device selections...
  Legacy Mode
  ATA Configuration - PATA only
  SATA Keep enabled - yes
  PATA Keep enabled - yes
  PATA channel selection - both
  Combined Mode Option - S-ATA 1st Channel
  S-ATA Ports Definition - P0 - 3rd./P1 - 4th.
  I just wasn't sure if I was really getting "SATA" performance, etc. without specific drivers.
  Thanks again.
  Bob (ll1951md)

• Can not keep pop up window for installing adobe flash player, won't install or go away, please help

  Can not keep pop up window to install adobe flash player.  will not allow or allow.  what's going on?

  What is your operating system & version?
  What is your web browser?
  Please post a screenshot of that pop-up window.
  [topic moved to Flash Player forum]

• When I import photos taken from my Windows PC using a flash drive, the photos in iPhoto are dated as the date last modified on PC instead of date picture taken.

  When I import photos to my iMac, taken from my Windows PC using a flash drive, the photos in iPhoto are dated as the date last modified on PC instead of date picture taken.

  Then you need to ask a PC forum how to export the photos there to include the Metadata (specifically the EXIF data)
  If there is valid EXIF data iPhoto uses it (the EXIF data is originally added to the photo by the digital camera) and if there is no EXIF data then the only inofrmaiton IPhoto have available is the file metadata and that is what is used
  You can correct the dates in iPhoto using the batch change data/time command
  LN

• Firefox hangs and will not allow me to access other programs running when I resize a pop up window, move a pop up window, accidentally right click flash content.

  Firefox hangs and will not allow me to access other programs running when I resize a pop up window, move a pop up window, accidentally right click flash content.
  == This happened ==
  A few times a week
  == Not sure when it statrted

  Hi.
  When this happens, please press CTRL+SHIFT+ESC and see how much RAM and CPU Firefox is using. If they're sky high, then... Well, that kind of issues are, unfortunately, more common and the we'd like. Thankfully, 99% of the cases are very easy to solve. However, you do need to diagnose what your exact problem is. Do this:
  #run Firefox in safe-mode to disable all extensions and plugins. If this fixes your issues, be them with RAM or CPU usage, then you know it's a problem with plugins or extensions. Proceed to number 2. If safe-mode doesn't fix the issues, then read bellow, after this list;
  #update all extensions and plugins in your Firefox. If this doesn't solve the issues, proceed to the following number;
  #disable all extensions and plugins in your Firefox (not running safe-mode). Being certain that, as in safe-mode, the problems you're having have gone away, enable one plugin at a time. You should be certain that you WANT that plugin to be enabled, so keep your overall number of plugins as low as possible. When you encounter the problems, you know you've found a problematic plugin, so disable it for good. Keep enabling all plugins (except problematic ones) until you've gone through them all.
  #enable one extension at a time. Again, be certain that you WANT that extension to be enabled, so keep your overall number of extensions as low as possible. When you encounter the problems, you know you've found a problematic extension, so disable it for good. Keep enabling all your extensions (except problematic ones) until you've gone through them all;
  #you're done! You've fixed your problems with problematic add-ons.
  Ok, if disabling all extensions and plugins through safe-mode didn't work to bring Firefox's CPU and RAM usage to good levels, then you have different issue. The most likely scenario is that you have a third party software running on your computer that is messing with Firefox. Do as follows:
  #do a virus/malware check on your computer. If this doesn't fix it, proceed;
  #disable all software running in the background that you don't want to have running in the background (in windows, this is done by pressing WINDOWS+R in your keyboard, typing "msconfig" (without the commas) and pressing enter. Now, under the "Startup" tab, you can uncheck the software you don't want, and reboot your system for changes to take effect. If you're unsure of what software you want running, ask someone with more experience). If this doesn't fix you issues with Firefox, proceed;
  #check your firewall/antivirus/security suite for enabled functions/features that you don't want and/or may be conflicting with Firefox. You'll find that these features are most likely tied to Internet Security features, such as link scanners or URL checkers and the like. If you're not sure they are conflicting with Firefox, simply try to disable to see whether or not that's true. As long as you don't browse the web with your antivirus completely off and your firewall completely turned off, there should be no problems. If this doesn't solve the issues, proceed to the following number;
  #check your operating system security options, mainly advanced options that are not configured by default. While it's very unlikely that this may be the cause of the problem (after all, it's the last item on the list), it's remotely possible. If this doesn't do it, I'm out of ideas. Except make sure you've followed my instructions correctly.

• AUDIT action (create, delete, privilege escalation, set and change password from users account and group) users and admins in Solaris 10

  Hello.
  in Solaris 10 i need auditing process create, delete, privilege escalation, set and change password and etc... from users account and group.
  I set settings:
  in file syslog.conf:
  *.info;mail.none;cron.none;audit.notice            @IP-Remote-syslog-server-SIEM
  in file   /etc/security/audit_control:
  dir:/var/audit
  flags:lo,ad,ex,cc,am,no,fc,fd
  minfree:20
  naflags:lo
  plugin:name=audit_syslog.so;p_flags=lo,ad,ex,cc,am,no
  in file   /etc/security/audit_user:
  root:lo,ad:no
  Now I see in the logs only the fact of a connection via SSH and run processes on behalf of users. Creation. delete users, change passwords for some reason do not is logged.
  Many users. For each individual write permissions in the file /etc/security/audit_user not possible, it is likely to forget any new user (or there is a possibility in this file one line to describe the audits for all accounts?)
  Where is the mistake?

  You are most likely hitting Bug 15779000 user/role/groupadd/mod/del don't audit their use.
  And the fix is only available in S11.2.
  -- Renaud

• Installing Windows 7 from USB flash (Macbook Air mid 2012)

  Hello,
  I read some famous instructions, but they are not for Macbook air mid 2012 as there are some missing options in their Bootcamp Assistant and this on macbook air 2012.
  Btw, they suggested some rEFIt program which supports installing windows from usb which is made in 2010 but it has not been updated since then. I tried it but it doesn't work like it is described in instructions.
  I have my USB and Windows 7 on it, but i don't know how to install it on the Macbook Air 2012.
  Any help will be appreciated.
  Kind Regards,

  Hello,
  Thank you for the explanation that helped me to understand Windows 7 installation process!
  Unfortunately i need more additional information as Boot Camp Installation & Setup Guide is very poor with information that i need.
  To explain you better what i mean on, i will quote Boot Camp Guide parts with underlined sentences that have been confusing me. Some sentences that have been confusing me more than other ones will be additionally bolded. I will explain you why i don't understand it after every part.
  1. "Introduction"
  "You can install Windows with an installation disc you provide or, on some Mac computers, with a USB flash drive that contains a Windows ISO images downloaded from Microsoft. Boot Camp Assistant helps you burn the image to the flash drive."
  -But i already have my iso image on the USB flash drive. There is no need to be burned again?
  2."What you need"
  "Boot Camp Assistant erases the flash drive, and copies to it the Windows 7 ISO image and software drivers that let Windows work with your Mac hardware."
  -Erasing the flash drive? Does it mean that it will delete my WIndows 7 which is already on my flash drive?
  -Copying Windows 7 ISO image and software drivers to my flash drive? Why? I already have Windows on my flash drive! Software drivers? How do i get them and where shall i place them?
  3."Prepare your mac for Windows"
  "If you want to install Windows from a USB flash drive and you have a Windows 7 ISO image, select option to copy the image to a USB flash drive."
  Why shall i select the option to copy Windows 7 ISO image?
  1.I already have it on my flash drive.
  2. I don't have it on my Macbook so there is no place in a ssd where Boot Camp will find Windows 7 ISO image.
  Here is the overview:
  Guide is telling me to select the option to copy image to a USB drive which will first erase my USB flash drive and then copy Windows 7 and it's software drivers to my USB flash.
  -But only thing that i need is Windows support software and i don't know whether to download it to desktop, or to USB flash drive.
  Kind Regards,

• Windows Media player and flash player conflicting

  Hello,
  I have a problem with watching streams (television programs)
  on the internet. I think this is caused by conflicting roles of
  windows media player and flash player. When i don't have installed
  flash player i can watch the streams. When i install flash player,
  i see only green and red blocks on the respective screen. I don't
  know where the problem lies. I have installed Windows Media player
  again, (also Flash player) but this hasn't worked. The streams work
  with Mozilla firefox.
  I hope you could really help me,
  Sincerily,
  Tuncie

  Hi Tuncie
  Verify that Windows Media Player is not set as the default
  player for all content in Firefox including Flash.
  Also, please respond with a URL for testing.

• Can't log into Adobe Story on windows 7 after installing flash player10. no problems w/win98 @work.

  Can't log into Adobe Story on windows 7 after installing flash player10. no problems w/win98 @work.

  I downloaded Adobe air and the desktop app for story and can get online from that. Thanks anyway. T

• Windows 8 computer crashes flash applications on windows 7 laptops.

  have just bought windows 8 all in one laptop and it shares a wi fi connection with 2 other family windows 7 laptops.
  I can run certain flash programmes forever on the 2 windows laptops but within seconds of switching on my windows 8 computer the flash programmes crash on both laptops even when wired on the ethernet.( 2 seperate website games )
  Have checked signals from router before during and after and there is no change in download speeds which are 14 MPS ?????? as soon as I disconnect the windows 8 computer from the internet the programmes start to work on both the other 2 laptops.
  Dell says it has not come across this problem before so its not their problem and microsoft havent been able to help  .......but something is happenning , andI am hoping someone can shed some light
  john tandy.

  the programmes are in the united kingdom and my wife plays on line bingo on sunbingo and tombola ( similar set ups but different sites ) and regardless of firefox , internet explorer or chrome these site crash within seconds of starting my windows 8 computer I have downloaded xirrus to monitor my wifi connections and throughout it reports excellent wi fi from my router . I have changed router channels , disabled firewalls but no good
  it must be something to do with windows 8 but what?????????????????????????????

• Using Windows buttons to control Flash

  I'm writing a WIndows application that embeds Flash which I would like to control through the Windows buttons - for example start, stop...  What tools do I need to do this and where can I get the info on how to make it happen?  This is not a web app.
  Thank in advance.

  So what are you using to build the app? VB or what?
  and how are you "embedding" Flash?
  Adninjastrator

• Hello, I am using flash CS6 on a mac. I cannot find the Motion Editor window anywhere on the flash interface. Can you help? Ben

  Hello, I am using flash CS6 on a mac. I cannot find the Motion Editor window anywhere on the flash interface. Can you help? Ben

  Here's what happens for me
  This is my AI file
  Here's the save dialog
  Notice that the All button is selected.
  Here's the PDF
  Notice the 1/5 at the top indicating a 5 page PDF.

• HT5639 When will I be able to install Windows 8 on a Flash Drive and not in my HDD?

  I want to install Windows 8 on a flash drive instead of my HDD, I hope this could be possible in the future.

  Ask Microsoft. It's their software. Windows does not boot from external drives.