|
Korean Job Discussion Forums
"The Internet's Meeting Place for ESL/EFL Teachers from Around the World!"
|
| View previous topic :: View next topic |
| Author |
Message |
Demophobe
Joined: 17 May 2004
|
 Posted: Sat Jul 12, 2008 12:25 am Post subject: |
 |
|
| Real Reality wrote: |
Pro-security software swats necessary code
By Sung So-young, JoongAng Daily (July 12, 2008)
http://joongangdaily.joins.com/article/view.asp?aid=2892226
| Quote: |
... AhnLab, the nation's largest information security company, said yesterday that it will make a concerted effort to correct an error it made on Thursday when it flagged a key Windows operating system file as a computer virus.
Its software then zapped the file, potentially rendering a computer useless. AhnLab�s V3 Engine recognized "lsass.exe" file as Trojan horse, a type of malware that can take over a computer for nefarious purposes. In fact lsass.exe is an integral part of Windows' security system. Without the file, which is part of Microsoft's Windows XP Service Pack 3, there is a chance that an otherwise healthy computer cannot boot up, according to AhnLab. AhnLab, however, assured customers saying that deletion of the file does not destroy data stored on hard drives....
"The only data we have is that about 3,000 people applied for the restoration CD so far," said Park Keun-woo, a manager of AhnLab. |
Local Security Authority Subsystem Service
http://en.wikipedia.org/wiki/Local_Security_Authority_Subsystem_Service
What is lsass.exe?
http://www.processlibrary.com/directory/files/lsass |
Alright! Welcome back!
Looks like Ahnlab has another "Fail" on it's hands. |
|
| Back to top |
|
 |
patongpanda
Joined: 06 Feb 2007
|
| Posted: Sat Jul 12, 2008 2:33 am Post subject: |
|
|
So, that's what happened. On Thursday, I started getting warning messages about lsass.exe in Korean. Friday my computer was totally buggered.
Thought somehow a virus had got onto my computer, bit strange as I only look at this site, the bbc and youtube.
Anyway the computerman came and cleaned it up (fnar fnar).
 |
|
| Back to top |
|
|
Real Reality
Joined: 10 Jan 2003
Location: Seoul
|
| Posted: Sat Jul 12, 2008 8:13 pm Post subject: |
|
|
AhnLab V3 Antivirus Multiple Vulnerabilities
http://secunia.com/advisories/15674
| Quote: |
Secunia research has discovered some vulnerabilities in AhnLab V3 Antivirus, which can be exploited by malicious, local users to gain escalated privileges, or by malicious people to compromise a vulnerable system.
1) The real-time scan driver, v3flt2k.sys, does not validate the source of received "DeviceIoControl()" commands. This can be exploited by non-administrative users to run explorer.exe with SYSTEM privileges, or to disable the real-time scan engine, via specially crafted DeviceIoControl requests,
2) A boundary error in the ACE archive decompression library can be exploited to cause a stack-based buffer overflow when a malicious ACE archive containing a compressed file with an overly long filename is scanned.
Successful exploitation allows execution of arbitrary code, but requires that compressed file scanning is enabled.
3) A directory traversal error in the archive decompression library can be exploited to write files to arbitrary directories when a malicious archive containing compressed files with directory traversal sequences in their filenames is scanned. |
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
