Search
Keyword: microsoft security bulletin ms03-007
EnableLUA = "0" It modifies the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center AntiVirusDisableNotify = "1" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center
data Assemblies boot Common Files Core Runtime google intel Internet Explorer Microsoft Analysis Services Microsoft ASP.NET Microsoft Help Viewer Microsoft MPI Microsoft Security Client Microsoft
CVE-2006-1186 cve: Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM
startup: HKEY_CURRENT_USER\Software\Microsoft\ Windows\CurrentVersion\Run Local Security Authentication Server = %Application Data%\lsass.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows\CurrentVersion\Run
Coordinator Peer Experience = Other System Modifications This Trojan adds the following registry entries as part of its installation routine: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center\Svc
" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\IPRIP\Security Security = "{hex values}" Other System Modifications This backdoor adds the following registry keys: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet
\Security It adds the following registry entries: HKEY_USERS\.DEFAULT\Software\ Microsoft\Clock HID = "{hex values}" It modifies the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows
\SYSTEM\CurrentControlSet\ Services\IPRIP\Parameters HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\IPRIP\Security It adds the following registry entries: HKEY_USERS\.DEFAULT\Software\ Microsoft
installation routine: HKEY_CURRENT_USER\Software\DC3_FEXEC It modifies the following registry entries to disable Security Center functions: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center
ImagePath = "\??\{malware path}\{malware name}.sys" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\1\Security Security = "{hex}" It registers as a system service to ensure its automatic execution at
\SYSTEM\CurrentControlSet\ Services\Winehplr HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\Winehplr\Security It adds the following registry entries as part of its installation routine:
\CurrentControlSet\ Services\srvPlgProtect\Security Security = Security = "{random values}" It adds the following registry entries to enable its automatic execution at every system startup: HKEY_LOCAL_MACHINE\SOFTWARE
{8167E8F2-A770-4EFB-BA53-8A511051CD9B}\defaults %Program Files%\EZ YouTube Video Downloader\{8167E8F2-A770-4EFB-BA53-8A511051CD9B}\defaults\preferences %Program Files%\Security Updates Service %User Temp%\ns{random}.tmp (Note: %Program
specially crafted RPC request, which also contains a shellcode. More information on the said vulnerability can be found in this Microsoft Web page: Microsoft Security Bulletin MS08-067 Once this specially
.tbk .uci .v2i .wbb It adds the following registry keys: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\netprofms\Enum HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\netprofms\Security
CVE-2009-0850 Cross-site scripting (XSS) vulnerability in BitDefender Internet Security 2009 allows user-assisted remote attackers to inject arbitrary web script or HTML via the filename of a
TeamCity Directory Traversal Vulnerability (CVE-2024-27199) Integrity Monitoring Rules: There are no new or updated Integrity Monitoring Rules in this Security Update. Log Inspection Rules: There are no new
TeamCity Directory Traversal Vulnerability (CVE-2024-27199) Integrity Monitoring Rules: There are no new or updated Integrity Monitoring Rules in this Security Update. Log Inspection Rules: There are no new
Other Details This Trojan Spy does the following: Disguised as "KDDI Security," a security application, it presents itself as a security tool while engaging in data collection. The application
Explorer\iexplore.exe"" (Note: The default value data of the said registry entry is "%Program Files%\Internet Explorer\iexplore.exe" .) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ Security Center