Valid HTML 4.01 Transitional Valid CSS Valid SVG 1.0

Me, myself & IT

Acknowledgements, citations, credits, kudos, references, rewards and thanks

Andrew Clausen; GNU parted; 2000-02-23
parted-3.2/THANKS
Mariusz Zynel; Multi-booting Solaris and other operating systems; 2001-11-11
I.1 Preface
I.4 History
Johann Ebend; Windows 2000 FAQ; 2002
Windows 2000 FAQ
Ralph Briel; Outlook Express FAQ; 2003
3.23 Wie kann ich das Euro-Währungssymbol korrekt verschicken?
Paul Whittaker; Diet-PC; 2004-11-07
Configuring Windows 2000/2003 for Etherboot
Linux Weekly News; 2005-06-27
ClamAV: denial of service
Mike Barwise; The H Security; 2007-10-22
BitDefender, GSView and cURL are vulnerable due to obsolete compression library
Jürgen Schmidt; The H Security; 2007-12-21
Antivirus software as a malware gateway
Ken Kato; VM Back; 2008-02-06
Virtual Floppy Drive 2.1: vulnerable zlib
Virtual Floppy Drive 2.1: vulnerable zlib
Olof Lagerkvist; LTR Data; 2008-05-28
Tools and utilities for Windows
Holger Klemm; Multimedia4Linux; 2009-01-03
DVD-RAM Howto
Ray Johnston; Ghostscript; 2010-02-01
History of Ghostscript versions 8.xx
Detailed History of Ghostscript versions 8.xx
Security Bulletin; Microsoft; 2010-08-02
Microsoft Security Bulletin MS10-046 - Critical
Microsoft Security Bulletin Summary for August 2010
Bojan Zdrnja; Internet Storm Center; 2010-08-23
DLL hijacking vulnerabilities
Cal Leeming; 2013-05-10
Analysis of Cisco 7940, SIP ALG and NAT traversal problems
Threat Intelligence Database; scip AG; 2013-05-13
Microsoft Security Essentials up to 4.1 Registry buffer overflow
Threat Intelligence Database; scip AG; 2013-08-28
Mozilla Firefox/Thunderbird prior 23.0 on Windows Path Handler UninstallString privilege escalation
Charalampos harkaz Kazakos; 2013-09-09
Welcome to Windows XP Service Pack 4
Steven M. Bellovin, Matt Blaze, Sandy Clark, and Susan Landau; Northwestern Journal of Technology & Intellectual Property, Volume 12 Issue 1 (2014); 2014-04-08
Lawful Hacking: Using Existing Vulnerabilities for Wiretapping on the Internet
Security Bulletin; Microsoft; 2014-04-08
Microsoft Security Bulletin MS14-019 - Critical
Microsoft Security Bulletin Summary for April 2014
Acknowledgments – 2014; Microsoft; 2014-04-08
MS14-019 (Windows File Handling Vulnerability)
Threat Intelligence Database; scip AG; 2014-04-09
Microsoft Windows up to 2012 R2 Batch File Handler CreateProcess() buffer overflow
Threat Intelligence Database; scip AG; 2014-05-22
HP HP OfficeJet 6700 Driver Installer privilege escalation
Security Researcher Acknowledgments Online Services - Prior Months; Microsoft; 2014-05
May 2014 Security Researchers
Security Bulletin; Microsoft; 2014-08-12
Microsoft Security Bulletin MS14-049 - Important
Microsoft Security Bulletin Summary for August 2014
Acknowledgments – 2014; Microsoft; 2014-08-12
MS14-049 (Defense-in-depth changes)
Security Researcher Acknowledgments Online Services - Prior Months; Microsoft; 2015-06
June & July 2015 Security Researchers
Catalin Cimpanu; Softpedia; 2015-08-05
Mozilla Thunderbird 38+ Poses Security Risk via Its Lightning Extension
iTunes security; Apple; 2015-09-11
About the security content of iTunes 12.3
Threat Intelligence Database; scip AG; 2015-09-18
Apple iTunes up to 12.2 buffer overflow [CVE-2010-3190]
Jason Shirk; Microsoft Security Response Center; 2015-10-20
Microsoft Bounty Program: Making it to the MSRC Top 100
Richard Chirgwin; The Register; 2015-11-03
Dev to Mozilla: Please dump ancient Windows install processes
Security Advisory; Gpg4win; 2015-11-25
Security Advisory Gpg4win 2015-11-25
Change log; Nmap; 2015-12-09
Nmap Changelog
Security Bulletin; Intel; 2015-12-14
Intel Security – Security Bulletin: Security patch for several McAfee installers and uninstallers
Security Advisory; F-Secure; 2015-12-17
FSC-2015-4: DLL pre-loading attack in Online Scanner
Vulnerability Reward Program Hall of Fame; F-Secure; 2015
2015 – Honorable Mentions
Information Security; Rapid7; 2015-12-21
ScanNow DLL Search Order Hijacking Vulnerability and Deprecation
Vulnerability Report: List of Advisories; Kaspersky Lab; 2015-12-23
Advisory issued on 23th December, 2015
Vulnerability report; Emsisoft; 2016-01-08
Vulnerability report - emsisoft.de
Security Advisory; VeraCrypt Team, Mounir IDRASSI; 2016-01-11
CVE-2016-1281: TrueCrypt and VeraCrypt Windows installers allow arbitrary code execution with elevation of privilege
Acknowledgments – 2016; Microsoft; 2016-01-12
MS16-007 (DLL Loading Elevation of Privilege Vulnerability)
MS16-007 (DLL Loading Elevation of Privilege Vulnerability)
Changelog CloneBD Blu-ray Media Converter; Elaborate Bytes; 2016-01-14
Changelog CloneBD Blu-ray Media Converter
Release Notes; VeraCrypt; 2016-01-18
Release Notes, 1.17-BETA17 (January 18th, 2016)
Oracle Critical Patch Update Advisory - January 2016; Oracle; 2016-01-19
Oracle Critical Patch Update Advisory - January 2016
WiX v3.10.2 released; FireGiant; 2016-01-21
WiX v3.10.2 released
Oracle Security Alert; Oracle; 2016-02-05
Oracle Security Alert for CVE-2016-0603
Richard Chirgwin; The Register; 2016-02-08
Oracle issues emergency patch for Java on Windows
Eduard Kovacs; SecurityWeek; 2016-02-08
Oracle Patches Java Installer Vulnerability
Catalin Cimpanu; Softpedia; 2016-02-08
DLL Hijacking Issue Plagues Products like Firefox, Chrome, iTunes, OpenOffice
Check Point response to ZoneAlarm DLL injection; Check Point; 2016-02-18
Check Point response to ZoneAlarm DLL injection
Customer Advisory; ESET; 2016-02-19
ESET Customer Advisory: Mitigations for vulnerabilities in ESET's EXE installers
Vulnerability Reward Program Hall of Fame; F-Secure; 2016
2016 – Hall of Fame
Comodo Internet Security Release Notes; Comodo; 2016-03-22
Comodo Internet Security Release Notes
Security Bulletin; Adobe; 2016-04-07
Adobe Security Bulletin APSB16-10
iTunes security; Apple; 2016-05-16
About the security content of iTunes 12.4
Security Advisory; cURL; 2016-05-30
cURL - Windows DLL hijacking
Will Dormann; CERT/CC; 2016-06-30
Bypassing Application Whitelisting
Security Bulletin; Adobe; 2016-07-12
Adobe Security Bulletin APSB16-25
Thanks; cURL; 2016-07-21
cURL - THANKS
Contribute & Reference list; MITRE; 2016-07-29
Contribute - ATT&CK
Reference list - ATT&CK
Security Advisory; VMware; 2016-09-13
VMSA-2016-0014
VMSA-2016-0014
Security Researcher Acknowledgments Online Services - Prior Months; Microsoft; 2016-09
September 2016 Security Researchers
Security Advisory; Apache OpenOffice; 2016-10-11
Windows Installer Execution of Arbitrary Code with Elevated Privileges

Contact

If you miss anything here, have additions, comments, corrections, criticism or questions, want to give feedback, hints or tipps, report broken links, bugs, errors, inaccuracies, omissions, vulnerabilities or weaknesses, …:
don't hesitate to contact me and feel free to ask, comment, criticise, flame, notify or report!

Use the X.509 certificate to send S/MIME encrypted mail.

Notes: I dislike HTML (and even weirder formats too) in email, I prefer to receive plain text.
I also expect to see a full (real) name as sender, not a nickname!
Emails in weird formats and without a proper sender name are likely to be discarded.
I abhor top posts and expect inline quotes in replies.


Copyright © 1995-2017 • Stefan Kanthak • <‍skanthak‍@‍nexgo‍.‍de‍>