System
Hardening Feature Set :
· Harden
your Local Zone Security (My Computer) settings.
· Proactively
disable scripting or Active-X controls which
proved potential propagation
vectors in the past.
· Reduce potential intrusion
vectors by disabling non used services.
· Various other protections
New in version 1.1 (10/01/2005) :
· Disable dangerous File handlers
- ms-its; ms-itss; its; mk;local; sysimage. Disables Cross domain attacks
by malware downloading and executing code with local user privileges.
New in version 1.12 (11/01/2005) :
· Option to only display updates.
· DHTML Edit Control can be
disabled. (Exploit)
New in version 1.13 (12/01/2005) :
· Option to disable Windows
File Protection and to disable wscript.exe, cscript.exe, ftp.exe, tftp.exe
(often used in exploits). An Exploit has
been posted by Ferruh Mavituna to circumvent our Shell.Application
block by using Wscript.Shell. This option renders the new exploit ineffective.
· Disable potential dangerous
Scripting extensions : Exploit scripts have been updated to circumvent
our Shell.Application block, now Wscript.Shell is used to run the dangerous
code. (If you need to run WFS, VBE, JSE, VBS don't disable)
New in version 1.20 (12/01/2005) :
· Bug fixes : Wrong Text,
various spelling errors.
· Bug fixes : Some options
didn't show unless you choose UPDATE.
· Run Internet Explorer and
Outlook as normal User! (non-admin). Uses code from Microsoft (Michael
Howard). This option creates a shortcut link on your desktop which
links to a non-admin version of your Internet Explorer and Outlook.
· Changed Signup form to only
display when you haven't signed up.
· Added code to autostartup
and jump to the correct position if you choose to disable Windows File
recovery.
New in version 1.21 (18/01/2005) :
· Protection from the recently
discovered Sig2Dat Buffer overlfow. (Kazaa)
Information
New in version 1.22 (20/01/2005) :
· Bugfix:
Task Schedule
· Templates
for Beginners and Experts.
|
