Posts Tagged ‘Windows’

Remote Desktop Annoyances with Nvidia drivers

Monday, October 27th, 2008

For the last few months I’ve been plagued by the inability to at times remote desktop to some of my Windows XP based system. While not critical, it is nice to be able to connect home and carry on working on a document/email I was busy with before departing to work.

After some hunting, I narrowed the culprit down to the Nvida graphics drivers post version 169.39. Driver Release 175.16 was the first to show the issue, 175.19 made it worse.

My solution at the time roll back 169.19 and sacrifice some of the support for my CUDA enabled cards.  Last week I took the plunge and went for 178.13, which while resolving some other issues still broke the Remote desktop functionality.

The solution appears to be a tweek is needed in ones registry.

  1. Start, Run, type regedit and press OK
  2. Navigate to the Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]
  3. Right click in the Details pane and Select New –> DWORD Value
  4. Name it  SessionImageSize
  5. After it is created, double click on it and change its value to: 20 ( this is based on recommendations from here) and effectively maps to raising the session memory to 32 MB.
  6. Save and Reboot

I tried this and no luck.  For my particular configuration SLI motherboards with Running 3 heads ofa 7600GT and 7300GS, I needed to raise the SessionImageSize value to 41 implying the use of 64MB of memory.  I’m not sure if this is due to the large amount of ram in the system ( 4gigs) or the particular use of two non SLI’d cards. the ‘default’ value of 20 seems to have solved the problem on my other Intel based system running a single  8500GT.

Microsoft take on the issue  is contained in KB886212 which proposes the solution of try another driver or rollback the driver.

Searching for “SessionImageSize” in the Microsoft knowledge base doesn’t seem to help either

Its worth nothign that the problem is occuring across different chipsets, Graphics cards, and on both SP2 and SP3 systems. The fix of increating the SessionImageSize to 0×41 seems to be working fine on a Windows Server 2003 (SP2) system as well.

Tags: , , , , ,
Posted in Applications, Systems Administration, Windows | 1 Comment »

Next Great worm on the rise ? (MS08-067 Critical)

Friday, October 24th, 2008

Microsoft seems to have broken with the “Patch Tuesday” scheduled release cycle with the urgent release of MS08-67 earlier today after having detected in the wild attacks against  netapi32.dll. The vulnerability is in the RPC connector we know and love so well ( Blaster, Welchia, Nimda …). ISC points out quite nicely that this could be the vector of choice for the next Generation worm, and have adjusted their infocon to Yellow accordingly. I suspect that we could see such a bit of code comming out within the next 3-5 days since there is already existing exploit source for blaster , and some of the reverse enginering and weaponization techniques based on patchers are rumoured ot be quite advanced. I supec we are  either going to see a  a payload  of some kind of destructiive nature ( Us Elections anyone?) or in a somewhat more insidous (now why do the Ordos spring to mind) form a bonet zombie.

I’ve been patiently waiting for three years to catch a new worm on my telescopes, so I I’m ready and waiting.

Windows 2000, XP and Server 2003 are all listed as critical targets, with Vista and Server 2008 being vulnerable as well, but potentially able to limit the damage due to their newer some what more modular and layered security design.  For Operating systems other than the latter two, this release also effectively updates MS06-040

Christopher Budd from the Microsoft Security Response Center has a nice little writeup about it, with further details on the Official release notes for MS08-67. Also from a Microsoft Perspective, Michael from the Security Develoment Lifcycle has a nice piece titled MS08-067 and the SDL in which he actually explains the bug itself.

Microsoft have also gone as far as to provide a webcast on the subject.

Update: Infosec blogspace is all a twitter with this.  I’ll add relecant content as I find it.

Tags: , , ,
Posted in Incidents, Security, Uncategorized | No Comments »