- Private emails should always be encrypted
- Password Recovery Speeds
- Trojan Horses
- Why do I need security?
- How to change your Windows 98 password
- Password FAQ
- Setting a BIOS Password
- Physical Security
- Guidelines for choosing a good password
- Security News
- Site Information
- Software Vulnerabilities
“But to Microsoft, this vulnerability is a big deal. It affects the company’s relationship with major record labels. It affects the company’s product offerings. It affects the company’s bottom line. Fixing this “vulnerability” is in the company’s best interest; never mind the customer.”
Firewall Leak Tester, a company that provides tools to test the quality of personal firewall software, has released a utility called RemoveWGA that blocks Microsoft from “phoning home” from Windows PCs on a daily basis.
Microsoft late Feb. 7 issued two separate advisories with pre-patch workarounds for a privilege escalation vulnerability in Windows and a new code execution hole in older versions of the Internet Explorer browser.
Email Battles has some speculation that Microsofts WMF patch has installed itself without asking permission from the user.
Microsoft have released another of their monthly monster patches, this time they’re patching quite a few remote code execution vulnerabilties which are kind of scary.
See this knowledge base article for more info and details of where to get the patches.
Mozilla have released an update to the best browser there is, this update fixes a couple of security vulnerabilities so if you’re running Firefox you should upgrade immediately, and if you’re not running Firefox, why not? You’re missing out.
Almost unbelievably Microsoft have revealed that there is a critical flaw in their code that handles the display of JPEG Images in many Microsoft products including Windows XP, Office XP, Office 2003, Visual Studio .NET and even Internet Explorer. For years people have always held that JPEG’s are safe, they’re not executables and there’s no chance of them holding any malicious code, that was until now.
The flaw is that there is a potential for maliciously crafted JPEG image to create buffer overflow when viewed, executing malicious code in order to attack the users system.
This is particularly embarrassing for Microsoft as even they have held in the past that JPEG is a safe filetype. This news will no doubt receive much press attention and I bet Microsoft are thanking their lucky stars that they managed to get a set of patches created before details of the exploit went public.
Because so many products and components are affected it’s not easy to tell if you’re affected so Microsoft have created a tool that detects if your system is vulnerable.
Trustworthy Computing anyone?
TheRegister has information on a batch of recently released patches from Microsoft.
Head straight over to Microsoft and grab them ASAP if you’re a Windows user.
Microsoft responded to the Mydoom worm and provided some assistance for those infected or worried by it at http://www.microsoft.com/security/antivirus/mydoom.asp. Some of the advice on that page…
How to Help Protect Against This Worm
If you ever receive a questionable e-mail message that contains an attachment—especially if it has a .zip file extension—do not open the attachment.
They are correct in saying that you should never open attachments on questionable emails, but their emphasis on the .zip file extension strikes me as a little strange, I’d be more worried about .exe and .scr etc. myself.