|
| |
Security alerts for PC users
| 2006-Oct-13 Targetted trojan horses exploit Powerpoint
|
Cybercrooks send messages to one or a few addresses at a targeted organization and attempt to trick their victim into opening the infected attachment--typically, a Microsoft Office file that exploits a yet-to-be-patched vulnerability to drop the malicious payload.
Security technology can......
Full article |
| 2006-Sep-24 ZERT has patch fix latest IE security hole
|
/
ZERT2006-01: Buffer overflow in Vector Markup Language (VML) library file used by Microsoft Internet Explorer and Outlook
A buffer overflow in the Microsoft Vector Graphics Rendering (VML) engine (filename: VGX.DLL) allows remote code execution.
|
| 2006-Sep-20 AIM worm W32.pipeline
|
This is a very clever new worm, infecting users of AOl Instant Messaging:
The worm, known as W32.pipeline, propagates when AIM users click on a Web link that appears to have been sent to them by someone on their buddy list. They receive a message along the lines of, "Hey, would it......
Full article |
| 2006-Aug-23 More bad news about MS06-042
|
Microsoft is also aware of public reports that this issue can lead to a buffer overrun condition for Internet Explorer 6 Service Pack 1 customers that have applied MS06-042. We are not aware of attacks that try to use the reported vulnerability or of customer impact at this time. Microsoft......
Full article |
| 2006-Aug-16 Patch MS06-042 causing browser crashes.
|
The problem occurs when IE users view Web sites that use version 1.1 of HTTP alongside compression, according to Microsoft's notice. HTTP, or hypertext transfer protocol, is the standard protocol used to browse Web sites.
IE users on security mailing lists have reported browser crashes......
Full article |
| 2006-Aug-09 Homeland Security urges installing patch MS06-040
|
The Department of Homeland Security (DHS) is recommending that Windows Operating Systems users apply Microsoft security patch MS06-040 as quickly as possible. This security patch is designed to protect against a vulnerability that, if exploited, could enable an attacker to remotely take control......
Full article |
| 2006-Jul-23 Why most antivirus programs don't work
|
Confirming what I've long suspected...
However, the actual reason why the top selling antivirus applications don't work is because malware authors are specifically testing their Trojans and viruses to make sure they can bypass these applications before releasing them in the wild.
"The......
Full article |
| 2006-Jul-20 New trojan Google toolbar
|
From a mailing list:
I had a user who received an e-mail pretending to be from google updates
with a subject line of "New Google Toolbar Released"
The link actually takes them to=20
None of the AV scanners picked this up when downloading the EXE,
perimeter, nor desktop,......
Full article |
| 2006-Apr-27 Most Web Users Unable to Spot Spyware
|
/
* Based on their choices, a majority of users (65%) would have been infected
* Based on their choices, a majority of users (65%) would have been infected with adware or spyware many times over
* The presence of national advertisers and a clean, uncluttered design seem to trick......
Full article |
| 2006-Apr-23 Microsoft tries again on the MS06-015 patch.
|
The Redmond, Wash. software maker plans to rerelease the problematic MS06-015 update on April 25 to correct an issue that has caused system hangs, Windows crashes and the appearance of strange dialog boxes after the original patch was installed.
"[We have] re-engineered the MS06-015......
Full article |
| 2006-Apr-20 Microsoft admits to withholding vulnerability details
|
In an interview with eWEEK, Mike Reavey, operations manager of the MSRC (Microsoft Security Response Center), said the company's policy is to document the existence of internally discovered flaws as well as the area of functionality where the change occurred, but that full details on the......
Full article |
| 2006-Apr-10 Return of the Web mob
|
Black hat hackers have set up e-commerce sites offering private exploits capable of evading anti-virus scanners. An e-mail advertisement intercepted by researchers contained an offer to infect computers for use in botnets at $25 per 10,000 hijacked PCs.
Skilled hackers in Eastern Europe,......
Full article |
| 2006-Apr-04 XP Security dilemma
|
|
A properly designed operating system protects itself by having separate modes of operation for adminsitration and ordinary use. When you're logged in as administrator, you can configure the entire system. When you're logged in as user you can't configure the system even by accident. When you're running......
Full article |
| 2006-Apr-04 The Sasser worm - what you need to know
|
|
What Microsoft says about Sasser:
The Sasser worms exploits a vulnerability in Microsoft operating systems Windows XP and Windows 2000, known as the LSASS vulnerability.
Microsoft acknowledges this vulnerability in the critical security bulletin
MS04-011.
Microsoft has......
Full article |
| 2006-Apr-04 The MyDoom family
|
|
MyDoom is not one virus, but an entire family of viruses. Most members of the MyDoom family spread by email attachments and file sharing, and launched distributed denial of service (DDoS) on your computer, allowing a stranger to take over your computer and perhaps use it to spread spam.
How......
Full article |
| 2006-Apr-04 Netcraft:Chinese Bank's Server Used in Phishing Attacks
|
A web server belonging to a state-operated Chinese bank is hosting phishing sites targeting U.S. banks and financial institutions. Phishing e-mails sent on Saturday (March 11) targeting customers of Chase Bank and eBay were directed to sites hosted on ip addresses assigned to The China......
Full article |
|
|
|
| |
Site maintained by Rowland of Bottom Line Computer Software and Services 603-244-1652
|
