For the last week, I’ve seen various headlines referring to a report from US-CERT that indicated 2005 had 5,198 security flaws reported. Out of those 2,328 were reported for Linux/Unix, 812 for Windows and 2,058 affecting more than one operating system. Now, I’m seeing all sorts of headlines about how Windows is more secure than Linux based on this report. (?!?) Did anyone reporting “windows more secure than linux/unix” actually read the report, look at some of the details and compare with the Technical Cyber Security Alerts?
Month: January 2006
-
Microsoft Patch Tuesday January
Sounds like this patch Tuesday will have a couple of updates in spite of the early release of the WMF vulnerability fix. Thanks to Microsoft for yielding that fix as soon as the testing was done. I would hope that it wasn’t just public pressure, but a sense of what the right thing to do is when there are exploits actively targeting a vulnerability.
-
Microsoft releases patch early for WMF exploit
Microsoft has released the patch for the WMF vulnerability that’s been all over the news early. It was released to http://windowsupdate.microsoft.com ahead of the previously announced January 10th “patch Tuesday”.
Congrats to Microsoft for getting this out the door early. That should go a long ways to blunting the attacks that are making use of this vulnerability.
-
Disable or turn off hotkeys under Windows XP
Since this is a simple tip I’m including it in the basics category. I ran across a pc with a Dell Multimedia Keyboard and they wanted to disable the hotkeys (sound mixer was always popping up because the key was in the way.) Anyway, on older systems, there would be a standalone program running to monitor the extra keys from the keyboard. (Calculator, email, web shortcut keys as well as sound control keys.)
-
Makers of fake security software settle lawsuit
The security fix has some news today on some bogus security software makers (the wolves in sheeps clothing as I tend to think of them…) Anyway, they’re settling deceptive trade practice chargers that were brought by the FTC. SpywareAssassin and Spykiller were facing a civil suit over their ads which invariably found infestations on a users pc and offered to clean it up for ~$30 or so.
-
WMF vulnerability advisory update
Microsoft has updated their security bulletin on the WMF vulnerability to note a couple things. One, they acknowledge that embedded images within a document can trigger the exploit. Previously they said this needed further investigation. Second, they are seconding what I’ve been finding that Windows 98 and other pre-XP systems are not as critically at risk for this vulnerability….
-
Sober virus watch…
Well, antivirus vendors and IT security folks are waiting now for the expected activation of the sober.y worm searching for a new downloads and a new revision of the pest. kaspersky’s log indicates the expected activation time is 00:00 GMT January 6th, which means here in the EST zone that would be 7PM EST… Of course many of the expected sites have been shut down. It appears that the virus will look periodically for sites to “upgrade” from for some time.
-
Google rumors galore….
There are all sorts of rumors circulating about Google’s product announcements tomorrow at CES. There are still stories floating around about a Google PC running linux and there are stories about pay-download videos and a software bundle. No official word on these from Google. (They had denials about PC talks from some of the retailers that were supposedly approached.) The Google Cube is listed as the codename for the Google PC according to one article.
-
Microsoft OneCare and another unofficial patch
Brian Krebs at the SecurityFix today has questions about Microsoft OneCare. In fact, with Microsoft saying that OneCare is “more than just antivirus” you wonder whether that’s just marketing speak, or if that’s really the case…. he speculates about OneCare doing the registry patch that was a recommended workaround and a few other things related to OneCare.
-
Slight outage
When I first checked this morning the site wasn’t responding. According to the logs I got hammered last night from avantgo (2 requests a second?). (So a couple hundred requests over a couple minutes?) Different IP addresses, all in the avantgo netblock. I guess I had a link from a popular page among AvantGo users…. Anyway, a simple restart (of httpd and mysql) got things going. That was weird.