Sans has the story on a security vulnerability involving specifically crafted .cab files affecting a WIDE range of SOPHOS antivirus products (from desktop to server.)
The main result of the vulnerability is arbitrary code execution, which is a bad thing…. PureMessage and MailMonitor users may be more at risk because, of course, it requires scanning of .cab files to be enabled.
Oracle released 36 patches in mid-April as part of their quarterly patch cycle…. unfortunately, not all of the patches were released. Apparently they hadn’t finished testing and users were advised to look for the updates around the first of May. Well, guess what – they’re not out yet and the word is that they won’t be until May 15th. This is one example of why I think it’s unwise to say that patches will be released on X date on a regular schedule. They should be releasing them as soon as they have the patch tested and ready.
VuNet has an article today on the coming of Vista and the imminent doom of the smaller security companies. The hardest hit will be anti-spyware and personal firewall vendors they say. It may well be true, it does sound like a different approach to user permissions (limited priviliges by default?) IE7 running in a sandbox, i.e. no permission to touch anything else …. which should cut down on the spread of browser exploits turning machines into spyware infested bots…
There have been several articles in the last few days breathlessly heralding the news The linux kernel is too buggy… Andrew Morton, the lead maintainer has said in the last week that the 2.6 kernel has gotten a bit out of hand with too many new features and too few fixed bugs. Of course, he’s probably right…. Linux founder Linus Torvalds agrees that a “bugfix only” cycle of kernel development would be a good idea.
Microsoft hasn’t got a lot of positive free publicity about Vista that I’ve seen. I read about a Gartner Group suggesting that it wouldn’t be available until 2nd quarter 2007. (Which was shortly after Microsoft said they wouldn’t make 4th quarter 2006 if I recall…) I’ve seen a lot of analysts talking about how the really big features they were excited about have been shelved to get it out the door. And, well… of course, I don’t expect a positive, rah-rah Microsoft article from the Register… but they’re reporting on a Yankee Group analysis of the upcoming OS…
It looks as though there are two critical updates to be had today, one moderate/low (depending on the OS version.) The critical updates are one biggy for Exchange server which is reported to break some functionality with regards to Blackberry -> exchange server integration… This is an obviously important patch to get in since the vulnerability would allow for remote code execution. The other critical patch….
“We tried scanning and all that happened was the lamp moved back and forth…. Nothing else happened.” That was the description I had and the request to see why the scanner was broken. It hadn’t been long since the Epson scanner had been hooked up to a new XP Pro system. The machine sees quite a bit of public use so we had thought it would be best to divide accounts into Visitor which is an unpriviliged user and another account for the ability to work with software that was not as cooperative in an unpriviliged account.
This is going to sound familiar to those that have been here before, but I’ve just had a once over of a batch of machines that are going to get thrown away tomorrow and felt compelled to make a list of the top ten things to do before you throw away, give away, pitch or otherwise dispose of your computer…..
Sometime during the winter, I recall President Bush visited the NSA headquarters if I’m not mistaken and there was some press footage of him shaking hands in a very important looking techy monitoring room. A network operations center of some sort. I think they called it the Threat Operations Center. There was one backdrop that was quite impressive and made the rounds in some of the photos of the visit. There was the ISC threat meter, dshield, a square showing updates of exploit tools and vulnerabilities, viruses, intrusion detection signature updates, etc… all packed into a nice size screen.
Search engine rankings are one of the concepts that I think is vaguely understood. It’s amazing to me how a subtle change in a series of search terms (or quoting a pair of words) can so drastically alter the results. Let’s say you’re searching for discount shoes, there’s a difference between a search for discount shoes and “discount shoes”… Of course, if you’re hosting your own site…. it’s awfully nice to be able to get an idea of where you turn up in the search results for given terms. The biggest problem is…. most search engines give a chance for you to see if pages on your site are found with the terms, but that doesn’t tell where in the rankings you compare to other sites. The hard way of course, is to type in your search term and go from page to page until you finally encounter your site. This can be painfully tedious though.