Computer Tips -Tech Info

This time around, the zero day is related to Internet Explorer and activex… (directanimation specifically). Incidents has a good update on the issue. This is a second exploit, there was another at the end of August, MS has an advisory on the issue. I think a safe bet would be alternative browsers until this is […]

Yesterday, of course, Microsoft released it’s monthly patches. I found the Windows update site to be painfully slow (and in some cases unresponsive.) It wasn’t quite a huge update day by recent standards, but here’s the summary…. Incidents.org has a nice chart showing the two re-released patches (one is actually re-re-released…) They are MS06-040 (server […]

Some time back I remember an article I had on vcodec not being a legitimate video codec. At the time there was some malware claiming to be vcodec and “required” to view some content…. well, posing as a codec download is a good way to trick people into downloading it seems and there are more […]

Betanews is reporting that Samsung’s site has been hacked and is currently serving up malware in some areas. user intervention is required for it to run on the users pc, but be cautious. Samsung has been notified, but as of Friday morning (according to the report) the trojan horse is still there. I really wonder […]

Once upon a time the bad payload of a malicious email was it’s attachment, that still happens, but in many cases the links are the real lure – like a worm dangled in the water in front of a hungry fish…. the links though hide a danger on the other side…. the hook in our […]

Sans brings this from AOL, advising of vulnerabilities in the ICQ client and the ICQ toolbar for IE. The latest version of ICQ client is 5.1 and is claimed to not be vulnerable. (Toolbar version 1.3 is said to be vulnerable as well. No more recent version of that is available – you might consider […]

So, the stories are out of the analysis of the code for Mozilla Firefox. It seems there were a large number of potential flaws found (71 potential security vulnerabilities) according to the article. This was done using an automated tool and many say, that in order to evaluate the true severity of the flaws, you […]

I didn’t really think of this in context, but George Ou points out that Microsoft issued an “out of cycle” patch for their DRM software in response to the FairUse4WM software that stripped DRM protections from Windows Media Files. It took a mere 3 days from being made aware of the issue to releasing a […]

Brian Krebs highlights a study on data theft/breaches. There are some interesting results (just 1/3 of data breaches were from criminal hacking, 29% from stolen laptops or storage media, 23% from improper disclosure of information (oops I published all our customers information on the website.) and 7% from inside sources – employees taking/selling data, just […]

There’s a good article at Michael Sutton’s Blog which points out something that really makes sense and I think many people are aware of, but with all the buzz that a new previously undisclosed vulnerability has, we forget. The point is this, there are plenty of machines online vulnerable to ancient flaws that have been […]