Computer Tips -Tech Info

Category: Windows

  • Mozilla Firefox 1.0x series end of life….

    The Mozilla Firefox 1.0.x series will no longer be supported with security updates. IF you use Firefox as your web browser, make sure you’re using the current version in the 1.5 series (currently 1.5.0.3). You can find what your current version is by going to Help, “About Mozilla Firefox”. The 1.5 series automatically downloads and installs updates and periodically checks for updates for the installed extensions.

    (more…)

  • IE exploit unofficial patches

    While we wait for Microsoft to release a patch for the MOST recent Internet Explorer vulnerability….. it looks as though MS is “planning” to release a patch on their routine patch day of April 11th. (However they could always change their mind…) As before though there are some 3rd party patches. I’ve got to say I’m slightly uncomfortable with the prospect of a third party patch when there are workarounds (use another browser, disable active scripting….) However, for some those aren’t enough options. I know of two unofficial patches.

    (more…)

  • Update on Internet Explorer Exploit in the wild

    If you use Internet Explorer to browse the web, I’d suggest finding the instructions to disable active scripting, or drop it and use something else in light of the recent exploit floating around. It seems that in spite of Microsoft’s infinite wisdom that “Microsoft has determined that an attacker who exploits this vulnerability would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker’s Web site”…. the reality is that legitimate sites have been hacked and the malicious code has been added. (Over 200 legit sites…)

    (more…)

  • Another critical IE flaw

    I should mention a fairly big Windows vulnerability (which involves active scripting). Apparently there are proof-of-concept exploits circulating that do innocent things like open up the calculator. Unfortunately, once exploits are out that can do this, it’s trivial for them to do worse. The bottom line is, be careful what sites you visit, beware of “driveby downloads” using this tactic consider alternative browsers until you’re patched. (Although in reality, with IE’s integration in Windows, it’s hard to be completely safe this way with other apps using IE to view html objects….)

    (more…)

  • Juice – formerly ipodder podcast client for Linux (Windows and Mac too…)

    I’ve been playing around a bit with podcast clients the last couple of days. I’ve been finding online news feeds for the onlineradiotv.com site and for many of those I have bash scripts to handle downloading or streaming the audio available from shortwave broadcasters. I did run across a few podcasts too though and thought it might be time to take another look at linux podcasting clients…

    (more…)

  • Microsoft’s speed to get security patches out

    Brian Krebs at the Security Fix has done an interesting study related to how long it takes Microsoft to release a security fix for a problem, starting from the time they are notified of the security vulnerability. For the most part, 134.5 days has been the window between notification and vulnerability patching for the last 2 years from Microsoft. (That is for vulnerabilities that were submitted to Microsoft through the normal process…)

    (more…)

  • Symantec fixes possible rootkit issue

    Brian Krebs at the SecurityFix has the story. Symantec, has fixed a problem with their SystemWorks and SystemWorks premier software that could allow malicious software to hide in the Norton Protected Recycle Bin. That software, could have used the nprotect directory to evade detection by antivirus and antispyware programs.

    (more…)

  • Clamav vulnerability

    There’s a security fix available for a vulnerability in Clamantivirus. Version 0.88 fixes the vulnerability which could allow a remote attacker to control a machine running clamantivirus. The Security Fix has coverage on this, and the update can be found at the clamav site. This affects ClamWin as well, available here

    (more…)

  • XP Home support period

    This is something you should consider if you are looking to abandoned a pre-Winxp operating system in favor of a flavor of XP. The product life cycle. In their infinite wisdom, Microsoft has different support plans for consumer products than “business-products”. As such… arstechnica.com has a post explaining why support for Windows XP Home will end the end of this year 12/31/06 and Windows XP Pro will continue to be supported perhaps as long as December of 2013.

    (more…)

  • Microsoft advisory on Sober “Awakening”

    Microsoft has posted a security advisory (912920) on the previously reported “awakening” of the Sober worm, expected January 6th.

    Systems that are infected with Win32/Sober.Z@mm may download and run malicious files from certain Web domains beginning on January 6, 2006

    Further they give the following note….
    (more…)