Sans has updated their chart that illustrates Microsoft’s August patches. They’ve updated it to give information about the problems that have been reported with now 2 of this months patches (MS06-040 and MS06-042) as well as what fixes are available.
Blog
-
Is the firmware current?
The other day I was struggling with something that should have worked “out of the box”. It was a little wireless bridge (Linksys WET54G Wireless-G Ethernet Bridge). The idea was to just connect it to the pc and it would just work. Well…. in a word NO. It “sort of worked”, the problem is the pc didn’t receive the dhcp address, so I had to manually set it. I didn’t know the correct gateway information (should it be the bridged device ip or the REAL gateway.) At one point I got dns lookups working, but routing to the internet was not working, then the access point got pulled off a shelf and EVERYTHING stopped working. Checking in on the bridge would show it was just cycling through the WPA handshake process over and over and over.
-
Helixplayer to include Windows media file viewer
WMV and WMA file formats (Windows Media Video and Windows Media Audio) have been one of those sore spots for desktop linux. Yes, I KNOW mplayer and other players can handle them. (If the codecs are installed.) (and wine can run media player) But, there have been licensing issues there. The fact is, distributions that are strict about their “open source only” policy have a situation where those formats don’t work out of the box. That appears as though it will change soon as Real Networks includes open source codecs for those formats in it’s Helixplayer. DRM (Digital Rights Management) will not be supported in the helixplayer project.
-
Google Coupons and improving Picasa
There are a couple of stories on the “Google front” today. First up Coupons tied into Google location searching (maps.) More details at the Adwords blog. (BTW, this is open to US businesses, an Adwords account is not a requirement.) It looks like they’ll put up printable coupons for businesses. There seem to be quite a few possibilities for extending this idea. (More coverage here.) The next item puts to rest a rumor from some time back. It seems as though at one point in time, Google was interested in Riya, who specializes in image recognition (hey – that’s Bob in that picture.)
-
Real time Global strategy game using Google Maps?
Some time back, there was a Risk clone using Google maps which was interesting, but taken offline due to a legal letter. Well, I have had a long interest in strategy games…. (Risk/Axis&Allies and variants as well as the civilization/freeciv variety and Age of Empires/etc….) Anyway… saw this last week… Online strategy game using Google Maps. Upon visiting, I found out the site has moved under heavy load to a new location…. Here’s the new site gmworldwar.com. I don’t know, I’m not terribly eager to strategize world war right now – it seems a bit too much like reality seem to be shaping up for right now… Anyway – it’s called Endgame and uses Google Maps as the back end. It’s currently limited to beta testers due to high demand so, the general public will have to wait.
-
Squirrelmail 1.4.8
Security Update to a previously announced vulnerability.
-
Other MS patch news as well as a Yahoo vulnerability?
Or lack of currently available patch as the case may be. From the previous link it appears that there was at least one previously announced vulnerability that was not addressed in the recent patch day from Microsoft. From MS…
“this is a DoS only issue that was not addressed in MS06-040, but will be addressed in a bulletin.”
Not timeline yet on when… There are also public exploits out for (possibly related to MS06-046) which is related to the MS Help system.
-
MS06-040 update
MS06-040 is one of last weeks Windows updates and is the one that was probably the biggest target for “wormable” activity. There’s a good deal of news from over the weekend with regards to this. First: Snort signatures, the MS06-040 exploit was spotted actively “in the wild”, and of course, our perennial friends in the spamming world didn’t waste much time in making use of this one.
-
Being cautious on the web…
Incidents.org is reporting on the defacement of a security related web site (winsnort.com). They say they usually decline to comment on those because the attention is what the defacers thrive on. However, it does pay to keep your browser updated and antivirus current. What’s more…. Several days ago there was the news that the President of Iran now has a blog (which is ironic in many ways given the restrictions they place on internet use….) But… anyway, I figured he is getting his propaganda tool our and ready in advance of the UN showdown over the nuclear program. Well, it turns out that some have noticed an interesting gift from the visit to Mr. Ahmadinejad’s site….
-
Massive Dell Laptop Battery recall
This is worth reading if you’ve got a Dell laptop. There have been numerous stories in recent months of Dell laptops exploding into flames and it looks as though now over 4 million batteries from their inspiron, Latitude and Precision laptops are being recalled. The manufacture dates range from April 2004 to July 18, 2006. There is a Dell site for this issue www.dellbatteryprogram.com. Realistically, the new lithium ion batteries are trying to pack a large power density into a small space and if something goes wrong, it can go BAD wrong….