Just catching up on the days VML vulnerability news from today…. It looks as though… the exploit is now MUCH more widespread this blog has some video of an infection, what’s notable is that the first take was VERY UNEVENTFUL, it was used to stealthily install a keylogger. (So that they can harvest paypal/bank/etc. passwords…) So, there might not be a big red “you’re owned” sign pop up. Sunbelt reported on a test page to visit to see if you’re vulnerable. The direct link is http://www.isotf.org/zert/testvml.htm (Will crash IE if it’s vulnerable.)
Tag: FAQ
-
Powerpoint vulnerability (August 2006)
I’m having to make sure I put the date in the title of these posts now…. over the weekend there were rumors of a new powerpoint vulnerability. Sans had an early notice of some trojan droppers using powerpoint files. And by the 20th (Sunday) it was being called a 0-day. There is a good FAQ over at securiteam.com.
-
Microsoft security roundup
OK – there have been a number of Excel problems floating around in the last week – week and a half. Securiteam blog has a FAQ on the Excel 0-day vulnerabilities with Excel and Excel Viewer Incidents.org kindly gives us a scoresheet documenting the three different vulnerabilities that have been recently exploited. I have not thoroughly read details, but suspect that avoiding opening unexpected xls attachments would likely be a GOOD preventative measure. If you take the attitude… “oh junk mail…. ooo attachment – wonder whats in there – let’s see…” then you’re likely already stuck by a few viruses.
-
VMPlayer on Mandriva 2006 finally…
As you might recall some time back I talked about the release of vmplayer which is a free virtual machine “player” from vmware. Mostly, I wrote about the problems I had running it on my main desktop which was running Mandrake 10.1 at the time. The error was basically a signal 11 in the log file, which MOST everyone says is a hardware problem (or kernel…) Well, I tested the memory, everything seemed fine. Finally, I was having other issues and an itch for an upgrade, so I upgraded to an AMD64 3000 based system with 1GB of memory and did the upgrade to Mandriva 2006 as well (first with the original kernel, now with the updated kernel.) Vmplayer still refused to run.
-
Kubuntu Free CD’s
One of the things I’ve really admired about the Ubuntu project is that they will MAIL you REAL cds of their product for free. That can give a much more professional look for redistribution than a hand burned cd with handwritten green ink saying ubuntu linux 5.10…. Well, Ubuntu has done this for quite a while, NOW the “Shipit” service is available for Kubuntu. You’ll basically need a Launchpad account first. Also, Edubuntu now will ship free cds as well.
According to the FAQ… “All CDs currently contain version 6.06 LTS, development codename “Dapper Drake”. For every CD you order, we will send you one package that contains a single CD (live CD installer) in a cardboard wallet. This is true for all architectures.”
-
Google Analytics update
Well, I mentioned the release of Google Analytics yesterday which really looks promising. At this hour I can still say it looks promising. I had a funny thought after trying several times yesterday to get set up… it was a “good going, you just broke google” kind of thought. It was pretty clear that demand was VERY high for the service (what they’ll be providing for free used to be a fee service.) But it looks like Google has been really caught off-guard by the demand. As I don’t have any data yet, and it appears I’m not the only one.
-
Google announces analytics for web sites
Google has rolled out another free tool for site owners. Google Analytics was announced today. Using technology acquired from Urchin, this free service (limited to 5 million page views a month), sits on your webpage as a little javascript “bug” of sorts and tracks information on visitors to your site.
-
Free Ext2 Ext3 driver for Windows
Barrapunto.com is reporting on a Noticias.com article (on another story by… sorry… got carried away.) Their reporting on a freely available Ext2 Ext3 driver for Windows. It should allow full read/write access (although I would quail at allowing Windows to write to ext2 or 3…. just me though.)