The Great Lizamoon SQL Injection Attack – March-April 2011

Monday, April 4th, 2011

Well – Friday things started getting interesting on tech news sites. Most sites were running phony April fools stories and a few including websense was running with a major attack going on against many SQL based websites. Details were sketchy – people were told to look for ur.php files in their web directory (which isn’t [...]

Oh and ANOTHER Powerpoint vulnerability too….

Saturday, September 30th, 2006

Sometimes you feel like the little Dutch boy of myth/legend with his finger trying to plug the hole in a dam…. Incidents bring us this as well…. another powerpoint vulnerability seems to have been disclosed. MS has an advisory. All currently supported Office versions are vulnerable (even on Mac?) Workarounds include not opening powerpoint files… [...]

How Microsoft could patch VML vulnerability before October’s patch day

Thursday, September 21st, 2006

SO, there’s the second big vulnerability exploit for Internet Explorer making the rounds in about a week and Microsoft’s advisory says that the most recent flaw will likely be patched on October’s patch day (“unless the need arises…”) So, what would trigger that need? Lot’s of browsers being subjected to unwanted drive-by downloads? I suppose [...]

Internet Explorer zero-day

Friday, September 15th, 2006

This time around, the zero day is related to Internet Explorer and activex… (directanimation specifically). Incidents has a good update on the issue. This is a second exploit, there was another at the end of August, MS has an advisory on the issue. I think a safe bet would be alternative browsers until this is [...]

ANOTHER Microsoft patch problem

Monday, September 11th, 2006

This is getting to be like clockwork, but it sounds like this may be one of the nastiest problems so far. It appears that there is a problem with one of the recent patches from Microsoft MS06-49. It looks as though the problem is data corruption for small files (under 4096 bytes.) There’s a google [...]

Fairuse4wm back on top

Tuesday, September 5th, 2006

In the struggle between fairuse4wm and Microsoft DRM, it appears that fairuse4wm is out on top again. Just to sum up – the last few weeks saw a release of fairuse4wm that stripped DRM from Microsoft DRM protected media files, then MS fixed their DRM to break fairuse4wm and now fairuse4wm has released a NEW [...]

MS patch problems

Wednesday, August 16th, 2006

Sans has updated their chart that illustrates Microsoft’s August patches. They’ve updated it to give information about the problems that have been reported with now 2 of this months patches (MS06-040 and MS06-042) as well as what fixes are available.    Send article as PDF   

Other MS patch news as well as a Yahoo vulnerability?

Monday, August 14th, 2006

Or lack of currently available patch as the case may be. From the previous link it appears that there was at least one previously announced vulnerability that was not addressed in the recent patch day from Microsoft. From MS… “this is a DoS only issue that was not addressed in MS06-040, but will be addressed [...]

Another Microsoft Office Vulnerability

Thursday, June 15th, 2006

Hot on the heels of the Microsoft Word patch there’s a new threat to Microsoft Office. This vulnerability is with Excel documents. According to the MS security response center blog, they’ve received one report of a system being attacked by a previously unknown vulnerability in Excel. The moral of the story is to be suspicious [...]

Vista torrent pulled

Thursday, June 15th, 2006

Several days ago I mentioned that had copied the Windows Vista download into a bittorrent tracker and allowed bittorrent downloads of the DVD iso. Well, they’ve received a cease and desist order as thanks for their efforts. Some are saying the fact that the download servers are slammed to the point MS is recommending [...]


Switch to our mobile site