Well, in the article the other day about the Windows wireless problem/(feature that could be exploitable?) there was a mention that the default behaviour for Windows would be changed with the next service pack, for XP users that’s SP3. So, when can we expec this? It seems that service pack three for Windows XP probably won’t be publicly available until the second half of 2007.
Tag: Security Fix
-
Microsoft’s speed to get security patches out
Brian Krebs at the Security Fix has done an interesting study related to how long it takes Microsoft to release a security fix for a problem, starting from the time they are notified of the security vulnerability. For the most part, 134.5 days has been the window between notification and vulnerability patching for the last 2 years from Microsoft. (That is for vulnerabilities that were submitted to Microsoft through the normal process…)
-
Blackberry Security Hole
There’s another security warning out related to specially crafted image files. This time it’s targetted at the blackberry, which is a small portable email/pda device. Basically a corrupted TIFF may lead the user to be unable to view other image attachments. The US-CERT advisory seems to indicate that remote code execution could be possible, although there is no comment to this issue from the makers, Research in Motion.
-
How embarrasing… Computer security firms database hacked
The Washington Times, has a story from Brian Krebs of their Security Fix blog about …
Guidance Software — the leading provider of software used to diagnose hacker break-ins — has itself been hacked, resulting in the exposure of financial and personal data connected to thousands of law enforcement officials and network-security professionals.
-
Apple Security Update
13 Seperate vulnerabilities are addressed by the latest Apple security updates. 9 vulnerabilites exist in network facing services like the web server, a couple in the web browser, another couple in SSL (secure socket layer) handling. In other words, get updating.
-
Viral turf war
I remember very well the competing worms that came out in early 2004, Netsky and Bagel (Beagle) and to a degree Mydoom as well. One would try to uninstall the other as they fought for control of a pc. They were done by competing gangs and were literally waging a turf war with home (and business computers.) The same seems to be happening with the latest round of plug ‘n play (worms) viruses (bots).
-
Identity theft
So, you don’t click on “phishy” links, keep your pc free from spyware, only bank at secure websites, do all the good things a cautious computer user is supposed to do to keep from having your identity stolen. Your safe right? Not entirely. I just found this in the Security Fix… Verizon Wireless Fixes leaky website.
-
Brian Krebs talks to the FBI on cybercrime
Just found this interesting post at the Security Fix. It seems Brian has had a chance to ask a question of the FBI director Robert Mueller and to speak with the assistant director in the Cyber Division. There are some interesting answers to his questions.
-
Web smarts is the main defence against spyware
Over at the Security Fix, Brian Krebs is talking about spyware and the fact that keeping up-to-date on patches, and running current antivirus with current definitions is not enough to protect your machine from spyware. He sums it up by saying common sense is the best defence.
(more…) -
Microsoft to release 6 updates Tuesday August 9th
According to this release, expect to see 6 updates coming out from Microsoft Tuesday. One will be tagged critical from what I read. It seems like this is a bit large number this time around, but still it could be worse, prepare for patching.