Friday, April 18th, 2008
A demonstration of a security hole in the Microsoft Works Image Server (WkImgSrv.dll) ActiveX module contained in the Microsoft Works office suite has appeared on the Bugtraq mailing list. The demo appears to only cause a system crash. McAfee, however, has already found fully functional exploits which allow attackers to ...
Posted in Coding, Security, Windows | No Comments
Wednesday, April 16th, 2008
About one percent of the Internet web pages are being changed in transit, sometimes in a harmful way, according to researchers at the University of Washington.
In a paper, set to be delivered Wednesday, the researchers document some troubling practices. In July and August they tested data sent to about 50,000 ...
Posted in Coding, Internet, Privacy, Security | No Comments
Monday, April 14th, 2008
Security researcher Billy Rios has discovered a vulnerability in Google Spreadsheets which attackers can exploit using links to crafted tables to steal a user's cookie. According to Rios, the victim has to follow such a link in Internet Explorer. The stolen cookie can be used to access all Google services ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
Monday, April 14th, 2008
ActiveX controls made up most of all browser plug-in vulnerabilities in the second half of 2007, according to Symantec.
The company has just released its semi-annual web security report and in it said that Microsoft's technology, primarily used to create add-ins for Internet Explorer, accounted for 79 percent of the 239 ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
Thursday, April 10th, 2008
The CLSID for an ActiveX control is a GUID for that control. You can prevent an ActiveX control from running in Internet Explorer by setting the kill bit so that the control is never called by Internet Explorer when default settings are used.
The kill bit is a specific value for ...
Posted in Coding, Internet, Security, Windows | No Comments
Wednesday, April 9th, 2008
At the RSA Security Conference I caught up with Austin Wilson, Microsoft 's Director of Windows Product Management and learned a few tidbits about security enhancements coming in Internet Explorer 8. IE8 will address three specific areas where security can be a problem: social engineering, traditional browser vulnerabilities, and attacks ...
Posted in Internet, Security, Windows | No Comments
Thursday, April 3rd, 2008
Microsoft said Thursday that it plans to release eight software updates for the Windows operating system and Internet Explorer Web browser to patch security holes, five of which the company described as "critical."Microsoft said it plans to release the updates on April 8. PC users can determine if they need ...
Posted in Security, Software, Windows | No Comments
Monday, March 31st, 2008
Since the dawn of time, geeks have been playing harmless pranks on their beloved (but unsuspecting) associates, and it's up to all of us to carry the torch forward. On the eve of April Fools' Day, when you've got local network access to your coworkers' and family systems, cubicles just ...
Posted in General BS, Software | No Comments
Monday, March 24th, 2008
Microsoft is promising that the upcoming IE (Internet Explorer) 8 will be the safest and most secure version of its Web browser yet. Of course, everyone has heard this song before. Still, with the addition of two significant new security features, it's hard to argue that the new release won't ...
Posted in Internet, Privacy, Security, Windows | No Comments
Wednesday, March 19th, 2008
Modern browsers are much better than their predecessors at keeping your Web activity private and your data safe. Still, you may not have your browser configured to provide optimum security. Take a few minutes to give Internet Explorer 7 and Firefox 2 a safety check.
Batten down IE7's hatches
The version of ...
Posted in Internet, Privacy, Security, Windows | No Comments
