Computer Tips -Tech Info

Sans has the story on a security vulnerability involving specifically crafted .cab files affecting a WIDE range of SOPHOS antivirus products (from desktop to server.) The main result of the vulnerability is arbitrary code execution, which is a bad thing…. PureMessage and MailMonitor users may be more at risk because, of course, it requires scanning […]

Oracle released 36 patches in mid-April as part of their quarterly patch cycle…. unfortunately, not all of the patches were released. Apparently they hadn’t finished testing and users were advised to look for the updates around the first of May. Well, guess what – they’re not out yet and the word is that they won’t […]

This is going to sound familiar to those that have been here before, but I’ve just had a once over of a batch of machines that are going to get thrown away tomorrow and felt compelled to make a list of the top ten things to do before you throw away, give away, pitch or […]

Sometime during the winter, I recall President Bush visited the NSA headquarters if I’m not mistaken and there was some press footage of him shaking hands in a very important looking techy monitoring room. A network operations center of some sort. I think they called it the Threat Operations Center. There was one backdrop that […]

Now that the April patches have been patched…. it’s time to look forward to what updates we’ll be seeing from Microsoft this coming Tuesday May 9th… There are 3 expected updates for May, 2 for Windows and one for Exchange Server. The Exchange update is listed as critical as is AT LEAST one of the […]

In the last couple days there have been new security releases of both clamantivirus (0.88.2 is now the current) and Mozilla-Firefox (1.0.3 is the current release over there). If you use either of these programs you should be looking to update. I’ve been busy looking at getting src.rpm’s recompiled here for various Mandr-ake/iva’s and if […]

Looks like an interesting patch day. Looks like there are several bugs covered by the cumulative IE patch… Sans has a good writeup (7 CVE issues addressed by this 1 patch….) Also the Eolas ActiveX settlement (“Eolas Patent Patch”) solution seems to be included in this bundle. Also a MDAC and a Windows Explorer (not […]

Since, I’ve still got a few older Mandrake 10 installs that I’m maintaining as mailservers, there aren’t supported security fixes for various things anymore… Friday there was news of a new clamantivirus to fix some security flaws with 0.88, new version is 0.88.1 I’ve taken the cooker srpm and recompiled for 10.0, so… for my […]

There is ANOTHER IE vulnerability that’s come across the news in the last week. It seems that this is currently only a Proof of Concept, I’ll have to check and see if anyone’s reported seeing this in the wild…, but essentially a race condition between a Macromedia flash file and web content can allow a […]

The multi-OS virus may be a proof of concept, but it could be a sign of bad things to come. Let’s face it, there have been viruses that have taken advantage of multiple ways of spreading (email/open network shares/instant messengers…) It would almost make sense that even though it’s POC…. it may be quickly incorporated […]