Our “good friend” spyaxe, which is one of the “wolves in sheeps clothing” that masquerade as security software, but in actuality are delivered WITH spyware, has a new clone. Apparently SpywareStrike is making the rounds, and has a website which is identical to the SpyAxe site and it looks to be the same program. The […]
For the last week, I’ve seen various headlines referring to a report from US-CERT that indicated 2005 had 5,198 security flaws reported. Out of those 2,328 were reported for Linux/Unix, 812 for Windows and 2,058 affecting more than one operating system. Now, I’m seeing all sorts of headlines about how Windows is more secure than […]
Sounds like this patch Tuesday will have a couple of updates in spite of the early release of the WMF vulnerability fix. Thanks to Microsoft for yielding that fix as soon as the testing was done. I would hope that it wasn’t just public pressure, but a sense of what the right thing to do […]
Microsoft has released the patch for the WMF vulnerability that’s been all over the news early. It was released to http://windowsupdate.microsoft.com ahead of the previously announced January 10th “patch Tuesday”. Congrats to Microsoft for getting this out the door early. That should go a long ways to blunting the attacks that are making use of […]
The security fix has some news today on some bogus security software makers (the wolves in sheeps clothing as I tend to think of them…) Anyway, they’re settling deceptive trade practice chargers that were brought by the FTC. SpywareAssassin and Spykiller were facing a civil suit over their ads which invariably found infestations on a […]
Microsoft has updated their security bulletin on the WMF vulnerability to note a couple things. One, they acknowledge that embedded images within a document can trigger the exploit. Previously they said this needed further investigation. Second, they are seconding what I’ve been finding that Windows 98 and other pre-XP systems are not as critically at […]
Well, antivirus vendors and IT security folks are waiting now for the expected activation of the sober.y worm searching for a new downloads and a new revision of the pest. kaspersky’s log indicates the expected activation time is 00:00 GMT January 6th, which means here in the EST zone that would be 7PM EST… Of […]
Brian Krebs at the SecurityFix today has questions about Microsoft OneCare. In fact, with Microsoft saying that OneCare is “more than just antivirus” you wonder whether that’s just marketing speak, or if that’s really the case…. he speculates about OneCare doing the registry patch that was a recommended workaround and a few other things related […]
I didn’t see this reported anywhere, but since yesterday when there was an update to the metasploit module for the WMF vulnerability I think there’s been yet another update. I read yesterday that it had been updated and could evade all known IDS signatures. I downloaded the update to continue my Win98 testing. Then today […]
Since there’s some interest…. here is a listing of all posts related to the WMF exploit and Windows 98 that have come out in the last week. http://www.averyjparker.com/2006/01/04/lack-of-working-exploit-does-not-mean-windows-98-is-safe/ http://www.averyjparker.com/2006/01/03/wmf-exploit-vs-windows-98-again/ http://www.averyjparker.com/2006/01/03/wmf-exploit-testing-on-windows-98/ http://www.averyjparker.com/2006/01/02/windows-98-and-the-wmf-exploit/ http://www.averyjparker.com/2006/01/01/version-2-of-the-wmv-exploit-vs-windows-98-se/ http://www.averyjparker.com/2006/01/01/more-wmf-exploit-testing-on-windows-98/ http://www.averyjparker.com/2006/01/01/wmf-exploit-and-windows-98/ Send article as PDF
Bookmark this site now by pressing Ctrl+D
You are currently browsing the archives for the Security category.
