Archive for the 'Security' Category


Firefox zero-day vulnerability (or is it?)

Sunday, October 1st, 2006

I saw a comment somewhere else that zero-day was overused and in essense ANY previously unknown vulnerability in open source software is technically zero day… the intent here though is to use the word in this context…. “vulnerability has been released without giving the vendor an opportunity to patch…” Yes, the fun vulnerability weekend seems […]

Oh and ANOTHER Powerpoint vulnerability too….

Saturday, September 30th, 2006

Sometimes you feel like the little Dutch boy of myth/legend with his finger trying to plug the hole in a dam…. Incidents bring us this as well…. another powerpoint vulnerability seems to have been disclosed. MS has an advisory. All currently supported Office versions are vulnerable (even on Mac?) Workarounds include not opening powerpoint files… […]

Microsoft vulnerability whack-a-mole continues…..

Thursday, September 28th, 2006

Translation – Microsoft patched one vulnerability another surfaces…. Incidents.org brings us the frustrating news…. If you remember the month of browser bugs series of exploits back in July, there was a denial of service there that appears to have code execution after all. Coincidence or not, it got publicly released after the out of cycle […]

Microsoft releases official VML patch!!

Tuesday, September 26th, 2006

The big news this afternoon is that Microsoft HAS gone out of the routine patch cycle to release a security fix for the VML vulnerability that’s been actively exploited in recent days for everything from sneak keylogger installs to massive spyware installs. Sans has a few links, if you de-registered the affected DLL you should […]

Update on the Internet Explorer VML vulnerability

Friday, September 22nd, 2006

Just catching up on the days VML vulnerability news from today…. It looks as though… the exploit is now MUCH more widespread this blog has some video of an infection, what’s notable is that the first take was VERY UNEVENTFUL, it was used to stealthily install a keylogger. (So that they can harvest paypal/bank/etc. passwords…) […]

Apple Macbook pro and other wireless fixes

Thursday, September 21st, 2006

Do you remember the big bruhaha a month or so back about the “apple wireless vulnerability” that everybody picked apart because in the video taped demonstration they used a third party card…. EVEN though the demonstrators stated that the same vulnerability existed in Apple’s own driver some on the internet tore one reporter up over […]

More fake codecs

Thursday, September 21st, 2006

Sunbelt is still finding fake codec sites…. This most recent site is mpcodec.com and the ip address of 69.50.160.58 (I had to do a doubletake as THIS site (averyjparker.com) is hosted at 69.36.180.58 – I usually see the first and last numbers first and thought – “wait a minute – that looks familiar…” the middle […]

How Microsoft could patch VML vulnerability before October’s patch day

Thursday, September 21st, 2006

SO, there’s the second big vulnerability exploit for Internet Explorer making the rounds in about a week and Microsoft’s advisory says that the most recent flaw will likely be patched on October’s patch day (“unless the need arises…”) So, what would trigger that need? Lot’s of browsers being subjected to unwanted drive-by downloads? I suppose […]

Public CWSandbox (es)…

Wednesday, September 20th, 2006

Around the time of this latest IE exploit hitting the web, there was also mention of some publicly available CWSandbox sites for the submission of malware. It’s an analysis tool that can give you a report of how the malware behaves and what it would do if run in a “non-sandboxed” environment. There are a […]

Internet Explorer 0-day (take 2 of the last few days…)

Wednesday, September 20th, 2006

The last zero day (activeX) seems to be less interesting than this NEW zero-day that really made a news splash in the last day. It looks as though this NEW 0-day affects VML… Incidents.org has good coverage here. Microsoft has an advisory up and they expect to release a patch on the next scheduled patch […]

Google
 
Web www.averyjparker.com