Computer Tips -Tech Info

Well, the weekend saw news stories of Google planning to eavesdrop over pc microphones to hear what you’re watching on tv to target ads….. (I’m not holding my breath on that one, but… I do know how to disconnect the microphone.) Also, there was the story of Browzar which was supposedly THE solution for private […]

A new Internet Explorer bug was published on Monday. It’s been given a CVE (2006-4446) and affects IE 6.0 SP1. It’s worth considering alternative browsers. Details from bugtraq indicate that it’s a buffer overflow in the DirectAnimation.PathControl COM Object(daxctle.ocx)… could cause DoS and possibly remote code execution.    Send article as PDF   

We’ve got an antivirus false positive to pass along… apparently, a signature update for CA eTrust Antivirus has flagged lsass.exe on Windows 2003 as an undesirable program. There have been updates to address the problem, but if you’re running CA eTrust on Windows 2003 Server you’ve probably already seen the effects. Sans reports some 2003 […]

The Java Runtime Environment from Sun has a vulnerability that’s due in large part to a poor approach to updating it. IF you have not uninstalled previous versions of the JRE on your PC, they are likely still there EVEN after an update AND to make things even worse, a specially designed website could specifiy […]

It’s really good to see one chalked up against a botnet operator. Friday, a former botnet operator was sentenced to 37 months in prison for breaking into 100’s of thousands of computers. There NEED to be more stories like this. Unfortunately though, with a possible benefit of making $6,000-10,000 per month being a botnet herder…. […]

I had a frustrating morning last week. I had setup a new pc, transferred data and gotten everything in fairly nice shape. I had got the old printer attached and setup (HP Deskjet 5550). In fact I had done a test page through the printers software at the end of the install process (Some sort […]

A couple weeks back, there was a pretty important security update for the Intel Proset Wireless driver. The big problem is that the update was a memory hog and caused porblems. Sans has info on the update to the update, also George Ou is encouraging everyone to make sure they’ve got things updated. It’s possible […]

There used to be a tool called ethereal and then it changed it’s name to wireshark. Today a number of security vulnerabilities were disclosed. A new version is available and workarounds. Please upgrade if at all possible.    Send article as PDF   

Sarc is still in their month of security tips per day and todays is another good one. Todays tip is about monitoring machines, particularly those that “defend” your network. (Mail antivirus scanners/ proxy fitlers/scanners/etc.) The core of the advice is to not just ping – that only tells you if the system exists and is […]

Sans had an interesting malware analysis this morning about a blob that appeared to be ascii text (gibberish) that was retrieved by a piece of malware. It turns out that the ascii text was a cleverly encoded exe file (windows executable or program file.) It took several iterations of their analysis to uncover the actual […]