There’s a security fix available for a vulnerability in Clamantivirus. Version 0.88 fixes the vulnerability which could allow a remote attacker to control a machine running clamantivirus. The Security Fix has coverage on this, and the update can be found at the clamav site. This affects ClamWin as well, available here
Microsoft has issued two advisories related to patches coming out today. Both are remote code execution vulnerabilities, the first affects Outlook and Exchange server, the second is related to embedded Web fonts. The links above don’t yet seem active, but should go to the technet Security bulletins once Microsoft finishes publishing those.
I can’t really say I’m surprised, after the big WMF vulnerability of the last couple weeks, I suspected we’d see closer scrutiny of other WMF “vectors”…. but….. The SecurityFix is one of the outlets, that have been reporting on another WMF vulnerability. According to the analysis so far, it can “only” cause a Denial of Service (DoS), not remote code execution. Hopefully, that’s as far as this vulnerability will allow external attackers to mess with a system. *(Basically the DoS could freeze/crash “cause to exit unexpectedly” the program used to view WMF’s)
One of the real hesitations I had in moving current sites to WordPress 2.0 was the thought of “what plugins will break?” From what I saw the supported plugins list was short and so was the “broken” plugins list. Which said many were likely untested. So, after I installed a new wordpress 2.0 setup… I started copying over some of my favorite plugins (from my 1.5.2 sites) to see how they did.
Given that I’ve now had a chance to use WordPress 2.0 a bit, I thought I’d do a couple posts on some of my impressions. For starters, I’m quite fond of the interface for 1.5.2 that I use here. It’s comfortable, I’ve added a few plugins to make life easier and, well… I can’t find anything that just bugs me that I can think of. I do like the look of the new admin interface, it’s very similar, but with somewhat better color-scheming at the top (menu area) of the page. I like the Ajax-ified features in the post-writing tool. It’s convenient to not have to have a page load and go through “clunky” gyrations to add a category on the fly…. definite improvement….
I’ll be adding the links shortly, but I’ve got a new site roughed out… it’s along the lines of the previous post. I thought it may not have enough frequent posting to really be an eventful site, but it will have more info than I can devote here…. onlineradiotv.com. A good deal of what I want to put up initially is links to various broadcasters online feeds, especially those shortwave broadcasters with online content. However,
I’ve got a lot of posts related to shortwave radio and radio broadcasts online (and tv broadcasts online.) Which got me to thinking how I wanted to organize the information. There’s a part of me that wants to just work it into the existing structure of this site, however…. I guess my organizational side says I’ve got enough that I’d like to do that I should probably not clutter up the “computer specific” site with those posts. (Much as I don’t clutter the computer site with my North Carolina Genealogy, or South Carolina Genealogy information/posts/etc.)
This hopefully will be my last post on the whole WMF exploit stuff…. It’s prompted in part by a comment on one of the articles on Windows 98 and the vulnerability. I realized that I hadn’t really brought things to a full conclusion for the Windows 98 users. Of course, Microsoft has released an official patch for Windows 2000 and XP and 2003, the sky is no longer falling quite as quickly and all is well right? Well, not exactly for pre-2000 Windows users. They’ve just been told, they have a vulnerability, it’s not as critical as it is for XP/2000/2003 and if it were critical – “oh we’d fix it there too”, but it’s not, better luck next time (and who knows the same vulnerability could come around more critical for earlier Windows versions next time…) Anyway, there IS a patch for Windows 98 systems.
It looks as though Google will be selling video content for as little as $1.99 each. At CES today they’ve announced deals with CBS for some current running shows (CSI for instance). Also, a large number of older CBS shows including a few entries in the Star Trek franchise, I Love Lucy, The Brady Bunch, etc… will be made available. There’s a deal with the NBA for games (24 hour delay.) Looks like some music videos, and a good deal of other content.
Strange AIM worm going around. It apparently includes an interesting combination of rootkits, a rootkit detector, spyware/adware, and a specialized bittorrent client. The machines can then be controlled through IRC. Source seems to be the Middle East…
IM hackers then control a global botnet where their infections can be tested and payloads are pushed. Facetime traced these hackers to the Middle East.
The same IM hackers sent movies by way of IRC and their own version of BitTorrent, installing it without consent. Now the IM hackers are back with more, nastier malware, Rootkit Revealer and adware from 180solutions/Zango.
Bookmark this site now by pressing Ctrl+D
