Microsoft’s priorities…

Friday, September 8th, 2006

I didn’t really think of this in context, but George Ou points out that Microsoft issued an “out of cycle” patch for their DRM software in response to the FairUse4WM software that stripped DRM protections from Windows Media Files. It took a mere 3 days from being made aware of the issue to releasing a […]

System patching 0-days and ancient-day vulnerabilities

Tuesday, September 5th, 2006

There’s a good article at Michael Sutton’s Blog which points out something that really makes sense and I think many people are aware of, but with all the buzz that a new previously undisclosed vulnerability has, we forget. The point is this, there are plenty of machines online vulnerable to ancient flaws that have been […]

CA etrust antivirus false positive

Friday, September 1st, 2006

We’ve got an antivirus false positive to pass along… apparently, a signature update for CA eTrust Antivirus has flagged lsass.exe on Windows 2003 as an undesirable program. There have been updates to address the problem, but if you’re running CA eTrust on Windows 2003 Server you’ve probably already seen the effects. Sans reports some 2003 […]

Good sarc monitoring tip

Wednesday, August 23rd, 2006

Sarc is still in their month of security tips per day and todays is another good one. Todays tip is about monitoring machines, particularly those that “defend” your network. (Mail antivirus scanners/ proxy fitlers/scanners/etc.) The core of the advice is to not just ping – that only tells you if the system exists and is […]

But it’s brand new, how could it have so many updates?

Wednesday, August 23rd, 2006

This morning I was doing a fresh install of Windows XP SP2 into a Virtual Machine. So far, things are fine I went through windowsupdate and found 3 updates the first time, then rebooted and hit windowsupdate again to see 55 updates available. A lot of times when I set up a new pc for […]

The stratellite revisited

Tuesday, August 22nd, 2006

NO, I didn’t mean to type satellite. Stratellite. This is an idea that I’ve written on before and I think it has some interesting possibilities. The idea is to positition a large airship (helium balloon of sorts) in the stratosphere. Put it above the steering currents of the jet stream and equip it with the […]

Powerpoint vulnerability (August 2006)

Tuesday, August 22nd, 2006

I’m having to make sure I put the date in the title of these posts now…. over the weekend there were rumors of a new powerpoint vulnerability. Sans had an early notice of some trojan droppers using powerpoint files. And by the 20th (Sunday) it was being called a 0-day. There is a good FAQ […]

Is the firmware current?

Wednesday, August 16th, 2006

The other day I was struggling with something that should have worked “out of the box”. It was a little wireless bridge (Linksys WET54G Wireless-G Ethernet Bridge). The idea was to just connect it to the pc and it would just work. Well…. in a word NO. It “sort of worked”, the problem is the […]

Other MS patch news as well as a Yahoo vulnerability?

Monday, August 14th, 2006

Or lack of currently available patch as the case may be. From the previous link it appears that there was at least one previously announced vulnerability that was not addressed in the recent patch day from Microsoft. From MS… “this is a DoS only issue that was not addressed in MS06-040, but will be addressed […]

Dapper Drake update

Thursday, August 10th, 2006

It looks as though Ubuntu has released the first maintenance release in the Dapper Drake life cycle. So, now 6.06.1 can be downloaded. (In analagous terms this might be considered the first service pack). Many updates have been incorporated into the bootable install cds which should cut the amount of download updates a new install […]

Google
 
Web www.averyjparker.com