As reported over the last several days, there is a critical problem with RealVNC 4.1.1, there is NOW an exploit in the wild for RealVNC 4.1.1, that SANS is looking for more information on. There are updates from RealVNC for all affected product lines. Other VNC implementations have not been reported to be affected. Only […]
To show you where the threat with bot networks is going there’s a story today on Nugache (Symantec summary) which is a bot that takes advantage of a number of clever tricks to avoid having the whole bot net shut down, allow command and control on an encrypted channel and essentially have no “human readable […]
I ran into an install of Quickboos Pro 2005 that was having a peculiar problem. When any company file was opened I was seeing an Internet Explorer Script Error message (quickbooks uses Internet Explorer to parse the company page ( Usually C:\Program Files\Intuit\Quickbooks\Components\Pages\Comppage.qpg ) The error basically said “An error has occurred in the script […]
There’s been a lot of talk about hardware enforced DEP as a mitigating factor in some of the exploits in the last six months. There’s also a new software product that can limit the impact of zero-day exploits. The software is for windows and is called SocketShield. Suzi at Spyware Confidential has taken it for […]
Well, for the second month in a row (I don’t recall one in March..) Microsoft has re-released a patch for Windows. This time it’s the Flash patch (which really falls under 3rd party software). They’ve re-worked the version detection of the update in an attempt to solve all the problems that people have run into […]
This is one worth checking out anybody using vnc for remote administration. It looks as though intelliadmin has come across a vulnerability in Real VNC 4 (the slashdot post I saw suggested “any machine running VNC 4.1”) I haven’t tested yet, so I don’t know if this ONLY affects REALVNC’s implementation or is broader. They […]
Apple has released Quicktime v. 7.1 for both Windows and OS X to address about 12 vulnerabilities. It looks as though all of the vulnerabilities were related to either a specially crafted images or movies (a variety of formats…) Upgrade or use another viewer… Send article as PDF
There is no doubt that spyware is a problem, but when a vendor of anti-spyware software claims 87% of pcs have on average 34 pieces of spyware per machine installed…… you do have to wonder. And when they claim that in part on FREE anti-spyware software….. “Security analysts blame this increasing infection rate on the […]
Sans has the story on a security vulnerability involving specifically crafted .cab files affecting a WIDE range of SOPHOS antivirus products (from desktop to server.) The main result of the vulnerability is arbitrary code execution, which is a bad thing…. PureMessage and MailMonitor users may be more at risk because, of course, it requires scanning […]
Oracle released 36 patches in mid-April as part of their quarterly patch cycle…. unfortunately, not all of the patches were released. Apparently they hadn’t finished testing and users were advised to look for the updates around the first of May. Well, guess what – they’re not out yet and the word is that they won’t […]
Bookmark this site now by pressing Ctrl+D
