exploit

Another remote hacker threat has arisen, and this time it affects popular streaming media tool DirectX. Microsoft announced yesterday that it is currently working on a fix for the security exploit, which could allow someone to take total control of ... a system by using malicious QuickTime video files. DirectX Exploit: Affected Users The exploit involves Microsoft's audio/video sourcing/rendering software DirectShow and the way it handles the QuickTime format files it supports. Users of Windows 2000 Service Pack 4, Windows Server 2003, and Windows XP are those most affected and will want to keep ... (view more)

Malware (a portmanteau of "malicious software") is any software program developed for the purpose of causing harm to a computer system, similar to a virus or Trojan horse. Malware can be classified based on how it is executed, how it spreads, and/or ... what it does. The classification is not perfect, however, in the sense that the groups often overlap and the difference is not always obvious, giving rise to frequent flame wars. Overuse of the term 'Virus' Because viruses were historically the first to appear, the term "virus" is often applied, especially in the popular media, to all sorts of ... (view more)

Think CNN and the major network news agencies are the only ones quick to jump on breaking international events? Think again. Only hours after the tragic announcement of the assassination of former Pakistani Prime Minister Benazir Bhutto, malware ... creators had already crafted an exploit to take advantage of curious web users. A number of security companies are reporting the widespread exploit, including McAfee, Symantec, and WebSense. According to this group, at least ten sites on Blogger.com (Google's primary blog service) were, as of the day of Bhutto's assassination, spreading a fake video ... (view more)

An exploit is a common term in the computer security community to refer to a piece of software that takes advantage of a bug, glitch or vulnerability, leading to privilege escalation or denial of service on a computer system. There are several ... methods of classifying exploits. The most common is by how the exploit contacts the vulnerable software. A 'remote exploit' works over a network and exploits the security vulnerability without any prior access to the vulnerable system. A 'local exploit' requires prior access to the vulnerable system and usually increases the privileges of the person ... (view more)

Malware Malware , or "malicious software" is a generic term used to describe various types of malevolent programs. Below are some of the most common forms of malware. Virus Viruses have used many sorts of hosts. When computer viruses first ... originated, common targets were executable files that are part of application programs and the boot sectors of floppy disks. More recently, most viruses have embedded themselves in e-mail as Email attachments, depending on a curious user opening the viral attachment. In the case of executable files, the infection routine of the virus arranges that ... (view more)

Infopackets Reader Polly B. writes: " Dear Dennis, I've downloaded and successfully installed Service Pack 2 onto my computer. The only complaint I have so far is that Outlook Express is so security tight, that a lot of the email messages I have put ... aside (with file attachments) now cannot be opened. I went in and took off the Outlook Express Security 'do not allow me to open potentially dangerous attachments' option, and now everything is OK. I felt safe in choosing to disable this 'security features' because I use Norton Security which blocks potentially malicious email attachments. My ... (view more)

Yesterday, I came across a very interesting article posted by p2pnet.net which details a recent exploit in MS Windows, called "jpeg of death.c v.05". In summary: on September 17th, 2004, a proof-of-concept exploit was discovered that could ... potentially execute malicious code on the victim's computer when viewing a JPG file image file using Internet Explorer; at the time, however, the exploit only crashed Internet Explorer. On September 24th, a new variant of the exploit appeared, responsible for running potentially malicious code if an infected .jpeg file was downloaded from the ... (view more)

I'd like to discuss a security threat which was recently discovered in Internet Explorer. Mike Healan of Spywareinfo.com forwarded an article to me today. The article urges all Windows users to take the necessary precautions to secure their browsers ... from a nasty exploit recently discovered in Internet Explorer. The exploit allows hackers to gain control of a system and execute harmful code. http://www.spywareinfo.com/articles/htasploit/ Without further adieu, here is the article by Mike Healan (edited): -- Members of the SWI support forums have uncovered a very nasty flaw in Internet Explorer ... (view more)

Woops! It looks like Microsoft has goofed again. If you haven't been watching the news lately (maybe you don't get CNN?) -- Microsoft has released a security bulletin ( Q320920 ) regarding a critical flaw in Windows Media Player which can allow an ... attacker to gain unrestricted access to your system. Who is affected? Anyone who is using Windows Media Player version 6.4, 7.1 or Windows Media Player for Windows XP (version 8) should download a software patch to their system immediately. Side note: A software patch is piece of software that fixes a program (which is also software). In this case, ... (view more)