security

Are you still using Windows XP with Service Pack 2? If so, you'll want to take note of Microsoft's warning that it will terminate support of Windows XP Service Pack 2 (SP2) on July 13th, 2010. According to a recent PC Advisor poll, 37 per cent of ... respondents are still using Windows XP. Of that number, 15 per cent of those users still have not yet upgraded to Windows XP Service Pack 3. (Source: pcadvisor.co.uk ) Windows XP users who have not yet upgraded to Service Pack 3 will need to do so before July 13th, 2010 in order to continue receiving Microsoft's latest security updates. Without the ... (view more)

Microsoft is currently investigating the emergence of a new critical bug affecting users of Windows 2000 and Windows XP. The Redmond-based firm made the announcement via Twitter on Tuesday, and says the issue can be found in the dynamic link library ... (.DLL) file "mfc42.dll." Security firm Secunia posted a detailed report, which they say is based on a third party proof-of-concept exploit. It's suggested that the vulnerability can be exploited via PowerZip version 7.2 Build 4010, among other utilities that use the mfc42.dll file. (Source: pcmag.com ) Bug Affects Moderately Popular ... (view more)

Microsoft says more than 10,000 computers have been attacked through a bug in the Windows XP help system. Strangely, it has resisted criticizing the security researcher who publicized the security flaw. The bug involves the way XP directs web ... browsers towards help pages, having first checked the page against a "whitelist" to make sure it is legitimate. It's possible for hackers to exploit the flaw by fooling the computer during this checking process. The result is that the browser can be relocated to a page containing malicious software. Microsoft hasn't yet found a permanent solution to the ... (view more)

Microsoft is making it easier to help spread the word on incidents of Internet fraud and stolen personal data. In its latest corporate venture, the company has teamed with the National Cyber-Forensics and Training Alliance (NCFTA) to establish a ... centralized service called "Internet Fraud Alert." Security researchers now have one universal location for which to report any kind of stolen data, ranging from online account login information to credit card numbers. The service can also be used to warn financial institutions immediately after a security breach has been identified. Program ... (view more)

A recent hack of AT&T's web site has left over 100,000 Apple 3G iPad owners with exposed email addresses. It's feared the security hole could open the door to similar future hacks with more devastating results. Reporting on the hack is tech blog ... Gawker, which finds that a specialized hacking group was able to acquire 114,000 email addresses owned by iPad users when the former exploited a security gap in AT&T's central web site. The hacker group, known as Goatse Security, was also able to acquire the identification number these iPads use when communicating over AT&T's network, ... (view more)

Microsoft has identified a potential security risk in the Help function of Windows XP. But there is some controversy over the way the issue has come to light. This bug involves XP's Help and Support Center, and specifically a style of link which ... routes a browser to a help page built into Windows rather than a web page. Such links begin hcp:// rather than the more familiar http:// and are a way of making it easier to give online help and advice by allowing writers to include smooth links to Windows' own help pages. Whitelist Help Pages Spoofed Tavis Ormandy, an information security engineer ... (view more)

Thousands of legitimate websites have fallen victim to a widespread web attack. While the full extent of the attacks remain unknown, security analysts suspect that the hackers used what is called an "SQL injection attack" in an attempt to fool ... legitimate web sites into running malicious database commands. In short, the attack injects malicious HTML content into a web browser while users are viewing an otherwise legitimate site. If the malware is successfully installed, it opens a gateway which allows hackers to remotely control a PC. (Source: networkworld.com ) Up to 114,000 Sites ... (view more)

Microsoft has released security updates for 34 different problems, a monthly total that has only been matched once. Three sets of problems are ranked as critical, and several are so-called zero-day bugs. A zero-day bug is one in which the problem is ... not discovered by the software developer itself. This creates the risk that hackers will be able to get a head-start on finding a way to exploit the bug before the developer is able to produce a fix. The critical issues affect both Internet Explorer and Windows itself. Of the 10 security bulletins, these are the priority for installation and ... (view more)

A recent report says that Google, which is working hard to complete its upcoming Chrome operating system (OS), has started phasing out its own internal use of the Microsoft Windows. The report on Google's OS use emerged Tuesday when the Financial ... Times said search engine leader Google had decided to cut back its employment of Windows, citing for reasons of security concerns. (Source: computerworld.com ) Google Testing Chrome OS Internally It's likely the move to phase out Windows is primarily the result of Google's continuing work on its own operating system, Chrome OS. Google is currently " ... (view more)

New research suggests that a number of major corporations are unwilling to update their web browsers to Internet Explorer 8, instead deciding to continue the use of the ever-aging and ever-dangerous Internet Explorer 6 (IE6). The reason for the ... resistance is not a question of cost; rather, companies are willing to stick it out with IE6 not only because of compatibility reasons for use with their own internal applications -- but also because Internet Explorer 6 lacks social networking features. "Companies are happy to stay with Internet Explorer 6 because a lot of the social networking sites ... (view more)