Month: March 2010

  • Internet etiquette

    The Internet age has ‘been upon us’ for quite a number of years already – it’s a mainstream part of everyday life. The amount of people joining the web-age is increasing by 10’s of thousands of people everyday – there were 1.7 billion internet users as of the end of 2009 and my article ‘The…

  • 64% of Microsoft Vulnerabilities down to the use of admin rights

    While non-Microsoft users have grown up understanding the simple concept of access controls and rights within our environments for many years, the single biggest factor for bug propagation on Windows platforms is still the use of administrative rights. The truth of the matter is that prior to Vista, there was little way for a regular…

  • A flurry of app security updates

    Today has been a very busy day from a security update p.o.v. Microsoft as released an update for the critical hole in IE which as been out for about 3 weeks ( iepeers.dll ) and 9 other updates which apply to various IE/Windows combinations ) the F1 attack discovered a month ago unfortunately still remains…

  • Novell wins copyright case against SCO

    It seems that SCO’s litigation engine has been running for ever ( 7 years now ) and they exist only to litigate. But it appears that a jury-led decision agreeing with Novell being the rightful copyright holders of Unix, has finally put paid to any serious action by SCO. Perhaps we can all get on…

  • DNSSEC finally on the move

    It looks like DNSSEC is breing implemented at the root level world-wide. Almost 2 years after the first country level signing ( .se for Sweden ), the K-, D- and E-root servers operated by RIPE, University of Maryland and NASA respectively, started root signing this week past. 7 of the 13 root servers now supply…

  • Microsoft virtualisation changes

    Microsoft has announced Dynamic Memory and RemoteFX which directly affects their desktop virt platform. Dynamic memory allows users to adjust the memory of a guest virtual machine on demand. IT administrators will thus be able to pool all the memory available on a physical host and dynamically distribute it to virtual machines running on that…

  • Windows 7 XP mode no longer requires hardware virt

    Microsoft will be removing the hardware virtualisation extensions requirement with the next update of XP mode. The updates are available here: win 7 32-bit win 7 64-bit Intel’s mechanism is know as VT-x while AMD’s is called AMD-V. There are pros and cons with this change: con – hardware virt extensions allow a CPU to…

  • XStore web services downtime

    Date: Saturday, 13th March 2010, 11.15am Duration: 30 minutes Updates: mysql 5.0.81 -> 5.1.44 apache 2.2.13 -> 2.2.15 php 5.2.9 -> 5.2.13

  • Botnets take a beating

    Almost a quarter of the command and control servers ( cnc ) related to the Zeus botnet have gone quiet after 2 East European providers dropped access to a downstream ISP called Troyak on Tuesday.  According to ScanSafe, a web security firm, the number of active servers dropped from 249 to 191, resulting in a…

  • DEP in Windows hacked

    I’m really sorry about the continuous Windows security reports but they just keep on coming so what else can I do… Data Execution Prevention is a security tool that Microsoft added to all versions of Windows since XP SP2. It’s meant to address buffer overflows by working with the CPU to mark all memory locations…

  • The Microsoft Tax

    The headline phrase typically refers to the buying of computers with Windows pre-installed by the OEM vendor when you don’t need or want it. I.e. you’ve paid more for the machine ( because it includes Windows ) when you aren’t going to use it. Unfortunately this time it refers to you, a citizen, paying extra…

  • Slackware current issues

    I’ve been running Slackware-current ( the development version of Slackware ) for probably close to 5 years now. For the most part, it’s a pretty uneventful stream of upgrades however, every once in a while things get interesting. The March 1 update is massive, has taken a month to release and includes around 465 updated…

  • Remember that 17-year old bug in Windows …

    … I spoke about in late January? Well Microsoft has finally come out and acknowledged it. Over a month later. Well actually 9 months later. The hole, which originated with the release of Windows NT back in 1993 and is present in every 32-bit version of Windows since, including Windows 7, was discovered by Tavis…

  • Another IE hole

    Another flaw has been found in versions 7 and 8 of Internet Explorer running on Windows XP. There’s an unpatched bug in VBScript that hackers can use to drop malware on 32-bit Windows XP machines. Microsoft says an exploit “was posted publicly that could allow an attacker to host a maliciously crafted web page and…

  • Another Windows hole

    A new critical flaw has been found in all versions of Windows since Windows 2000 and affects even current releases like Windows 7 and Server 2008 R2. The vulnerability was found by 2X Software which says that the flaw can be used to create a DoS attack against any Windows systems from the last 10…

x  Powerful Protection for WordPress, from Shield Security
This Site Is Protected By
Shield Security